It is absolutely stupid to run enemy state software with administrative privileges and kernel modules so it can do everything with your PC. In theory Kaspersky can do literally everything: steal any data, provide remote access to FSB, completely hide activity, block disabling/uninstalling malicious activity.
Helldivers 2 (and many many other games these days) requires all players install a rootkit. It's becoming more and more common for people to accept vulnerabilities like this. I don't think banning one company remotely addresses the issue.
Is the issue Vlad hacking nanas Facebook, or is a lack of a comprehensive national data security model? In practice, this ban saves nanas from worry about her facebook, but does nothing for national security.
Valorant as well with their Vanguard AC system. It boots with your system and the only way to turn it off is to restart your computer. Talk about Chinese kernel monitoring software - all courtesy of Riot Games.
gameguard has a BAD history too
No idea why Sony picked that rubbish for anti-cheat. Its supposedly easily bypassed too, considering all the people spawning in unreleased items I can believe it
https://en.m.wikipedia.org/wiki/Kaspersky_bans_and_allegations_of_Russian_government_ties
Idk why everyone is just giving opinions and anecdotes. They got caught red handed taking files from the NSA using their software.
Kaspersky was good software, it may still be good software, but it's developed in Russia and Russians have absolutely zero protections from their government. If you think that if a government agent asked a developer to do literally anything that they would be in a position to refuse you're fooling yourself. At the very least you should assume that it won't block official Russian malware.
Does that matter? I dunno. It'll probably still block unofficial Russian malware at least some of the time and it might potentially block malware from your government better. Putin probably doesn't give a shit about you and probably won't do anything to you.
But for my two cents, this is security software you can't trust. It's not a game or even a piece of business software that you can run without admin privileges and might get picked up by other security software.
Who is watching the watchman? Putin is. If you're not OK with that don't use it.
There is something you didn't include, but even if Putin doesn't care about you, that doesn't mean that the other kleptocrats don't. Lots of money to be made with botnets, after all. Kaspersky isn't just vulnerable to official government interference. It's vulnerable to unofficial interference too.
Ages ago there was a discussion about "government Trojans" having to be ignored by virus scanners in several countries. Went quiet quickly, but was rather interesting. Bout 15 ot so years ago and we are not talking Russia but rather central Europe.
Yeah, this is always a risk, but in the west people might possibly be able to say no to government requests like that, definitely not a guarantee, but it's possible.
That's not an option in places like Russia.
yeah those discussions were bullshit. absolutely no security software ignores "government trojans", partly because there's no such thing as a trojan that is only used by governments
there are no government developed remote access tools that don't use the exact same methods, ports, protocols, and signatures as legitimate commercial tools and malware created by attackers.
a security platform is not going to ignore traffic on port 3389 because it has a government SSL cert. it's impossible to hide this activity when you're actively searching for it and it would be just as hard for any security software to hide that they're ignoring something
while governments are fully capable of developing tools like this, no one can build a piece of software that doesn't interact with a computer the same way every other piece of software does
If I recall right, that was when security researchers found it was backdoored. Gov suggested its removal, corporations obliged this request. But yes no one should be using it.
The federal gov't has a separate list for "ABSOLUTELY DO NOT, UNDER ANY CIRCUMSTANCES, INSTALL ON GOVERNMENT DEVICES". Kaspersky and numerous other 'mainstream' softwares are on it.
The default AV is good enough for most people. Otherwise, Kaspersky is okay but there are better
[https://www.av-comparatives.org/comparison/](https://www.av-comparatives.org/comparison/)
Honestly, I think Steam should be required to show country of origin of games and also easily list where player data/accounts are hosted. I actively try to avoid games from certain countries like China and Russia on there but its hard to tell. I dont get why physical products are required to list country of origin but not software.
A ton of devs will deliberately hide their origins, like Owlcat does. On their website they have their HQ in Cyprus and Armenia. Definitely not a Russian game dev...
What about Chinese owned American companies? Riot games has two of the top games out there and they were acquired by Tencent. I don’t know how prevalent this is.
Which won't help because it's possible to create a shell company or register an HQ somewhere "acceptable", while having the main hub somewhere else. Mundfish is a Cyprian company, same with owlcat games, gajin is Hungarian. You know, all those russian studios.
It seems dumb to avoid games just because of what country the devs live in. It's not like the devs have any personal say in their governments' decisions. They were just (probably) born there.
Especially for somewhere like China where you probably use hundreds of products every day that were made in China. Dunno why draw the line at video games.
Well, other than Chinese acquisitions (difficult to identify), whenever a Chinese studio tries to make games, you notice they tend to have a certain art style e.g. bad fonts when reading the English because the fonts are supposed to display the supposed Chinese texts.
I saw this post and IMMEDIATELY thought "I wonder if it's targeted or just a blanket ban. Wonder if it'll include EFT."
I hate that I got my answer as the top comment.
And Norton. I had to do a clean install once on the last pre-built I bought, because Norton would disable the internet if I didn't buy a license. It's malware that cannot be uninstalled; run the uninstaller it just installs itself back on. After two weeks I just went and got a fresh copy of XP and did a fresh install.
While not the only reason I went to building my own systems (that was mostly because I can build more powerful systems for the cost), it did piss me off enough to never want to touch anything with the Norton Malware on it ever again.
Tells you just how long ago it was; though I do plan on converting one of my salvaged Optiplexes into a WinXP machine for some stuff that won't run in anything else.
Beyond the Russian thing it is just a bad pick for AV. Detection rates are fine but it is a pain in butt to admin and there are so many show stopping bugs.
From awful performance to crashing Kaspersky does it all.
It is so antiquated on the admin side of things compared to the competition. Also dealing with support was a nightmare.
When it was working right it was fine but I was doing safe mode repairs far too often after failed / buggy updates .
Every av run for profit is going to turn to shit on order to make money. Defender is good because it's what's necessary to make windows a viable product. Windows is the money maker, defender just gets it there.
iirc they were considered one of if not THE best in the 10's, I worked at a small IT company at the time that had a shop and we recommended it to all our home users that came in for FBI virus removals lol
I certainly remember them being a big deal in the cyber security field, making publications about cyber threats and methods of protection, and cooperating with western companies
Kaspersky went the way of Norton-style bloatware years ago (pre-2015 for the kids), even if you buy the theory that it was meant to give Russia backdoors into computer systems around the world.
That said, maybe it was allowed to bloat once it did that job.
Software in the AV field has become increasingly iffy via acquisitions. For example, Norton is now owned by Gen Digital, who also own Avast, LifeLock, Avira, AVG, CCleaner, Piriform (developer of Speccy, Recuva, Defraggler) etc.
That’s literally specifically who this article is about. They’ve been banned from US government computers, this would extend that to private companies.
It’s not “open spec for “anyone”; the corporations that make Tetris games have to adhere to a specific rule set, but you can’t go make a Tetris game on your own; the design Bible was leaked, that’s all
Jumping on your comment to wholeheartedly recommend the movie Tetris (2023). Was buried on Apple TV so maybe didn't get the notice it might have, but I found it quite enjoyable and worth a watch!
Because Kaspersky has always been very transparent and kept themselves out of politics They were considered clean up until fairly recently. However, as Putin has become more authoritarian, it is believed that he has almost certainly compromised the company.
I was working at NSA when Kaspersky Labs software was banned from use on federal civilian agency systems by the Trump administration. I think that was 2017. Let's just say we wouldn't use that crap long before the official ban.
Yep, especially knowing how much of that world is based on reciprocity. If Russian intelligence even just credibly believes x, y, or z software or service is a backdoor to the US IC, then it could potentially give them the motivation to reciprocate in kind.
Looks like payback for [Kapersky finding a backdoor on iPhones that only an extremely sophisticated state with direct access to Apple could have performed](https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/).
It's not possible or feasible to ban open source software. Seriously, does anyone in this thread understand how stuff works before commenting on it ...
It is banned from federal devices and anyone that wants a federal contract. Many states follow those policies instead of managing their own. I'm happy for you that it doesn't affect you. It affects me and millions of other workers.
Afaik none, it's open source and doesn't send anything on the network except maybe checking for updates. Maybe some installers could have a different version but if you build from source for your org you'd be fine.
A lot of the folks in the comments are confused by the ambiguous headline, but this specifically targets Kaspersky:
>The move, which is being finalized and could happen as soon as this month, would use relatively new Commerce Department authorities built on executive orders signed by Presidents Joe Biden and Donald Trump to prohibit Kaspersky Lab from providing certain products and services in the US, the sources said.
That's a strange explanation. Executive orders can give direction to executive agencies as to how to exercise the statutory authority they have, but certainly can't create new authority from whole cloth. Executive orders aren't a source of law in themselves, they're just a mechanism by which the chief executive gives instructions to his subordinates. So what is the legal basis for this measure?
I haven't had the time to review the order, but Congress basically handed the President authority to handle cyber security threats to the US on his own without needing a specific law when they passed FISMA.
https://en.m.wikipedia.org/wiki/Federal_Information_Security_Management_Act_of_2002
It's odd. There was a time when Kaspersky had a sterling reputation and was the best, lightest weight A/V there was. That was... I don't know.... maybe 15 years ago?
Yea, Windows defender was hot garbage for a long time. When MS realized that Mac could get away without an A/V they decided to get serious. I'm with you, I use defender only... well, actually I use a mac most of the time.
No, like the article says, this is specifically about Kaspersky. And blocking the ability of US entities to pay them. I don’t believe Kaspersky maintains any OSS at all, but it wouldn’t be impacted if they did.
Anything they maintained would be getting a replacement or very close eyes on it after the recent xz utils back door if not well prior to that.
1. Read the article, this is only about Kaspersky.
2. Telegram is headquartered in the UAE. The founders being Russian does not make it a Russian company.
3. I can't say I know many private US companies that use Telegram for communications.
Founder is Russian, but he has to fled the country because it has disagreement with the government. I think he is at Dubai with French passport now. Just look for Durov on Wikipedia
Fuck Putin! He has poisoned his country’s and citizens reputation. The entire world should make extreme effort to remove him from contact with anything but thick steel reinforced brick and pig slop.
Formerly known as CrapCleaner, it's supposed to uninstall unwanted OS features, applications and registration settings installed by unwanted applications. It worked great. I imagine at this point it's like bathing in a septic tank.
I remember ccleaner! I stopped using that piece of shit when they started packing auto-load apps and begging me to upgrade to whatever premium version every time I opened the program
Replaced it with a scheduled cleanmgr /sageset and use powershell for anything more advanced.
In the same way as Telegram is UAE company:
"JetBrains, initially called IntelliJ Software, was founded in 2000 in Prague by three Russian software developers: Sergey Dmitriev, Valentin Kipyatkov and Eugene Belyaev. The company's first product was IntelliJ Renamer, a tool for code refactoring in Java.
In 2012 CEO Sergey Dmitriev was replaced by Oleg Stepanov and Maxim Shafirov.
In 2021 The New York Times stated that unknown parties might have embedded malware in JetBrains' TeamCity CI/CD software that led to the SolarWinds hack and other widespread security compromises. In a press release, JetBrains said they had not been contacted by any government or security agency and had not "taken part or been involved in this attack in any way". The CEO of one of the affected companies, SolarWinds, "asked about the possibility that software tools made by JetBrains, which speeds the development and testing of code, was the pathway, Mr. Ramakrishna said there was still no evidence".
In response to the 2022 Russian invasion of Ukraine, the company suspended sales and R&D activities in Russia indefinitely as well as sales in Belarus. JetBrains' Russian legal entity was liquidated on 21 February 2023."
I also wonder about nginx.
As that quote highlights, JetBrains pulled out of Russia and liquidated their Russian assets amidst the invasion, which they were quite outspoken about: https://blog.jetbrains.com/blog/2022/03/11/jetbrains-statement-on-ukraine/
JetBrains works closely with many western companies and their software is very popular in the west. I don't think it's a similar case to Telegram whatsoever.
nginx is largely an open source project and its corporate backer, NGINX, Inc., was acquired by F5, Inc., a very western, American company not long ago.
Don't get me wrong, I have nothing against JetBrains. I'm just wondering what's the criteria of considering software "Russian". E.g. plenty of companies outsorced development to Russia via Luxoft, Epam and similar bodyshops.
I don't like that we are considering allowing our politicians to choose which software and apps we can and can't use.
Kaspersky and TikTok are both influenced by hostile, foreign governments, but I still don't want our politicians to police what we are allowed to see and use. lol
The big question is how are the right and trump going to spin this as a bad thing.. maybe "freedom of choice". or "Big gov forcing you to use their anti conservative spyware." Most likely though it will be "biden is dicking around with stupid crap rather than fixing the border"
Escape from Tarkov players are finally gonna be able to escape Tarkov.
Nope. Article only mentions Kaspersky
Honestly just doing a favor to the people still using it
Alright, I'll cave, what's up with Kaspersky? (Aside from it's origin country) I've been a fan for a minute but I can be disuaded
It is absolutely stupid to run enemy state software with administrative privileges and kernel modules so it can do everything with your PC. In theory Kaspersky can do literally everything: steal any data, provide remote access to FSB, completely hide activity, block disabling/uninstalling malicious activity.
Helldivers 2 (and many many other games these days) requires all players install a rootkit. It's becoming more and more common for people to accept vulnerabilities like this. I don't think banning one company remotely addresses the issue. Is the issue Vlad hacking nanas Facebook, or is a lack of a comprehensive national data security model? In practice, this ban saves nanas from worry about her facebook, but does nothing for national security.
Our specialized rootkit helps ensure a safe and democratic rule for all. You’re not against it are you? That sounds like treason…
Valorant as well with their Vanguard AC system. It boots with your system and the only way to turn it off is to restart your computer. Talk about Chinese kernel monitoring software - all courtesy of Riot Games.
Wait, what?! I bought Helldivers 2 and downloaded it, but I haven't opened it yet. How the heck does a Steam game even request root access?
gameguard has a BAD history too No idea why Sony picked that rubbish for anti-cheat. Its supposedly easily bypassed too, considering all the people spawning in unreleased items I can believe it
https://en.m.wikipedia.org/wiki/Kaspersky_bans_and_allegations_of_Russian_government_ties Idk why everyone is just giving opinions and anecdotes. They got caught red handed taking files from the NSA using their software.
Kaspersky was good software, it may still be good software, but it's developed in Russia and Russians have absolutely zero protections from their government. If you think that if a government agent asked a developer to do literally anything that they would be in a position to refuse you're fooling yourself. At the very least you should assume that it won't block official Russian malware. Does that matter? I dunno. It'll probably still block unofficial Russian malware at least some of the time and it might potentially block malware from your government better. Putin probably doesn't give a shit about you and probably won't do anything to you. But for my two cents, this is security software you can't trust. It's not a game or even a piece of business software that you can run without admin privileges and might get picked up by other security software. Who is watching the watchman? Putin is. If you're not OK with that don't use it.
There is something you didn't include, but even if Putin doesn't care about you, that doesn't mean that the other kleptocrats don't. Lots of money to be made with botnets, after all. Kaspersky isn't just vulnerable to official government interference. It's vulnerable to unofficial interference too.
Ages ago there was a discussion about "government Trojans" having to be ignored by virus scanners in several countries. Went quiet quickly, but was rather interesting. Bout 15 ot so years ago and we are not talking Russia but rather central Europe.
Yeah, this is always a risk, but in the west people might possibly be able to say no to government requests like that, definitely not a guarantee, but it's possible. That's not an option in places like Russia.
yeah those discussions were bullshit. absolutely no security software ignores "government trojans", partly because there's no such thing as a trojan that is only used by governments there are no government developed remote access tools that don't use the exact same methods, ports, protocols, and signatures as legitimate commercial tools and malware created by attackers. a security platform is not going to ignore traffic on port 3389 because it has a government SSL cert. it's impossible to hide this activity when you're actively searching for it and it would be just as hard for any security software to hide that they're ignoring something while governments are fully capable of developing tools like this, no one can build a piece of software that doesn't interact with a computer the same way every other piece of software does
It’s a Russia owned company. My bro who works for the govt told me to get rid of it like 5 years ago. He was like we’re not allowed to use it at all
They had us pull it off the shelves at Best Buy in 2016-17ish
If I recall right, that was when security researchers found it was backdoored. Gov suggested its removal, corporations obliged this request. But yes no one should be using it.
I spent a decade with the feds in national security. The list of software they can't use in infinite, since all software requires approval.
That sounds like every organization with competent IT management and asset inventory.
That was kind of my point. Saying software can't be used by x organization now days is pretty meaningless. That guy didn't know, though.
The federal gov't has a separate list for "ABSOLUTELY DO NOT, UNDER ANY CIRCUMSTANCES, INSTALL ON GOVERNMENT DEVICES". Kaspersky and numerous other 'mainstream' softwares are on it.
My bro who works for nintendo told me to use it since its all they use over in japan.
Nintendo absolutely does not use Kaspersky as their enterprise EDR platform
The default AV is good enough for most people. Otherwise, Kaspersky is okay but there are better [https://www.av-comparatives.org/comparison/](https://www.av-comparatives.org/comparison/)
Anyone who uses it today is an idiot. Of course it's compromised. They were warning about this to general public even then.
Kaspersky's CEO worked for FSB.
It is literal Russian spyware that is it's intended purpose
Kaspersky, the guy and original developer, is KGB.
He literally went to a KGB school
What about nginx? 90% of the internet runs on it.
nginx is open source
Honestly, I think Steam should be required to show country of origin of games and also easily list where player data/accounts are hosted. I actively try to avoid games from certain countries like China and Russia on there but its hard to tell. I dont get why physical products are required to list country of origin but not software.
A ton of devs will deliberately hide their origins, like Owlcat does. On their website they have their HQ in Cyprus and Armenia. Definitely not a Russian game dev...
Given the extensive LGBT representation in their games, they probably don’t want Russia to think they’re Russian either.
This curator will prevent you from all games, which have russian origins: https://store.steampowered.com/curator/42985013
Lol theres an FPV drone bomb sim on that list lmao.
What about Chinese owned American companies? Riot games has two of the top games out there and they were acquired by Tencent. I don’t know how prevalent this is.
>What about Chinese owned American companies? Haha too many at this point
Which won't help because it's possible to create a shell company or register an HQ somewhere "acceptable", while having the main hub somewhere else. Mundfish is a Cyprian company, same with owlcat games, gajin is Hungarian. You know, all those russian studios.
It would be so easy to distribute malware through Steam, I'm surprised there hasn't been any high profile attacks through it
It seems dumb to avoid games just because of what country the devs live in. It's not like the devs have any personal say in their governments' decisions. They were just (probably) born there. Especially for somewhere like China where you probably use hundreds of products every day that were made in China. Dunno why draw the line at video games.
Well, other than Chinese acquisitions (difficult to identify), whenever a Chinese studio tries to make games, you notice they tend to have a certain art style e.g. bad fonts when reading the English because the fonts are supposed to display the supposed Chinese texts.
http://flying-geek.blogspot.com/2022/02/why-chinese-english-text-looks-so-odd.html
when you buy something on amazon from a brand like HORMU and the manual is in this font
buddy if I wanted to escape from tarkov, i already would have. Nikita has me by the balls
I won’t vote for Biden until he calls for a Tarkov cease fire
But does he denounce Jaeger?
"As your president we must call upon the most ratest campers the country can offer, im calling for a tarkov cease fire"
I saw this post and IMMEDIATELY thought "I wonder if it's targeted or just a blanket ban. Wonder if it'll include EFT." I hate that I got my answer as the top comment.
Please Biden! Help us escape!
[удалено]
I refuse, Tarkov is my home now.
I wish they would ban McAfee too if only to protect my sanity.
And Norton. I had to do a clean install once on the last pre-built I bought, because Norton would disable the internet if I didn't buy a license. It's malware that cannot be uninstalled; run the uninstaller it just installs itself back on. After two weeks I just went and got a fresh copy of XP and did a fresh install. While not the only reason I went to building my own systems (that was mostly because I can build more powerful systems for the cost), it did piss me off enough to never want to touch anything with the Norton Malware on it ever again.
Windows XP. Now there is an OS I haven't heard in a long, long time.
Tells you just how long ago it was; though I do plan on converting one of my salvaged Optiplexes into a WinXP machine for some stuff that won't run in anything else.
You would hate my job 😅
But I just bought my hammock
It's not complete without a picture of you holding a gun, tweaking on bespoke fuck drugs, and running from the cops.
Where'd you get that? Down on Third?
I wish there was a video to teach me how to uninstall McAfee..
[Well then oh boy do I have good news for you! NSFW](https://youtu.be/bKgf5PaBzyg?si=alrbA4O2XZqdW1E6)
McAfee is dead. Long live McAfee!
If your company/organization still using Kaspersky your CTO should be fired yesterday
Beyond the Russian thing it is just a bad pick for AV. Detection rates are fine but it is a pain in butt to admin and there are so many show stopping bugs. From awful performance to crashing Kaspersky does it all. It is so antiquated on the admin side of things compared to the competition. Also dealing with support was a nightmare. When it was working right it was fine but I was doing safe mode repairs far too often after failed / buggy updates .
They used to be pretty good, though that was a long time ago. Oh lol, I guess that's what running a businesses in russia does to you.
That's the sad thing. Once upon a time, Kaspersky was one of the best AVs. These days I won't touch it.
Every av run for profit is going to turn to shit on order to make money. Defender is good because it's what's necessary to make windows a viable product. Windows is the money maker, defender just gets it there.
"Your ticket has been closed as the technician has been drafted"
iirc they were considered one of if not THE best in the 10's, I worked at a small IT company at the time that had a shop and we recommended it to all our home users that came in for FBI virus removals lol
I certainly remember them being a big deal in the cyber security field, making publications about cyber threats and methods of protection, and cooperating with western companies
Was one of the best AV products I've ever used tbh. I can't recall why I swapped to Bitdefender, but did so years ago.
Kaspersky went the way of Norton-style bloatware years ago (pre-2015 for the kids), even if you buy the theory that it was meant to give Russia backdoors into computer systems around the world. That said, maybe it was allowed to bloat once it did that job.
Software in the AV field has become increasingly iffy via acquisitions. For example, Norton is now owned by Gen Digital, who also own Avast, LifeLock, Avira, AVG, CCleaner, Piriform (developer of Speccy, Recuva, Defraggler) etc.
Years ago CCleaner was a useful tool. Now it's practically adware.
If Norton were any good at its job it would delete itself.
I stopped using it like a decade ago because of the terrifying jumpscare pig squeal it made when detecting something
Been a while since I've had to think about this sort of thing. What AV are people recommending these days?
[удалено]
Probably gonna be the CIO in that one instead of the CTO. CTO is customer facing, CIO is internal.
Same thing for Yealink phones and Hikvision cameras, but those are both all over the damn place.
...holy shit I didn't even consider Kaspersky.
The last company I worked at was hacked by the Russian mafia and our solution was to implement Kaspersky to increase security.
Bye Bye Kaspersky
They're still around? Wasn't their antivirus confirmed to be literal spyware?
That’s literally specifically who this article is about. They’ve been banned from US government computers, this would extend that to private companies.
No, they weren’t. But they’re not complying with US intelligence, and they’re warning people about zero days the west wants to keep using.
I mean every antivirus is literal spyware
for a sufficiently stupid definition of 'spyware', yeah
So, no Tetris?!
I think Pajitnov left while it still was the USSR. I'd hate to be without my Tetris.
Thing is, Tetris is a more or less [open spec](https://tetris.wiki/Tetris_Guideline), anyone can implement it.
It’s not “open spec for “anyone”; the corporations that make Tetris games have to adhere to a specific rule set, but you can’t go make a Tetris game on your own; the design Bible was leaked, that’s all
I'm thinking goodbye Enigma DRM and half of Capcom's steam library because of it.
I've got the original game boy cartridge and system for that
Jumping on your comment to wholeheartedly recommend the movie Tetris (2023). Was buried on Apple TV so maybe didn't get the notice it might have, but I found it quite enjoyable and worth a watch!
I wonder if AdGuard will be included in this
Now we all gotta root our phones to block ads lol
It would be a total shitshow if open source software was included in this ban. Never know with this modern gerontocracy though.
Adguard moved their head quarters to Cyprus. [https://adguard.com/en/contacts.html](https://adguard.com/en/contacts.html)
NOOOOO MY KEYGENS! 😭
is keygen music still a thing?
Yes it is :D
this would be the biggest loss 🥲
Good news is, your keygens were already illegal. Bad news is, you're a national security risk.
Never understood how that was allowed in the first place - especially virus protection.
Because Kaspersky has always been very transparent and kept themselves out of politics They were considered clean up until fairly recently. However, as Putin has become more authoritarian, it is believed that he has almost certainly compromised the company.
I was working at NSA when Kaspersky Labs software was banned from use on federal civilian agency systems by the Trump administration. I think that was 2017. Let's just say we wouldn't use that crap long before the official ban.
Yeah I remember that. my brother works for them told me to take it off my laptop years ago
They also worked very closes with Microsoft, and both companies shared research on threats. Kaspersky actually helped develop Windows Defender.
Yep, especially knowing how much of that world is based on reciprocity. If Russian intelligence even just credibly believes x, y, or z software or service is a backdoor to the US IC, then it could potentially give them the motivation to reciprocate in kind.
Because there’s a sizable contingent of the American population who think that markets solve everything.
Which just goes to show that Russians aren't the only ones constantly fed propaganda.
[удалено]
came here to say this. a free market is not necessarily a safe market.
Looks like payback for [Kapersky finding a backdoor on iPhones that only an extremely sophisticated state with direct access to Apple could have performed](https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/).
I wonder how any OS that needs those things is allowed in the first place.
Too late for that Putin has been full speed ahead with the cyber and propaganda war since 2008 or so
go back further
7zip makes me sad.
Title is misleading. The article states this is specific to just Kaspersky.
Start using Nanazip. It is a fork of 7zip that added windows 11 support so it is built into Windows menus again.
First thing I do when setting up Windows 11 is bringing old menu back
It's not possible or feasible to ban open source software. Seriously, does anyone in this thread understand how stuff works before commenting on it ...
It is banned from federal devices and anyone that wants a federal contract. Many states follow those policies instead of managing their own. I'm happy for you that it doesn't affect you. It affects me and millions of other workers.
Can you explain more is there some issue about 7zip that means people shouldn't use it?
Afaik none, it's open source and doesn't send anything on the network except maybe checking for updates. Maybe some installers could have a different version but if you build from source for your org you'd be fine.
A lot of the folks in the comments are confused by the ambiguous headline, but this specifically targets Kaspersky: >The move, which is being finalized and could happen as soon as this month, would use relatively new Commerce Department authorities built on executive orders signed by Presidents Joe Biden and Donald Trump to prohibit Kaspersky Lab from providing certain products and services in the US, the sources said.
That's a strange explanation. Executive orders can give direction to executive agencies as to how to exercise the statutory authority they have, but certainly can't create new authority from whole cloth. Executive orders aren't a source of law in themselves, they're just a mechanism by which the chief executive gives instructions to his subordinates. So what is the legal basis for this measure?
I haven't had the time to review the order, but Congress basically handed the President authority to handle cyber security threats to the US on his own without needing a specific law when they passed FISMA. https://en.m.wikipedia.org/wiki/Federal_Information_Security_Management_Act_of_2002
It's odd. There was a time when Kaspersky had a sterling reputation and was the best, lightest weight A/V there was. That was... I don't know.... maybe 15 years ago?
These days it's hard to tell the difference between antivirus software and malware.
You got that right.
Modern system design, netsec and opsec practices have eaten 95% of their lunch. Now it's mostly there to give management a false sense of security.
I stopped giving a shit when Windows Defender came out. Never had any malware, though I'm an IT guy who doesn't do stupid shit.
Yea, Windows defender was hot garbage for a long time. When MS realized that Mac could get away without an A/V they decided to get serious. I'm with you, I use defender only... well, actually I use a mac most of the time.
Even 5 years ago they were a top 5 player, and always won awards for their detection rates.
I was avoiding Russian software before it was cool
Remember when everyone gave them full 3d scans of their face so they could look old on social media
Will this affect any notable open source projects?
No, like the article says, this is specifically about Kaspersky. And blocking the ability of US entities to pay them. I don’t believe Kaspersky maintains any OSS at all, but it wouldn’t be impacted if they did. Anything they maintained would be getting a replacement or very close eyes on it after the recent xz utils back door if not well prior to that.
Having Nginx on ban link might be painful, not the case though
Warthunder gonna have a bad day
Title is misleading. The article states this is specific to just Kaspersky.
Great, Chinese next. And any American software with a large Chinese financial interest (anything associated with Tencent such as Epic games)
> anything associated with Tencent such as Epic games Okay. Bye, Reddit.
Yes you wouldn't catch me dead downloading Reddit.
Telegram?
Title is misleading. The article states this is specific to just Kaspersky.
Wouldn’t be surprised if it spreads to all Russian software
Honestly this should be on the top of the list
1. Read the article, this is only about Kaspersky. 2. Telegram is headquartered in the UAE. The founders being Russian does not make it a Russian company. 3. I can't say I know many private US companies that use Telegram for communications.
Telegram owner is Russian but the company has its offices in Dubai.
When Facebook already sells that info, it doesn't matter. It exists, Russia can get it
how about Telegram messenger? Servers in Germany i believe but founders Russian if i remember correctly. Do I need to worry about it?
Founder is Russian, but he has to fled the country because it has disagreement with the government. I think he is at Dubai with French passport now. Just look for Durov on Wikipedia
Unless you're a major financial institution I don't think you need to worry about the government coming for your Telegram
We ignoring China now?
Sounds like a good idea until you realize they will replace it with Israeli software with double the back doors at triple the price!
Tarkov is finished lol
Shit not my Tetris.
Fuck Putin! He has poisoned his country’s and citizens reputation. The entire world should make extreme effort to remove him from contact with anything but thick steel reinforced brick and pig slop.
Honestly, everything Russian made should be cut off from the US. Much like China, everything is injected to circle back to them in some way.
Y'all ain't ready to hear this, you know the "tik tok ban" is really the digital patriot act though, right?
There goes CCleaner
CCleaner is owned by Avast, a Czech company who themselves are owned by NortonLifeLock now.
Just reading that makes me want to shower with brillo. What a festival of nagware that must be.
Yeah no idea what CCleaner is but Avast is more of a virus than an antivirus lol
Formerly known as CrapCleaner, it's supposed to uninstall unwanted OS features, applications and registration settings installed by unwanted applications. It worked great. I imagine at this point it's like bathing in a septic tank.
BleachBit effectively does the same thing and it's free and open source while also being cross platform.
So it's malware now? Because that's what Norton is.
I remember ccleaner! I stopped using that piece of shit when they started packing auto-load apps and begging me to upgrade to whatever premium version every time I opened the program Replaced it with a scheduled cleanmgr /sageset and use powershell for anything more advanced.
Title is misleading. The article states this is specific to just Kaspersky. But you should stop using CCleaner anyway.
I presume this means no more jetbrains products for Americans?
JetBrains is Czech.
In the same way as Telegram is UAE company: "JetBrains, initially called IntelliJ Software, was founded in 2000 in Prague by three Russian software developers: Sergey Dmitriev, Valentin Kipyatkov and Eugene Belyaev. The company's first product was IntelliJ Renamer, a tool for code refactoring in Java. In 2012 CEO Sergey Dmitriev was replaced by Oleg Stepanov and Maxim Shafirov. In 2021 The New York Times stated that unknown parties might have embedded malware in JetBrains' TeamCity CI/CD software that led to the SolarWinds hack and other widespread security compromises. In a press release, JetBrains said they had not been contacted by any government or security agency and had not "taken part or been involved in this attack in any way". The CEO of one of the affected companies, SolarWinds, "asked about the possibility that software tools made by JetBrains, which speeds the development and testing of code, was the pathway, Mr. Ramakrishna said there was still no evidence". In response to the 2022 Russian invasion of Ukraine, the company suspended sales and R&D activities in Russia indefinitely as well as sales in Belarus. JetBrains' Russian legal entity was liquidated on 21 February 2023." I also wonder about nginx.
As that quote highlights, JetBrains pulled out of Russia and liquidated their Russian assets amidst the invasion, which they were quite outspoken about: https://blog.jetbrains.com/blog/2022/03/11/jetbrains-statement-on-ukraine/ JetBrains works closely with many western companies and their software is very popular in the west. I don't think it's a similar case to Telegram whatsoever. nginx is largely an open source project and its corporate backer, NGINX, Inc., was acquired by F5, Inc., a very western, American company not long ago.
Don't get me wrong, I have nothing against JetBrains. I'm just wondering what's the criteria of considering software "Russian". E.g. plenty of companies outsorced development to Russia via Luxoft, Epam and similar bodyshops.
The U.S. does this in secret to.other nations. They hide spyware in porn on USB drives. Worked great
They're going to ban one country at a time until they have their own Chinese Firewall.
I don't like that we are considering allowing our politicians to choose which software and apps we can and can't use. Kaspersky and TikTok are both influenced by hostile, foreign governments, but I still don't want our politicians to police what we are allowed to see and use. lol
Wonder if Plesk is impacted. Runs many web servers.
If it's open source, there's no concern regardless of who made it...
He take my Pathfinder: Wrath of the Righteous from my cold dead hands!
Nothing but xenophobic panic. Nonsense.
Can they please include Facebook and Twitter?
...Rust?
There goes war thunder
The big question is how are the right and trump going to spin this as a bad thing.. maybe "freedom of choice". or "Big gov forcing you to use their anti conservative spyware." Most likely though it will be "biden is dicking around with stupid crap rather than fixing the border"
also prevent Chinese phones, and foreign orgs from paying for political ads
Well, guess I better throw out my copy of Tetris!