Last week, a piece of news shook the IT world. The US government had banned federal agencies from using security software from Russian company Kaspersky as the Department of Homeland Security was worried about potential connections between Kaspersky and the Russian secret service. In an unprecedented move, all Kaspersky software now has to be removed from all government PCs within 150 days. Looking closer, a couple a questions arise the most important of which is: is there anything left that is safe to install?
Since the 2016 US election, one topic has come up time and again on the web: Russian hackers. Though evidence is hard to find, many surmised Russia massively interfered in the 2016 election. Born out of this fear of uncertainty, Kaspersky quickly fell into the crosshairs of US intelligence agencies. A Russian security software used by over 400 million users including 27,000 business customers would be the perfect backdoor after all! This sentiment had been boiling under the surface for months and led to agents questioning Kaspersky employees and even cracking parts of the software to track down hidden features. It was an all-out effort to uncover the "Russian conspiracy" - and it was all for nothing.
The FBI has yet to come up with substantial proof to support the claims against Kaspersky. Reading between the lines, it becomes apparent that this is not about the software currently running on PCs around the world as no irregularities were found. It's not about what is or was but what might be. The mere thought that the Russian intelligence service might use Kaspersky software to sneak spy tools into US governments robs many of their sleep. All it took was the nationality of a company combined with a general mistrust of Putin's power apparatus to trigger this boycott. Following this line of thought, you may experience mild paranoia as you ask yourself how this scenario may apply to other companies, e.g. Microsoft, and the traditionally unscrupulous NSA. Is that too much of a stretch or should you avoid US software altogether because this scenario is a possibility?
To avoid misunderstandings: we don't entertain any business relations with Kaspersky. They're just another competitor to us. Yes, we could welcome this development as it may mean more antivirus license sales for us but that would be taking too narrow a view of this affair. Is it OK to publicly defame a company for no reason other than fear and suspicion? A company that secures jobs and constitutes a life's work for many? This goes against my sense of justice. What happened to innocent until proven guilty? Some of the suspicions are not without an element of comedy. For example, they criticize that Kaspersky software requires administrator privileges to work properly but fail to mention, or are unaware, that this is the case with every antivirus program. Likewise, any contact with Russian authorities is frowned upon yet, again, they blithely forget that the exchange of information between security vendors and national / international authorities is standard practice to warn and alert against threats and vulnerabilities. So what can you do? Uninstall everything until the screen stays black? You'd certainly be safer then!
Even more disturbing is the advice the US government has for private individuals. While government agencies have just 60 days for planning and 90 days for the implementation of the new regulation, home users are simply told to keep calm. After all, this only concerns companies and the feds they say. But once allegations that a company is the Kremlin's secret espionage department are made, wouldn't it make sense to also warn private consumers? Is their security worth nothing? Moreover, researchers, universities and their staff are most likely using Kaspersky programs on their private computers too. Is that irrelevant? Just a political decision after all?
What remains is the uneasy feeling that the suspicions are plenty yet the facts are few. German authorities have praised the close and constructive relations with Kaspersky and pointed out the various attacks that were successfully repelled with the company's help. This includes multiple attacks by Russian hackers against government officials. So whom can you trust? Let's hope defamation and mistrust won't undermine the combined global efforts in the fields of science, trade and security that have developed across national borders over the years. Imposing a product ban based on company nationality alone invokes unpleasant memories of the Cold War era in me. Back then, Russian software would have been a no-go and who'd want to return to those dark times?
What I would like to know: how will this affair influence your future buying decisions?
As long as American software companies are going to drag their heels to fix errors in their code, it's difficult to point fingers at companies like Kaspersky. Intel currently is not accepting responsibility for the fiasco in their CPUs, which affect every computer in use. After six months since the problem emerged, no patches have been forthcoming, and the industry seems content to permit user anxiety to increase until we experience enough to move us to replace our computers with newer models. In the meantime, companies such as Dell and HP are dumping "reconditioned" computers to unsuspecting users, doing nothing to solve the CPU problem.
I'm amazed at some of the responses. Don't be so naive to believe it's just the US who is spying. EVERY reasonably developed country spies on it's citizenry and others. And guess what? The Allied Countries share that Intel. This is nothing new.
"The US has lost all of its credibility as it becomes less and less significant to people on this planet. Everyone else is always to blame no matter what the topic. The attacks by the US on well known and efficiently run companies is their latest tactic as the Russian economy bounces back after more US sanctions.
It's pure paranoia created by the US due to their failure to keep up with technology, science, math and a litany of other domestic problems. "
I don't what you're smoking, but I'd slowly taper off to avoid withdrawals...
I am a lot more worried about US Secret Services and their violations of privacy. No problems with Kapersky.
Sorry for the delay in responding but I was deeply in thought about Kaspersky all this time. Then it hit me. Kaspersky is crap. I used it for a while about 2 years ago (paid for version from Kaspersky) and about three times a week it informed me that the data had been corrupted and I had to re-install each time. I now use Bitdefender Total Security with the addition of Malwarebytes and I have never had a problem with either.
I realise that this has nothing to do with the subject matter of the debate but it was soapbox time for me.
ps: I don't trust ANY of them and anybody who does is fooling themselves. Someone's Big Brother is watching - all of the time. Nice article though.
I just heard that the government will now be using the newly released McCarthy Antivirus Software.
Another example of the "Conceptual Illiteracy" of President Trump and its consequences not to mention the fruits of voting "Experienced Managers" but "Inexperienced Leaders" into such High Offices as "Office of the President of the United States of America!"
To answer your question, "So whom can you trust?" perhaps no one is the appropriate answer. DHS wants access to all government files and apparently finds no backdoors in Kaspersky software. Wouldn't it be convenient to use the Hilary Clinton inspired "fear of Russian hacking" to force users to use an approved piece of software with DHS backdoors. Sounds like a repeat of the fears inspired by government to get oppressive legislation passed after 911.
In the mid to late 1980s Eugene Kaspersky offered us free anti-virus software to protect our Bulletin Board Systems world-wide. For 56,000 of us he was given high praises. The US has lost all of its credibility as it becomes less and less significant to people on this planet. Everyone else is always to blame no matter what the topic. The attacks by the US on well known and efficiently run companies is their latest tactic as the Russian economy bounces back after more US sanctions.
The reports failed to mention Kaspersky has its offices in Massachusetts where it employs US citizens. For an entire year we've been force fed a total myth without a shred of evidence. It's pure paranoia created by the US due to their failure to keep up with technology, science, math and a litany of other domestic problems.
this is a result of Trump's paranoid and "make America Strong"
Another thoughtful article, Sven. I've never used Kaspersky, as I've been a loyal Malwarebytes user for over a decade. However, Lee's point about open-source software is spot on. We can only trust what we can KNOW, and closed source software just breeds these paranoid delusions.
Thanks for your article! I like and have used your products for years, and will continue in our mutual Authentic Loyalty! "Happiness is Eternal, by Choice!" -NJA
Helpful "Pots and Kettle" reference -
https://www.theverge.com/2017/3/7/14841556/wikileaks-cia-hacking-documents-ios-android-samsung
I currently use Kaspersky Total security and have for several years. It has some great features, protected browser- Safe money and does it's job without slowing my PC down. I will continue to use it .
Why not bypass external antivirus programs altogether? I use Windows Defender as my sole antivirus protection. Never had a problem. Why give away RAM unnecessarily?
never had any problems good product and i will stick with it thanks.
Kaspersky , is among the best in the world and it upset somebody who is competing ! ''We are the strongest, who is not with us against us ! '' It's only politics !
Sven, thank you for your article. I would like to say 'provocative', but in the current 'Era of Trump' (MAGA aka racism, fake news, isolationism and outrageous, bellicose, thoughtless statements and tweet), the US response to Kaspersky is what I would expect.
I looked for mainstream news about the CIA backdoor into Microsoft products, but only found it in other news sources. I'm not sure what that means.
Like you say, 'Whom can you trust?' I have lots of Ashampoo products I rely on that I am happy with. I use Kaspersky, and have since it was AVP Toolkit for IBM OS/2 3.0 in the mid1990s, before I even had Windows.
I would suggest reading the Forbes article about Eugene Kasperksy and transparency. https://www.forbes.com/sites/eugenekaspersky/2017/09/14/five-years-trudging-through-the-evolving-geopolitical-minefield/#368e55067adc
E. Kaspersky has "repeatedly offered to meet with government officials, testify before the U.S. Congress, provide the company's source code for an official audit and discuss any other means to help address any questions the U.S. government has about Kaspersky Lab - whatever it takes, I will do it. And I look forward to working with any agency or government officials that are interested."
That does not seem to be a man who has something to hide.
The intelligence services and others in the "deep state" in the USA are far too powerful. In many countries we now have democracy in name only and I, for one, don't know what to do about it! In Russia there is only a pretence of democracy. I am not sure that there is now a country where a citizen can say "no" to the security services without risking serious consequences.
That Kaspersky has overtly helped the German government to forestall Russian hackers does not guarantee that they do not provide a backdoor for the Russian security people!
The criticism of Google et al is totally valid, but what do we private citizens do about it all? With the current absence of real ethical and moral standards, to be elected in a democracy relies heavily on offering feasts and circuses regardless of reality.
I am no a conspiracy junky, but at the age of 87 I am truly worried about the world my grandchildren will have to live in and I have no solutions to offer!
One could speculate that the NSA may suspect the Russian government of piggybacking spy code on Kaspersky's package because they have been doing the same on some parallel American software.
Anyway, if a governmental espionage agency is going to plant covert code into a software package without the publisher's knowledge, why would they choose a software package that originates in their own country? Surely it would be much more effective in deflecting suspicion if the code were planted in software that originates in the target country.
Paranoid? Who says I'm paranoid?!
Thanks for feeling the same way. :)
I want to make it clear that it is the US government and not the ordinary people who have done this. Yes, we vote in the President and Congress but virtually all agencies are appointed. Even us Americans have problems with overreaching agencies and their knee-jerk reactions.
There has never been one single piece of evidence that Russia had anything to do with US elections. It is the opposition to President Trump that fuels this, nothing more. It's a distraction and needs to be forgotten.
I agree that US government agencies, not citizens are taking a dangerous path. Is it to curtail US citizens and INTERNET use? One begins to wonder, but that is our problem.
I have run across and tried many programs from other than US based places. Ashampoo is German, should I be afraid? lol Well, actually in the mid 1800's my family came from Germany. Only one grandparent came from Ireland. So my family history has given me an appreciation of Germany and Ireland. It goes to today's computer that I use right now that has or had programs from non US places. Was I scared? Not a chance.
Here at Ashampoo they are great and put out great products. They put personal computing first and I know never think about even attempting to put malicious content in their software.
I just wanted to let everyone know, it's not me or my fellow computer people who are doing this, but an uncontrolled government agency or agencies. I guess they have to do something to prove to the American people they "earn" their salaries. What better way than to cry wolf and that Americans are doomed by Kaspersky software. lol
-Chuck
If one compares Google versus Kaspersky in acquiring information illegally, I believe Google is far ahead its competitor. And this activity of Google is proven, so far, as GUILTY.
I use BitDefender Total Security 2018!
Trusted to be ahead
With a worldwide network of 500 million machines, Bitdefender has the largest security delivery infrastructure on the globe. Performing 11 billion security queries per day, Bitdefender detects, anticipates and takes action to neutralize even the newest dangers anywhere in the world in as little as 3 seconds.
Innovation has earned us the trust of families and corporations from over 150 countries and has won us a wealth of awards.
Shame, shame on the USA for its hysteria. Knowing that Google and others are collecting data on us should cause the US government to worry. Keep up the good work Kaspersky.
Thomas, USA
Hallo Seven
My worries entirely
I have used Kaspersky for years now and so far they have been great at protecting my computers.
The USA administration are acting like a 12 year old "neighbourhood bully " "all around the world"
most of the allegation's are founded on make believe to hide their own wrong doing. It will be firms in Europe next on the line if Europe dose not toe their line ....That to me is the reason why England has decided to leave the EU....Sad times indeed.
Keep up the good work
Mark
I personally think that under Trump's Presidency, all US Government departments are now over zealous and paranoid about this mythical 'hacking'.
Kaspersky® Internet Antivirus is a very stable and good program.
I switched to Kaspersky® from AVG™ 18 months ago, because AVG have priced themselves out of the 'general usage', or Home users market.
The Kaspersky program is unfaultable; it runs in the background of my PC and does not hog resources.
Give me Kaspersky® any day.
One final point, if Kaspersky was as bad as the US governments would like us to think; why have they been ranked In the top 5 of all antivirus programs.
Kind Regards,
David Treharne.