Slashdot Mirror

← Back to Stories (view on slashdot.org)

'US Intelligence Agencies Should Put Up Or Shut Up With Kaspersky Rumors' (csoonline.com)

Posted by msmash on from the make-your-mind-already dept.

itwbennett writes: As previously reported on Slashdot, U.S. intelligence agencies have warned against using Kaspersky software amid swirling rumors of ties between Kaspersky Lab executives and the Russian government. White House cybersecurity coordinator Rob Joyce this week advised against consumer use of Kaspersky software. This may be good politics, but CSOonline's Fahmida Rashid warns that it's bad infosec. 'If the government has any evidence -- or even compelling reasons for being suspicious -- it should be sharing that, because many companies and consumers rely on Kaspersky Lab products. The fact that the government hasn't done so makes it likely this is all just geo politics,' writes Rashid. 'There is enough FUD in the market without throwing in politics into decision-making. Organizations should focus on deploying the technology which best addresses their needs.'

5 of 115 comments (clear)

  1. I'm thinking its just like the FCC DDOS by Revek · · Score: 4, Interesting

    Not an outright lie, more like some ignorant interpretation of the facts. A straw man to distract people from the Illegal hacking that our own government does to 'protect' us.

  2. It's about risk by Oswald+McWeany · · Score: 4, Insightful

    You don't have to prove that Kaspersky is in bed with Russian intelligence to not want to use it for government computers.

    Merely suspecting it might be is enough reason not to use it.

    --
    "That's the way to do it" - Punch
  3. Re:We already know why Kaspersky is untrustworthy by houghi · · Score: 4, Funny

    For me it is the software that I DID write myself that I don't trust.

    --
    Don't fight for your country, if your country does not fight for you.
  4. Re:Kaspersky = KGB by Entropius · · Score: 4, Insightful

    How are you going to verify if it's spyware or not?

    Most likely the software is programmed to download automatic updates. This means that it could go from being benign to being a trojan overnight -- for whichever subset of IP addresses the people running the update servers want.

    It's impossible to audit the security of autoupdating code; you're at the mercy of whoever controls the updates.

  5. Re:The government will use a well known line... by h4ck7h3p14n37 · · Score: 4, Insightful

    Back during the Cuban Missile Crisis President Kennedy put forward the U-2 photos showing the missile sites. He didn't hide behind the whole sources and methods thing.

    If someone's not willing to present their evidence, then you probably shouldn't trust them unless they have demonstrated they can be trusted. The three letter agencies have all demonstrated they cannot be trusted.