• lemmeout@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    ·
    5 months ago

    Thanks for the link. The article is a whole lot of nothingburger. The entire premise of the article is that Kaspersky works as intended (just as any other security software) to flag files with certain phrases. Therefore, it can be used to find classified markings. Therefore, Kaspersky is bad… What?

    So we should just ban all security software?

    Why is it so hard to find a single piece of evidence that Kaspersky fucked up, or that their software has something in particular that is more risky compared to other security software. Anyone with more knowledge can explain plz?

    Sounds like there is some other motive for doing this. Or they found something they aren’t willing to tell us. But why?

    • Unruffled [he/him]@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      11
      ·
      5 months ago

      From the article:

      Mr. Wardle’s curiosity was piqued by recent news that Russian spies had used Kaspersky antivirus products to siphon classified documents off the home computer of an N.S.A. developer, and may have played a critical role in broader Russian intelligence gathering.

      From the “recent news” article mentioned above:

      Government officials, who would speak of the classified details of the case only on condition of anonymity, said that Mr. Pho took the classified documents home to help him rewrite his resume. But he had installed on his home computer antivirus software made by Kaspersky Lab, a top Russian software company, and Russian hackers are believed to have exploited the software to steal the documents, the officials said.

      Honestly, I agree, it’s a serious accusation against Kaspersky with very scant details and allegations made by off-the-record “officials”. Having said that, just because they didn’t present any compelling evidence doesn’t mean it didn’t happen. In the words of Carl Sagan, “Absence of evidence is not evidence of absence.” I’m not sure where that leaves us though lol. Honestly, I don’t trust Kaspersky with my data any less that with any of the other big antivirus companies. I guess it makes sense they would want antivirus software with CIA/NSA backdoors over alternatives though :p

    • conciselyverbose@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      9
      ·
      5 months ago

      The entire premise of the article is that the Russian government can and has used Kaspersky’s access to perform espionage operations against the United States.

      That absolutely is not a nothingburger. Russia is a hostile power and banning software a hostile power is actively using to attack you is perfectly legitimate behavior. This isn’t “malware is using a file transfer application instead of rolling their own”. It’s “this is an application that by definition relies on absolute trust in the good faith of the provider, that is compromised by an enemy state”.