Slashdot Mirror

← Back to Stories (view on slashdot.org)

'US Intelligence Agencies Should Put Up Or Shut Up With Kaspersky Rumors' (csoonline.com)

Posted by msmash on from the make-your-mind-already dept.

itwbennett writes: As previously reported on Slashdot, U.S. intelligence agencies have warned against using Kaspersky software amid swirling rumors of ties between Kaspersky Lab executives and the Russian government. White House cybersecurity coordinator Rob Joyce this week advised against consumer use of Kaspersky software. This may be good politics, but CSOonline's Fahmida Rashid warns that it's bad infosec. 'If the government has any evidence -- or even compelling reasons for being suspicious -- it should be sharing that, because many companies and consumers rely on Kaspersky Lab products. The fact that the government hasn't done so makes it likely this is all just geo politics,' writes Rashid. 'There is enough FUD in the market without throwing in politics into decision-making. Organizations should focus on deploying the technology which best addresses their needs.'

7 of 115 comments (clear)

  1. I'm thinking its just like the FCC DDOS by Revek · · Score: 4, Interesting

    Not an outright lie, more like some ignorant interpretation of the facts. A straw man to distract people from the Illegal hacking that our own government does to 'protect' us.

  2. Rarely do we get all the info we need by danlor · · Score: 3, Interesting

    This time is no different. There is tons of smoke, and a despot with his hand near the wheel. Regardless of whether or not there is currently corruption, there is nothing stopping it from happening undetected in the future. We have been debating this situation here, at the executive level for over a year. I have been steadfastly against making a change (We use Kaspersky), but at a certain point it comes down to putting your name on the line certifying Kaspersky as safe. Are you comfortable with that? I'm not. So I had to give in. I'm not going to put my job on the line for a commodity security software.

  3. It's about risk by Oswald+McWeany · · Score: 4, Insightful

    You don't have to prove that Kaspersky is in bed with Russian intelligence to not want to use it for government computers.

    Merely suspecting it might be is enough reason not to use it.

    --
    "That's the way to do it" - Punch
    1. Re:It's about risk by Anonymous Coward · · Score: 3, Funny

      TFA: The burden of proof is on US intelligence agencies.
      New Slashdotters: No, the burden of proof falls on Kaspersky labs.
      Old Slashdotters: Anti-virus is a virus. Use Linux, not cloud services.
      Me: Maybe if I produce a pithy summary, I'll get modded up.
      Moderators: I would have, but then you revealed your true motives.
      You: Why am I still reading this comment?
      Your subconscious mind: Seriously, why are you still reading it?
      US intelligence agents: He's still reading stupid Slashdot comments. Can we please stop wasting tax-payer money monitoring this guy?
      US intelligence agency leadership: No, we must assume everyone is a terrorist. Note to self, increase scrutiny of agent 35422. God bless America.
      God: Why? What makes you so special?
      Richard Dawkins: Hey, you don't exist.
      Westboro Baptist Church: Nuh huh, and he hates you, and gays too.
      Liberals: Show some compassion people.
      Conservatives: I'll show you compassion. It's right here, in the barrel of my shotgun. Trump 2020!
      Donald Trump: This is all Obama's fault.
      CNN: Donalt Trump tweets another lie!
      ...okay, seriously, why are you still reading this?

  4. Re:We already know why Kaspersky is untrustworthy by houghi · · Score: 4, Funny

    For me it is the software that I DID write myself that I don't trust.

    --
    Don't fight for your country, if your country does not fight for you.
  5. Re:Kaspersky = KGB by Entropius · · Score: 4, Insightful

    How are you going to verify if it's spyware or not?

    Most likely the software is programmed to download automatic updates. This means that it could go from being benign to being a trojan overnight -- for whichever subset of IP addresses the people running the update servers want.

    It's impossible to audit the security of autoupdating code; you're at the mercy of whoever controls the updates.

  6. Re:The government will use a well known line... by h4ck7h3p14n37 · · Score: 4, Insightful

    Back during the Cuban Missile Crisis President Kennedy put forward the U-2 photos showing the missile sites. He didn't hide behind the whole sources and methods thing.

    If someone's not willing to present their evidence, then you probably shouldn't trust them unless they have demonstrated they can be trusted. The three letter agencies have all demonstrated they cannot be trusted.