Hmmmm...
...had quite a few customers ask me to remove Kaspersky from their machines over the past 18 months.
Was nice to be paid to do it rather than just doing it for free cos you would. Thanks Kaspersky!
Eugene Kaspersky's security biz saw turnover crash by a quarter in North America following the US government's decision to remove the antivirus software from federal systems. Secret service agent in silhouette on white background Sir, you've been using Kaspersky Lab antivirus. Please come with us, sir READ MORE That ruling …
What goes around comes around -
I agree it is nice to be paid, by a few (UK) customers, to install Kaspersky on their machines....
Clearly, from Kaspersky's figures, a significant number of people/businesses outside of the US have taken Trumps attack as an endorsement of Kaspersky and a declaration of what the US is, might or wants to do, via US produced AV products...
It's pretty funny how any company would willing put Russian software at the heart of their network.
Kaspersky isn't even a very good pretend AV scanner, we have seen trust bring gained from SELF SIGNED certificates. Not sure what clowns they have working there, presumably ameuterish as the unqualified clowns that rollout Kaspersky in corporate environments...
These days it would be surprising if the Russians didn't have their fingers in the Kaspersky AV but let's be realistic here - the chances are very good that Uncle Sam has his fingers in American AV products too. It's all about surveillance and trust ... not quite an oxymoron but it's getting close.
Uncle Sam in your AV is entirely possible. But note that there would be numerous vectors for the Uncle Sam profile - from Microsoft's built-in AV systems, to Apple's, to McAfee, to Symantec and many, many others - while Kaspersky is one of the few Russia-based corporations doing large-scale international trade in the AV business. A much, much smaller profile to target. Also note Russia is even more aggressive in hacking / state monitoring than the U.S., and that's saying a lot right there.
There never will be any solid evidence - given the way that AV software works I doubt that any state actor would leave any crumbs of evidence - in many cases all the AV software would have to do is "fail" to detect an approved Trojan arriving via some method. It would be hard to "detect" that.
> in many cases all the AV software would have to do is "fail" to detect an approved Trojan arriving via some method. It would be hard to "detect" that.
That's why you periodically use a different scanner eg. MBAM/HitMAnPro - ideally from a boot stick so that there is no trace of it on the HDD in normal operation, so the trojan can't apply the appropriate cloaking strategy.
Qihoo 360 is a popular AV product and has a very talented team behind it like Kaspersky.
They are known in the security world for finding and reporting exploits, pulling apart malware and pretty much all the usual stuff. Just not really penetrated the market in the west yet, although they are making some headway on mobile.
When the US gummint started its witch hunt against Kaspersky, the ignorant, the gullible, and those who the Feds can lean on dropped Kaspersky AV. Pretty much everyone who is going to follow that herd probably already has. Now it's back to business as usual, to some degree. There are still those who will avoid Kaspersky, but there are many others who will decide to use them anyway and those are future sales.
Not to mention, for some of us the NSA's dislike is for a security product is a glowing endorsement! That might in fact help international sales.
That's a pretty lame statement. As someone that uses their Enterprise solution, I can say it is awesomely easy to use, the ability to do encryption, device control, the extreme granularity it offers for FW and software is great. Agentless server AV means no performance hit, even a full scan on a server during production has no performance impact. Reporting is very good. Support (we have a contract) is top rate. As for the home edition, I have used some of the non corp tools, but at home (as a security person) I use several tools, but run a clean machine. making use of Sandboxie, and live CD/USB for anything that even might be iffy. But for work - it makes my job easier and it does a great job making me look good :)
I don't care if Turnip head dissed them to make himself look good, or MacAfee was making a hole for them to fill (yeah, there are those things) while greasing the palms that make the decisions... but I digress.
Kaspersky was highlighted when a NSA agent took their work home and Kapersky software spotted strange security tools / threats on the machine. They told US authorities but somehow the tools got leaked and Kaspersky were blamed.
Huawei are partly targets as American security researchers worry Huawei are becoming too embedded into our infrastructure. They are one of the few companies who can provide the full 5g stack. Chinese trade war is probably part of it too.
Here's your pattern. Kaspersky caught the 5 eyes tools, while *all the rest didn't*. Hmmm.
Let's play shoot the messenger, 5-eyes. Why didn't anyone else detect your invasions?
Pretty obvious why they don't want Kaspersky around now.
I think this shoot the messenger stuff is hilarious, but saddened it works. We seem to care more about "who dun it" when there's a hack or a leak, but even when the leak is about something horrible - we don't seem to care about that, and the actors that did the horrible stuff don't even deny it, just vilify the leaker.
Lots of examples, but then someone would find a way to call it partisan, which it isn't unless the parties are "all of us" and "the powers that be".
I thought that the reason for banning Kaspersky was simply that they had annoyed the NSA by finding the Fed's super-duper spying software. This was even before the whole Snowden business and the tools leak. We all knew that the NSA was up to something but it took Snowden to reveal the extent of the hacks.
Unlike many I'd guess that Kaspersky is more of a nuisance than an asset to the Russians. It must have occurred to the Russians years ago that their systems were likely to be hacked -- after all, they had plenty of home grown hackers going at everyone's systems. They might be on the inside track for Trojan discovery but if they're anything like other intelligence services from time immemorial they'd keep very quiet about it because if there's one thing better than knowing what your adversary's up to its them not knowing you know. They'd want a Kaspersky not to go digging among the pro stuff but just to occupy itself with the latest credential stealing phishing attack -- they'd need to be good, but not too good (just like the run of the mill AV companies, come to think of it).
Here's your pattern. Kaspersky caught the 5 eyes tools, while *all the rest didn't*. Hmmm.
The "rest" didn't because the worker bee working classified material on his home PC only had Kaspersky. So this looks more like a kneejerk reaction on the part of some government official.
Makes you wonder how an NSA agent running state secret tools was allowed to work on them at home on an untrusted device running their own version of whatever software they wanted - in this case Kaspersky and not made to do any work using a completely locked down, may be even air-gapped machine or via an MFA VPN to remote in to a remote terminal to work.
Just seems like poor security, anything on that PC could have divulged secret information.
>Makes you wonder how an NSA agent running state secret tools was allowed to work on them at home
He wasn't allowed and had the means to circumvent workplace security...
So in some respects, the first the US knew about their security breach was from the wrong source - egg on face...
Simple - whichever technology company outside of the US and its approved friends makes a product which will kill the competition for quality and price. Huawei is a much better alternative to networking gear and is much cheaper. Kaspersky managed to expose some of the US's cyber nastiness, and was competing with the other anti-malware platforms.
Installing an Internet security suite sometimes feels like deploying a known evil to avoid unknown ones. You end up putting a lot of trust in a company you know little about, yet deeply invades your PC. Suddenly you get a custom keypad when typing in your bank password, alerts when no-risk webpages use plain text passwords, invitations to type in all your PINs and precious numbers to detect them when they go online (yeah, sure!) and pop ups for a 3rd party VPN (Hotspot Shield). That was the last straw. I got fed up with Kaspersky, uninstalled it and shared my father's multi-device BitDefender licence. I'd have liked to tell Kaspersky why I was leaving, but they don't ask for a reason when you remove it. But would they care? It's easier to blame it on the US gov't.