Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Tuesday July 04 2017, @08:19AM   Printer-friendly
from the here-nsa-take-my-source-code dept.
Kaspersky Willing to Hand Source Code Over to U.S. Government

Kaspersky Lab is willing to go to extreme lengths to reassure the U.S. government about the security of its products:

Eugene Kaspersky is willing to turn over computer code to United States authorities to prove that his company's security products have not been compromised by the Russian government, The Associated Press reported early Sunday.

"If the United States needs, we can disclose the source code," said the creator of beleaguered Moscow-based computer security company Kaspersky Lab in an interview with the AP.

"Anything I can do to prove that we don't behave maliciously I will do it."

Also at Neowin.

In Worrisome Move, Kaspersky Agrees to Turn Over Source Code to US Government

Over the last couple of weeks, there's been a disturbing trend of governments demanding that private tech companies share their source code if they want to do business. Now, the US government is giving the same ultimatum and it's getting what it wants.

On Sunday, the CEO of security firm Kaspersky Labs, Eugene Kaspersky, told the Associated Press that he's willing to show the US government his company's source code. "Anything I can do to prove that we don't behave maliciously I will do it," Kaspersky said while insisting that he's open to testifying before Congress as well.

The company's willingness to share its source code comes after a proposal was put forth in the Senate that "prohibits the [Defense Department] from using software platforms developed by Kaspersky Lab." It goes on to say, "The Secretary of Defense shall ensure that any network connection between ... the Department of Defense and a department or agency of the United States Government that is using or hosting on its networks a software platform [associated with Kaspersky Lab] is immediately severed."

Jeanne Shaheen, a New Hampshire Democrat tells ABC News, that there is "a consensus in Congress and among administration officials that Kaspersky Lab cannot be trusted to protect critical infrastructure." The fears follow years of suspicion from the FBI that Kaspersky Labs is too close to the Russian government. The company is based in Russia but has worked with both Moscow and the FBI in the past, often serving as a go-between to help the two governments cooperate. "As a private company, Kaspersky Lab has no ties to any government, and the company has never helped, nor will help, any government in the world with its cyberespionage efforts," an official statement from Kaspersky Labs reads.

Source: Gizmodo


Original Submission #1Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by zocalo on Tuesday July 04 2017, @10:53AM

    by zocalo (302) on Tuesday July 04 2017, @10:53AM (#534759)
    Sure, and as the AC noted, it happens already. For better or worse systems are getting increasingly connected, so the previous approach of "it's air gapped so security doesn't matter quite so much" (which in practice often meant "at all") is becoming less and less relevant. If you are not assuming that the systems you are deploying might have a backdoor - whether deliberately or through incompetence/bugs - and taking any steps you can to mitigate against that then you're doing it wrong. If you're big enough and really have not choice but a closed source solution, then requesting to see the source under NDA, and maybe even compile your own binaries from it in some cases, should absolutely be part of that mitigation, regardless of where you and your supplier are based - and yes, that includes US-US, EU-EU, etc.
    --
    UNIX? They're not even circumcised! Savages!
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2