Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday September 14 2017, @09:48AM   Printer-friendly
from the prudence-or-paranoia? dept.

The Washington Post is reporting U.S. moves to ban Kaspersky software in federal agencies amid concerns of Russian espionage:

Acting Homeland Security secretary Elaine Duke ordered that Kaspersky Lab software be barred from federal civilian government networks, giving agencies a timeline to get rid of it, according to several officials familiar with the plan who were not authorized to speak publicly about it. Duke ordered the scrub on the grounds that the company has connections to the Russian government and its software poses a security risk.

[...] "The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security."

[...] The directive comes months after the federal General Services Administration, the agency in charge of government purchasing, removed Kaspersky from its list of approved vendors. In doing so, the GSA suggested a vulnerability exists in Kaspersky that could give the Kremlin backdoor access to the systems the company protects.

Someone that is in a position to know all about it tells me that Kaspersky doesn't detect malware created by the Russian Business Network. My fear is that if I named that someone, the RBN will give that someone a bad hair day.

[Ed. addition follows]

The full text of the DHS notice is available at https://www.dhs.gov/news/2017/09/13/dhs-statement-issuance-binding-operational-directive-17-01.

Previously:
FBI Reportedly Advising Companies to Ditch Kaspersky Apps.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday September 14 2017, @12:46PM (3 children)

    by Anonymous Coward on Thursday September 14 2017, @12:46PM (#567759)

    According to the wiki they are owned by cisco

  • (Score: 2, Interesting) by pTamok on Thursday September 14 2017, @02:18PM (2 children)

    by pTamok (3042) on Thursday September 14 2017, @02:18PM (#567803)

    Being owned by Cisco is less of an issue when the software is FLOSS. Obviously Cisco could introduce subtle bugs, but it is more difficult when the users of ClamAV can compile from source rather than relying on pre-compiled binaries. This is not to say I think ClamAV is perfect - but it can be a useful addition to other (proprietary) approaches. Relying on it alone might be inadvisable. Using it as an adjunct to other malware detection software might be beneficial.

    • (Score: 0) by Anonymous Coward on Thursday September 14 2017, @03:14PM (1 child)

      by Anonymous Coward on Thursday September 14 2017, @03:14PM (#567839)

      While I agree that is better, it's kind of marginal since the windows version is distributed in binary form and who needs AV software the most? and is least likely to have the skills necessary to check it?, it's not like Linux (or any of the FOSS)people are out there doing a code reviews of windows projects

      • (Score: 2) by Grishnakh on Monday September 18 2017, @06:18PM

        by Grishnakh (2831) on Monday September 18 2017, @06:18PM (#569831)

        it's not like Linux (or any of the FOSS)people are out there doing a code reviews of windows projects

        Exactly, and it'd be pointless anyway because the underlying OS is closed, secret, and proprietary, and well-known to be spying on you anyway. If you care at all about security and privacy, you wouldn't be running Windows in the first place, so you won't need antivirus software.