back to article Biden bans Kaspersky: No more sales, updates in US

The Biden administration today banned the sale of Kaspersky Lab products and services in the United States, declaring the Russian biz a national security risk. Commerce Secretary Gina Raimondo announced the crackdown today during a call with reporters. "Russia has shown it has the capacity – and even more than that, the intent …

  1. James O'Shea Silver badge

    This should be interesting

    I used to use Kaspersky for some of my Windows antimalware needs. I've since dumped it, but I know people who still like it. They have until Sept/Oct to replace Kaspersky. Hmm. I wonder who pays for any unused time on the accounts? Not, I suspect, Joe. Ah, well, Windows Defender is no longer the joke that it used to be, and is free. Get the free version of Malwarebytes as well and they should be covered. If some malware does slip through, I see inbound lawsuits. Which will probably bounce off Federal qualified immunity.

    Popcorn time. Especially when Pony Boy Putin hears about this.

    1. Anonymous Coward
      Anonymous Coward

      Re: This should be interesting

      > Hmm. I wonder who pays for any unused time on the accounts?

      Free copies of McAfee all round. Good old USA software you can trust...

      1. Mark 85

        Re: This should be interesting

        Free copies of McAfee all round. Good old USA software you can trust...

        Thanks for giving me a good laugh this morning especially since I recieved 6 emails this a.m. from spammers offering it (among bits of malware). Note that didn't even open the emails... just deleted them from my spam folder.

      2. Anonymous Coward
        Anonymous Coward

        Re: This should be interesting

        > Free copies of McAfee all round. Good old USA software you can trust...

        You may have been hit by the sarcasm-impaired...

      3. tommy_qwerty

        Re: This should be interesting

        >Good old USA software you can trust...

        Ironically, USA software is the only software proven to be a security risk.

    2. stiine Silver badge

      Re: This should be interesting

      Defender IS still the joke it used to be.

    3. DS999 Silver badge

      Putin can't say anything

      If he complains about it he's only confirming that Kaspersky was in his pocket. If they were somehow allowed to act independent of the Kremlin (making them the only company with a CEO living in Russia allowed to do so) he'd be happy to see them hurt financially, because the less money from outside the US they can get the more dependent on Russia they will become.

    4. Anonymous Coward
      Anonymous Coward

      False sense of security

      Antivirus industry indirectly contributes to spread of malware, because many people would click and install anything, assuming they have an antivirus. From my experience phishing and malware links go mostly undetected with MOST scanners, even if I report the malware.

      Instead the focus should be on OS improvements, certificate management, proper management of young URLs, no JS by default in browsers, Domain Name system total overhaul etc.

      1. Sandtitz Silver badge

        Re: False sense of security

        "Antivirus industry indirectly contributes to spread of malware, because many people would click and install anything, assuming they have an antivirus."

        That's like saying people would always abstain if safe sex wasn't available or their+partners' STD status wasn't first tested negative.

        People back in the DOS/Amiga days usually didn't have any antivirus so the viruses ran rampant.

  2. Scene it all

    Now do "musescore", the popular music notation and synthesis package. Latest versions include a download function for updating the soundfonts (which are actually quite good), but the downloader runs in the background with "root" privileges. It is a botnet waiting for commands from corporate HQ in Russia.

    1. TKW

      I agree that a lot of activity around musehub looks really suspicious, but really? I'd be surprised if musos are a great target for the Russians!!

      1. PhilipN Silver badge

        Rod Stewart

        Booed at a concert recently for supporting Ukraine.

        1. Anonymous Coward
          Anonymous Coward

          Re: Rod Stewart

          I'd expect nothing less in AfD land (Leipzig).

          1. Anonymous Coward
            Anonymous Coward

            Re: Rod Stewart

            Can't we just persuade the AfD to invade Russia - it's what they always wanted.

            Just print t-shirts saying "Stalingrad 2"

      2. Scene it all

        It is not musicians who are the target. The musician computers become unwilling participants in the botnet that are then used to do DOS attacks on the REAL targets. And the 'musehub' downloader really *does* run at root level - I've seen it in action and quickly deleted it.

  3. Anonymous Coward
    Anonymous Coward

    UK

    Will the UK follow suit after this announcement?

    1. Anonymous Coward
      Anonymous Coward

      Re: UK

      "Will the UK follow suit after this announcement?"

      A little clue:

      Here Boy .... come on ... come on ... here boy ... good boy !!!!

      Woof, Woof !!!

      :)

      1. Roland6 Silver badge

        Re: UK

        Yap yap !!!

        More like it.

        1. Anonymous Coward
          Anonymous Coward

          Re: UK

          Now, now [Finger wag]

          I am allowed to denigrate *my* country because of the sometimes very un-equal relationship with the US of A *but* I know its bark is as loud as ever.

          [Like an old dog that knows it is no longer in charge but the bark is still the same !!!]

          The US of A and the UK are loyal allies with a long history *but* we do need to be a little more independent of thought, sometimes.

          Sometimes we need to be prepared to stand up for our values even if it will put the US of A's nose out of joint for a while !!!

          We do need to be able to disagree without fearing damage to our 'Special relationship' which is a little too biased towards US interests and against our own at times.

          In spite of this, we will continue to be allies because it is of value to us *both* .... and yes I do mean *both* !!!

          :)

          1. Roland6 Silver badge

            Re: UK

            >” *but* we do need to be a little more independent of thought, sometimes.”

            I suspect the listing of Kaspersky Labs Ltd was done after discussions between US and UK agencies.

            I also suspect it may have been done to ensure the post July 4th UK government tows the line and doesn’t have too much independent thought…

          2. anonymous boring coward Silver badge

            Re: UK

            "We do need to be able to disagree without fearing damage to our 'Special relationship'"

            Yes, that mythical beast that only UK seems to know about...

            1. anonymous boring coward Silver badge

              Re: UK

              Let me rephrase that then...

              A poodle also has a "special relationship" with its master.

    2. seldom

      Re: UK

      Almost certainly, and to show just anti-russian they are, anything with sky in the name will also be banned.

      Crapita will get a no-bid contract to write software that will protect everyone from the *sky's. In 20 years time, when they deliver the first beta (7000% over budget) it will be noticed that Kaspersky has changed it's name to Kasperski and can thus avoid any blocking. Crapita also outsourced most of the programming to N. Korea as they had the cheapest bid ($20/month/programmer and a Big Mac once a year).

      Government ministers then assign the contract to Fujitsu after assuring the populace that this is their best interest.

    3. Digifiend

      Re: UK

      We can't. Parliament is dissolved currently because of the election next month.

  4. Tron Silver badge

    Reds under the bed etc.

    McCarthyism 2.0 is a major step in the progressive nationalising of the internet, 'taking back control' online. Running alongside this, they are doing everything they can to hamper cross border trade, from ICS2 to 57 varieties of national requirements to register yourself in every country you send to. It's pretty much all downhill from here as we revert back to the Chinese/tribal model of state control online and offline.

    Quote: Will the UK follow suit?

    Is the Pope Catholic? They will do whatever Washington tells them to, as with Huawei.

    1. Blazde Silver badge

      Re: Reds under the bed etc.

      It's not really though is it? McCarthyism was about trying to root out the odd sympathiser here or there, over vague fears of political and cultural influence.

      This is about 400 million computers easily controlled by one of the world's foremost cyberwarfare powers. One which the US is engaged in a de facto cyber war with (to the apparent detriment of both states). One which has a proven track record of penetrating deep into the most sensitive parts of the US state using sophisticated and patient attacks. Really the most sensible question is why it hasn't happened sooner.

      1. Anonymous Coward
        Anonymous Coward

        Re: Reds under the bed etc.

        The reason it hasn't happened sooner is that Kaspersky have never been found to be doing anything wrong. However it's only a matter of time before Eugene gets the call from Vlad... it'd be a one-time use "nuclear" option, for sure, but a lot more realistic it'd happen than Russia taking a real *nuclear* option. This will take that option off the table. File it under the category of economic sanctions on a known, active enemy, not McCarthyism/Protectionism.

        At least this way Kaspersky will have some reputation left to salvage after the dust settles. I wouldn't be holding my breath for that.

        1. Blazde Silver badge

          Re: Reds under the bed etc.

          You might be thinking too big with 'nuclear' option. What plausibly may already have happened: "Hi Eugene, it's Vlad. Like we discussed you're to send a full customer list to the Kremlin once a month and we haven't seen it yet this month. Don't make this hard, it'd be a shame if anything happened to that nice company of yours. One more thing, we have a 'special' update for an existing customer. Oh, just the home laptop of a middling information security officer at Microsoft. No more questions please. Of course we'll revert the update when we're done, nobody will ever find out. The integrity of your beautiful company is every bit as important to me as to you, you know that Eugene. Our usual guy will do the update, just make sure he has everything he needs on Monday morning"

          There's a lot publicly unknown about the Solarwinds/Microsoft/etc attack. Presumably US intelligence knows more and it could plausibly involve Kaspersky, maybe they just have theories and concerns and determination to close off easy routes for the future. In any case it's easy to see how the attack leads eventually to the ban.

          1. justjosephhere

            Re: Reds under the bed etc.

            Is your comment FUD or creative speculative fiction? US intelligence certainly knows more than it ever releases (sometimes even to its intelligence partner domestic Agencies & friendly partner Governments). Your comment reminds me of Congressional discussions of intelligence, social, or tech matters. Facts & Figures are often overlooked because their agenda-driven opinions are easier to understand & make better sound-bites.

      2. Anonymous Coward
        Anonymous Coward

        Re: Reds under the bed etc.

        So the only software I should install now on my PC is anything from the 5 eyes countries - is that right?

        https://www.theverge.com/2013/7/4/4493178/tech-ties-to-us-intelligence-agencies

        We can trust America - so all will be well

      3. This post has been deleted by its author

      4. Anonymous Coward
        Anonymous Coward

        Re: Reds under the bed etc.

        "This is about 400 million computers easily controlled by one of the world's foremost cyberwarfare powers. One which the US is engaged in a de facto cyber war with (to the apparent detriment of both states). One which has a proven track record of penetrating deep into the most sensitive parts of the US state using sophisticated and patient attacks. Really the most sensible question is why it hasn't happened sooner."

        It should be pretty easy to decompile the code and check whether there is any hidden component waiting for a command to do nefarious things - or is it just sufficient to cast aspersions around now?

        1. Jou (Mxyzptlk) Silver badge

          Re: Reds under the bed etc.

          > It should be pretty easy to decompile the code and check whether there is any hidden component

          Huh? When the world struggles to discover such hidden components in open source products, you want to do that from the binary? And call it "easy"?

          1. Yankee Doodle Doofus Bronze badge

            Re: Reds under the bed etc.

            Not only that, but you would need to do it with every update. Someone would need to develop a virus scanner for your virus scanner.

          2. Anonymous Coward
            Anonymous Coward

            Re: Reds under the bed etc.

            > When the world struggles to discover such hidden components in open source products

            There is only a small, very well-known, set of binaries involved in the Kaspersky software, and it is very easy to discover what that set is (just download it, let it run and observe).

            Compared to the many, many, many pieces of opens source available. Let alone the massive number of combinations of such (ref the number of separate items involved in the recent xz attack).

            > you want to do that from the binary?

            Binaries can be decompiled, if you don't read disasm output. And a running binary can be traced, its i/o logged.. making it easier to comprehend.

            > And call it "easy"?

            Way, way easier to do directed work at a known target than spread yourself over the enormous pile of open source. Heck, Kaspersky even updates itself, so you don't have to consider all the possible interactions between all the possible versions of the open source components!

        2. Anonymous Coward Silver badge
          Facepalm

          Re: Reds under the bed etc.

          Hint: it includes an update routine.

          1. Anonymous Coward
            Anonymous Coward

            Re: Reds under the bed etc.

            Pretty much all software does these days - including US software

            1. Yankee Doodle Doofus Bronze badge

              Re: Reds under the bed etc.

              Whoosh!

          2. Anonymous Coward
            Anonymous Coward

            Re: Reds under the bed etc.

            > Hint: it includes an update routine

            Hint: your testbed is set up to continually look for odd behaviour all the time (and you have a backlog of normal behaviour to check against) - and you let this testbed also update its copy of Kaspersky.

            So you keep on checking all of the updates, decompiling them, diff'ing them...

            1. anonymous boring coward Silver badge

              Re: Reds under the bed etc.

              Sadly you don't understand software at all.

              You are actually fantasising.

        3. Roland6 Silver badge

          Re: Reds under the bed etc.

          > It should be pretty easy to decompile the code and check whether there is any hidden component waiting for a command to do nefarious things

          The code is hiding in plain sight !

          Fundamentally, the problem is the way AV works, namely find something that matches some key, upload it to a command and control centre for analysis. The analysis may instruct the AV client to upload other items of interest…. If the CCC is in say Russia or China, who can say what gets uploaded and who gets to look at it…

          Remember with W10/W11 EULA users agree that Microsoft can upload anything from their computer. So we can see in Russia and China they can legitimately apply the same constraints on the use of US software.

          So the issue isn’t (currently) one of actual “misuse” but how much do you trust the nation state the company resides in.

          1. Anonymous Coward
            Anonymous Coward

            Re: Reds under the bed etc.

            Well I think all of us freedom loving folk love America and the UK unconditionally - so that will be ok then

        4. An_Old_Dog Silver badge
          Go

          Re: Reds under the bed etc. [No More Secret Sauce]

          It used to be that when you bought a computer, you got full schematics and mechanical diagrams; and that when you bought software, you got full source code.

          Somehow, those hardware and software companies didn't go out of business due to "piracy".

          Since those days, executives and marketers have promoted the "secret sauce" mentality in a misguided attempt to increase their profits.

          For security's sake, one should compile one's own code, and do a binary comparison between the result of that self-compilation, and the manufacturer-provided binary.

          "But, grampa can't compile! It's too confusing to him!"

          Then, grampa should have a trusted techie do it for him, the same way you (presumably) trust your attorney to faithfully execute your will and last testament without looting your estate's funds.

          "But that's so inconvenient!"

          That's true of most forms of physical and electronic security. If for convenience' sake, you wish to "hide" a spare key under the mat to your house's front doorlock, you can do that, but be prepared for the negative consequences of doing so.

          Demand full source code.

          1. jake Silver badge

            Re: Reds under the bed etc. [No More Secret Sauce]

            "For security's sake, one should compile one's own code, and do a binary comparison between the result of that self-compilation, and the manufacturer-provided binary."

            This doesn't work for far too many reasons to recount.

          2. Jou (Mxyzptlk) Silver badge

            Re: Reds under the bed etc. [No More Secret Sauce]

            > It used to be that when you bought a computer, you got full schematics and mechanical diagrams; and that when you bought software, you got full source code.

            Na, that was not true in grandpas days either. It is not like you have the tools of today to depict, for a simple example, all copy protection mechanisms in Tempest from 1980.

            1. jake Silver badge

              Re: Reds under the bed etc. [No More Secret Sauce]

              "Na, that was not true in grandpas days either."

              Yes, it was true. My first home Person Computer was a Heath H11. It came in kit form, which meant it also came with schematics and mechanical diagrams. And I had the source for all the software it came with, too. And a programmer's reference manual. And all kinds of free applications (with source) from DECUS.

              Back in the day, almost all computers shipped with complete source code, not just for the OS, but also for the applications. Ask any old mainframer. Consider also that nobody attending The Mother of All Demos had to sign an NDA. The world was very different back then.

              It wasn't until well after Bill Gates' "Open Letter to Hobbyists" in 1976 that the big-wigs in the computer world started jealously guarding this kind of thing. Even Apple allowed access to their source code in the early days, and the Woz himself gave out the board design and parts list for the Apple 1 at a Homebrew Computer Club meeting in '76.

            2. anonymous boring coward Silver badge

              Re: Reds under the bed etc. [No More Secret Sauce]

              What makes you think 1980 was the early days of computing?

        5. Blazde Silver badge
          Holmes

          Re: Reds under the bed etc.

          It should be pretty easy to decompile the code and check whether there is any hidden component waiting for a command to do nefarious things - or is it just sufficient to cast aspersions around now?

          https://support.kaspersky.co.uk/kaspersky-for-windows/21.17/93957

          "When an update package (patch) is received, the application installs it automatically."

          Found it! Didn't even need to fire up IDA Pro

      5. Jimmy2Cows Silver badge

        Re: Reds under the bed etc.

        My first question would be why wait a month (or 3 months before banning updates) if the national security risk is so high? People need time to set up replacements, but this is about sales, not use. A long lead time just gives Putin an incentive to actually use this apparent capability, before the opportunity is lost.

        Except it won't really be lost, because existing users aren't being made to remove it. They just won't get updates after September, which leaves them more prone to infection by Russia (and everyone else's) other cyber attacks.

        Which feeds nicely into my second question... why ban on sales and updates rather than outright use? (Ignoring enforcement impracticalities, it could still be mandated).

        Really don't see the benefit of a 1-3 month hiatus and a partial ban. If it's such a risk, ban it now, ban it entirely. If you're not going to ban it now, entirely, why bother at all?

        1. Yankee Doodle Doofus Bronze badge

          Re: Reds under the bed etc.

          Enforcement mechanisms need to be put in place, and users (especially corporate ones with large footprints) need to have some time to choose and implement a replacement. September isn't far off, and an actual date of stated enforcement will give organizations a deadline to meet and motivation to meet it.

        2. aks

          Re: Reds under the bed etc.

          So, you're suggesting removing your Kapersky products today then go shopping for replacements?

          I have always assumed that the USAs issue with their software was the it *didn't* include a back-door.

      6. Roland6 Silver badge

        Re: Reds under the bed etc.

        > This is about 400 million computers easily controlled by one of the world's foremost cyberwarfare powers

        That’s 400 million computers running a US sourced operating system, which due to the relationship between the US government and Microsoft, can already be controlled by (we assume) one of the world’s cyberwarfare powers….

      7. Cliffwilliams44 Silver badge

        Re: Reds under the bed etc.

        You should actually read some real history (hint: Wikipedia ain't it) like the Venona papers.

        The majority of those people Senator McCarthy questioned for being Soviet spies or sympathizers, were, in fact, Soviet spies or sympathizers. The end result of McCarthyism wasn't improved liberty and freedom, it was the near unrestricted operation of Soviet spies and influencers in the US.

        We are paying the price for this today.

        1. Mooseman Silver badge

          Re: Reds under the bed etc.

          "The majority of those people Senator McCarthy questioned for being Soviet spies or sympathizers, were, in fact, Soviet spies or sympathizers"

          Er, no they weren't. The majority of those put through the McCarthy inquisition were ordinary members of the public that someone had decided weren't quite Murican enough. People like Charlie Chaplin, Robert Oppenheimer. You know, communists....

    2. Anonymous Coward
      Anonymous Coward

      > Reds under the bed

      Putin's best friend now is North Korea. Do you still have doubts?

      1. Anonymous Coward
        Anonymous Coward

        Re: > Reds under the bed

        There are two ways to view this - in its maneuverings the US has essentially forced Russia to do this ...

  5. jake Silver badge

    Cool.

    Now get rid of the rest of the snake-oil sellers.

    1. Anonymous Coward
      Anonymous Coward

      Re: Cool.

      Kaspersky's product was fine, not snake oil at all. Russia is the issue here.

      1. Anonymous Coward
        Anonymous Coward

        Re: Cool.

        > Russia is the issue here.

        Russia / US interactions are the issue here

  6. williamyf

    ¡¡¡COOL!!! ¡Cheaper Karspesky for us!

    I live in LatAm. Most of us in LatAm do not care if the FSB spies on us instead of the CIA (or the MI5, or the five eyes, or the chinese). Probably similar sentiment in Africa, ME, SE asia and other places.

    What we want is to keep viruses and ransomware out of our systems (both desktop and server, both Windows and Linux, both physical and virtual). Also keep attacks from hacking groups and State backed actors out.

    For that, we want the best perf/cost ratio. Karspesky products are very decent. And cover all the aforementioned areas.

    If Karpesky loses access to the USoA market, it will probably have to lower prices, to capture more money elsewhere.

    As long as your company's threat model is not affected by rusia spying on you, or having a reason to hack you directly, or indirectly throug affiliated hacking groups, a very good tool is about to get much cheaper...

    Thanks

    JM2C, YMMV

    1. tip pc Silver badge

      Re: ¡¡¡COOL!!! ¡Cheaper Karspesky for us!

      Are you suggesting that none us nations will see AV competition in terms of which national state security entities like CIA / FSB / MI6 etc would potentially have access to their systems?

      Interesting concept!!

      1. jasonbrown1965

        Re: ¡¡¡COOL!!! ¡Cheaper Karspesky for us!

        Not .. exactly sure either, but whatever you and they are saying, reading both comments made me wonder? What's the long tail on this?

        A major AV company listed in all the top AV reviews is suddenly cut off from one of the most actively targeted audiences in the world. Unless an entire review industry and a constellation of rabidly independent tech commentators all missed something, Kaspersky was legit if proprietary software. What happens to everyone's threat profile when an org that regularly exposes state-level hacks is removed from a major part of the anti-V gene-pool?

        If you're wondering what my angle is, it's as a journalist who relies on other journalists to know what they're talking about, including any quotes from the Department of Unintended Consequences. I have zero sympathy for the Putin admin, journo-murdering bastards the lot of them, but I do have some sympathy for Kaspersky. Perhaps entirely misplaced, but yet to see much evidence for that outside of a lot of jingo lala stuff here and across the networks.

        What's the worst that can happen?

        Kaspersky today ...

    2. Bebu
      Windows

      Re: ¡¡¡COOL!!! ¡Cheaper Karspesky for us!

      ...spies on us instead of the CIA (or the MI5,...

      That would be MI6, I would have thought. ;)

      The amusing thing about "five eyes" that accounting for two pairs of eyes someone is blind in one eye - any guess which one?

      A valid argument that the vast majority of Windows users could give a rat's which nation state was spying them as such surveillance aims to remain undetected and probably includes anti-malware functionality of its own to keep all the rest of the crap out so that it can remain undisturbed by the target.

      Anyone that seriously cares would not run windows (or macos), probably opting for something seriously hardened or obscure like Haiku or Plan9. ;)

      While understandable this bit of a shame as Kaspersky was a rare bit of sanity from Putinstan and their security research contributions valued - their antvirus products have often garnered the "least shittiest" award. I guess you could use a vpn to access updates if that isn't treason (and the chair.)

    3. Anonymous Coward
      Anonymous Coward

      > LatAm do not care

      LatAm should care, by looking at how freely Putin's disinformation is spreading there.

      At least Argentina should not relax, because Milei is openly anti-Putin. But not yet active enough to be targeted with cyber-attacks, like France and UK, which actively help Ukraine.

      1. chololennon
        Facepalm

        Re: > LatAm do not care

        > LatAm should care, by looking at how freely Putin's disinformation is spreading there.

        Yeah, because USA disinformation doesn't exist in LATAM (Hollywood, USA embassies, CIA, plenty of fake NGOs backed by American think tanks, or directly by USSOUTHCOM, AmCham Argentina, CNN en Español, etc, etc). Open your eyes!

    4. GuldenNL

      Re: ¡¡¡COOL!!! ¡Cheaper Karspesky for us!

      As long as you're not in an industry targeted by Ruzzian cyberthiefs strewing ramsomware about, you can be fat, dumb and happy.

      Until dear Abuela dies because her hospital's systems are shut down because of those Ruzzian friends of Putin.

  7. Mendy

    What should one use now, if anything?

    Aside from being an apparently okay product the advantage was always that if anyone were to have my "dick pics" I'd like it to be the country I have no plans to visit.

    1. Anonymous Coward
      Anonymous Coward

      ClamWin, MoonSecure, Armadito...

  8. Anonymous Coward
    Anonymous Coward

    I trust Kaspersky, the man, more than I trust any company based in the USA.

    1. Anonymous Coward
      Anonymous Coward

      > I trust Kaspersky

      Russian engineers are good indeed, but trusting Putin?

      One of the two Yandex' founders died young. Yandex is fully controlled by Putin now. How could Kaspersky be different?

      1. Jellied Eel Silver badge

        Re: > I trust Kaspersky

        One of the two Yandex' founders died young. Yandex is fully controlled by Putin now.

        <paranoia>John McAfee was Epsteined in a Spanish prison. McAfee is fully controlled by Biden now </paranoia>

        But more parnoia. Now US, and probably soon the UK & EU when we follow suit can now only use approved security software that may have the same influence risks as Kaspersky. So we get security products that will have the DHS, GCHQ etc approved back-door functionality. Which is potentially a real risk given our politicians are still intent on monitoring everything, so methods to access previously encrypted messaging, VPNs etc.

        So it's a bit like the good'ol days of firewalls and having to install 2 decent (ie approved) firewalls from different vendors. Theory being that if one was compromised or bugged, the other might catch it. Like good'ol Checkpoint and fears that that was, or could be compromised by Mossad. Slap a connection logger on the clean side though and keep an eye on what's passing through. And good luck if you're flying blind in a heavy cloud environment.

        But now I guess we could do the same. Install Kaspersky to try and catch the West's back-doors, trojans, malware etc and a Western version to try and catch any Russian stuff. Or for the 95% of the general population, they'll probably be relying on OS default software. And I guess to make life even more FUN!, the Western packages could detect Kaspersky and block it anyway..

  9. Anonymous Coward
    Anonymous Coward

    Avast

    Yet Avast is still allowed to sell their wares even after abusing their customer’s privacy and security for years including recently being fined by the FTC for secretly harvesting users browsing history.

    Avast is also secretly connected to a suspect “cybersecurity” company out of Brazil named PSAFE that uses other companies software in their “DFNDR” Android “antivirus” app. It uses Avasts’ antivirus and another companies VON software for their VPN app that was also caught harvesting users browsing history.

    Psafe is heavily funded by the Chinese and its largest stakeholder is Qihoo 360 which is on the US enitity list. Qihoo’s researchers created a zero day iPhone exploit called CHAOS which was found to be exploiting iPhones belonging to Chinas favorite minorities in waterhole attacks before Apple had released patches.

    When I inquired about Avasts involvement with Psafe 7 years ago they at first acted as if they had no idea what I was referring to but then finally admitted they were partners. But when I exposed that Psafe had been using browser hijacks to trick users into installing DFNDR by fake virus warning I was given a lifetime ban from the Avast user forums and any mention of Psafe was scrubbed from the comments section.

    That’s when I knew Avadt couldn’t be trusted.

    DFNDR is still using fake virus warnings to trick millions of users into installing their app and has so since it was released in 2013. Over a decade of fake virus warnings.

    It’s unknown if the Avast detection engine in DFNDR was also harvesting browser history but I do know that the app was accessing users WhatsApp database with what they called a “WhatsApp Cleaner”

    I for one trust Kaspersky a lot more than I trust Avast and itiming of this ban is suspicious seeing as how Kaspersky just did an excellent breakdown of iPhone implants found on their employees phones that used undocumented syscalls that look suspiciously like a back door.

    1. DS999 Silver badge

      Re: Avast

      I don't know why anyone would use anything other than Microsoft's tools. You don't have to worry whether Microsoft's AV software is abusing your privacy, because as the authors of the OS they already have an easy way to abuse your privacy.

      Choosing anyone else for AV software just gives a SECOND company a potential way into your data. Choosing Microsoft's AV software is the only way to insure that your privacy risk is not increased at all.

      1. Roland6 Silver badge

        Re: Avast

        >” I don't know why anyone would use anything other than Microsoft's tools.”

        Severalreasons:

        1. For too many years the MS security products were a joke.

        2. “So it's a bit like the good'ol days of firewalls and having to install 2 decent (ie approved) firewalls from different vendors. Theory being that if one was compromised or bugged, the other might catch it.”

        3. Third party tools tend to block exploits quicker and better than the MS tools, whilst you wait for MS to issue a fix…

        4. Not had to do a post infection clean out for a while, but the thirdparty tools tended to do a better job and avoid the disk wipe and full Windows reinstall…

        Using Kaspersky on Edge and many more security holes are blocked, although tools like uBlock, noscript etc do a similar job and their use will enhance the security of MS products…

      2. Anonymous Coward
        Anonymous Coward

        Re: Avast .... [Does *your* coffee taste funny ... or ... is it just me !!!]

        This is actually an *interesting* point of view !!!

        MS have been pissing in your coffee for years, but *we* know it and MS *know we know it* !!!

        Therefore we learn to live with the taste and *assume* that MS will not do anything worse !!!

        Better the devil you know, so to speak !!!

        This *still* requires some level of trust in MS and there is little evidence of prior trust being worth anything !!!

        :)

        1. Benegesserict Cumbersomberbatch Silver badge

          Re: Avast .... [Does *your* coffee taste funny ... or ... is it just me !!!]

          Whereas with Putin, it's not your coffee, it's your tea you have to worry about. You won't taste a thing, but your hair falling out will only be the start of your problems.

  10. Grunchy Silver badge

    No antivirus

    I gave up on Microsoft a year ago, though I still fire up “ghost spectre” once in awhile for legacy applications. Never online, though. That’s the nice thing about virt-manager, I only let Win10 online the one time, and then only to register my official “gray market” license. As far as Windows knows, there is no internet (and therefore, no virus). Even if I infected my installation somehow, I can revert any pre-infection snapshot. Far superior to Microsoft’s garbage recovery scheme that never worked right.

    Honestly I could not care less about Russia, the whole country has been a disaster ever since Lenin. I know plenty of ex-Russians, guess what, they don’t like Russia, either. That’s why they emigrated the heck outta there!

    1. Brave Coward

      Re: No antivirus

      "Russia [...] has been a disaster ever since Lenin."

      And was such a lovely paradise before.

  11. Mark Exclamation

    About bloody time!

    I ditched Kaspersky when Putin first invaded Ukraine, despite having >1 year's subscription left. I now use Bitdefender.

  12. VicMortimer Silver badge

    A decade late

    It should have been banned after Russia invaded Ukraine in 2014.

    And what kind of stupidity is giving them until almost October to turn into a malware injector? The bad should have taken effect immediately upon being announced.

    Europe would do well to handle it better when they ban Kaspersky.

    1. Mishak Silver badge

      invaded Ukraine

      Well said - I've had enough of hearing "invaded Crimea" as if it were a separate state.

  13. Anonymous Coward
    Anonymous Coward

    Don't worry ... Be happy ... Kapersky has been *stopped* !!!???

    ">>>Honestly I could not care less about Russia<<<, the whole country has been a disaster ever since Lenin. I know plenty of ex-Russians, guess what, they don’t like Russia, either. That’s why they emigrated the heck outta there!"

    Neither can Putin !!!

    Always remember there is a disconect between 'Putin' and the average russian citizen.

    Putin wants 'power' for powers sake & this 'War' in Ukraine is his excuse to grab 'more' power and mis-direct/mis-inform the average russian citizen.

    Putin deserves all the opprobium he can get !!!

    The average russian citizen deserves the 'Truth' and ultimately the same freedoms that the rest of the world (could get)/(gets) ...

    (Yes, I know this is not yet a level playing field for all *but* potentially it could get there, while Putin needs the russian masses to be permanently mis-informed !!!)

    :)

    1. Anonymous Coward
      Anonymous Coward

      Re: Don't worry ... Be happy ... Kapersky has been *stopped* !!!???

      Judging by the downvotes ... I did not realise *so many* people in russia read 'The Register' !!!

      Although, if I am being truthful I suspect that many of those readers are employed by the SVR or FSB

      (Not quite sure where one ends and the other begins !!!)

      Thanks for your attention and interest.

      Товарищ, До свидания, и спасибо за все рыбные !!!

      :)

  14. Anonymous Coward
    Anonymous Coward

    I dropped Kaspersky when Trump’s buddy crossed into Ukraine

    The unsubscribe process was Byzantine in the extreme.

    That told me everything I needed to know about their current management.

    1. Binraider Silver badge

      Re: I dropped Kaspersky when Trump’s buddy crossed into Ukraine

      Flattening the PC is probably the only way to be sure all traces are removed…

      1. Anonymous Coward
        Anonymous Coward

        Re: I dropped Kaspersky when Trump’s buddy crossed into Ukraine

        OP here

        I got a new PC and OS

    2. johnB

      Re: I dropped Kaspersky when Trump’s buddy crossed into Ukraine

      Byzantine certainly describes Kaspersky's unsubscribe process. Fortunately I'd changed credit cards so I managed to escape their clutches that way.

      No way would I recommend or go back to using them. They fall squarely into my "scum" category"

    3. Benegesserict Cumbersomberbatch Silver badge

      Re: I dropped Kaspersky when Trump’s buddy crossed into Ukraine

      Byzantine yes. Unorthodox?

  15. Anonymous Coward
    Anonymous Coward

    They should relocate to Ukraine and rename to Zelensky.

  16. Binraider Silver badge

    Taken far too long to get here IMO.

  17. Jou (Mxyzptlk) Silver badge

    Isn't Microsoft the bigger risk?

    Jus askin'...

    1. Sandtitz Silver badge
      Facepalm

      Re: Isn't Microsoft the bigger risk?

      No. Betteridge's law of headlines applies here as well.

      Thanks for askin' nevertheless.

      1. Jou (Mxyzptlk) Silver badge

        Re: Isn't Microsoft the bigger risk?

        In terms of damage done, and possible damage in the future, Microsoft is the bigger risk. So Betteridge's law is not universal. See "Studies" in your linked Wikipedia entry.

    2. Marty McFly Silver badge
      FAIL

      Re: Isn't Microsoft the bigger risk?

      Let's be clear... If Microsoft actually had security in their engineering DNA, then companies like Kaspersky, McAfee, Trend, Symantec, etc would not exist. The endpoint security market space only exists because the opportunity exists within Windows for malware miscreants to do bad things.

      Which is why we should all consider Windows Defender as 'good enough security'.

  18. Anonymous Coward
    Anonymous Coward

    It's a bit unfortunate, as I used to use Kaspersky and was very happy with it.

    However, a couple of years ago I basically came to the same conclusion as the American government: the company hasn't been found to be doing anything malicious, but it's far too vulnerable to being compromised by the Russian state. I let my subscription come to it's end and switched to Sophos.

    1. amajadedcynicaloldfart

      Funny thing

      @A/C

      I dumped Sophos when it was acquired by some American company based in Illinois if I remember properly

    2. Roland6 Silver badge

      > but it's far too vulnerable to being compromised by the Russian state.

      That is the real risk.

      Given the increase in cyber warfare we are seeing, I suggest this ( Russian state backed hackers abusing Kaspersky) is increasingly probable…

  19. Anonymous Coward
    Anonymous Coward

    America First!

    I think it's good news that the US has banned Kapersky and DJI drones - they should only use Western made products as soon as possible - so that means no more iPhones until they get made in a Western made country, no cheap stuff @ Walmart etc - all top quality AMERICAN made tools that they make YouTube videos complaining about the quality of ...

  20. Meeker Morgan

    I trust Kaspersky Labs to keep my computer secure more than I do the US government.

    And that's not just a partisan hit on Joe Biden.

    It's the reason I went with Kaspersky in the first place years ago.

    1. martinusher Silver badge

      Re: I trust Kaspersky Labs to keep my computer secure more than I do the US government.

      Kaspersky were always a threat to our national security -- we developed malware to help our intelligence services to spy and they kept on identifying and countering that malware. They've probably been on our (s)hit list since well before Snowden -- I can imagine that some minor government functionary making it his/her life's work to get this banned even as its become somewhat irrelevant from a 'national security' perspective. (Because anyone who values their security won't be using closed systems, they will have moved to something a bit more open and transparent that's not just a 'analytics' collection machine.)

  21. Plest Silver badge
    Stop

    Used Kaspersky for about 5 years, then Putin put his size 12's in someone else's backyard and as it was about a month renewal I just moved to Bitdefender.

    A neat trick to save you money, never ever buy direct from the vendor, go to Amazon and buy the serial printed on dead tree and posted to you. My last Bitdefender renewal was supposed to be £79 for 5 users, 5 mins on Amazon and i got a 5 user voucher for £29! 2 days later it arrivedin the post and sorted. Yes, stupidly enough it's actually cheaper to have "dead tree" posted to you in a plastic box than emailed, bleedin' mystery to me why but whatever I saved £50.

    1. petef

      Consider what you are paying for, especially in the context of security of your machines. Can you be certain that you are getting a bona fide product? Likely != certain.

  22. quadibloc2

    Seems Reasonable

    Hoiwever stellar Kaspersky's performance has been in the past, anything based in Russia is potentially under the control of the Russian government. If they can't move their operations to a safe country, I don't think the U.S. has any alternative. After all, we're at war with Russia in all but name.

    1. Roland6 Silver badge

      Re: Seems Reasonable

      But Kaspersky aren’t based wholly in Russia, their Global Transparency Initiative changed that. In some ways it might be possible for the North American and Swiss centres to become standalone businesses, with the Us one being a non-profit organisation… Perhaps that is why Eugene Kaspersky hasn’t been sanctioned, just yet…

    2. Jou (Mxyzptlk) Silver badge

      Re: Seems Reasonable

      Actually they have. But they prefer to pick targets which make big head lines to get the votes. The timing is not accidental, could have been decided that way about two years ago.

    3. Jason Bloomberg Silver badge

      Re: Seems Reasonable

      anything based in Russia is potentially under the control of the Russian government

      Everything based in a country is potentially under the control of that county's government.

      Don't imagine any country wouldn't force companies to do what they wanted them to do if they believed it was necessary or expedient. And many would do it anyway, would see it as their patriotic duty.

      Our list of Good Guys and Bad Guys is just the mirror image of theirs.

      1. anonymous boring coward Silver badge

        Re: Seems Reasonable

        In nations that have a rule of law, as opposed to a murdering-on-a-whim hardened gangster dictatorship, the problem is much smaller.

        It would be (is) really easy for Putin to get anyone within Russia to do exactly what he wants, no questions asked. Or else. No whistle blowing possible, without you and your family being eradicated.

  23. Anonymous Coward
    Anonymous Coward

    Given most hacker groups are russian, Chinese or north korea

    I don't quite understand why anyone would use software from thier respective countries...

    Yep I know we are a bit stuffed with regards to pretty much everything cheap coming from china but it should be easy to avoid Russia and north Korea as a supplier...

    1. Jou (Mxyzptlk) Silver badge

      Re: Given most hacker groups are russian, Chinese or north korea

      Dear mister AC: The United States of America does not publish their own hacker groups and statistics. Do you really think the self proclaimed "most advanced nation" lacks in hacking department? Pointing fingers at others, that is what is done. Classical whataboutism is what you hear when touching that topic.

  24. jlturriff

    US government's lax response to IT security "implementation"

    It's really frustrating to see how the US government is "responding" to software security issues. (I put it that way because they mostly seem to be giving the IT industry a pass to ignore security.) Applying this blanket sanction to Kapersky only surprises me by the amount of time it took for them to take action at all; meanwhile the rest of the industry goes blithely on its way, ignoring security and lying blatently about their commitment to its implementation, and the government does nothing except squabble. IMO there should be hard requirements for IT to show the state of their security implementations, and criminal penalties for heel-dragging and backsliding, and I believe that a lot of high-level executives should be behind bars for leaving their companies open to theft of customers' data and ransomware attacks

  25. PyLETS
    Black Helicopters

    Giving root to the Kremlin isn't a great idea

    For kernel level anti virus to scan executable code on opening, it needs the highest level of privilege within your system.

    It's not possible for any tool to know about all the bad code in the world, making anti virus of limited use. Much better security arises from processes which verify the software supply chain, so there is some quality assurance and cryptographic chain of trust asserting code provenance is known, maintained by the OS. If you can't trust the OS, you can't trust anything running on that OS, so this is where enforcement of application integrity (to the extent that reasonably can occur) has to occur.

    For many purposes the web browser is a kind of OS in this regard, but sandboxed code running from a visited website doesn't have the same level of privilege over an entire system that the OS has.

  26. Intractable Potsherd

    More unevidenced garbage from the government allowing men into women's sports, spaces and shortlists. I'd blame Biden, but di don't think he's in control any longer.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like