U.S. Government Can’t Get Rid of Kaspersky Labs Software

On the contrary, as an American not involved in government work, Kaspersky is one few AV products I&#x27;d trust. American antivirus makers like Symantec, Comodo, McAfee, Microsoft (Defender), Webroot, and CheckPoint are all subject to secret warrants and infiltration by the US government. Others, like the UK&#x27;s Sophos, would be subject to US influence as well.<p>You have to think about the motivations of each country. Even if Kaspersky were spying for the Russians, they won&#x27;t give a damn about your porn, tax cheating, affairs, your padding of expense reports, or whatever they find on your computer. As an American, it&#x27;s MY government that I&#x27;d have to worry about.

I&#x27;m rather surprised the United States government would be using foreign software for information security. Really, I&#x27;m surprised that they&#x27;re using outside software for it at all. As much as I&#x27;m a fan of the free market, that isn&#x27;t the sort of thing I&#x27;d trust to an outside company.<p>If only there was some sort of group in the government that handled information security... Some sort of security agency, if you will.

This should be fairly alarming to all parties, not the least of which being the government.<p>I mean, let&#x27;s just hypothetically assume for a moment that Kaspersky <i>is</i> compromised and doing intel gathering for the Russian government. Can you think of a more perfect weapon than a compromised suite of software that is so deeply entrenched in a nation state&#x27;s stack that they can&#x27;t remove it, even if they wanted to?

Kaspersky AV is an excellent product. For years it was the unrivaled market leader for non-signature-based malware detection in Windows operating systems. Its competitors are closing the gap, however. Qihoo 360 is also a good product.<p>Among the reverse engineering &#x2F; exploit development crowd, I haven&#x27;t heard much complaining about Symantec&#x27;s detection mechanisms.<p>There are also bespoke anti-malware solutions marketed to the U.S. government, and they are not commercially available specifically to mitigate the risk that malware authors will test their products against anti-malware engines. These bespoke solutions are understandably far more expensive due to their smaller deployment and high quality.<p>It&#x27;s reasonable that the U.S. government has to consider the need to have the best, reasonably affordable, commercially-available solution for the majority of its systems. This is balanced by the threat that the Russian Federation&#x27;s government could interdict the software being delivered to the U.S. government client. Intermediate solutions, such as the project that Huawei set up with the UK government, or the source-code sharing that Microsoft does to get Russian contracts, seem to be optimal.

ClamAV is ripe for creating a FOSS disruption in this arena. If I were in a position of governmental power I would be pushing for foss solutions instead of proprietary black boxes that can&#x27;t be audited.

FWIW, the anti-Kaspersky train has been rolling for over three years.<p>Since the time that Kaspersky revealed (after Symantec) global co-ordinated state sponsored malware programs such as Reign, created by the NSA and GCHQ. <a href="https:&#x2F;&#x2F;www.theregister.co.uk&#x2F;2014&#x2F;12&#x2F;05&#x2F;regin_kaspersky&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.theregister.co.uk&#x2F;2014&#x2F;12&#x2F;05&#x2F;regin_kaspersky&#x2F;</a> <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Regin_(malware)" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Regin_(malware)</a><p>Or the time that Kaspersky publicly humiliated the NSA by revealing their hacking of hard drive firmware. <a href="https:&#x2F;&#x2F;www.dailykos.com&#x2F;stories&#x2F;2015&#x2F;2&#x2F;17&#x2F;1364910&#x2F;-Breaking-Kaspersky-Exposes-NSA-s-Worldwide-Backdoor-Hacking-of-Virtually-All-Hard-Drive-Firmware" rel="nofollow">https:&#x2F;&#x2F;www.dailykos.com&#x2F;stories&#x2F;2015&#x2F;2&#x2F;17&#x2F;1364910&#x2F;-Breaking...</a> <a href="https:&#x2F;&#x2F;www.scmagazineuk.com&#x2F;is-nsa-worlds-most-advanced-threat-actor-revealed-by-kaspersky&#x2F;article&#x2F;537596&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.scmagazineuk.com&#x2F;is-nsa-worlds-most-advanced-thr...</a><p>Since then, congressional hearings, committees, and US intel agencies&#x27; warnings of &quot;security threats&quot; from Kaspersky had been rolling out with regular frequency. Last year&#x27;s ban was just a culmination of other efforts already underway.<p>Kaspersky&#x27;s role of tracking nation-state malware inflitrations gives them a position as a quasi-intelligence agency. US intelligence agencies hate Kaspersky because they out every program the US has going on, and because they operate out of Moscow.<p>Literally every US intelligence agency has testified before Congress about how they specifically don&#x27;t trust Kaspersky. <a href="https:&#x2F;&#x2F;www.npr.org&#x2F;sections&#x2F;parallels&#x2F;2017&#x2F;07&#x2F;05&#x2F;535651597&#x2F;congress-casts-a-suspicious-eye-on-russias-kaspersky-lab" rel="nofollow">https:&#x2F;&#x2F;www.npr.org&#x2F;sections&#x2F;parallels&#x2F;2017&#x2F;07&#x2F;05&#x2F;535651597&#x2F;...</a> So the US and its allies infiltrated their network and reverse engineered its software in order to find whatever dirt they could. <a href="https:&#x2F;&#x2F;www.observeit.com&#x2F;blog&#x2F;kaspersky-lab-nation-state-attack&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.observeit.com&#x2F;blog&#x2F;kaspersky-lab-nation-state-at...</a> <a href="https:&#x2F;&#x2F;theintercept.com&#x2F;2015&#x2F;06&#x2F;22&#x2F;nsa-gchq-targeted-kaspersky&#x2F;" rel="nofollow">https:&#x2F;&#x2F;theintercept.com&#x2F;2015&#x2F;06&#x2F;22&#x2F;nsa-gchq-targeted-kasper...</a><p>The information they have on global intelligence operations, their location outside of an ally&#x27;s control, their insistence on embarrassing nation states&#x27; covert operations and exploits, and the fact that their software isn&#x27;t the most secure (<a href="https:&#x2F;&#x2F;www.forbes.com&#x2F;sites&#x2F;thomasbrewster&#x2F;2015&#x2F;09&#x2F;23&#x2F;google-ormandy-finds-kaspersky-0days&#x2F;#2263a6b65493" rel="nofollow">https:&#x2F;&#x2F;www.forbes.com&#x2F;sites&#x2F;thomasbrewster&#x2F;2015&#x2F;09&#x2F;23&#x2F;googl...</a>) has given the US government enough reason to want them out of their infrastructure. It&#x27;s just politically untenable.

The U.S. Government doesn&#x27;t want us using Kaspersky because Kaspersky blows the whistle on the back doors the gov&#x27;t has installed in various software.

&gt; Congress didn’t give anyone money to replace these devices,<p>Seems more like the U.S. Government doesn&#x27;t <i>want</i> to get rid of Kaspersky. They choose not to replace compromised devices. Doesn&#x27;t seem like it is a hard technical challenge at all, rather the lack of action seems more intentional.<p>Surely we can all agree this is an issue of National Security. And if the task is to be done with no Federal assistance or financial help whatsoever, it seems clear that the government is compromised.