Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Government United States Security

Kaspersky Named First Russian Company on Security Risk List (bloomberg.com) 62

The U.S. placed internet-security provider AO Kaspersky Lab on a list of companies deemed a threat to national security, for the first time adding a Russian entity to a list dominated by Chinese telecommunications firms. Bloomberg reports: The Federal Communications Commission on Friday also added China Telecom (Americas) Corp, and China Mobile International USA Inc. to the list. Once a company is on the list, federal subsidies can't be used to purchase its equipment or services. The action is part of the FCC's efforts to "strengthen America's communications networks against national security threats," Jessica Rosenworcel, the agency's chairwoman, said in a news release.

Kaspersky is a well known provider of anti-virus software, and has conducted investigations into a range of nation-state hacking incidents. It calls itself the world's largest privately-owned cybersecurity company on its website. It says it protects over 400 million users and 240,000 companies. [...] For Friday's update of the list, the FCC said it relied on findings by the Department of Homeland Security and an executive branch interagency body called the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector.

This discussion has been archived. No new comments can be posted.

Kaspersky Named First Russian Company on Security Risk List

Comments Filter:
  • How many times do they have to be caught before people accept it?
    • caught at what? Kaspersky never has been found guilty of wrongdoing and its source code is open for review by governments and regulators. What Kaspersky has done is uncovered malware attacks made by USA, UK, Israel.. that's why USA government keeps harping how evil it is.

      • Wake up
        Not "found guilty" in no way means innocent.
        It just means that you got away with it, this time.
      • Yeah, I was wondering this too. Also, wasn't Kaspersky already on some kind of US government restriction list?

        • Yes, basically Kaspersky products were banned on all US gov't PCs (& US contractors PCs).

          That was slightly before the covid pandemic. But I didn't take it off my personal PC then, because I wasn't a US gov't worker or contractor, and their AV product is quite superior to Microsoft's built-in product. There have been rumors going back a decade of Kaspersky doing "favors" for Russian intelligence agencies, but that could have also been the malign gossip of AV competitors, who are all either comatose and

      • Here is a current list of Kaspersky vulnerabilities [cvedetails.com]

        So, are you just saying that they are incompetent

        Frankly speaking, it is idiotic to use a security software developed by an employee of a security service of a nation we are at war with

        • No, you are incompetent and don't know how to use CVE list links to see the patches Kaspersky made to those CVE.

          Let's pick one.

          Problem:

          https://www.cvedetails.com/cve... [cvedetails.com]

          Patch (linked in the problem)

          https://support.kaspersky.com/... [kaspersky.com]

          You're either ignorant or some kind of agenda driven mole

      • them and william barr.

    • OK, Karen...
  • Now we see what the Ukraine hoopla is all about. US kept arming and training Ukraine and Putin fell into the trap. This is about destroying any independent non western tech company in Russia. Even companies like Kaspersky which are anti Putin are being sanctioned. When Russia and Ukraine fight, US tech firms get cheap refugee Ukrainian and Russian engineers to build Silicon Valley's products instead of building competing products.
    • This is about destroying any independent non western tech company in Russia. Even companies like Kaspersky which are anti Putin are being sanctioned. When Russia and Ukraine fight, US tech firms get cheap refugee Ukrainian and Russian engineers to build Silicon Valley's products instead of building competing products.

      My word, Trump really was playing 5D-chess the entire time. Project STABLE GENIUS has been a complete success.

      • This is about destroying any independent non western tech company in Russia. Even companies like Kaspersky which are anti Putin are being sanctioned. When Russia and Ukraine fight, US tech firms get cheap refugee Ukrainian and Russian engineers to build Silicon Valley's products instead of building competing products.

        My word, Trump really was playing 5D-chess the entire time. Project STABLE GENIUS has been a complete success.

        Trump would be the US president under whom Russia didn't invade Ukraine.

        Obama and Biden would be the presidents under which Russia did invade Ukraine.

        No amount of internet snarking can change those facts.

      • No company in business in Russia can ignore "requests" from the Russian government.
    • Now we see what the Ukraine hoopla is all about. US kept arming and training Ukraine and Putin fell into the trap. This is about destroying any independent non western tech company in Russia.

      You do realize that they could have sanctioned Russian tech companies without a war, right? The pipeline hack gave them all the justification they need.

      As far as starting the war, only Putin and his allies are responsible for that.

  • by gweihir ( 88907 ) on Friday March 25, 2022 @09:20PM (#62390547)

    The NSA absolutely hates Kaspersky sabotaging their spying.

    • Agreed. However, Kaspersky is in Russia, Putin has absolute power there, and there's no way to know if he has insisted that the software be used to hijack foreign computers or not. If this was a Chinese company, so many people would instantly be wary, but Putin is just as devious and probably more brutal yet people outside of the intelligence service rarely saw Russia as a threat.

      • by gweihir ( 88907 )

        Well, yes. The fact of the matter is that most likely every AV company of sufficient size is compromised in some way. That said, Kaspersky always has been under close scrutiny because they are Russian. So they may get coerced, but chances are anything bad they do will be discovered pretty fast. Not so with the companies compromised by US intelligence.

        • lol nice deflection

          when faced with obvious flaws, just claim that everybody else does it

          • by gweihir ( 88907 )

            Pointing out relevant facts is not "deflection".

            • facts =/= opinion

              you offer opinion

              • by gweihir ( 88907 )

                Nope. I summarize observations. That _you_ cannot see the difference is not a surprise though.

                • Sure buddy

                  >> The fact of the matter is that most likely every AV company of sufficient size is compromised in some way.

                  Just because you use the word "fact" in your statement does not make it factual. You are simply using whataboutism [wikipedia.org] to DEFLECT away from the idea that Kaspersky software should not be trusted while Russia is actively attacking countries with cyber-attacks (oh yeah tanks, planes and missiles as well).

                  >>Kaspersky always has been under close scrutiny because they are Russian. So the

        • So they may get coerced, but chances are anything bad they do will be discovered pretty fast.

          AV software phones home for things like signature updates. Given that Kaspersky controls the update infrastructure this means that they can do targeted attacks which will only be visible on the specific machine attacked and so almost impossible to detect unless they are very unlucky about which target they go for.

          • by gweihir ( 88907 )

            So they may get coerced, but chances are anything bad they do will be discovered pretty fast.

            AV software phones home for things like signature updates. Given that Kaspersky controls the update infrastructure this means that they can do targeted attacks which will only be visible on the specific machine attacked and so almost impossible to detect unless they are very unlucky about which target they go for.

            That is not how things work.

      • Doubtful that they did, as getting caught even once would make it impossible to leverage their software for anything else in future. More than likely Kaspersky serves Russia by catching competing state actors and their toolbox (as we've seen examples of in the past).
        • by gweihir ( 88907 )

          So, if Kaspersky detects some NSA malware that would be bad for their business? How does that work? I think the very opposite is the case. As to catching attackers, that is their business. And AV is supposed to find malware by _all_ attackers.

    • Am not convinced Kaspersky is actively working with the Russian government to spy on the rest.

      There have been a few examples of Kaspersky getting fined or it's staff getting arrested in Russia as well.

      https://www.forbes.com/sites/t... [forbes.com]

      http://www.rapsinews.com/judic... [rapsinews.com]

      And I understand it's back end data processing has shifted out of Russia.
      https://gulfbusiness.com/kaspe... [gulfbusiness.com]

      Seems very unlike other companies which are closely associated with Russian government.

      Anyway, I have always told people who asked recommen

      • by gweihir ( 88907 )

        There is also the problem that spying would be blatantly obvious. Sure, AV searches everything. But it only phones home if it finds malware it does not have a signature for. And typically, it asks the user for permission. From the size of that transfer and from the malware then getting a signature, you can pretty reliably find out whether anything besides that malware sample was transferred. There is more, but the bottom line is that AV software is only suitable for spying is the vendor is willing to sacrif

  • They'll almost certainly do nothing wrong and their AV is easily the best for low-end computers (better than Defender).

    But Russia thinks it's at war with the West. Security is about safety after all.

    I'll reinstall when everything dies down in a year or so.

    • by ugen ( 93902 )

      There is no way for a company in Russia to not do FSB bidding. Esp. given this company's size, reach and specialization. (It would be difficult in any other country, but absolutely impossible in Russia). No one in Russia is in any position of power/money/value unless they are intimately connected to the security services.

      • This. Kaspersky has long struggled to be independent and fair, and has long stood as probably the best antivirus software on the market in terms of protecting against all threats. The problem is that as Russia has become more authoritarian, they can't really resist the influence of the Kremlin anymore. You can't trust any company from Russia at this point, because anyone who doesn't play along with Putin winds up accidentally falling off a balcony.

  • I've never installed it, but when I'm handed a friend's computer that's borked, I *do* use KRD, with no network access, to scan the system. That's worked to get rid of instances of ransomware in the past (older stuff) that put up the old FBI warning banner, stuff like that. Haven't had to use it in a while, thankfully. I've never seen a free bootable rescue ISO of any of the American products. They're usually not worth spit anyhow.
  • by Tom ( 822 )

    At least until now we had a choice - who we'd allow to have a backdoor on our computer, the NSA or the FSB.

  • That shit should have come off of the computer and networks as soon as the threat of war started escalating. Kaspersky may have a reputation to keep and therefore won't become a generalized attack vector except in all out war. OTOH it is the perfect attack vector if there are certain customers that the Russian government wants to attack or infiltrate since they must maintain a list of customers & businesses so it would be very little effort to perform directed attacks.

    Same goes for other software from

  • ,,,ever since it offered to de-Nazify my computer.

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...