Slashdot Mirror
Ask Slashdot: Should Users Uninstall Kaspersky's Antivirus Software? (slashdot.org)
First, here's the opinion of two former NSA cybersecurity analysts (via Consumer Reports):
"It's a big deal," says Blake Darche, a former NSA cybersecurity analyst and the founder of the cybersecurity firm Area 1. "For any consumers or small businesses that are concerned about privacy or have sensitive information, I wouldn't recommend running Kaspersky." By its very nature antivirus software is an appealing tool for hackers who want to access remote computers, security experts say. Such software is designed to scan a computer comprehensively as it searches for malware, then send regular reports back to a company server. "One of the things people don't realize, by installing that tool you give [the software manufacturer] the right to pull any information that might be interesting," says Chris O'Rourke, another former NSA cybersecurity expert who is the CEO of cybersecurity firm Soteria.
But for that reason, Bloomberg View columnist Leonid Bershidsky suggests any anti-virus software will be targetted by nation-state actors, and argues that for most users, "non-state criminal threats are worse. That's why Interpol this week signed a new information-sharing agreement with Kaspersky despite all the revelations in the U.S. media: The international police cooperation organization deals mainly with non-state actors, including profit-seeking hackers, rather than with the warring intelligence services."
And long-time Slashdot reader freddieb is a loyal Kaspersky user who is wondering what to do, calling the software "very effective and non-intrusive." And in addition, "Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."
Share your own informed opinions in the comments. Should users uninstall Kaspersky's antivirus software?
But for that reason, Bloomberg View columnist Leonid Bershidsky suggests any anti-virus software will be targetted by nation-state actors, and argues that for most users, "non-state criminal threats are worse. That's why Interpol this week signed a new information-sharing agreement with Kaspersky despite all the revelations in the U.S. media: The international police cooperation organization deals mainly with non-state actors, including profit-seeking hackers, rather than with the warring intelligence services."
And long-time Slashdot reader freddieb is a loyal Kaspersky user who is wondering what to do, calling the software "very effective and non-intrusive." And in addition, "Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."
Share your own informed opinions in the comments. Should users uninstall Kaspersky's antivirus software?
Uninstall any such snakeoil crap.
This is all just propaganda.
from 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
to 45 2F 6E 40 3C DF 10 71 4E 41 DF AA 25 7D 31 3F
Why have you installed it in the first place?
And in companies, and even in government facilities and departments? Seriously? *mindboggle*
The whole mass hysteria about Russia comes from the FUD campaign launched by Clinton to distract people from the fact that she was sending top secret emails in plain text using her own Exchange server instead of using the state department secure infrastructure.
She lost the election, can we stop this idiotic red scare? Russia is a third world country and their "state sponsored" hackers use the same kind of low quality scripts that mafiaboy used to ddos yahoo, let's get real.
lucm, indeed.
oftware on their compromised operating system on their compromised hardware. I can't take this stupidity anymore...
Of course Kaspersky should be removed from your system.
Or if you want to keep it, then don't complain when your files get reviewed by an invasive dictatorship. Of course, in 90% of cases they might not give a two shits about you, but if they do, then Kaspersky is one of their possible tools.
Also, there is absolutely no doubt that Kaspersky and similar Russian-made products should be removed from government networks or any computers handling sensitive information.
Russia has been found to be using Kaspersky to spy on Americans, as part of their ongoing cyberwarfare campaign against the United States.
Do not be a vector for cyberware against your own country. Trump gets paid for treason, but nobody will pay you for installing Kaspersky and joining the Kremlin botnet.
Nothing against the Russian people whose wealth is stolen by Putin, but any American who colludes with Russia's attack on America, even by just looking the other way is a lousy turncoat, just like the traitor Moscow Donald.
Your bullshit denial of reality in the face of mounting evidence only convinces fools and traitors.
Of course russian intelligence services are using Kaspersky for their own purpose.
Are antivirus programs really worth the impact on your machine? They use a surprising amount of resources and many experts have voiced opinions that the threats are outrunning their capabilities.
If you want to visit a site that might contain malware, just start a VM or boot a CD-based OS that doesn't use your drives.
When was the last time your antivirus actually prevented an infection? If it did, it definitely told you because they do everything possible to keep your fear level up.
The election settled who the next president would be, not any factual claims. What you posted is laughable and false, so at least you have that going for you.
Of course if I were in Russia I would have my doubts about running US software for the same reason. As a rule of thumb, don't trust code produced by your main adversary.
Anti-virus software are not just useless, they're actively harmful by providing very large attack surfaces.
Remove them. Now.
Says the NSA.. the government backed mafia organisation that has been stealing all our information illegally until their cronies made it retroactively "legal". ..and they think they're the "good guys".. lol..
at least not based on whatever reason the NSA has, because everything from NSA can be doubted ever since the Snowden Leak.
This is especially when they haven't help the common people while leaking NSA malware all over the world (like wannacrypt).
Look at the quality and reliability of their AV suit. Look at the quality, depth, and huge amount of research they do in Internet security and publish freely for the benefit of YOU and everyone else out there.
How can you justifiably question their sincerity and honesty? Are they required by law to give some information to their government? Well, every country has those, and I would argue that the laws in America are even worse, and to even make the AV software not trigger on certain state-developed threats. We've read about how NSA have their own courts serve up orders to make American hardware and software manufacturers compromise their products, and if anything, it's the American AV softwares that should be avoided.
This is just another propaganda effort to further a growing mistrust and dislike of Russia, the Russian people, and a hugely popular AV software and related services. Eventually you may see the same about other foreign AV softwares, because they also continue to keep CIA+NSA out of both yours and more important machines in banking and other important sectors.
At this point, the only two AV softwares I trust are F-Secure (Finland) and Kaspersky (Russia), the others have shaky track records, or are owned and developed by American companies, meaning NSA and/or CIA has a way in.
and it is dishonest, and biased. They will strictly say that the American AV softwares are reliable, because with their special courts serving up court orders, they have a way into every one of the American AV softwares.
Kaspersky is not the one to avoid, the American softwares are the ones you need to steer clear of.
Nyet.
Obligatory russian hackers joke.
All AV software should be treated as if compromised by it's country of origin. So, whether or not you should uninstall Kaspersky is who you are worried about.
If the biggest threat to you is ordinary criminal malware? No.
If the biggest threat to you is Russian intelligence? Yes.
If the biggest threat to you is US intelligence? No.
This is my signature. There are many like it, but this one is mine.
Israelis caught them being used to spy upon it's users which is why it is banned by the US government. In addition it replaces SSL certificates with their own doing MITM attacks and sniffing de-encrpyting your data.
I noticed Google Chrome even hides certificates now in the address bar after AV software was caught doing this! Coincidence?
Not only would I uninstall it. I would re-image too if you have to use Windows. You can't trust whatever backdoors or spyware Kaspersky could have changed in the Windows Registry or done to your system.
http://saveie6.com/
... you shouldn't use any operating system or computer work environment that needs to rely on anti-virus software to relyably function.
Glad I could help.
We suffer more in our imagination than in reality. - Seneca
Firstly, why would the egggsperts here be interested in anything Consumer Reports has to say about computers?
Secondly, Kaspersky is the best there is, which is why NSA wants you to uninstall it.
Thirdly, you're probably better off with no such products installed. Practice safe surfing, check your machine occasionally for malware using a free scanner, and avoid Windoze.
Think about it for a minute.
Would truly malicious software actually allow itself to be uninstalled? If the Kaspersky people are competent at what they do, and if they are doing it for Putin, then you are in a world of hurt. The question of "Should you uninstall?" is relatively trivial compared to the big questions of "Are you able to uninstall the software?" and "How can you be sure you really got rid of it?"
The makers of the best anti-virus software (which might be Kaspersky for all I know) would know about every backdoor into your system and every way to hide bad code. If that company was evil or suborned for evil purposes, that same knowledge would make it impossible to remove their software unless they REALLY wanted to let you remove it.
All things considered, especially things like how good Putin is at manipulating people, at this point I'd have very little trust in any computer that ever ran any software that originated in Russia. Or even software that was exposed to Russians who have family members still living in Russia.
Technology remains morally neutral. Putin and his kleptocrats? Not so much.
Before commenting, I searched this discussion for prior statements of this obvious reality. Didn't find any, but maybe I just hadn't thought of the right keywords yet. So I'll try another search now...
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Personally I haven't bought a security suite since XP and before. Not because I don't trust it, or that the argument can be made that if your careless or have good reasons to be paranoid that even Kaspersky can still be a good option. But mostly because I find any of these suites intrusive, annoying and only marginally better then the free options.
It's simple, Russia has gone out of its way to make itself an adversarial state to the US (of which I am a member). The Russian government has also been very heavy handed in dealing with its own private sector often dictating how they conduct business and very much muddling the lines between free enterprise and government controlled. This all equals, don't trust "security" provided by the Russians.
Now one can go on with "Americans spy on everything" and yeah, I don't like that. But as a US citizen I like Russians spying on me even less that Americans.
I ignore Anonymous Coward posts. If you want to discuss something, that's awesome. Log in.
Do you want the Kremlin to have your data or just the NSA? The idea that the NSA regularly collects data from US citizens is well documented. The idea is tenuous that Kaspersky is colluding with the Russian government to export data from USA targets to Russian intelligence. Endpoint security relies on central services understanding what is going on in the world. This can be referred to as operation intelligence. Kaspersky sense data back into "unsecured channels" and may include data that DHS considers sensitive. I would personally want the best antivirus or malware software that identifies the most vulnerabilities and I don't give a damn which nation illegally collects my data. If they want to exert power over who collects it then they should be open about how they collect it.
I'm not sure dumping a particular vendor because of their country they operate out of is all that useful when there's already been at least one major breach trough the antivirus software by tricking it into downloading malicious updates from the attacker's own servers. The perpetrator of this particular hack was North Korea, but we know that there's at least half a dozen other countries, on both sides of the old iron curtain (which seems to be going up again), so you're never going to be fully safe from breaches using your choice of antivirus software.
Sure, you can use a vendor like F-Secure that operates from a country where the laws don't even allow for this kind of thing, either by request by the government of the country or by the request of a foreign government, but all that really does is increase the skill and effort barrier to pull off a breach using anti-virus software.
"Why should I want to make anything up? Life's bad enough as it is without wanting to invent any more of it."
The thing we know is that the NSA and Israel do not have access to the code. We know that Russia tried to get into Kasperski and that means they do not work with them.
We know that the NSA warns against them.
To me all this tells me they are the safest bet for security of any of the anti-virus companies.
My guess is that the NSA has back doors in the rest and if they have them, the rest has as well. So even IF the Russians have hacked them, they are still more secure than any other AV program who must be assumed to have been hacked by everybody;
Don't fight for your country, if your country does not fight for you.
NSA is the real violator of your privacy
It's fun how the lack of trust in this product leads to the question above. Which is totally fair and valid. The question is... why other closed-source software they are used to (Adobe Photoshop, Google Docs, Windows, MacOS, etc, etc) do not rise the same concerns? Are the CIA and the NSA more trustworthy, somehow.... why?
Russia has been found to be using Kaspersky to spy on Americans, as part of their ongoing cyberwarfare campaign against the United States.
Really? Could you link the article?
Damn, be out of town a few days and all hell breaks loose!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
If some reputable source would say it, I would certainly start rethinking my privacy strategy. But considering who's "recommending" this, I have to second guess whether the reason is that it keeps them from spying on me...
If I had told you 40 years ago that you can't trust one of your TLAs when they warn about Russians...
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
By this logic you should also uninstall Windows, since it's actually much more intrusive: https://yro.slashdot.org/story/17/10/13/2042248/dutch-privacy-regulator-says-windows-10-breaks-the-law
And abandon anything that uploads to or runs in the cloud.
How about buying Bitdefender instead? Was just about to decide on Kaspersky but...
Anybody like it?
This is the question that needs to be asked.
Here's a list of the features that every AV has:
Either your OS has means of protecting your data from apps, or apps from each other, or you cannot use this OS to run any new/unknown software.
Windows can be made more or less 100% secure if you use SandBoxie.
Research your options and choose what you feel is best for what you personally need. I would not consult Slashdot for advice.
We'll make great pets
Krapersky shovels tons of data from your system to servers in Canada and Russia without any explanation as to why this is necessary. That traffic is easy to spot and can be blocked, but it is a clear signal that you are better off with no AV than with Krapersky. And without Krapersky system no longer need half an hour to boot up and your browsers start working right again.
remove MS_Windows & install Debian GNU/Linux https://www.debian.org/
Politics is Treachery, Religion is Brainwashing
Should just be careful what they download and what links they click on.
I tend to rant.
They will be tempted to sell their services to the Russian mob.
But only because it would be much safer and cleaner to reinstall completely without 3rd party antivirus / malware crap.
Good luck removing anything cleanly on Windows.
I've had Kaspersky Internet Security for a couple of years now. It's my understanding that Russian law is similar to Chinese law about software--to sell in those countries, you must provide the government with your source code. I have no doubt the Russian spy agencies found an exploitable vulnerability in that source code and have been using it. I'm no more worried about that than the NSA's covert knowledge of vulnerabilities in Windows. And I place little credence in anything that Israeli intelligence says. KIS works very well on my system and doesn't slow it down. I accept the privacy risk, because information privacy is pretty much non-existent in these times, except perhaps for Tor. I don't keep work materials on my home system for exactly that reason. I'm going to support Kaspersky by keeping it on my system at least until my license expires. I'd hate to see a quality company have to shut down for lack of sales from an incident that wasn't their fault.
I'm more concerned about low level actors when it comes to AV software If your on a countries hit list you're probably already compromised and un-installing will not save you!
The best approach is to use systems responsibly and not to randomly click The only time I've really seen viruses is because of spear phising or malvertiesment and that's because they clicked on the bait
Considering the NSA and every other alphabet "intelligence" agency has consistently lied to americans our entire lifetimes as well as all the murders, stealing, drug running etc. their "former agents" are probably the least trustworthy source to follow advice from.
Are these the same agents that are the "anonymous" sources being given about the fake russian collusion that has yet to be proven over the past year? I guess not since there are names attached to this story.
Help find the next
Stuxnet
Flame
Equation Group
Duqu
https://en.wikipedia.org/wiki/...
A more secure and safe internet is great news for all users.
Domestic spying is now "Benign Information Gathering"
And here are my reasons:
1) I'm not trying to defend myself against state actors.
2) What am i going to replace it with and why wouldn't all the other AV software also be compromised by state actors ?
3) IMO, the best place to carry out cyberespionage is not from any AV software, but rather the OS or even stuff at a lower level. vPro, Management Engine, etc.
4) I'm not in/from the US. I'm also not even in/from a country Russia is adversarial towards (as far as i know...).
And this is not one of the reasons, but:
All the Russia hysteria has gotten out of hand a long time ago. Countries interfere in each other's business all the time and that's how it's (always ?) been. Why is it all of a sudden it became such a major thing ? In the wake of Snowden, did the US get uncomfortable when it all of a sudden became the world's bogeyman ?
Be very suspicious of anyone anywhere that gets emotional and attempts to convince you to keep a specific piece of software installed.
If you are running a Microsoft operating system, ask yourself why you would trust someone else more than Microsoft. I cannot think of a reason to throw my trust at some other company, especially one where the ownership is not clear, or where the ownership has transferred to some new ownership group.
Especially challenge someone who presents some sort of "show me the proof .... argument". Or anyone that gets upset and emotional when they hear about someone installing software. Ask yourself, why would they possibly care so much why I install a specific anti-virus?
The answer could well be that the people coming up with any of the arguments to get you to keep some specific product installed are the same ones benefitting from it being on your computer.
Beware the motivations here.
... and don't use an antivirus software?
Since the OS it's running on top of is already deeply rooted by the NSA, what difference does it make if another spy agency has a zero day for one particular program I'm running on there? Hell, I'm sure both the KGB and NSA have zero-days for half the software I run on my PC. It takes a good half-hour of regedits, scripts and service disabling just to turn off telemetry in Windows 10, and that's just the stuff you're meant to know about.
If I was working on documents that I really needed to keep secret from a state-sponsored attacker, I'd need to air-gap that shit. Whether I was running Windows, Linux, or XBMC.
As it is, while Kaspersky won't keep state-sponsored attackers out (and neither will any other AV, or Windows Defender), it does a darn good job of keeping non-state-sponsored attackers out. And if a malicious attacker gets access to the same kind of tools a state-sponsored attacker does, it makes no difference whether I'm using Kaspersky or something else.
Unless someone can show me that Kaspersky puts me MORE at risk from non-state-sponsored attackers than a competing AV (or no AV at all), then swapping one out for another makes no difference. And no, "a hacker could get a-hold of KGB's zero days" is not an argument against Kaspersky, since a hacker could also get a-hold of NSAs zero days which don't target Kaspersky.. you know, like the whole dump of NSA zero-days that was dumped.
"The true measure of a person is how they act when they know they won't get caught." - DSRilk
Kaspersky is a great product! Do not listen to the communist propaganda! Russia is the worlds friend! President Trump, please make a statement on this and MAGA!
Tough call.
then using the best antivirus out there should be kind of the point, so no you should not uninstall, you should install it if you are going to use an antivirus. If they had a permanent (non 20 day trial bullshit) free antivirus that actually worked like other free alternatives and i had a decent computer to the point i could run an antivirus, i would install kaspersky above other options, even if it showed pictures of half naked putin hunting while it scans the files
i would uninstall it if i were russian tho, but living in the west and not being a congressman or something like that? *igga please...
First of all, it has been demonstrated time and time again that so-called "anti-virus" software is completely ineffective at avoiding virus and malware infections.
Second, it has also been demonstrated time and time again that safe browsing and safe email habits ARE effective.
Finally, anti-virus programs are nothing more than backdoors into your PC. They run with root privileges and phone home constantly, and you never really know who they're giving access to your PC.
The only winning move is not to play.
In the last 10 years or so I have used a Windows PC with anti-virus software to visit an incredible number of web sites of extremely shoddy origin and appearance and I used various p2p software to download all sorts of content on almost weekly basis. As a result, the AV software caught positives may be two or three times in that whole time, and every time this was "there is a dangerous ClickMe.EXE in your torrent folder! do not touch!" (well, what sort of idiot would click that anyways?). Why haven't I run into more alleged viruses? I guess it's because most of the time I used Firefox with NoScript extension. NoScript is sort of a pain to use, because you first need to teach it to allow scripts from all web sites that legitimately need to run scripts, like a forum, eCommerce, or say your bank.
Uninstall Windows.
If Kaspersky wants to continue selling its software in the west, I think the only way they can convince everyone that they're NOT providing a backdoor in their software to FSB is by going open source. That is, they should make their AV engine open source, and but the virus definition data could be provided as a paid subscription.
Antivirus programs cause all kinds of trouble. I suggest, for people who are able and willing to stay alert and investigate warning signs, not using any antivirus program at all. Use a tripwire system instead.
If, however, you're the sort who ignores warnings and red flags, then use an antivirus program. Should you use a different one over Kaspersky? I don't think it matters that much.
This is a kind of pick your poison situation. Do you go with Kaspersky where the Russian government could be snooping, or do you go with something like Norton, where the US government could be snooping? Do any kind of business in China and you would be a fool not to assume that the Chinese government isn't going to attempt to snoop on you.
If people were actually serious about their privacy, along with uninstalling Kaspersky they'd also stop using anything made/run by Google and Microsoft, stop using all social networks, and would have the most basic of flip phones you could find. If anyone thinks that is going to happen en masse, I've got a few bridges for sale... I'll even throw in some magic troll repellent.
and never been seriously infected. I also run as administrator, I maybe in it, but I'm calling user issue
Nuke 'em!
Kaspersky isn't the problem here. Israel hacked Kaspersky.
"Among the targets Kaspersky uncovered were hotels and conference venues used for closed-door meetings by members of the United Nations Security Council to negotiate the terms of the Iran nuclear deal — negotiations from which Israel was excluded. Several targets were in the United States, which suggested that the operation was Israel’s alone, not a joint American-Israeli operation like Stuxnet."
How can you trust Israel's assessment of Kaspersky when Israel is doing the shady shit. The particular Kaspersky anti-virus installed on that government contractor's home computer was hacked by the russian government and used to scan for documents. There's no evidence Kaspersky helped and there's zero need for their help. The russian hackers would lose kaspersky's market penetration if it came out that they helped. Any anti virus could have been hacked and used. The government contractor used kaspersky because it's the best and he knows it. That's the only story here.
https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-israel-russia-hacking.html?_r=0
DUH! What do YOU think?!
Uninstall Kapersky as soon as you can, think about how much access on the back end an "attacker" would need to have to be able to view a "random" user's file system for information like this. This is beyond complicit, think about what happened from a computer science perspective on how much access a user would need in that organization to view files in that manner.
Leonid Bershidsky suggests "bullshit". If you have a choice between a known compromised AV and one that is not known to be compromised the choice should always be to the unknown.
After all, microsoft already has full control of the OS layer, no intermediaries required.
If Microsoft wants to spy on you, they will spy on you, no matter what antivirus you use. So, if you stick to Windows defender, there is one less vector for others to spy on you (because, once you start using windows as your OS, you cede control to Microsoft to potentialy spy on you).
Windows Defender (or Microsoft security essentials, if that's how you roll) are free (as in beer), have decent detection capabilities, does not suck resources like crazy, is updated by the same means of your OS, and is acepted by certifiying agencies in regulated industries (like PCI for credit cards).
Of course, in an ideal world we would all use linux and ClamAV, but this is not an ideal world, some people like their linux, I use a mac, some people like linux but are forced, for one reason or another, to use windows...
So, if you want or need windows, stick with Windows Defender...
*** Suerte a todos y Feliz dia!
Remind me again, who was caught intercepting Cisco routers in the mail and adding backdoors to them? I'm all for chastising the Russians for their espionage but lets make sure that everyone who does it gets the same treatment.
The threat I have rational reasons to worry about is domestic and foreign cybercrime. I don't know why NSA would want my data either, but they probably don't need a very strong reason. Kaspersky would be same for defense from the crooks and a little better for defense from NSA, so it's a keeper. Also it would be naive to expect to be able to defend oneself from a major spy agency without training that can probably only be given by another spy agency.
.... are claiming is evidence to substantiate the notion that it the software is dangerous.
File under 'M' for 'Manic ranting'
Microsoft failing to secure its operating systems is a painful story that has taken over 25 years to unwind, exacerbated by that internet thing.
Your biggest threat is a social attack on your credentials, which your AV does nothing for. Your next biggest threat is a zero day, which is not something your AV will stop. The next threat on the list is user error, mostly running things you shouldn't on your computer. The purpose of AV is orthogonal to this problem, and the signature-based stuff mostly won't help.
Since AV doesn't stop the most significant threats, it hardly has a purpose. Back in the DOS days, I could make a good argument for it, but today? Nah. You might as well assume compromise, use a password manager and change them frequently.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
What is this American bias against believing that our own government is in the propaganda business the same way every other country is engaged in the propaganda business? Our government lies freely to serve its own aims and always has - and believe me on this, I work for it!
Probably the same way nearly all Americans think the US is based on classically liberal principles like those old Saturday morning civics cartoons rather than being a corporatist fascist state, as it has been at least since the 1930s. Cognitive dissonance is a powerful thing.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Unfortunately, I have Kasperski on one of my work computers, and not by choice. What I've learned, and I guess it's the same with any AV, is:
1. It installs a root certificate in your browser. They claim this is locally generated and they have no access to its private key, but...
2. It positions itself as MITM and listens in on all your encrypted browser connection. It makes sense to block certain attacks, but...
3. It injects code to your browser on all the pages you visit. It makes sense to block certain attacks, but...
4. It scans all the files on your computer. It makes sense to identify malware, but...
5. It scans all your mail. It makes sense to block any phishing or malware, but...
6. It seems from the articles, that it has the option to retrieve suspect files from clients' computers. It makes sense so they can research suspect malware, but...
So if you trust your AV to do all those things and still keep its fingers off your data, you're a better person than me. The way I see it, under most conditions it actually weakens the security of your system, delegating the security to a single point for failure, that may intentionally, or unintentionally become an attack vector. If you're clueless and don't know better than entering passwords in links from EMails, pay for a cheap vacation home in Europe (recommended by all your acquaintances from Nigeria) using money transfer to a weird bank account, or download that software that you just must have, the one that just says Oy Vey (or es tut mir Weh) - then by all means, install an AV, and especially Kasperski, which has already been caught with its fingers in the cookiejar. And sorry guys, even with Tramp in the helm (god help us all, and I'm an atheist!), I'd rather have AV software by western companies, than Kasperski with Putin looking over my shoulder (yeah, I know he's the protector of the Russian Empire and Snowden, but other candidates just seem to drop like flies or files).
Seriously, clueless users should install AV because it will protect them from their own ignorance (and I'm not being cynical). Informed computer users are probably better off without it, as the number of remote attacks that do not require social engineering is minor, and these are usually patched pretty quickly (but then HB Gary proved that even what you expect to be informed users can be pretty clueless https://en.wikipedia.org/wiki/Timeline_of_events_associated_with_Anonymous#Attack_on_HBGary_Federal).
"Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."
Pretty Good logic. Pay the Russian mob ahead of time.
About a year ago I bought a new laptop from BestBuy which included a 'Free' Antivirus Software CD which of course I ignored. Was contacted for the next several months asking why "I had not yet installed the free license of xxx antivirus software."
NBC is a operation mockingbird asset owned and controlled by the CIA. Please reference operation mockingbird.
The Real Story: Kapersky antivirus is able to flag NSA spyware/malware and does not forcibly contain the whitelist of NSA software like American antivirus software.
Kaspersky is still an excellent anti-virus software, and since I am nobody in the eyes of the nation-states, I will continue to use it. If it goes away, I will not switch to another anti-virus software: I will switch to DeepFreeze and revert to an original state of my computer whenever it is infected.
--- Andy West http://andywest.org
China and Russia are running interpol now thanks to Trump's incompetence/treason. Shocker that Interpol now thinks using compromised AV is cool.
Political and Russian troll farm bait.
Re. Kaspersky: it's a generally good AV as far as that goes. It's apparently been hacked at least by the Israelis and Russians (or at least its home servers have) so Kaspersky's users can be spied upon. That's bad. Whether or not Kaspersky itself is supported that access is an open question, but irrelevant. The access exists. That's enough reason for government and other organizations (and individuals) who are concerned with the security and privacy of their computers to switch to alternatives. The alternatives may not work as well, or may themselves be hacked; not working as well can be tested, while similar hacking is at present unknown.
As to whether or not one should use an AV at all, yes, it's a question of trust. AV must run at a low level in the OS to do its job. It's essentially part of the OS. So if the AV company is hacked as apparently Kaspersky is, its software can be used for all sorts of nefarious purposes. IMO that's not enough reason, as an ordinary individual using Windows, to "go bare" though for some people it might be - if they do, they need to use appropriate other security procedures. Or just live with Defender - not great, but functional, if you trust Microsoft...
I do use AV software. It has occasionally (not often) been triggered. I don't use Kaspersky. Not because I don't like Russians, but because I've used something else for years, it works and has tested adequately in most published comparisons, and I so need at this time to change. The need could arise - as with all important software, it's worth keeping up on what's happening - but so far it hasn't. IMO it also remains important, regardless of what AV software is in use, to occasionally scan with something else, because no single package seems to catch everything.
No pun intended.
ClamAV is wonderful, but won't be able to keep up with everything you need. For free. It's worth it for everyone who isn't a security ninja themselves to find a reasonable middleground between OCD paranoia on their own, and taking prudent measures to protect themselves. That means commercial security software from a reputable company.
I can't speak for what Russian end-users should use, because I don't know whether *FOR THEM* the greater threat is internal or external to their country. In the days of the USSR, it would be obvious -- the Party is more of a threat to you than external actors. Now? Not for me to say.
For an American citizen, and as a sysadmin, I'm far more worried about economic espionage and data lifting from untargeting third parties (bitcoin extortion that happens to hit me) and spear phishing attacks against companies I work for, potentially from foreign intrigue, than I am about the domestic NSA spying on me via Symantec or another domestic product.
Americans have options, and for someone in a similar position I'd encourage them to weigh the positives and negatives similarly.
Hire a Linux system administrator, systems engineer,
Seems very few people are truly concerned about the Russian hacking out the U.S.'s political process but Russia hacked Kaspersky and the sky is falling. W.T.F. People?
Betteridge's law of headlines says no.
I have been using Kaspersky software for years and I'm very happy with it. The fact that the NSA dislikes it makes me like it even more. You know, enemy of my enemy...
Am I following the story here? The totally trustworthy Israelis say that NSA tools were used to hack Kaspersky and that totally proves it was the filthy Reds...
Heheh. Nice meetin' ya... (tugging the kids back and whispering) Just keep moving, don't make eye contact...
Wait, wasn't Kaspersky the outfit that wouldn't play along with the "Russia hacked the Democractic Party email" story?
I'm posting this late and no one will probably see it, but I'm wondering how many of you are doing egress filtering on your networks?
I have noticed that a lot of places use a default policy of passing all traffic out, but that's not very wise. I assume it's done for the sake of convenience to avoid support calls from people who can't write firewall rules. I would highly recommend not allowing any traffic out unless it's absolutely necessary and has been filtered. A lot of places pass HTTP/HTTPS traffic directly to the Internet so you can get software updates, but you should probably be using proxies that only allow whitelisted sites to be contacted. Better yet is to deploy new servers instead of patching live ones and give them no outside access.
If someone does manage to get shell access on your host, then your egress filtering should prevent them from opening a remote shell using something like nc. Yeah, they can still trash the internal network, but it's going to be a major PITA without an interactive shell.
Basically what the NSA is saying, they have hacks for other AV software but not Kaspersky, so it is better that we spy on you than the Russians, trust us we are here to protect the interests on Americans (not the interests of the NSA). Pick you poison basically.
The only sources we have so far about Kaspersky spying are US government officials. Even the Israeli part of the story is reported by them.
An interesting point is that other countries did not rush to ban Kaspersky. It is difficult to believe Kaspersky turned its antivirus into a spyware that only the US government is able to spot.
Uninstall Windows altogether, and install a decent OS (FreeBSD, Linux). No Antivirus needed..
Nyet!
-Eric