Slashdot Mirror
US Government Weighing Sanctions Against Kaspersky Lab (cyberscoop.com)
An anonymous reader quotes a report from CyberScoop: The U.S. government is considering sanctions against Russian cybersecurity company Kaspersky Lab as part of a wider round of action carried out against the Russian government, according to U.S. intelligence officials familiar with the matter. The sanctions would be a considerable expansion and escalation of the U.S. government's actions against the company. Kaspersky, which has two ongoing lawsuits against the U.S. government, has been called "an unacceptable threat to national security" by numerous U.S. officials and lawmakers.
Officials told CyberScoop any additional action against Kaspersky would occur at the lawsuits' conclusion, which Kaspersky filed in response to a stipulation in the 2018 National Defense Authorization Act that bans its products from federal government networks. If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even in U.S. allied countries.
Officials told CyberScoop any additional action against Kaspersky would occur at the lawsuits' conclusion, which Kaspersky filed in response to a stipulation in the 2018 National Defense Authorization Act that bans its products from federal government networks. If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even in U.S. allied countries.
I'll continue to use Kaspersky's antivirus because it's the best around and because if the the US government don't like them, then that must mean their shit is secure from the US government.
The answer is exceedingly self-evident: the US doesn't want research into its own malware.
Yes, it is also clear that Kaspersky is the only major threat protection software that has not agreed to whitelist US government malware.
Have the US government realise that this is just a form of Striesand effect recommending Kaspersky to anyone who doesnt that the US to know their affairs?
Always look at stuff from the professionally paranoid point of view (not an insult, gees they get cranky, just the nature of the job, you have to be professionally paranoid). The US governments wants to use entirely corrupt security letters to put back doors in security software sold to foreigners. Immediately they will suspect foreign governments of doing the same thing, the US does it, why wouldn't Russia or China do it. It has to be careful how it tackles this though, a blanket ban on foreign security software would generate a blanket ban on US security software and wipe out the security letters and back doors, mind you this includes stuff like M$ windows updates, which are now individually packaged, a specific user's computer get a specifically targeted update (only for high level hacks but will get caught if that computer is already being monitored by local intelligence agencies, change in traffic). It would be much cleaner to simply blanket ban all foreign security software and entirely reasonable to do so but the messy bit about US software being banned by foreign countries for exactly the same reason, forces this messy rubbish with Kaspersky. They will be banned one way or another, they will just have to accept that and the Russian government will ban US/EU security software for the same reason.
The only way out, open source the code and any updates and the updates must be served locally, only after the code for the update has been supplied and verified (so you can image open source security software becoming part of FOSS distributions to simplify the issue for everyone). Should the Russian government decide to be really mean, they can simply review copyright law and shorten copyright protection to 25 years from date of first publication and that will hurt the US by far the worst and many other NATO countries will also feel the brunt of that (UK/France). People would just source 60s, 70s and 80s content out of Russia (keep in mind, current movies demonstrate that music from those eras are much more popular than the autotune crap of the last couple decades and movie and TV series have similarly crapped out apart from the odd few exceptions). Of course China would join in, they are not really pleased with the US either and other partner countries would follow suit. So 2018 - 25 = 1993, so youch, makes the Kaspersky ban a joke in comparison and does not hurt Russia and China any where near as much as the US, a tiny fraction in comparison. US want's a trade war, it shouldn't be surprised 'when' it gets kicked in the copyright licence fee crown jewels, software as well. This US would lose far more in copyright licence fees than the entire rest of the world combined.
They can fend that off with a blanket ban on all foreign security software and simply not mention Russia or Kaspersky. Of course Russia and China could still simply extort 'er' bargain the 'Trump' way, to get greater cooperation from the US with the threat of the downward revision of copyright laws (originally 14 years, so very hard to diplomatically argue about 25 years but the money gone, wow, not just revenue but the valuation of assets, from billions to ZERO and that would also hurt the US dollar, a lot).
Chaos - everything, everywhere, everywhen