Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Should Users Uninstall Kaspersky's Antivirus Software? (slashdot.org)

Posted by EditorDavid on from the anti-antivirus dept.

First, here's the opinion of two former NSA cybersecurity analysts (via Consumer Reports): "It's a big deal," says Blake Darche, a former NSA cybersecurity analyst and the founder of the cybersecurity firm Area 1. "For any consumers or small businesses that are concerned about privacy or have sensitive information, I wouldn't recommend running Kaspersky." By its very nature antivirus software is an appealing tool for hackers who want to access remote computers, security experts say. Such software is designed to scan a computer comprehensively as it searches for malware, then send regular reports back to a company server. "One of the things people don't realize, by installing that tool you give [the software manufacturer] the right to pull any information that might be interesting," says Chris O'Rourke, another former NSA cybersecurity expert who is the CEO of cybersecurity firm Soteria.
But for that reason, Bloomberg View columnist Leonid Bershidsky suggests any anti-virus software will be targetted by nation-state actors, and argues that for most users, "non-state criminal threats are worse. That's why Interpol this week signed a new information-sharing agreement with Kaspersky despite all the revelations in the U.S. media: The international police cooperation organization deals mainly with non-state actors, including profit-seeking hackers, rather than with the warring intelligence services."

And long-time Slashdot reader freddieb is a loyal Kaspersky user who is wondering what to do, calling the software "very effective and non-intrusive." And in addition, "Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."

Share your own informed opinions in the comments. Should users uninstall Kaspersky's antivirus software?

17 of 313 comments (clear)

  1. Of course it should be removed by vityok · · Score: 3, Insightful

    Of course Kaspersky should be removed from your system.

    Or if you want to keep it, then don't complain when your files get reviewed by an invasive dictatorship. Of course, in 90% of cases they might not give a two shits about you, but if they do, then Kaspersky is one of their possible tools.

    Also, there is absolutely no doubt that Kaspersky and similar Russian-made products should be removed from government networks or any computers handling sensitive information.

    1. Re:Of course it should be removed by butzwonker · · Score: 5, Insightful

      People forget that Kaspersky's engine is used by many other security products, too.

      The reasonable stance is that if you have important trade secrets on your machines, you should choose your antivirus carefully - it's best to use one from your own country, including the engine. The same for journalists, dissidents, etc. Don't security products from the country you're criticizing.

      Any other people aka "ordinary citizens" should just choose the antivirus that performs best and suits them best. Kaspersky is top notch. If you're worried about viruses and maybe a bit about NSA mass surveillance, Kaspersky is one of the best choices. If you're primarily worried about Romanian mass surveillance, on the other hand, then you should avoid Bitdefender. And so on.

      It's kind of a no-brainer. On a side note, any machine, no matter how well-patched and which operating system it is running, will be broken and accessed in a targeted attack by any state actor. There are no secure PCs.

    2. Re:Of course it should be removed by AmiMoJo · · Score: 3, Insightful

      You shouldn't need anti-virus software at all.

      Limiting what applications can do and blocking malicious behaviour is the job of the operating system. If you need a second application with kernel level privileges just to replicate the functionality of the actual kernel, you have a deeper problem.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    3. Re:Of course it should be removed by gweihir · · Score: 4, Insightful

      Here is the citation of proof of Kremlin involvement

      Your "proof" says "reportedly" right there in the headline. This is called "hearsay", not "proof". Or in other words, the proof value of that statement is zero.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  2. No, your denial of reality is propaganda. by Anonymous Coward · · Score: 4, Insightful

    Your bullshit denial of reality in the face of mounting evidence only convinces fools and traitors.

    1. Re: No, your denial of reality is propaganda. by Anonymous Coward · · Score: 1, Insightful

      Mounting evidence of what ? Claims by shady spooks without any hard evidence ?

    2. Re:No, your denial of reality is propaganda. by gweihir · · Score: 4, Insightful

      What evidence? I have yet to see any. At this time, this are all unproven accusations, with zero actual evidence and some really hard-to-believe claims. For example, that an NSA member would take NSA attack software and put it on his private computer that is connected to the Internet and runs AV is not credible at all. Seriously, doing so is a federal crime and the people with access to this stuff _now_ that. They also know how AV works and that their private computers may be compromised if connected to the Internet.

      Don't get me wrong, if there were solid evidence, then that would be pretty interesting, but there is not. All there is is propaganda claims that turn out to be based on hot air once you dig a little deeper and some of them do not even make sense at all.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  3. Why? What job do you think SVR/FSB do? by vityok · · Score: 3, Insightful

    Of course russian intelligence services are using Kaspersky for their own purpose.

  4. Yes by DrXym · · Score: 5, Insightful
    And any other AV software. While it's doubtful Kaspersky or any other firm would bother spying on "low value" targets and the software behaves as intended it's still intrusive, destabilizing and slows down the system. And if Russia wanted to be malicious, e.g. shutdown computers in the runup to something, I'm sure the software's AV update mechanism would give them the means to do so.

    Of course if I were in Russia I would have my doubts about running US software for the same reason. As a rule of thumb, don't trust code produced by your main adversary.

  5. Re:No by Anonymous Coward · · Score: 2, Insightful

    The whole mass hysteria about Russia comes from the vast list of things Russian agencies has done in recent years to divide competitors to their interests

    FTFY. The email thing was overplayed vastly in the US media (while Trump's staff doing the exact same thing wasn't, curiously), but it doesn't change the fact that the Kremlin-backed candidate won in that election and it is likely that he hadn't without Russian involvement. Moreover, Russian meddling in US politics is part of a much wider programme, including the destabilisation of Georgia and Ukraine and the financial backing of populist movements in various European countries and contributions towards the desinformation campaign in favour of Brexit.

  6. Yes. And ... by Qbertino · · Score: 4, Insightful

    ... you shouldn't use any operating system or computer work environment that needs to rely on anti-virus software to relyably function.

    Glad I could help.

    --
    We suffer more in our imagination than in reality. - Seneca
  7. If you can, then you don't need to, but... by shanen · · Score: 4, Insightful

    Think about it for a minute.

    Would truly malicious software actually allow itself to be uninstalled? If the Kaspersky people are competent at what they do, and if they are doing it for Putin, then you are in a world of hurt. The question of "Should you uninstall?" is relatively trivial compared to the big questions of "Are you able to uninstall the software?" and "How can you be sure you really got rid of it?"

    The makers of the best anti-virus software (which might be Kaspersky for all I know) would know about every backdoor into your system and every way to hide bad code. If that company was evil or suborned for evil purposes, that same knowledge would make it impossible to remove their software unless they REALLY wanted to let you remove it.

    All things considered, especially things like how good Putin is at manipulating people, at this point I'd have very little trust in any computer that ever ran any software that originated in Russia. Or even software that was exposed to Russians who have family members still living in Russia.

    Technology remains morally neutral. Putin and his kleptocrats? Not so much.

    Before commenting, I searched this discussion for prior statements of this obvious reality. Didn't find any, but maybe I just hadn't thought of the right keywords yet. So I'll try another search now...

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
  8. Re:No by Anonymous Coward · · Score: 0, Insightful

    Hahaha, here we are nearly 10 months into Trump's presidency and you're still crying "... but her emails!". Can't you move on?

    Damage to national security due to a leak doesn't magically expire if there was a fucking election wrapped around that stupidity.

    We'll move on, once she's treated the same as any other idiot transmitting highly classified information.

  9. Re:ANY antivirus by Dutch+Gun · · Score: 2, Insightful

    They're less "snake oil" than "yesterday's solution."

    At this point, for Windows users, I'd simply recommend using the built-in AV and some common-sense precautions. No, it's never rated quite as highly as 3rd party AVs in the number of viruses they catch, but it's completely unobtrusive, lightweight, and has very few compatibility issues. And for any MAJOR attacks, it's typically updated fairly promptly.

    These days, the security vulnerabilities they may introduce by hooking deep inside your system are no longer worth any minor benefits they may provide.

    In short, I'd recommend uninstalling Kaspersky or any other AV, not because of "Russian Hackers", but for more pragmatic reasons.

    --
    Irony: Agile development has too much intertia to be abandoned now.
  10. Re:No by cascadingstylesheet · · Score: 2, Insightful

    and it is likely that he hadn't without Russian involvement.

    That's the hand waving part.

    I get why you want to believe that. It's a lot easier than facing up to your policies being deeply unpopular for half the country. And your candidate being just as awful.

    Her email thing was vastly under blown. The Secretary of State, discussing classified matters on email through a private email server in her bathroom? Little people are in prison for less.

    The point is, we didn't need Russian "meddling" (what, do they employ the Scooby gang? "And I would have got away with it too, if it weren't for you meddling Russian kids!")

  11. Re:ANY antivirus by DarkOx · · Score: 5, Insightful

    The only real answer is fully MAC (Mandatory Access Control) model that is very fined grained. The result of that unfortunately is a computer system nobody really wants to use.

    The more immediate reality with A/V software is that its probably something that requires the highest level of trust. This is software that literally hooks into the I/O layers on your system and is allowed to bypass essentially every other kind of access control check. At the same time its hard to put a lot of instrumentation around it because so much of what it does isn't thru the usual OS channels. So you can't know if its misbehaving or doing things it ought not to easily. External network hardware should be able to tell you if its phoning home but that might even be complicated. We are talking about software that after all could stash whatever it wants to send some unused place on the disk and wait three weeks until your not at home but connected to the wifi in some airport and phone home at that time.

    Frankly after this and a few past issues, I am not sure any third party A/V solution is advisable. In the Windows world Microsoft should probably just stop even allowing third party kernel modules they have not fully audited. Which would basically kill the A/V industry.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  12. Re:No by jeff4747 · · Score: 3, Insightful

    Sorry to break it to you but a big chunk of the rust belt didn't NEED any sort of "nudge" to hate Hillary

    Try actually reading this phrase this time:

    the utterly incompetent Clinton campaign

    If you'd take a moment to stroll out of your echo chamber, you'd realize that the vast majority did not like either candidate.

    Again, the margin in MI was 11,000 votes. That's easily flipped if Clinton had run a competent campaign. Or had Clinton not been so stupid about emails. Or if Russia wasn't running a large social media campaign. Or if the Obama administration had a better response to Flint. Or if the Obama administration had put bankers in jail in 2009. Or if the economy was 1% better. Or if the Obama, W, Clinton or Bush administrations had any idea what to do with the Rust Belt in their free trade idolatry.

    Margins that small mean if you take away one small effect, the margin goes away. That is true no matter which candidate you supported.