Re: You do not need evidence against Russians
Thought experiment:
Mistrust Kaspersky AV because of the likelihood of ties to the Russian govt. and assume that its effectiveness against (possibly Russian state-sponsored) malware, certainly no worse than any of the other AV vendors, is a price that said govt. is prepared to pay for whatever it gains from the deal.
Mistrust CheckPoint because they just may help Mossad to be as good as it is at what it does.
Mistrust Symantec because they probably feed stuff to the NSA, CIA and whoever else, and the govt. only let them continue researching Stuxnet because the only other major AV vendor doing so back then happened to be Russian.
Add further mistrust here to suit your taste/nationality.
So - for a level of breach tolerance up to and including huge embarrassment/massive nuisance, pay your money and take your chance. For the stuff on which lives really depend, get physical, use the air gap, and take a lesson from the poor b*stard who broke the rules and carted a USB key into an Iranian nuclear plant.
Biting the hand that feeds IT
