Is Kaspersky Anti-Virus Spying for Russia? - Comments Page 1

Category: Anti-Virus



All Comments on: "Is Kaspersky Anti-Virus Spying for Russia?"

Comment Page: 1 |  2  |  3 

Posted by:

Mac 'n' Cheese
30 May 2017

I'm no expert in this area. Having said that, it has occurred to me that perhaps offering to share your source code as proof there's no backdoor entrance is not helpful.

Bob, why couldn't a company--at least in theory--have two versions of the source code: one that's clean, and one that contains the backdoor code?

I'm not ready to trust the software of any company that is subject to an authoritarian regime.

Posted by:

TimboW
30 May 2017

Shame on you, Rankin, for jumping on this media circus bandwagon! First, it's not even been proven Russia has been spying on the US civilian populous.To even mention Putin's name within this context is deplorable.
As a retired Special Forces 18F intelligence operator, I can assure you that the US does the very same thing. There's a saying that one should pick up the dog crap in their own back yard before concerning oneself the dog crap in the neighbors yard. Think about it.

EDITOR'S NOTE: I'm thinking you didn't read the entire article...

Posted by:

TimboW
30 May 2017

@Mac 'n' Cheese- so, are you saying that you'd trust an American security program?...after the intelligence community within the US WAS caught red handed spying on its own citizens?... maybe give PC Matic a try...LOL!

Posted by:

Mike Schwartz
30 May 2017

The question always is, "Who do you trust"? It's just as probably that ANY software or hardware from ANY country (including the U.S.) might be spying on us.
Is there any agency or group that monitors Kaspersky or any anti-virus programs to see who these programs "report back to"?
Many computer users assume that "somebody" is watching over all of the software and firmware, but I don't know who that would be. Occasionally things are caught, like cheap webcams that can be hacked and taken over by others to spy on us. But these seem like random finds, usually by individuals or other computer hackers and not by some big government agency or computer monitoring group.

Posted by:

Daniel
30 May 2017

I have switched to Kaspersky because it consistently is rated as one of the best overall security products and had a fantastic price at the time. I wondered about this security issue at the time. It would be way beyond my ability to figure out if anything nefarious is happening behind the scenes on my computers.

But, I have the same question as Mac 'n' Cheese: what would keep them from presenting a clean copy of their software for examination while selling the corrupted versions to the rest of us? I think the answer would be that the security world could "break into" the software that was bought off the shelf. Then, they would examine every update that comes in also.

I would also point out that if a white-hat hacker were to ever find a back-door or trojan of any kind in Kaspersky's products, that would be a HUGE boost to their creds and marketability. So, I'm betting many have tried and failed to find anything.

Posted by:

Mark Fotheringham
30 May 2017

I use Kaspersky products on all of my home computers and also on those of a small company of which I am a director. If the fact that they emanate from a Russian based private company is to cause me concern then I would similarly have to discontinue the use of Microsoft products on the same basis. Was it not the spyware tools leaked from the U.S. security services and the weaknesses in M.S. windows code that caused the recent world wide computer debacle? When all is said and done it's governments rather than private companies that we should be naturally suspicious of and I include our own in the U.K.

Posted by:

John Wafford
30 May 2017

Like Daniel, I have also switched to Kaspersky for the same reasons. I have no qualms about using this software and think this is a further example of Trump's paranoia. The sooner he is impeached, the better.

Posted by:

Bob Greene
30 May 2017

Bob Rankin offers a reasonable defense of any non-USA software publisher, and of course, Kaspersky is innocent until proven guilty. The problem is not Kaspersky but the larger context of international rivalry in which Kaspersky is forced to operate.

That rivalry, in itself, opens the possibility of clandestine behaviors in any code. As poster Mac 'n'Cheese points out, merely opening what is said to be the source code proves little. The ultimate and only test of software security is behavior under actual conditions of use. That, alone, could account for the unanimous opinion of American security officials against Kaspersky.

By the same cautionary prejudice applied to Kaspersky, the PRC refuses to run proprietary American code of Microsoft Windows in security-critical operations of government. Instead, the PRC runs "Red Flag" Linux-- its own version, tooled for security at the deepest level. For all we know, they may be entirely justified. After all, if anyone knows about systems penetration issues, the PRC does.

The unfortunate effect of all this mutual suspicion is to constrict international trade, and reduce the world to "blocs" of security alliances which parallel military/security alliances. As long as government can find a corporation willing to host a stealth code operation-- as with AT&T actually spying on even Americans during the Bush years through AT&T switch points-- all security must consider political boundaries.

Posted by:

Mark Hoffman
30 May 2017

In response to Mac 'n' Cheese's concern about a clean and an evil dirty version of the code: If the code can be compiled into the same binary as what is sold (This might take some help from Kapersky.), then that is the code that was used. Of course the compiler would have to be trusted to also have no back door features. This could be shown if the compiler is open source, or if it is from a trusted, unrelated party. Also the code that was being checked would have to be reasonably straight forward to be checked for its own back doors. It would be great if the US security service would verify the code, announce its findings, and repeat with each changed version.

Posted by:

SparkyVA
30 May 2017

No mention of micro-code, the deepest level of coding embedded in the CPU itself. Do you trust Intel? Or maybe the chips sent to a certain firm supplying Chinese missiles had a special batch of chips supplied with an accelerometer built into the chip to freeze the CPU under 10 g acceleration...

Posted by:

Mac 'n' Cheese
30 May 2017

TimboW asked, "So, are you saying that you'd trust an American security program?"

That strikes me as an odd question.

I told you of one group I was not ready to trust. I said nothing about who I am ready to trust.

Don't feel bad, TimboW. Many folks make the same mistake in their logic.

If someone says he doesn't like apple pie, those folks assume that therefore he must like any pie that's not apple pie.

But, of course, that's silly, isn't it?

And if I say I'm not ready to trust the software of any company that is subject to an authoritarian regime, it's equally silly to assume that therefore I must be ready to trust any company that's not subject to an authoritarian regime.

TimboW, I realize you only ASKED if I was saying that I would trust an American security program. Perhaps you didn't assume that I would.

I inferred that you did, but I could easily be mistaken.

... And Mark Hoffman, thanks for the information beyond my scope of knowledge. It all sounds good to me. You know more about this than I do, by far!

Mac

Posted by:

Jim
30 May 2017

Kaspersky, welcome to the world of Trump. As one of Trump's accusers said, "the fact that there is no evidence, proves that more investigation is necessary". This said after the FBI, NSA, and CIA reported no evidence was found.

Posted by:

Phil
30 May 2017

You would think we could keep politics out of this computer forum since politics has permeated in so many other areas. But it's obvious we haven't so far. Maybe we still can. In any case, I don't think the average Joe who has a home computer/tablet, etc., needs to be concerned about this unless he/she works for a business (Gov't or Private) that needs to keep things secret. And in that case, it's better to be safe than sorry.

Posted by:

Brookside
30 May 2017

Days of McAfee, Norton, Symantic. Once upon a time there were protection packages actually developed in the US and which performed well. Alas the "big boys" have gone to programming elsewhere for financial reasons, and they have been "elsewhere" for a long time. There have been and may still be a few "programmed in the USA" packages, but they are so far down in the mud in assessment tests that they are laughable performers. As an old friend once said to me about politicians--it's your crook or my crook but either way they are both still crooks. That's the position we find ourselves in.

Posted by:

Frank
30 May 2017

Interesting & Enlightening. How about posting the country of origin of the top 10 AntiVirus software along with their level of effectiveness, Bob?

Anyone?

Posted by:

Nancy Teppler
30 May 2017

From the first volley of inane comments that a then-sitting president wasn't born in the country to today's daily dose of leaks, rumors, and innuendo, exacerbated by ridiculous memes of all types pointing fingers in all directions, a political climate of paranoia has spread like wildfire throughout this nation and beyond. My grandmother had a good saying: believe half of what you see with your own eyes and nothing of what you hear. We need a world-wide remedial course in researching facts and finding truth before opening our mouths. It's a sad state of affairs when everything I read anywhere has to be triple-checked against other reliable, trustworthy sources. People who laughed at the supermarket rags heralding alien invasions now quote from those same papers as if they were the epitome of professional journalism. I understand that just because someone has a high position in government or business doesn't make them highly literate in computer technology and safety. Hence, I'm convinced we have many heretofore unknown individuals who have used emails and/or carried about laptops, phones, and tablets without using the highest standards of security for the sensitive information contained therein. There are more sniffers monitoring foreign government and rival company networks than there is time to interpret a fraction of any of it. All of this notwithstanding, for anyone to groundlessly smear a company's reputation, and for any media to further that offense by spreading unfounded comments is just plain wrong. If a suspicion exists that a firm is doing something wrong, prove it first, then report it--not the other way around. To attack the integrity of a company without proof of wrongdoing and based on its location is no less deplorable than attacking a person based on their nationality or origin.

Posted by:

BobD
30 May 2017

Avast is Czech.
The radio reminds me often that Kaspersky helps sponsor NPR. (So there you are! Buncha commies.)

Posted by:

ThosRM
30 May 2017

I have used Kaspersky software for almost as long as he has been in business. Early on in the internet security era, he gave a presentation in Dallas, which I attended. I have always trusted Kaspersky software and continue to do so.

Posted by:

Larry Etheridge
30 May 2017

Why does Kaspersky take 5 days to run a full scan? Last time I looked at a K AV and clicked on full scan it estimated a scan time of five days. Just saying...

Posted by:

Joe M
30 May 2017

Amazing article and replies.

My .02....

Having used nearly ever AV and anti-malware app out there, I look for one thing. Which will protect me from threat actors wishing to do me harm?

Is Russia trying to do me harm? Not likely. Is the NSA wising to do me harm? Not likely either. I trust neither of them, but it is not likely that either is after the information I have. Google and Yahoo are more likely interested in that information on my computer. So are "hackers" wishing to encrypt my data in the hope of getting a ransom paid.

I'm sure most every vendor is compromised. Personally, I use Sophos Home. It's free for up to 10 devices and is pretty decent. And of course, I back up.

So ask yourself, what are you trying to protect, and from whom are you trying to protect it? Then presume that all software is compromised. And act accordingly.

Comment Page: 1 |  2  |  3 

Read the article that everyone's commenting on.

To post a comment on "Is Kaspersky Anti-Virus Spying for Russia?"
please return to that article.

Send this article to a friend. Jump to the Comments section. Buy Bob a Snickers. Or check out other articles in this category:





Need More Help? Try the AskBobRankin Updates Newsletter. It's Free!

Prev Article:
[ALERT] Latest Ransomware Threats
Send this article to a friend
The Top Twenty
Next Article:
Has Judy Malware Infected Your Phone?

Link to this article from your site or blog. Just copy and paste from this box:



Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter


About Us     Privacy Policy     RSS/XML