Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kaspersky Software Banned From US Government Systems Over Concerns About Russia (betanews.com)

Posted by msmash on from the going-at-it dept.

Mark Wilson writes: The Department of Homeland Security has told US government agencies to remove Kaspersky software from their systems. The directive was issued because of concerns about influence exerted over the company by the Russian government. Government agencies have been given three months to identify and start to remove Kaspersky's security products. Kaspersky has constantly denied connections to the Russian government, but the US is simply not willing to take the risk.

8 of 91 comments (clear)

  1. So they think it's so easy to uninstall Kaspersky by billrp · · Score: 4, Interesting

    Will they try to use the Kaspersky uninstall tool and expect everything to be removed? Only a full clean reinstall of Windows will remove everything. And is there an independent tool to run to confirm that Kaspersky has actually been removed?

  2. Re:So they think it's so easy to uninstall Kaspers by gregfortune · · Score: 4, Insightful

    Yup, basically what I logged in to say. "Removing" software that already had administrative/root access to your systems after telling the vendor that you're going to do it a couple months down the road for a product that has auto-update capabilities built into it is borderline criminal negligence if you sincerely thought there was a legitimate risk to begin with. Silly.

    In answer to your second question, no, there is not. And there can't be. The system can never be trusted until wiped down to the firmware level (and maybe not even then if you don't trust the hardware manufacturers or physical access was compromised in some way). Any tool you might build can be lied to by the underlying kernel and/or firmware that you must assume is already compromised.

  3. Re:Banned because Kaspersky patched NSA/CIA backdo by Dan+East · · Score: 5, Insightful

    This is cold hard irrefutable fact, not internet rumor.

    Got any more hard irrefutable facts I'm supposed to blindly believe? Just checking before I make any important decisions. BTW, I'm on the internet, and I'm seeing this claim made on the internet by a totally anonymous person with no actual attribution or sources backing it up, so that kinda, by definition, makes it an "internet rumor".

    --
    Better known as 318230.
  4. Re:Interesting... by Anonymous Coward · · Score: 3, Interesting

    Just wondering how the rest of the world should behave when we have several US-made softwares that were already proved to contain NSA backdoors.

    The only sane way you can ... distrust the fuck out of everything, measure it for network connections you can't trust, and decide if you really need that software.

    Every state actor these days is doing shit like this. Which means you need to take some ownership of your security and act as if you have no assumption but to assume at least one government is trying to undermine your security.

    What I don't get is how the idiots in the US get all butt-hurt when people try to hack them, yes entities like the NSA are aggressively hacking everyone else.

    America has lost the right to complain about other entities hacking them, and quite frankly should lose the right to extradite people for hacking them, because US agencies are actively doing it to the rest of the world.

    America has simply become a state you can't trust, because like childish assholes they like to act like their security supersedes all other considerations. I'm really looking forward to the day when someone burns the US security infrastructure to the ground.

  5. Attack vector by Dan+East · · Score: 3, Interesting

    Of all possible attack vectors into a system, antivirus software would have to be the most ideal mechanism for taking over or otherwise collecting data. By its very design it must have full reign of the system, read the data of every file accessed by any process, and have the ability to edit and delete any file on the system.

    However, the most concerning part is that antivirus software must receive new functionality and data on a practically daily basis to detect and remove newly created malware. An antivirus program can take down its host system at any time by simply receiving a virus definition that causes it to remove or corrupt critical system files. It can also do the same targeting any specific application.

    Personally I don't trust ANY antivirus company to wield that sort of power over my system.

    --
    Better known as 318230.
  6. Re:Russia please uninstall US antivirus software by Shompol · · Score: 3, Insightful

    ...all Russian government should not use US Windows software because it does contain CIA backdoor to get in!

  7. Re:Banned because Kaspersky patched NSA/CIA backdo by SeaFox · · Score: 5, Insightful

    jimstone.is

    After hackers released all the NSA hackware files, Kaspersky went through them and plugged all the holes. That would explain why American intelligence is telling people to avoid Kaspersky.

    Let me repeat an old story on this site . . . .

    Years ago, (2012 or so) a Norton programmer contacted me and told me that both Norton and McAfee had people permanently stationed at Microsoft, and their only job was to cooperate with Microsoft and make sure their system security products did not close any NSA backdoors that Microsoft put there for the NSA. This is cold hard irrefutable fact, not internet rumor.

    Why would the government need to worry about Kaspersky plugging "NSA backdoors" on systems they personally own and have full physical access to? If they want to see what's on their own systems they can, in a worst-case scenario, just walk in the take them.

  8. Why You Should Run Kaspersky by j0ebaker · · Score: 5, Insightful

    It is the US government who makes companies insert spy software into their machines. I run Kaspersky because they aren't under threat from the NSA to look the other way about back doors that The NSA and CIA might be putting on my computers.