and what about the spooks setting up a shell company as a front for getting access to the source code to look for exploits?
Not a good move by Kaspersky, the signatures should remain known only to kaspersky or its too easy to rewrite that segment of code.