On AV test suites, Kaspersky is literally the best AV both in terms of maximizing detection rates and in terms of minimizing false positives. [1] Kaspersky was the first (only?) antivirus software that was able to detect and out malware created by 'The Equation Group' (NSA). That happened February 2015. [2] By August, the media was running scary stories about them based on anonymous sources. [3] By 2017, the US government was working to ban them. And here we are now.
Worth noting that you aren’t ever going to be on the receiving end of NSA malware by accident.
Unless you have a reason to believe that somewhere the NSA is having a meeting where your name is getting mentioned this isn’t actually something you need to worry about.
Also worth noting that if you do happen to find yourself on a targeting list, no one brand of anti virus is going to make even the smallest bit of difference as to what the outcome of that decision was.
This angle you seem to be insinuating that this decision to ban them is somehow because “they are mad” is a child like understanding of the situation and is actively wrong.
>Worth noting that you aren’t ever going to be on the receiving end of NSA malware by accident.
Wasn't their plan with stuxnet "spread this as far as we can and eventually it'll hit what we want?"
Ignoring how frequently they will accidentally target the wrong people, that seems like intentionally creating something where there will be accidental victims.
I’ve never once heard this claim before. Where did you get that from? Seems entirely inconsistent with what Stuxnet was which is perhaps the most targeted hack I’m aware of in history. You don’t do that by loudly spraying and praying. Not how any of that works at all.
And most of the rest of the article. They made a worm that was only supposed to activate in incredibly specific circumstances, but spread indiscriminately to find that specific circumstance.
edit oh, and let's not forget those extremely specific circumstances still seemed to have hit a thousand other targets accidentally, which is the exact thing you said isn't ever going to happen.
I think we are mixing two different things here and it’s worth pulling them apart to make things clearer.
There is an element of you are going after a very specific system or set of systems but they are all air gapped and you need to find a way to get your malware onto those systems somehow.
This part is actually how you describe it more or less. The plan was basically: spread everywhere you can but only do so if you are confident for some reason that you’re on a system belonging to the target country (I.e Iran) and if anyone ever sticks in a USB key to one of those systems you should take that as an opportunity to cross the air gap because people are sloppy and mistakes happen.
So in that sense, yeah it is somewhat true, that’s literally the strategy they used to get where they needed to go. However, the controls they had around it I think were also reasonable. I fully expect the NSA and Mossad (who would later somewhat fuck up the operation) to be doing exactly that and I think it’s consistent with their job.
The second part is the “actually malicious” payload. That had an entirely different set of checks and balances in place to make sure it wasn’t fucking up unreleated systems along the way but just using them as a launch point.
That full context I think still firmly fits my original definition that unless you’re actively on a target list for some reason you have no reason to view NSA malware as something you should have on your threat model. Not sure if you agree or not?
You're ignoring the 1000 systems damaged by stuxnet that had nothing to do with the Iran nuclear program? All of those people would view stuxnet as malware, and would want there AV to target it.
And that's forgetting that no matter how specific the NSA supposedly was, after launching their malware other groups will copy it, so an AV provider will need to view NSA malware as a threat model.
Plus, your original definition assumes the NSA either doesn't make mistakes, or an AV company shouldn't try to clean up their mistakes, both of which are nonsense
I think we are hung up on the term “damaged” here maybe.
1000s of computers did indeed have malware on them. That’s true.
The malware was intentionally designed to do nothing other than trying to cross the airgap to where it was actively trying to go.
This is the entire reason I just explained why when you say “stuxnet infected thousands of machines” that you’re actually talking about a couple of different things here as though they were one.
The nuance in this particular debate matters quite a lot and I don’t think ignoring it for the sake of convenience is helpful.
The Wikipedia article I linked mentions far more computers getting infected, and approximately 1000 systems being damaged. That's in line with what I've read about the program over the past decade, though my thirty seconds of research can't find more evidence.
If it only damaged the one system it was supposed to be targeting, why would we ever have heard of it?
There’s a few reasons but a General from STRATCOM leaked it from memory being a major one and I generally think there was probably a bit of a messaging component going on there where the US wanted to flex both in terms of their capabilities but also as to what they considered to be “norms” in the cyber context.
I.e here is an example of what we consider to be legitimate use to compare and contrast with say North Korea’s Sony hack.
But also it lost a lot of its value as a secret once it was already done.
Although the other points you raise are true - IE if the state sets their sights on you, there's little you can do about it - the idea that you have nothing to fear from rogue malware is shockingly naive.
These rogue pieces of software do occasionally escape their intended target and do measurable damage to infrastructure. Many such cases.
The idea that "I don't need quality antivirus, because I have nothing to fear from such threats" has similar energy to "I don't care about my privacy, I have nothing to hide."
You’ve made a pretty significant change to my argument here.
Malware is a real thing that people need to worry about.
Being targeted by the NSA doesn’t happen by mistake.
As some others have pointed out, there was an incident a few years ago where NSA lost a whole bunch of their malware thanks to I believe again it was a leaker in that case (Joshua Schulte if I remember correctly).
That did in turn end up getting used in a North Korean operation shortly thereafter which by contrast didn’t seem to have good controls in place and absolutely spread like wild fire.
But as far as I know it happened once, was an anomaly and just isn’t a thing that is likely to ever impact you which is why I’m making the argument that what the OP was saying that Kaspersky is the best anti virus just isn’t a good argument and people shouldn’t feel like they are missing out on anything in this instance.
Having access to multiple computer security firms is good, and the services Kaspersky provides do not end with their antivirus software. Security firms regularly publish their work and work with each other.
Perhaps I'm wrong here, but if memory serves, Kaspersky was one of the first firms to detect stuxnet and publish it's structure (I could be wrong here, trust but verify). Using this data, Symantec was able to begin studying the virus as well.
Walling off security research will lead to more parallel research, rather than international collaboration in computer security. Whether or not this is a good or a bad thing is arguable - but I believe international efforts are a net good while the Internet is an international affair.
Who knows, siloing of development might allow creativity and novel solutions in computer security like what happened with the USA/antibiotics and the USSR/phage theory - but I might be coping here.
I hear what you’re saying, I even share a lot of the sentiment but the geopolitical situation had changed significantly in the past decade. I don’t think there is any reversing of this trend anytime soon unfortunately. There is going to be a lot more of this not less in the coming years.
Not at all. I think those docs showed that they have much better capabilities and collection, targeting and delivery platforms than what people had assumed at the time but there was zero evidence that I’m aware of where they were misusing that to go after illegitimate targets. I think the most controversial thing on that front from memory was Angela Merkel and other EU heads of state which inside of an intelligence agency isn’t particularly controversial at all, that’s just doing your job.
> but there was zero evidence that I’m aware of where they were misusing that to go after illegitimate targets
How could you claim that without (a) having insider knowledge of the secret activities of the FISA court and (b) violating some sort of legal restriction on publicising your knowledge of said court? One of the major complaints about the US surveillance program (indeed any surveillance program) is almost nobody is allowed to know who the targets are or why.
> I think the most controversial thing on that front from memory was Angela Merkel and other EU heads of state
And I think the most controversial target to date was actually Trump.
> The fact he happened to suddenly become a politician doesn’t mean he is suddenly in the untouchable category only that the level of scrutiny goes way up.
So when you say "legitimate targets" does that include all US politicians? Or only ones that you think are a threat to your interests? Perhaps we can speed up the argument and you outline what you think the illegitimate targets would be. Because that case sounded like clear cut abuse of the spying apparatus to me. Bearing in mind that people involved in obtaining the warrant ended up being charged with related crimes of falsifying documents.
Listen Trump was running a whole lot of policies entirely off the books that wasn’t publicly declared and was entirely inconsistent with the goals of both the US and all of their allies but was entirely consistent with personal enrichment.
He had multiple people go down around him that were actively working as Russian agents and then he had Kushner working to set up a secret communications channel out of the Russian embassy that was actively designed so that it couldn’t be intercepted by US intelligence.
When you do that kind of thing, no matter if you’re a politician or not, in fact ESPECIALLY if you’re a politician you should absolutely expect people to start asking questions and opening investigations.
We don’t need to pretend he was some normal candidate who had a couple of whacky ideas.
Just to hammer on the point here, the polling is close to wall-to-wall that people prefer him as the next US president - so in that sense he is probably slightly above normal. Are you saying you consider deploying the spying apparatus to monitor domestic political candidates is legitimate? What is the line where you consider it illegitimate?
They bought this system in notionally to fight terrorists. It has in short order turned out that "terrorists" include someone who can be described as a relatively popular (!) Republican candidate. Are you contending that this is legitimate use of the foreign intelligence apparatus?
Most US presidents have dealings with foreign countries. The Biden family are famously involved in Ukraine (& others), Trump was all over the place including Russia. Obama was probably just domestic but the Bush family have a lot of interest in oil which is going to involve foreign contact and the Clintons are closely involved in US foreign policy. There'd be a case for spying on almost every president in the last 30 years!
> There were a whole range of specific actions that occurred that resulted in an investigation as it should.
One of the FBI lawyers involved plead guilty to a felony false statement charge. They were literally making up pretexts to spy on the Trump campaign. I think the issue here is when you talk about "legitimate" you mean that you are happy enough to see the FISA system used as an internal political club. There is no way that it is being used legitimately, we're in the opening stages of a process where every single incoming US president is going to have their communications examined by the incumbent's administration. Or at least when the party in power changes.
There isn't anything special about Trump here. He turned out not to be doing anything suspicious, or they'd be going after him for it (or have gone after people in his campaign). Ergo, any clean candidate is probably suspicious enough to warrant surveillance.
I am going to quote your own article back to you verbatim because it says something entirely different to what you seem to be claiming.
“The letter sent to Grassley reveals that there have been at least 12 recorded cases of spies abusing their powers since 2003”.
So, no, the NSA is not out there abusing their powers to go after illegitimate targets. It’s also worth keeping the context that this was in a pre-Snowden era.
In 2024 you can’t access a single thing without their being a log of who you are and why you are looking at it and under what legal statute that is allowed precisely to prevent something like that ever happening again.
You claimed there was zero evidence that the NSA was spying on illegitimate targets. Both articles emphasize there were numerous incidents of exactly this, both discovered and undiscovered. Snowden in particular emphasized the rather poor level of content auditing that was (and probably still is) going on.
Listen, everybody can read the exact same comment I wrote and see how you are ignoring all the parts that are inconvenient to you. It’s there in black and white.
We are talking about if the NSA abuses its power to go after illegitimate targets.
You quoted the same single source twice but written by different people which when we got down to the heart of the claim showed that there was actual evidence of approximately 1 incident per year over more than a decade time frame.
I also explained precisely how and why things had changed in the past decade since that quote was relevant so that it wasn’t possible for people to do that any longer without tripping all kinds of alarms.
If you have other evidence then please share it but what you have so far doesn’t support your claim at all.
Read the articles - they describe two very different scenarios. One is spies spying on love interest (wives, girlfriend, somebody they might want to date, etc). The other is spies collecting sexually explicit media of more random people.
And the auditing systems at the NSA were obviously very poor, and there's no reason to think that has meaningfully changed. Of the very few cases they were able to "catch", a sizable chunk were from self reporting in polygraph exams or even more absurd things like a girlfriend reporting a guy who she suspected was spying on him - and he was, as well as 9 other women. In no cases were there any meaningful penalties, with the worst case being resignation. And similarly, it seems people engaging in the harvesting of sexually explicit material Snowden described were never caught, which is likely why he referred to it as something like a "fringe benefit".
Listen when I talk about single source. I’m talking about “Edward Snowden made a claim”. It doesn’t magically become two sources because he gave two examples.
Moving on from the technicalities though because it’s a dumb argument to get stuck in and into the heart of it.
We are still stuck with the problem however that there wasn’t ever any evidence of this happening that anyone could point to even after an in depth investigation into the topic beyond the dozen incidents over more than a decade time period.
Snowden (and now you) made the claim that in fact it was much higher but you simply can not prove it which is awfully convenient but does leave the question open of how could he possibly have known this?
Are you meaning to tell me that the biggest leaker of classified information in the US’s history for some reason chose to hold back on what he knew about that topic? He must have known of specific people and incidents and could have cross referenced what was in the investigation with what he knew.
He couldn’t have dreamed up a more perfect gotcha moment if that was the case to come out and say what about incidents X, Y and Z.
That never happened and you should naturally wonder why that might be.
He either didn’t actually know of any or he chose not to reveal it for undisclosed reasons beyond a vague insinuation.
I also want to put it to you that perhaps Edward Snowden was not exactly an honest broker in the way he claims to be. I know it’s somewhat blasphemous here but as I mentioned in another thread this week there is actually a rather compelling theory in the IC that he might have been part of an malicious insider campaign from the very start. In part because of things like this ironically.
Your argument seems to be basically coming down to "Ah, but we don't have indisputable proof of said claims!" while intentionally ignoring the fact that what evidence we do have makes it clear that the auditing and self investigating capabilities at the NSA are somewhere between nonexistent and abysmal. For things like an agent to be able to spy on numerous "girlfriends" over periods of half a decade, only to finally be outed because one of them suspected he was spying on her and reported him to the government? And even then, in such an extreme circumstance, for there to be basically no penalties whatsoever (besides him resigning)? This is strong evidence in support of the claims of widespread abuse that Snowden made, before these cases became publicly known.
Beyond this Snowden's revelations were not about abuse within the domestic surveillance apparatuses, but about the existence of those apparatuses themselves. Prior to Snowden the idea that the government was engaging in widespread surveillance, of essentially everything, was still just a "conspiracy theory." The entire system itself is likely illegal, as it pisses all over the 4th amendment, but cannot be legally challenged because of a simple problem - for one to prove standing, to enable them to sue, they need to not only prove they were spied on, but also harmed by spying. Each time this is tried, the NSA simply claims national security and refuses to cooperate. So we have a likely illegal surveillance system with no legal means of challenging it.
So people trading sex pics, spying on lovers, or whatever - these are all instances of abuse within a system that should not even exist.
It’s not the absence of “indisputable proof” it’s the absence of ANY proof.
There are only a couple of possible scenarios here that I can think of:
1. Snowden is making a claim here that he suspects but doesn’t have proof of (I.e speculation).
2. He does have proof but isn’t willing to share it. Not with the public, not with investigators and for some reason he chose to never mention it internally beforehand.
3. He is intentionally making outlandish claims he knows are wrong.
I can’t see any universe where option 2 is likely. He is every possible motivation to do so if you go with his public story about why he did what he did.
I’m entirely open to options 1 and 3 however.
Also nobody is claiming that those incidents were anything other than abuse of the system. We are all in agreement on that. The question of is this more common than other threats they face from insiders such as spies for example is what we disagree on and so far I’ve not seen a single piece of compelling evidence to suggest it is.
Furthermore, I’ve explained how there are now new controls in place to prevent that from happening again and you don’t even have to ascribe any kind of altruistic motivation for it about protecting people’s privacy. You can entirely put it at the feet of they want to make sure they never have another Snowden incident again. This is why I’m saying that this just isn’t a realistic threat that people should be worrying about in 2024.
Why the hell should the American people trust the TLAs when they regularly lie to congress with impunity? I may be a boring nobody who will never rise to their attention, but what about the next big civil rights leaders and activists? OWS organizers, or anti-war politicians? What of American politicians who dare to go against the grain of neo[conservative/liberals] or even defy the zionist lobby? How can you guarantee none of them will be targeted? You can't, you're full of shit.
I have very different feeling a about the FBI compared to everyone else precisely because their track record has given me reasons to suggest that they have way less oversight than others but the picture is actually pretty nuanced and you’re just throwing out random shit here that there’s nothing really to have a conversation about other than I think you should actively look into the checks and balances in place within the IC because even though HN likes to pretend that it’s totally unaccountable and they will go after anyone that just isn’t true at all.
They all lie to congress with impunity. The courts don't hold them accountable. They think themselves above the executive. They are completely out of control but you seem to think they're all squeaky clean except for the FBI? There is literally zero rational reason to believe that, because there are no effective mechanisms for making them honest.
The CIA once proposed to commit terrorist attacks on American soil to create a justification for war a against Cuba. JFK turned them down but was anybody in the CIA ever punished for it? Hell no, and there is reason enough to think they may have even murdered him for that rejection. Even if you don't believe that, none of them have ever been punished for their abuses and there has never been reform.
Could you please make whatever argument you are trying to make directly because I have no idea what this fortune cookie nonsense is supposed to be saying.
WannaCry is famously based on EternalBlue leaked from the NSA. If you don’t follow the highest profile news in this space, you probably shouldn’t make very confident statements on this topic.
I think it’s actually you who is missing context here. We are talking about a single example
Of the NSA hitting innocent people on mass and you gave me an example of North Korea in response and are trying to say that because they used an exploit that was originally developed by the NSA that it’s somehow the same thing. It’s not, it’s not even close.
What would you have them do in this situation exactly? Do you want them to write a readme guide for North Koreans? Should they never write malware again? Should they send out signatures to AV companies.
Please explain to me what you think should be different.
One final comment from me on this topic to set the record straight, won’t respond further since I don’t sense a good faith discussion here. It rarely is when someone posts like a dozen comments on a single topic.
The thread went like this:
- Someone: Kaspersky is arguably the best at the job, was the only one capable of detecting NSA malware at one point.
- You: NSA never targets anyone they don’t want to target, and antivirus is useless if you are a target.
- Someone: NSA malware also gets leaked into the wild and end up infecting millions.
- You: A single example?
- Me: A single example (that was arguably digital security story of the year at the time).
- You, two comments later: what should NSA do?
They don’t need to do shit. Antivirus companies should up their game. In practice though, word on the street (probably backed up by leaked documents too but I’m not sure) is they — including the targeted software vendors, notably Google and Microsoft — often just greenlight their allies’ operations, and issue a low profile patch when it’s really bad.
But we are just back at the argument of what if I own a gun and keep it locked up but someone breaks my lock and uses it to shoot someone.
To me the only conversation to be had here is were there reasonable protections in place at the time and what is being done to prevent it happening in the future but just due to the fact that this is the NSA those conversations are not going to be public for obvious reasons.
> Unless you have a reason to believe that somewhere the NSA is having a meeting where your name is getting mentioned this isn’t actually something you need to worry about.
... unless the exploits leak (after use), which they do.
> Unless you have a reason to believe that somewhere the NSA is having a meeting where your name is getting mentioned this isn’t actually something you need to worry about.
Of course not. Only the criminals are punished. /s
Kaspersky took the US allegations very seriously, and moved all of their data collection and processing for the US (and quite a few other nations) to Switzerland. [1] They then made the facilities accessible to US and other "partners" to inspect the code at said facilities, compile it from source (to compare distributed binaries), audit their data handling/processing procedures, and so on.
It'd be pretty easy to see if the software was missing Russian state malware both by inspecting the code, or simply installing it on a test machine and then running the scan. If this were the case, it's highly likely the news would be repeating it 24/7. So it seems safe to assume it's doing its job well.
The audits are a joke (iso 27001 means nothing in practice, as anyone working in a 27001 certified company can tell you), and what has been in the news is that the only foreign partner who signed up to this clown show promptly went bankrupt in 2022: https://www.cbc.ca/news/canada/new-brunswick/cyber-nb-shutti...
So what, exactly, is this press release supposed to prove?
That Kaspersky gave the US every imaginable means of ensuring everything was on the up and up, and that the allegations were unjustified. Yet the US seemingly had no interest whatsoever in investigating their own claims.
Eugene Kapersky is a Russian state asset and literally refuses to use the word "war" in regards to Russia's invasion of Ukraine.
Banning foreign agents from a hostile regime in a time of war is not an attack on free speech. Kapersky is free to speak -- and he has, through public statements from his company. He is not free to do business with the Western world while living in a sanctioned country.
The number of times I've seen HN posters rejoice that people are not allowed to even communicate their political ideas because they are x-ist (it's a private company, bigot!) is too many to count. But the minute there's an actual genocidal war being waged by one of the most wicked nations on earth, people are very concerned about the Constitutional right to commercially sell antivirus software from the enemy's borders. Absurd.
>Eugene Kapersky is a Russian state asset and literally refuses to use the word "war" in regards to Russia's invasion of Ukraine.
To be fair, western third parties like Japan refer to the conflict as the "Invasion of Ukraine" (ウクライナ侵攻, ukuraina shinkou) and such.
Personally, I don't view this as a war because there was no formal declaration(s) of war to be seen anywhere before nor after the fact. War is an act of diplomacy, but what Russia has been doing is anything but.
> War is an act of diplomacy, but what Russia has been doing is anything but.
No, this is an unnecessary formalism. Why not define war by what is actually happening (large scale armed conflict between states or other large groups) rather than by mere words uttered by somebody?
> In his study Hostilities without Declaration of War (1883), the British scholar John Frederick Maurice showed that between 1700 and 1870 war was declared in only 10 cases, while in another 107 cases war was waged without such declaration (these figures include only wars waged in Europe and between European states and the United States, not including colonial wars in Africa and Asia).
> The principle of a compulsory declaration of war has now fallen into disuse. In practice and under customary law, a declaration of war is no longer necessary for a state of war to exist; it suffices for one of the parties to make its intentions clear by actually commencing hostilities. Similarly, a formal declaration of war is not necessary for the application of international humanitarian law.
>> In practice and under customary law, a declaration of war is no longer necessary for a state of war to exist
Was it ever? Under customary law, a state of war exists between any two parties by default. What needs to be declared is peace, which is why so many ancient peace treaties survive.
Actually I am convinced that everyone in kremlin have the Diplomacy skill set to ZERO, all of them and their ambassadors, local leaders, duma politicians.
And the regular citizens that I interacted with are similar, for example a guy threaten me " my cousin fought in such and such Ruzzian war, he is not with the mafia and drawn a guy because X, do you want to have my cousin kill you? "
No sane goverment should run Ruzziancontrol software, even if the guy is a saint(we know is a KGB close friend ) the KGB goons will force him to install spuyweare in an update.
"Invasion" is also an acceptable and accurate term. The doublespeak of "special operation" as if it is a police issue in a territory they have right to is what he sticks to.
Regardless, Kapersky has plenty of money. If he doesn't support his nation's mass butchering of its neighbors he could easily buy citizenship in a country like Nevis, which puts it up for sale, denounce Putin, and abandon the Russian state. As it is, he is under the control of the FSB, and every dollar he earns generates demand for the ruble and tax revenue for the Russian state.
An invasion of a sovereign country is a act of war by definition. It's a legal casus belli for the victim to possibly be followed by a official declaration of war but that does not invalidate the war status.
A conflict without formal DoWs issued is not a proper war, FSVO proper. That doesn't detract from the hideous nonsense Russia is engaging in, of course; it's arguably worse than a war because they couldn't even be arsed to say it is one.
As much as diplomacy tends to be derided (and I'm certainly among those detractors), I also want to believe diplomacy still fucking means something for the sake of a civilized world.
> As much as diplomacy tends to be derided (and I'm certainly among those detractors), I also want to believe diplomacy still fucking means something for the sake of a civilized world.
I don't understand what benefit for diplomacy is this insistence that a war without a declaration isn't a war.
Aren’t wars (in the traditional sense) effectively banned by the UN? If war is illegal under modern intentions law what’s the point of declaring one besides self-incrimination? If you invade a country and just call that a “special operation” you can at least maintain some pretense of legitimacy.
What is happening currently in Syria? The USA hast still some forces there taking control of oil fields in a sovereign country. Can we count that as war?
Yes of course, and I'm not defending it, but it's still totally different in both scale and nature from what Russia is doing in Ukraine.
At least on surface appearances the US isn't taking control of the oil and selling it on the market (the oil is owned and marketed by the autonomous Kurdish government which runs the region).
And unlike Russia, the US certainly isn't seeking to permanent annex the region.
> but it's still totally different in both scale and nature from what Russia is doing in Ukraine.
Because if Americans kill people, it is an act of justice, of spreading democracy (see also Irak, Afganistan, Yemen, various Latin American and African countries) not a killing. /s
A conflict without formal DoWs issued is not a proper war,
If it helps clarify things for you: most wars are deeply psychological in nature; and part of how they operate is by telling people (both the perpetrators and victims) that it's not really a "war". But rather a "special operation". They will even lie right to your face, and tell you that they are there to "demilitarize" the area and to bring peace. And that to the extent that it might look like a war -- that will insist that they had no choice; it was forced on them; the other side could stop it at any time if they wanted to.
Proper declarations do have significance of course; but they are always secondary to the basic facts of what's happening on the ground.
In case it wasn't obvious, no I don't buy Russia's "mUh SpEcIaL oPeRaTiOn!" bullshit. It's not a war either, for already stated reasons.
No, what's going on in Ukraine is even worse; it's unadulterated, uncivilized baboonery that should be an embarassment to all of humanity. Russia for doing it, and the rest of us all for failing to stop it (and so far putting an end to it).
It's the 21st motherfucking century and we can't even try to be civilized about brutally murdering each other en masse. Fucking hell, man.
But I see the overall point you're making, and I've also taken the "Can we even call it a war?" perspective at times, not because of the lack of a proper declaration (which I see as insignificant), but from the sheer pointless, murderous insanity of it all.
A side note: It just so happens that the romanized version of the Russian acronym for SMO is SVO (that is, SVO = СВО and perhaps F meant "full"?) so I was temporarily confused by what you meant with that acronym. I now do see what you meant by it. But at the moment my mind was focused on the pointless insanity that we both agree is the situation in Ukraine, not math.
True of most armies -- even the worst we can think of. The architects of war know this, of course. That's why most the killing is usually done at a distance, out of sight and out of mind.
Which was done (and, judging by the choice of ordinance, signed off on at the highest levels) not despite the fact that they knew there were children present at the carefully selected target; but because of it.
Is that a method anyone has ever used to distribute paid, multi-GB software (or ever will for that matter)? I’m pretty sure Kaspersky is fully closed source anyways. This argument seems really roundabout and ineffective.
The problem is that the company in question can act freely from the US government. Should I remind you what triggered this animosity toward Kaspersky in the first place? https://www.wired.com/story/nsa-leak-kaspersky-labs/
The US is currently indirectly at war with Russia... I don't understand why you think it makes sense to let someone you are basically at war with operate on your computers
Anti-virus software companies are incentivized to discover more and more malware. Not saying that AV companies produce malware ( ;) ), but the incentives are misaligned.
Brilliant! I have to say, I'm really impressed by how much the US is stepping up it's game, first with TikTok, now this. I wish Europe would do the same. Like yesterday.
Eugene Kapersky is big fan of going to bathhouses with Russian FSB officials. Also unlike many other Russian companies he refused to relocate offices out of Russia when full-scale war began.
There’s a plethora of cia, nsa, “what have you” guys at OpenAI, Google, Meta, you name it — should every other country in the world ban US software?
Or are there “good” intelligence officers and “bad”?
The moment some backdoor is discovered in Kaspersky, it is done as a product all over the world. That’s the best protection about any alleged government connections exploiting the software.
The notion of open market, competition, democracy is only exercised when it is your products that should undermine the locals.
The moment it is not, you start hearing stuff like “overcapacity” (what a nice term) of china manufacturing — what a hypocrisy.
As soon as US starts loosing the positions, it wriggles just as any “dictatorship” protecting its interest by quickly dismissing the free market as it needs.
Obviously ClamAV only does what's in it code, but pretty much all proprietary AV software collect samples by default based on rules deployed by developer.
Windows Defender do have automatic sample submission, but according to documentation only automatically submit files that are "safe" to not no contain PII:
It might request user approval to submit non-executables, but again we can't know when and why Microsoft might decide to override defaults. Technically data collection pipeline is here.
> I mean the AV software being used as a malicious agent.
See the problem: there is absolutely no way to tell whatever AV software uploading your sensetive documents to it's servers for legit reasons or because it's spying on you.
> The notion of open market, competition, democracy is only exercised when it is your products that should undermine the locals.
Russia is no longer part of open market and it's not a democracy. There is absolutely no reason to make business with any of companies based in there just like there is no reason to work with companies from North Korea.
Companies from Russia like Jetbrains that wanted to work on global market left the country, relocated their staff and closed offices. Kaspersky choose to stay so his company can now work for local market instead and might be sell some AV to North Korea.
SXX, you actually didn't answer his question while addressing his underlying jab, so I'll take a crack.
Crucial components in the security profession are trust, and managed risk. Companies that don't pass the sniff test are simply discriminated against - regardless of circumstances.
The US is looking out at the world again and trying to influence it. And the common man is bombarded with western military exceptionalism propaganda. Why would the USA allow any avenue for its currency to flow into a Russian firm? It was only a matter of time for something like this to occur.
The problem is you won't need to discover a backdoor. A security program can simply not catch a targeted set of threats.
Russia is the most sanctioned country in the world. That's economically bad for everyone; just less bad for the US than Russia. The argument that this is designed to help US companies is... crazy.
> The moment some backdoor is discovered in Kaspersky, it is done as a product all over the world.
This is unfortunately not true. Maybe only in the West. Cisco has backdoors since years. Kaspersky just uncovered an Apple backdoor, that's why US is so upset.
> should every other country in the world ban US software?
For context, I'm not an American or European, and my home country is allied with Russia. That being said, the US is not just like the Russia, no matter how badly Putin wants the world to believe that.
Why do you think so? In my opinion these countries are equally bad. The western support for Ukraine is huge only because the west is against Russia, they could stop the war but they didn't.
In the current world diplomacy is a joke, countries and their diplomats are unable to find a peaceful solutions. People are dying on both sides ( Ukraine-Russia, Israel-Palestine, ... ) while the world watches.
The media also spread hateful propaganda on all sides of conflicts, politicians make hateful comments. Nobody cares.
So what's your proposal for how they should do that?
In particular: precisely which of Putin's most recently dictated terms do you think they should force Ukraine to agree to -- in order obtain this "peace" that you say is easily available?
