cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Alpen
Viewer

DHS purge of Kaspersky Labs software

I have used Kaspersky labs internet security on home systems for two years and have been pleased with the performance of this software. Does anyone have further insights on the accusations against this software by our government?

7 Replies
kevinr24
Viewer

Here are just a few news articles that describe what the threat from Kaspersky is.

 

http://www.newsweek.com/how-russian-hackers-used-popular-kaspersky-antivirus-steal-us-secrets-682127

 

https://www.forbes.com/sites/thomasbrewster/2017/07/27/kaspersky-av-hack-with-satellite-malware/#62c...

 

https://gizmodo.com/israeli-intelligence-reportedly-watched-russia-use-kasp-1819360606

 

https://www.wired.com/story/kaspersky-russia-antivirus/

 

Further more, the USG has a "Buy American" provision that has been law since 1933.  This requires that the U.S. buy or prefer American products unless the requirement is waived or there is not a suitable U.S. alternative.  I don't think one can argue there isn't a good U.S.-alternative to Kaspersky.

Harris Corporation
Vincelec
Viewer II

No proof and only political issues. 

There is no problem in Europe, at least for French and German governments. 

https://www.reuters.com/article/us-usa-security-kaspersky-germany/germany-no-evidence-kaspersky-soft...

 

Perhaps they don’t care that a security vendor is able to detect NSA tools. 

 

Read those links:

https://www.kaspersky.com/blog/internal-investigation-preliminary-results/19894/

https://www.kaspersky.com/blog/transparency-initiative/19870/

 

You can also disable cloud protection KSN. 

 

 

ccsp_member
Viewer

There is no evidence of any wrong doing by Kaspersky that I know of, but they are a Russian company and would most likely have to comply with any requests made by that government.  With any software you are taking a risk that your information is going to compromised or your computer can be doing something that you may be unaware of.  The question is which companies do you distrust the least?       

AjCaroline
Viewer

It's not this AV or one AV, if they all pretty much need system level permission to function..."Layered defense" just has to keep getting fatter!

Vincelec
Viewer II

I do not see any difference between Russia, China or US, they are at the same level of trust. 

Transparency could help to establish trust and this is what a Russian company will do starting next year. That’s said, everyone can decide to use one security vendor according to their location of development or several at different layers of the perimeter. 

The_Red_Pill
Newcomer II

I'm not going to get into all the details, but it has to do with the type of data they are collecting and where they are sending it.   I would advise against the use of this software.  The articles above do a decent job of trying to explain the danger involved.

mwitzel
Viewer II

I have a similar question.  What are others in the private sector that are using Kaspersky doing?  Are they moving away from the corporate product?  Is there evidence that specifically incriminates Kaspersky (none in the articles below)?  We many never know if there is real evidence or if it is all just political FUD.

 

We use the security suite that provides many functions other than AV (encryption, USB blocking, software deployment) that other AV vendors don't provide.  It works well which I can not say about our previous AV solution.  We are put in a situation where we may need to remove it because some politician without any Information technology acumen is making statements to cover his own backside.  I need to do what others are doing to protect my own backside.

 

AV is just on part of a security solution but it is critical to protecting end points.  The other question is who do you trust?  Many AV companies are not US based or have development overseas. 

 

Trend is a Taiwanese multinational security software company founded in Los Angeles, California with global headquarters in Tokyo, Japan, a R&D center in Taipei, Taiwan, and regional headquarters in Asia, Europe and the Americas.
https://en.wikipedia.org/wiki/Trend_Micro

 

ESET is an IT security company that offers anti-virus and firewall products such as ESET NOD32. It was founded in 1992.[3] ESET is headquartered in Bratislava, Slovakia
https://en.wikipedia.org/wiki/ESET

 

Comodo is a U.S based Worldwide Cybersecurity company, providing computer software and full-suite Enterprise Cyber Security Solutions.  The company is headquartered in Clifton, New Jersey in the United States. It has international offices in the United Kingdom, Japan, China, India, Romania, Turkey and The Philippines
https://en.wikipedia.org/wiki/Comodo_Group

 

Symantec Corporation is an American software company headquartered in Mountain View, California, United States. The company produces software for security, storage, backup and availability - and offers professional services to support its software.  The company also has development centers in Pune, Chennai and Bengaluru (India).
https://en.wikipedia.org/wiki/Symantec

 

Avira Operations GmbH & Co. KG is a German multinational security software company that provides antivirus software, Internet Security, Privacy, Identity and Performance tools for computers, smartphones, servers and networks, delivered as both software and cloud-based services.
https://en.wikipedia.org/wiki/Avira

 

Regardless it may be time to move to next generation end point security such as Carbon Black, Cylance, CrowdStrike, or Cisco AMP.

 

Interested in real life opinion and not conspiracy theory driven rants.