Slashdot Mirror
Ask Slashdot: Should Users Uninstall Kaspersky's Antivirus Software? (slashdot.org)
First, here's the opinion of two former NSA cybersecurity analysts (via Consumer Reports):
"It's a big deal," says Blake Darche, a former NSA cybersecurity analyst and the founder of the cybersecurity firm Area 1. "For any consumers or small businesses that are concerned about privacy or have sensitive information, I wouldn't recommend running Kaspersky." By its very nature antivirus software is an appealing tool for hackers who want to access remote computers, security experts say. Such software is designed to scan a computer comprehensively as it searches for malware, then send regular reports back to a company server. "One of the things people don't realize, by installing that tool you give [the software manufacturer] the right to pull any information that might be interesting," says Chris O'Rourke, another former NSA cybersecurity expert who is the CEO of cybersecurity firm Soteria.
But for that reason, Bloomberg View columnist Leonid Bershidsky suggests any anti-virus software will be targetted by nation-state actors, and argues that for most users, "non-state criminal threats are worse. That's why Interpol this week signed a new information-sharing agreement with Kaspersky despite all the revelations in the U.S. media: The international police cooperation organization deals mainly with non-state actors, including profit-seeking hackers, rather than with the warring intelligence services."
And long-time Slashdot reader freddieb is a loyal Kaspersky user who is wondering what to do, calling the software "very effective and non-intrusive." And in addition, "Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."
Share your own informed opinions in the comments. Should users uninstall Kaspersky's antivirus software?
But for that reason, Bloomberg View columnist Leonid Bershidsky suggests any anti-virus software will be targetted by nation-state actors, and argues that for most users, "non-state criminal threats are worse. That's why Interpol this week signed a new information-sharing agreement with Kaspersky despite all the revelations in the U.S. media: The international police cooperation organization deals mainly with non-state actors, including profit-seeking hackers, rather than with the warring intelligence services."
And long-time Slashdot reader freddieb is a loyal Kaspersky user who is wondering what to do, calling the software "very effective and non-intrusive." And in addition, "Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."
Share your own informed opinions in the comments. Should users uninstall Kaspersky's antivirus software?
Uninstall any such snakeoil crap.
Of course Kaspersky should be removed from your system.
Or if you want to keep it, then don't complain when your files get reviewed by an invasive dictatorship. Of course, in 90% of cases they might not give a two shits about you, but if they do, then Kaspersky is one of their possible tools.
Also, there is absolutely no doubt that Kaspersky and similar Russian-made products should be removed from government networks or any computers handling sensitive information.
Your bullshit denial of reality in the face of mounting evidence only convinces fools and traitors.
Of course russian intelligence services are using Kaspersky for their own purpose.
Of course if I were in Russia I would have my doubts about running US software for the same reason. As a rule of thumb, don't trust code produced by your main adversary.
this is indeed pure propaganda by nsa.
kaspersky software detected(as it should) nsa's new malware in a negligent incompetent private contractor's private computer, alerted hq, russian gov may have heard about it, kaspersky is punished for doing its job. btw american made software did not detect such malware.
if, after knowing the facts(as opposed to nsa propaganda), you find kaspersky is a threat, uninstall it.
If you want to visit a site that might contain malware, just start a VM or boot a CD-based OS that doesn't use your drives.
You do realize that includes literally every single website, right? Including this one.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
The whole mass hysteria about Russia comes from the vast list of things Russian agencies has done in recent years to divide competitors to their interests
FTFY. The email thing was overplayed vastly in the US media (while Trump's staff doing the exact same thing wasn't, curiously), but it doesn't change the fact that the Kremlin-backed candidate won in that election and it is likely that he hadn't without Russian involvement. Moreover, Russian meddling in US politics is part of a much wider programme, including the destabilisation of Georgia and Ukraine and the financial backing of populist movements in various European countries and contributions towards the desinformation campaign in favour of Brexit.
Israelis caught them being used to spy upon it's users which is why it is banned by the US government. In addition it replaces SSL certificates with their own doing MITM attacks and sniffing de-encrpyting your data.
I noticed Google Chrome even hides certificates now in the address bar after AV software was caught doing this! Coincidence?
Not only would I uninstall it. I would re-image too if you have to use Windows. You can't trust whatever backdoors or spyware Kaspersky could have changed in the Windows Registry or done to your system.
http://saveie6.com/
Propaganda ok, but I'd be surprised if the NSA had gotten involved in the propaganda business.
Now, there is some value in the claim that Kaspersky data is shared with spying agencies. Data is uploaded to their servers and these servers are a target. After all the Israelis have succeeded in getting in, in a reckless attempt to provide Kaspersky and others with the most advanced evolution of Stuxnet/Duqu. They claim the Russians also succeeded in getting access and it's not impossible. It's probably a lie, especially when upgraded to 'yeah and the Russians don't even have to try hard' , but it shows people want to get in there.
... you shouldn't use any operating system or computer work environment that needs to rely on anti-virus software to relyably function.
Glad I could help.
We suffer more in our imagination than in reality. - Seneca
Think about it for a minute.
Would truly malicious software actually allow itself to be uninstalled? If the Kaspersky people are competent at what they do, and if they are doing it for Putin, then you are in a world of hurt. The question of "Should you uninstall?" is relatively trivial compared to the big questions of "Are you able to uninstall the software?" and "How can you be sure you really got rid of it?"
The makers of the best anti-virus software (which might be Kaspersky for all I know) would know about every backdoor into your system and every way to hide bad code. If that company was evil or suborned for evil purposes, that same knowledge would make it impossible to remove their software unless they REALLY wanted to let you remove it.
All things considered, especially things like how good Putin is at manipulating people, at this point I'd have very little trust in any computer that ever ran any software that originated in Russia. Or even software that was exposed to Russians who have family members still living in Russia.
Technology remains morally neutral. Putin and his kleptocrats? Not so much.
Before commenting, I searched this discussion for prior statements of this obvious reality. Didn't find any, but maybe I just hadn't thought of the right keywords yet. So I'll try another search now...
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
There is a mountain of evidence that an adversarial nation to our own (Russia) attempted to sway our election in favor of the current winner. How you can just blow that off is beyond me. Russia is not our friend, not by a long shot.
I ignore Anonymous Coward posts. If you want to discuss something, that's awesome. Log in.
If some reputable source would say it, I would certainly start rethinking my privacy strategy. But considering who's "recommending" this, I have to second guess whether the reason is that it keeps them from spying on me...
If I had told you 40 years ago that you can't trust one of your TLAs when they warn about Russians...
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
This is all just propaganda.
Thank you for your insightful response and continued support comrade.
I browse on +1 so AC's need not respond, I won't see it.
I've had Kaspersky Internet Security for a couple of years now. It's my understanding that Russian law is similar to Chinese law about software--to sell in those countries, you must provide the government with your source code. I have no doubt the Russian spy agencies found an exploitable vulnerability in that source code and have been using it. I'm no more worried about that than the NSA's covert knowledge of vulnerabilities in Windows. And I place little credence in anything that Israeli intelligence says. KIS works very well on my system and doesn't slow it down. I accept the privacy risk, because information privacy is pretty much non-existent in these times, except perhaps for Tor. I don't keep work materials on my home system for exactly that reason. I'm going to support Kaspersky by keeping it on my system at least until my license expires. I'd hate to see a quality company have to shut down for lack of sales from an incident that wasn't their fault.
Since the OS it's running on top of is already deeply rooted by the NSA, what difference does it make if another spy agency has a zero day for one particular program I'm running on there? Hell, I'm sure both the KGB and NSA have zero-days for half the software I run on my PC. It takes a good half-hour of regedits, scripts and service disabling just to turn off telemetry in Windows 10, and that's just the stuff you're meant to know about.
If I was working on documents that I really needed to keep secret from a state-sponsored attacker, I'd need to air-gap that shit. Whether I was running Windows, Linux, or XBMC.
As it is, while Kaspersky won't keep state-sponsored attackers out (and neither will any other AV, or Windows Defender), it does a darn good job of keeping non-state-sponsored attackers out. And if a malicious attacker gets access to the same kind of tools a state-sponsored attacker does, it makes no difference whether I'm using Kaspersky or something else.
Unless someone can show me that Kaspersky puts me MORE at risk from non-state-sponsored attackers than a competing AV (or no AV at all), then swapping one out for another makes no difference. And no, "a hacker could get a-hold of KGB's zero days" is not an argument against Kaspersky, since a hacker could also get a-hold of NSAs zero days which don't target Kaspersky.. you know, like the whole dump of NSA zero-days that was dumped.
"The true measure of a person is how they act when they know they won't get caught." - DSRilk
and it is likely that he hadn't without Russian involvement.
That's the hand waving part.
I get why you want to believe that. It's a lot easier than facing up to your policies being deeply unpopular for half the country. And your candidate being just as awful.
Her email thing was vastly under blown. The Secretary of State, discussing classified matters on email through a private email server in her bathroom? Little people are in prison for less.
The point is, we didn't need Russian "meddling" (what, do they employ the Scooby gang? "And I would have got away with it too, if it weren't for you meddling Russian kids!")
In the last 10 years or so I have used a Windows PC with anti-virus software to visit an incredible number of web sites of extremely shoddy origin and appearance and I used various p2p software to download all sorts of content on almost weekly basis. As a result, the AV software caught positives may be two or three times in that whole time, and every time this was "there is a dangerous ClickMe.EXE in your torrent folder! do not touch!" (well, what sort of idiot would click that anyways?). Why haven't I run into more alleged viruses? I guess it's because most of the time I used Firefox with NoScript extension. NoScript is sort of a pain to use, because you first need to teach it to allow scripts from all web sites that legitimately need to run scripts, like a forum, eCommerce, or say your bank.
I get why you want to believe that. It's a lot easier than facing up to your policies being deeply unpopular for half the country. And your candidate being just as awful.
The election was won by tens of thousands of votes in a couple states. Such as the 11,000 vote margin in Michigan and the 68,000 vote margin in Pennsylvania.
With a margin that small, every single thing that nudged some voters was required to win the election. That includes email, the utterly incompetent Clinton campaign, and Russia. Take any one away and those margins flip.
> How you can just blow that off
My echo chamber consists of more than just screeching Hollywood liberals.
I also have a genuine understanding of history rather than the pathetic "Cliff Notes" version peddled by the media.
The American electorate has been split three ways since long before the Soviets were a convenient bogeyman.
A Pirate and a Puritan look the same on a balance sheet.
Sorry to break it to you but a big chunk of the rust belt didn't NEED any sort of "nudge" to hate Hillary
Try actually reading this phrase this time:
the utterly incompetent Clinton campaign
If you'd take a moment to stroll out of your echo chamber, you'd realize that the vast majority did not like either candidate.
Again, the margin in MI was 11,000 votes. That's easily flipped if Clinton had run a competent campaign. Or had Clinton not been so stupid about emails. Or if Russia wasn't running a large social media campaign. Or if the Obama administration had a better response to Flint. Or if the Obama administration had put bankers in jail in 2009. Or if the economy was 1% better. Or if the Obama, W, Clinton or Bush administrations had any idea what to do with the Rust Belt in their free trade idolatry.
Margins that small mean if you take away one small effect, the margin goes away. That is true no matter which candidate you supported.
What is this American bias against believing that our own government is in the propaganda business the same way every other country is engaged in the propaganda business? Our government lies freely to serve its own aims and always has - and believe me on this, I work for it!
Probably the same way nearly all Americans think the US is based on classically liberal principles like those old Saturday morning civics cartoons rather than being a corporatist fascist state, as it has been at least since the 1930s. Cognitive dissonance is a powerful thing.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.