Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kaspersky Lab To Open Software To Review, Says Nothing To Hide (reuters.com)

Posted by msmash on from the tussle-continues dept.

Moscow-based Kaspersky Lab will ask independent parties to review the security of its anti-virus software, which the U.S. government has said could jeopardize national security, citing concerns over Kremlin influence and hijacking by Russian spies. From a report: Kaspersky, which research firm Gartner ranks as one of the world's top cyber security vendors for consumers, said in a statement that it would submit the source code of its software and future product updates for review by a broad cross-section of computer security experts and government officials. It also vowed to have outside parties review other aspects of its business, including software development. Reviews of its software, which is used on some 400 million computers worldwide, will begin by the first quarter of next year, it said. "We've nothing to hide," Chairman and CEO Eugene Kaspersky said on Monday. "With these actions we'll be able to overcome mistrust and support our commitment to protecting people in any country on our planet." Kaspersky did not name the outside reviewers, but said they would have strong software security credentials and be able to conduct technical audits, source code reviews and vulnerability assessments.

3 of 152 comments (clear)

  1. Oblig by Anonymous Coward · · Score: 5, Insightful

    Kaspersky is guilty of "writing code while being Russian".

  2. Re:Here you go: our full source code! by Riceballsan · · Score: 4, Insightful

    Honestly I can't say that isn't really the factor, name the country that doesn't have a known history of the government in bed with serious malware threats. Moving to the birthplace of most of the major state sponsored malware threats isn't exactly a huge step up. Stuxnet, flame etc... Not to mention the at least somewhat shady appearences of truecrypts end etc... I'm not saying the russia concerns aren't certainly plausible, the kremlin certainly is not above strong arming anyone into doing anything. But it isn't like we can't just act like all other countries are perfect little angels that would never stoop so low as to pressure a company to compromise security in their own interests.

  3. Re: Here you go: our full source code! by Opportunist · · Score: 4, Insightful

    You are aware that a server can only collect data that the client sends, yes?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.