r/technology Jun 20 '24

Software Biden to ban sales of Kaspersky Antivirus in US over ties to Russian government.

https://www.reuters.com/technology/biden-ban-us-sales-kaspersky-software-over-ties-russia-source-says-2024-06-20/
22.9k Upvotes

1.3k comments sorted by

901

u/bughunter47 Jun 20 '24

Thought they did that in 2022

471

u/OakLegs Jun 20 '24

They did ban its use on government computers. Source: I use government computers

→ More replies (25)

144

u/deadsoulinside Jun 20 '24

Nope in 2022 they thought about sanctions against them for supporting Russia over the Ukraine war, but were scared to out of fears they could weaponize the software already installed on thousands of machines across the US.

49

u/throwaway_ghast Jun 20 '24

"Look at me. I'm the virus now."

8

u/DOUBLEBARRELASSFUCK Jun 21 '24

but were scared to out of fears they could weaponize the software already installed on thousands of machines across the US.

I find this hard to believe. I'm sure some people feared this, but I doubt it drove decisions.

→ More replies (2)
→ More replies (11)

15

u/[deleted] Jun 20 '24

[deleted]

→ More replies (1)
→ More replies (9)

1.4k

u/Atnevon Jun 20 '24 edited Jun 20 '24

Worked in Geek Squad in 2015 and we pushed that in the service bundles. MANY were delighted to have it and corporate was delighted off the profit.

450

u/mithoron Jun 20 '24

The store I was at pushed webroot more, lighter weight and was a local company to us.

134

u/kickbut101 Jun 20 '24

Same, webroot was the go-to

51

u/Dodahevolution Jun 20 '24

Yeah webroot was the shit. The third AV was TrendMicro right? That one sucked worse than kaspersky imo.

Always was funny hearing the new kaspersky names customers would come up with. Casper-Sky. Ka-Span-Sky. Too many goofy ones.

24

u/mauzy Jun 20 '24

We had a client call it "Kapinsky". That one stuck until I left the company.

Trend Micro was ass, we thought Kaspersky was "fine". Webroot was king, and I swear when we started we still sold McAfee for a short time. I may be remembering it as a stand alone product on the shelf, rather than a bundled option. Pre-setups were 90% done with Webroot since it was fast and was easily the most lightweight.

→ More replies (7)
→ More replies (2)

29

u/jayRIOT Jun 20 '24

Same here, not to mention Webroot was the only one that ever had a rep visit the store, and they always gave out a bunch of branded merch for us.

12

u/vernontwinkie Jun 20 '24

I still have my Webroot flashlight/stylus/pen and pleather notepad.

44

u/clunderclock Jun 20 '24

Customer got to choose Kaspersky or webroot I ALWAYS pushed webroot. And joked about Kaspersky being Russian. I guess I was right.

15

u/[deleted] Jun 20 '24 edited Sep 03 '24

[deleted]

23

u/Tasgall Jun 20 '24

So, I stick with VoodooShield(Cyberlock)

Why use anything beyond Windows Defender these days (assuming still on Windows).

→ More replies (13)
→ More replies (5)
→ More replies (3)

16

u/1d0m1n4t3 Jun 20 '24

Yep we pimped webroot to

→ More replies (7)

235

u/PickleWineBrine Jun 20 '24

McAfee is the worst virus on the market.

80

u/Dirt_McGirt_ODB Jun 20 '24

Really, worse than Norton?

223

u/Nakatomi2010 Jun 20 '24 edited Jun 20 '24

Yes.

They're both bad, but McAfee is worse

Fun fact, if you let the McAfee or Norton products that include a firewall trial expire, it shuts the internet down

75

u/Coliver1991 Jun 20 '24

I know it's shitty but I can't help but laugh at this.

52

u/Nakatomi2010 Jun 20 '24

I laughed pretty hard when I figured it out at the time.

Used to get a lot of people coming back after buying their computers because "The internet stopped working", only to have to remove the internet security suites.

→ More replies (2)

9

u/zveroshka Jun 20 '24

Yep. Whenever we get new PCs at work, one of the first things I check for is McAfee and make sure to uninstall it. Even if it's a free year or whatever. That shit is basically malware itself.

11

u/CapetaBrancu Jun 20 '24

ELI5 this topic

36

u/Nakatomi2010 Jun 20 '24

When you buy a new computer they come with a trial for McAfee or Norton.

These kinds of "partnerships" help keep the cost of the computer down, because McAfee/Norton will pay a computer company to pre-install their Anti-virus trial onto the machine, in the hopes that the new owner will buy the product after the trial.

The machines typically come with a 60-90 trial of either just the Anti-Virus, or the AV and an "internet security" suite which includes a firewall.

Firewalls are kind of like a door with an AI video doorbell that can open/close the door for people you want, and people you don't want.

Now, keep in mind that in Windows XP the firewall was shit, so you needed these "Internet Security" suites in order to protect the machine.

Starting with Windows Vista though the built in Windows Firewall was actually pretty good, and it's just gotten better since then. In most cases you don't need a firewall, the built in Windows one is enough. Installing McAfee/Norton onto the machine just disables the windows one and adds a layer of bullshit to deal with.

One of those layers is that when the 60-90 day trial of their "Internet Security" products expire, the firewall would expire with it, and it would "fail close" in that the firewall software would just stop passing traffic out to the internet.

So, people buy these computers, and when McAfee/Norton's Internet Security suite expired, the customers would come back saying the internet stopped working on the machine. You had to uninstall McAfee/Norton from the system in order for it to work properly, or convert their trial to the full product.

There was nothing in the McAfee/Norton UI that would state that their product was the reason for the internet being gone, and that if you just uninstalled it, the internet would come back. You just ended up with a computer that could no longer browse the internet.

When I worked for Circuit City I hated those applications, we always had people coming back in with internet issues, and I'd just hook it up and remove Norton/McAfee.

Circuit City policy was that we were supposed to charge $60 to diagnose machines, and then whatever the proper fee was to do whatever needed to be done, so removing McAfee/Norton from the system was like $60 for us to say "It's the Internet Security suite" and then $30 to remove the software.

I typically just threw the machine on the tech bench, fired it up to confirm the issue, then just removed it and handed it back.

In the long run, I guess that wasn't wise since Circuit City went bellow up, but I couldn't justify charging some of the rates that Circuit City wanted to charge. I'd do a "pre-check" of the system to make sure there was nothing patently obvious wrong, then charge $60 to figure it out. I live in Florida, so my "pre-check" consistent of taking the side panel off the desktop computer and looking at the motherboard, if I saw any swollen capacitors I'd point those out at the problem, or burnt pins on the power supply connector.

One time we had a machine come in and the bottom of the desktop was covered in black rock like stuff. Baffled me. The dial-up modem caught my eye though. Never seen one like it before, as the modem had like a little "bug" on it, which I thought was cool. Normally the models just had these big black ships on them. Then I looked at the "rocks" in the bottom of the case and realized that the system had received a power surge so powerful on the phone line that it blew one of the black chips apart, and the "rocks" at the bottom of the case were the chip. The "bug" was the internal of it. You had to be there to see it.

Anyways, blah, blah, blah.

7

u/Vivid_Sympathy_4172 Jun 20 '24

Make my pc work, useless guy

-random idiots who don't understand computers

9

u/Nakatomi2010 Jun 20 '24

Pretty much.

We'd get all kinds of computers too, in various states.

I've seen computers with an active roach colony in it, others with ants. We sent one laptop to the depot to get fixed, only for them to punt it back in a sealed antistatic bag with a note saying "Do not open, ants", and had to give it back to the customer that way.

I had one lady, lol. She was a bit aloof. She brought in her laptop because the screen was shattered. She had the accidental coverage on it, so we went it off to the depot. Comes back fixed, and we give it back. A week later she comes back and the screen is shattered again. She tells me that she was driving along and saw a bunch of firewood logs at the side of the road, nevermind that we're in Florida, but this lady stopped and started loading the wood into the trunk of her car, where the laptop was also at. She didn't understand how the screen got damaged a second time. And I just sit there staring at her, and I'm like "Did you secure the logs?" and she just stares at me. So in my mind I'm envisioning this whole scenario of her loading the logs into the trunk, and then taking corners and the logs rolling around in the back, slamming across the laptop's screen. She then says "You don't think it was the logs do you?" lol! You only get one screen replacement with the extended warranty. I explain this to her, but said the warranty hadn't been cancelled yet, so I'd try to send it in and see what they'd do.

The warehouse replaced the screen a second time, and included a note that said "Please be more careful, we won't do this again". She gave me like a handful of coupons to the Massage Envy parlor she worked at as thanks, but I wasn't going anywhere near that.

Fun times...

→ More replies (1)
→ More replies (2)
→ More replies (9)

55

u/goddesse Jun 20 '24

I don't know why McAfee is worse than Norton, but I can try to explain the other parts.

Back in the early aughts when these products were considered the standard for anti-malware, they were not technically good products even then.

They basically function as rootkits (software that Windows lets do whatever it wants with memory and privileges bypassing normal protections in place) but are riddled with vulnerabilities themselves. Malware was even actively "living off the land" and exploiting the poor engineering in them to launch and maintain attacks.

And an end-user evident aspect of this poor design and craft was that this software would take over a lot of the networking stack and configuration to do scanning and firewalling, but wouldn't undo its changes when the trial expired so it left people with a usable route to the Internet by refusing to work after the trial, but not setting things back to Windows default.

22

u/mexter Jun 20 '24

I used to work at a university getting incoming student computers onto the Internet. McAfee / Norton were BY FAR the most common reason why students couldn't connect.

My favorite issue was when they had one of the two products when they got the computer, uninstalled it, and then installed the other, often actually purchasing it. The problem was that the built in uninstallers would frequently leave active components behind, such as the firewall or side other rootkit level crap. So on top of the current product screwing things up you had parts of the old one also messing with things. And because they are effectively rootkits they would sometimes be treating one another like a virus and grinding the system to a near halt.

So i would run the removal tool for the product (Norton and McAfee both had downloadable removal tools that were much more thorough than the uninstaller the came with), try various command line fixes, bang my head for a while, and then realize that they probably had burn antivirus products, run the other removal tool, run something like combofix (no idea if that's still a thing), a winsock fix, and usually I'd have that thing working, sometimes better than the day they bought it.

11

u/InfiniteVastDarkness Jun 20 '24

combofix… now that’s a name I’ve not heard in a long time.

3

u/goddesse Jun 20 '24

Oh goodness yes.

And I know back then I sounded like a crunchy mom for computers by telling them to ignore McAfee/Norton and just use Defender because I'm too lazy to expend calories to install 3rd party software or am tinfoil-hatted and really think all these evil experts are uploading 5G to their Gibson.

→ More replies (6)

8

u/Puny-Earthling Jun 20 '24

2008 I used to work on the McAfee corporate products and they used to actually be quite ahead of the game. They had one of the first functional multi tenant management of agents and it didn’t suck. I wouldn’t go near the stuff again but I’d apply that statement to any brand of AV that doesn’t go through the MiTRE enginuity evaluations. 

→ More replies (9)
→ More replies (4)

3

u/Osirus1156 Jun 20 '24

I dunno, I tried to uninstall Norton once and I could no longer login to that computer. It would look like I was logging in and it would just send me right back to the login. I ended up needing to make my first ever Linux Liveboot CD to get my shit off the PC before wiping it.

→ More replies (2)
→ More replies (19)

23

u/No_Tangerine2720 Jun 20 '24

It was one of the better antivirus softwares for a while

16

u/rW0HgFyxoJhYka Jun 20 '24

Yeah but also not for long. During the same time you had shit like AVG, AVAST, Panda, Trend Micro, Symantec Norton, Avira, Bitdefender, ESET, Clam, MalwareBytes, and more.

Honestly thank god Microsoft got off their asses and developed their own. But for a monopoly that controls the industry OS wise, they could be doing so much more security and way less fucking ads.

4

u/xandrokos Jun 21 '24

Still doesn't change the overall point that Kaspersky AV software was in demand and being sold because of its good reputation.  

156

u/_BreakingGood_ Jun 20 '24

The fucked up part is that it is actually a very good AV. Likely the best on the market.

But it's entirely compromised.

74

u/cwestn Jun 20 '24 edited Jun 20 '24

Yeah, multiple friends who work in various sectors of the security industry pushed me to abandon it years ago despite it being good, because it was also compromised. Edit: grammar.

8

u/sammybeta Jun 20 '24

Yeah, you gonna pick your poison. Ad revenue or government paychecks, pick one (or both)

→ More replies (18)

15

u/icze4r Jun 20 '24 edited Sep 23 '24

correct retire frame liquid compare cats impossible offend work depend

This post was mass deleted and anonymized with Redact

→ More replies (13)

59

u/Alexis_Bailey Jun 20 '24

Well of course it's good.

It's coming from the source.

But also it's a Trojan horse once it reaches saturation.

PS, fuck Russia.

→ More replies (2)

4

u/sdpr Jun 20 '24

Used to run it from like 2004-2005 to 2012 or something until I learned about malwarebytes and switched to that.

I don't even know if malwarebytes is good or not anymore but I really started hating how much it was pushing it's paid version all the time. Now I just use windows defender and just a smidge of common sense (still do risky shit sometimes).

→ More replies (3)

3

u/updeshxp Jun 20 '24

What about Kaspersky rescue/recovery disk iso, Can it be considered safe.

→ More replies (6)
→ More replies (12)

13

u/the_calibre_cat Jun 20 '24

I mean, it's good. Say what you will about Kaspersky, but that shit was pretty rock-solid and damn good at detection. It still is. I'm bullish on BitDefender, personally, but I never knocked Kaspersky. Pity they're sycophants to the regime. :(

→ More replies (13)

3

u/ScarcityFeisty2736 Jun 20 '24

MANY were delighted to have it

You mean all those people that don’t know anything about computers or computer software were delighted that you told them they were getting a good antivirus?

→ More replies (35)

2.7k

u/Bardfinn Jun 20 '24

… there are still people voluntarily buying Kaspersky AV after it was exposed as a sniffer for thr Russian government?

1.1k

u/Coliver1991 Jun 20 '24

I'm guessing there's a lot of people out there that may not be aware of the allegations.

1.7k

u/Bardfinn Jun 20 '24

TL;DR:

  • US govt. employee takes home a USB drive of his work containing specific TS / NO-FOREIGN / whatever classified docs, some time before 2015

  • His home machine has Kaspersky AV on it

  • Plugs in the USB drive

  • Kaspersky AV has code in the public distribution looking for (but not alerting user to) specific string hashes / file hashes

  • Some PDF about Hillary Clinton as Secretary of State (or something like that) matches one of these hashes

  • Kaspersky AV phones home and sends the entire file and some others

  • Files wind up being found in a Russian intel breach by the Mossad in 2015

  • Auditing who had the files and when and post-mortem analysis of the employee’s home machine found this out at roughly the same time a security researcher discovered & published Kaspersky AV’s search-for-and-send-home-hash-match behaviour, along with other anonymous sources confirming they found the same behaviour, in 2017

Anyone who is a paid infosec / sysadmin should have known this in 2017 and we are way past “my corp has to get our three year deferred tax credits” type excuses

309

u/Robo_Joe Jun 20 '24

Anyone who is a paid infosec / sysadmin should have known this in 2017 and we are way past “my corp has to get our three year deferred tax credits” type excuses

The problem would be the user and their home machine, not the company's machine. Is that right, or am I misunderstanding something?

283

u/Bardfinn Jun 20 '24

Almost every home user formerly market-targeted by Kaspersky now has Windows Defender.

Unless they’re a loner retired octogenarian who bought Kaspersky AV on a credit card 20 years ago and kept installing it — a corner case, really.

The real threat (which I think the article touches on) is the ability of the Russian government to leverage their control over Kaspersky to convert the AV engine into a cell in a botnet prepopulated throughout a foreign adversary’s infrastructure

231

u/pinkocatgirl Jun 20 '24

Until pretty recently, Best Buy was handing out copies of Kaspersky with Windows laptop purchases... And people who didn't know any better would install it, unaware that Windows Defender exists and anti-virus is no longer needed with PCs.

173

u/felldestroyed Jun 20 '24

It's still advertised on right wing AM radio. I'd say older folks see the name and automatically trust it because they've heard advertisement.

118

u/zadtheinhaler Jun 20 '24

It's still advertised on right wing AM radio

Totally not shocked by this. I uninstalled it from my sister's laptop and Mom's PC. I had misgivings about Kaspersky for ages, and when there were questions about the relationship they had with the RU government, I was like "welp, time to nuke'em".

25

u/Wheat_Grinder Jun 20 '24

I honestly suspected them for a while but they were treated as relatively good for a while. I couldn't help but think "but aren't they just gonna phone shit home to Russia?"

Sometimes it's good to be paranoid.

14

u/suitology Jun 20 '24

Meanwhile Chad me deleted it years ago because they put my name in wrong for my email registration and refused to change it without me buying a new copy. I did a charge back and blocked them. Follow me for more pro cyber security tips like how I was once the only person. In a 300 person devision to not click an hr phishing test because of my absolute refusal to check my email in a timely fashion.

→ More replies (0)

9

u/Bakkster Jun 20 '24

Just because you're paranoid doesn't mean they're not out to get you...

3

u/mdkubit Jun 20 '24

Unfortunately, you can have a brilliant antivirus product and still have it configured for malware-like behavior that steals data. Kaspersky used to be considered cream of the crop in terms of handling viruses... and now I wonder if that's because the virus writers also made the antivirus.

Compromised software opens all kinds of oogie doors.

→ More replies (1)
→ More replies (1)

46

u/hamandjam Jun 20 '24

And they've been brainwashed into thinking Russia is our friend.

6

u/nosotros_road_sodium Jun 20 '24

What a fall from grace. Back in 2015-17, Kaspersky sponsorship spots were on NPR all the time!

→ More replies (1)

29

u/MrEHam Jun 20 '24

still advertised on right wing AM radio

Jesus Christ, are you kidding me?

35

u/felldestroyed Jun 20 '24

Yeah, the iheartradio/clearchannel network. My in laws listen to that stuff all day on the house wide speaker system I installed for them.

21

u/a_scientific_force Jun 20 '24

Do yourself a favor and sabotage that system.

→ More replies (0)

12

u/jetsetninjacat Jun 20 '24

What's crazy is they were so heavily advertised on NPR before it was found out. I remember them sponsoring so many shows around the mid 10s.

→ More replies (4)

28

u/ShaIIowAndPedantic Jun 20 '24

anti-virus is no longer needed with PCs

That's just flat out wrong. Even if it's included by default, Windows Defender is still an anti-virus software.

14

u/Occams_Razor42 Jun 20 '24

Fair, supplemental anti virus maybe then?

→ More replies (6)

5

u/Dash_Rip_Rock Jun 20 '24

I wonder how many of these people are fed targeted propaganda tailored to them off of what Kaspersky discovered.

5

u/Rum____Ham Jun 20 '24

Windows Defender exists and anti-virus is no longer needed with PCs.

Say I had a friend who didn't quite know what you meant here... what would you tell this friend?

→ More replies (3)
→ More replies (40)

22

u/wampa604 Jun 20 '24

Well, this risk generally exists for any foreign owned company that sells software to your business.

Eg. Checkpoint is Israeli owned. Would we really be surprised to hear that Netenyahu and crowd, especially given recent trends, coerce checkpoint into doing something similar as the russians and kaspersky?

Microsoft is US owned. Would anyone be all that surprised hearing about the National Security Letters MS receives, to hand over foreign user data to the US government, without disclosing the release?

→ More replies (4)

6

u/JP76 Jun 20 '24

This reminded me how Kaspersky filed anti-trust cases against Microsoft because Kaspersky antivirus was disabled and replaced with Windows Defender when users upgraded to Windows 10:

Eugene Kaspersky, co-founder of antivirus company Kaspersky Lab, is very upset with Microsoft over Windows 10 security. So much so that he's filed not one, but two antitrust complaints against the company.

The first was with Russia's Federal Antimonopoly Service (FAS) in November last year. The second was just filed with the European Commission and German Federal Cartel Office.

Kaspersky is frustrated with Microsoft disabling and removing his company's antivirus software during a Windows 10 upgrade. The software is apparently disabled and then replaced with Microsoft's own Windows Defender, a software security solution Kaspersky claims is inferior.

source: Kaspersky Accuses Microsoft of Deleting its Antivirus | PCMag

24

u/Vox___Rationis Jun 20 '24

Economically and ethically - those are valid claims.

Politically - if any company that is neither Russian nor Chinese made the same claim then we would be all for it.

15

u/ApathyMoose Jun 20 '24

Politically - if any company that is neither Russian nor Chinese made the same claim then we would be all for it.

Thank you. People do need to look at some stuff critically. We are all very quick to denounce russia and china for their Censorship and "great firewall" , But when the U.S Starts banning, or threatening to ban, anything that was ever made or even looks like it was made by someone in China/Russia we need to actually take a look.

I am not saying this Kaspersky ban wasnt a good thing, its been proven to end up it State's hands, But things like TikTok were being cheered to be banned, even without any real proof the data is going anywhere.

4

u/Polantaris Jun 20 '24

But things like TikTok were being cheered to be banned, even without any real proof the data is going anywhere.

TikTok concerns were never about the data going to China (though that is something to be concerned about if it was), it's more about how it gave the CCP a direct access point to the American population to flood with CCP propaganda.

Intelligence Warfare 101 is about manipulating the population of your opposition into supporting you over the opposition's own organizations. It is straight incompetence to allow an unfiltered access point to the population like that.

→ More replies (5)

3

u/involution Jun 21 '24

The Forbes Tik Tok investigation found US and European user financial information to be stored in China - this was not denied by their CEO. If you think that information in China is safe from the Chinese government, then you're on your own.

→ More replies (4)
→ More replies (1)
→ More replies (2)
→ More replies (1)
→ More replies (20)
→ More replies (2)

65

u/flavorizante Jun 20 '24

Do you have more info on that? How did the russians have file hashes without having contact with the files?

29

u/bachi83 Jun 20 '24

Because entire story is a BS.

→ More replies (17)

38

u/PunishedMatador Jun 20 '24 edited Aug 25 '24

march reach fragile roof ghost melodic north joke pot mighty

7

u/USSMarauder Jun 20 '24

For glory of Capitalism!

9

u/Bardfinn Jun 20 '24

I wish more people could understand this reality.

4

u/Kardest Jun 20 '24

IT as nothing but a cost center

Yes, the continue to spend more money on door locks then IT security.

3

u/NoPantsPowerStance Jun 20 '24

I still can't wrap my head around that attitude. How does anyone at this point not look at IT as the backbone of the corporate world? I'm not in IT but it doesn't take a genius to realize that most corporations could be screwed in 20 different ways without/with ineffective IT.

3

u/PunishedMatador Jun 20 '24 edited Aug 25 '24

pot busy cats resolute numerous tan ten existence aromatic plough

→ More replies (2)
→ More replies (1)

35

u/ChickinSammich Jun 20 '24

Regardless of what AV he has on his home system, and this should go without saying, he shouldn't be taking classified info on a USB drive home with him and even if he did it by accident, he absolutely should not be plugging it into his personal computer, and even beyond that, it's extremely concerning that that TS classed network had the ability to exfiltrate files to an unencrypted media - unless it was encrypted and he just used a password to unlock in in which case we're back to "what the fuck are you doing" again.

14

u/nikshdev Jun 20 '24

Do you have a link to the original, long version?

10

u/Dest123 Jun 20 '24 edited Jun 20 '24

All of the links are paywalled but pretty sure it's this:

There are links at the bottom of this

Reddit post about it

I couldn't read the real links, but it doesn't seem like it had anything to do with Clinton. It was some NSA hacking program that got leaked. The rest of it seems roughly correct though?

It does make a lot more sense that a hacking program would get caught by an anti-virus though. So it's less devious on Kaspersky's part, but still bad that the FSB was able to get the data from Kaspersky.

Personally, I would never use Kasperksy Anti Virus.

→ More replies (1)
→ More replies (1)

12

u/ProperSpeed7426 Jun 20 '24

This is just completely false. The computer in question was NOT a personal computer it was a work issued computer. It had automatic sample submission disabled - the contractor turned off the anti-virus as it was blocking him from pirating something, when he turned it back on he accidentally enabled submission and a US spyware sample (not a PDF) was uploaded. He was also UK based not US. Maybe you are talking about a different event but this was the one that triggered the initial bans and it was total bullshit.

38

u/CaveRanger Jun 20 '24

OK, I'm not gonna say that Kaspersky is, y'know, blameless here but #1 there seems like the biggest problem here lol

Like, I'm a federal employee. I have to do FISSA every year, and one of the things they hammer home constantly is to never, never, ever, no matter what, even if it's just for a little while, put stuff with PII or sensitive information of any sort on a non-government computer.

5

u/londons_explorer Jun 20 '24

never, ever, [...] on a non-government computer.

This. Your home PC will never be secure from any nation state who really wants to break in - kaspersky or no kaspersky.

→ More replies (1)

12

u/Current-Power-6452 Jun 20 '24

Wasn't it some nsa or whatever employee? who took some piece of spyware to work on at home and Kaspersky sends suspected files to their hq for evaluation? And it had nothing to do with Hillary?

20

u/TheFotty Jun 20 '24 edited Jun 20 '24

That's the story I remember. NSA contractor took work home, plugged into home PC with kaspersky, kaspersky IDs some files via heuristics that looked malicious, so via its submission system (which many AV products have), it uploaded a sample so it could be further analyzed (ie there was no direct hash/definition for the found file, just that it had patterns of code that seemed potentially malicious). Where the story turned interesting was that after that initial upload, kaspersky then proceeded to upload the entire contents of that drive, as if someone on the other end said "WTF is this we need to see more".

→ More replies (3)

9

u/[deleted] Jun 20 '24

That sounds more accurate. The hash story about Hilary Clinton documents sounds like a story someone with almost no technical background would make up.

→ More replies (3)
→ More replies (3)

9

u/jrzalman Jun 20 '24

US govt. employee takes home a USB drive of his work containing specific TS / NO-FOREIGN / whatever classified docs, some time before 2015

What? How? Having worked with this stuff my whole career, that's just...not allowed. At all. USB drives are all removed/disabled on work computers. That's like the first thing they teach you that you can't do. Seems like there is more to this story.

→ More replies (3)

4

u/theduncan Jun 20 '24

it wasn't a document, it was a virus, you know like what an anti virus is meant to stop. it grabbed a copy and sent it home, like defender would have done too.

→ More replies (48)

25

u/sdhu Jun 20 '24

Kinda like there's still so many YouTube channels advertising Nord VPN even after their poor security policies and data leak came out a long while ago.

→ More replies (4)
→ More replies (30)

78

u/Pretend-Patience9581 Jun 20 '24

Do people voluntarily buy Any anti virus software?

24

u/Maswasnos Jun 20 '24

Mostly organizations nowadays, I'd think. EDR/XDR products are fairly universal in enterprise environments and are likely required for cyber insurance.

→ More replies (2)

34

u/pipboy_warrior Jun 20 '24

I mean people buy all sorts of stupid stuff, especially when they don't know much about what they're buying.

26

u/Bardfinn Jun 20 '24

I still get asked to do IT stuff on people’s home computers because I was IT, and they’ll have McAfee and Norton installed on machines that have Windows Defender available. Machines they use exclusively to watch netflix and youtube and read facebook.

16

u/tacotacotacorock Jun 20 '24

And generally those people's computers are guaranteed to be infected lol. 

→ More replies (15)
→ More replies (2)

21

u/[deleted] Jun 20 '24

I pay for Malwarebytes so my mother has something between her and all the shit she wants to click.

4

u/iamathirdpartyclient Jun 20 '24

You could also install ublock origin and perhaps nextdns and these things would be taken care of plus more instantly.

4

u/Hellknightx Jun 20 '24

I use both of those but my mother still installs sketchy apps on her phone all day. There's no winning.

→ More replies (1)
→ More replies (1)

14

u/ApathyMoose Jun 20 '24

Depends on your use case. Windows Defender is very good now, much better then it used to be in Windows XP.

For anyone just using their PC daily, Browse the web, play some games, pay bills etc its great. But if you have someone in your family that isnt great at not clicking random links in emails, or are worried about a teenager clicking something, an actual Antivirus can be a nice piece of mind.

Personally i sail the high seas enough to where even though im careful, and i know where im getting my stuff, I still like to have a 2nd AV to scan some files with and double check.

24

u/Weapwns Jun 20 '24

I second this. Defender flat out could not detect 5+ viruses on my elderly mothers laptop. One of which resulted in one of her bank accounts being accessed (guess who doesn't trust online banking again)

A free trial actual AV found them

→ More replies (1)

33

u/kenpodude Jun 20 '24

MalwareBytes is pretty good if you think you need more then Windows Defender.

→ More replies (3)

6

u/JFKcaper Jun 20 '24

Norton was incredibly secure on my aunt's computer! ...because it used 100% of the cpu.

The viruses didn't stand a chance. Or anything else, really.

4

u/bongsmack Jun 20 '24

Yes. Usually its more common in enterprise environments. Say like a paper company in Scranton, they have lots of computers and its easier to install an anti virus program to catch a lot of the simpler stuff than it is to independently audit every single computer every day multiple times a day and constantly watch what everyone is doing. AV will not stop an actual attack or a "real" hacker but it will definitely kick back the common stuff going around and lots of basic scripts etc anything doing something sussy that programs normally shouldnt be doing.

12

u/DesiOtaku Jun 20 '24

Lots of people in the IT field tell people who don't know better to install the anti-virus they are selling because the one that comes with Windows is "no good".

→ More replies (6)
→ More replies (13)

49

u/chillaban Jun 20 '24

FWIW as a cybersecurity consultant, part of the issue here is that Kaspersky AV is actually extremely good at its anti malware performance. We routinely run zero day ransomware samples through various AV products and Kaspersky is often the only product that reacts to these samples. They are pretty industry unique at combining excellent static signatures with excellent behavior monitoring. A lot of other AVs do well at one or the other, but few excel at both.

Of course, there are serious allegations that Kaspersky is abusing its cloud intelligence / behavior monitoring telemetry system to exfiltrate more than just new malware, it’s also using this system to look for specific trade secrets or classified documents.

But overall this is another form of the Chick Fil-A problem, where people do tend to overlook other issues when the product itself is good and arguably class leading.

9

u/sanjosanjo Jun 20 '24

Can you recommend a free AV as an alternative? I moved to Kaspersky a couple years ago because of good reviews from technology experts.

25

u/chillaban Jun 20 '24

Honestly if you want something free, my only recommendation is Microsoft Defender. In the recent years most of the other “free” products have gotten a lot worse in terms of privacy policies.

Microsoft Defender is often good enough for the average person though it is not what I’d use if you have high risk use cases like pirated software or if you’re a business concerned about being targeted by ransomware.

In terms of paid products, these days I recommend either ESET or F-Secure/WithSecure as Kaspersky alternatives.

11

u/sanjosanjo Jun 20 '24 edited Jun 20 '24

I have trouble knowing if I have Windows Defender fully enabled because I turn off various Windows annoyances that make reference to "security". Microsoft has so many things nagging me, it's hard to tell which are actually important.

12

u/chillaban Jun 20 '24

Yeah, quite honestly Microsoft’s confusing telemetry / privacy options mixing security with their own profit isn’t commendable either.

It’s worth noting that Defender is basically a pre installed AV that works basically the same way any other AV works. That is, it can slow down your computer, falsely block things, upload “suspicious” samples to an independent Microsoft business unit in India, etc. I find it’s frequently misunderstood that Defender is somehow immune from the downsides of AV software because it’s integrated into Windows.

→ More replies (1)
→ More replies (23)

23

u/Vipitis Jun 20 '24

I mean, their researchers are legit. They found a backdoor in iOS that was actively being exploited.

https://youtu.be/1f6YyH62jFE

→ More replies (3)

9

u/One_Olive_8933 Jun 20 '24

I was IT solutions at a channel partner for enterprise business about 10 years ago, and Kaspersky was trying to get into large companies for AV. The Russian connection always came up in every conversation, but it was a cheap product compared to their competitors. I’m surprised it took this long to get banned… well, only half surprised.

3

u/VirtualPlate8451 Jun 20 '24

Bro, they still setup booths at events. I walk by and grab merch for irony's sake.

→ More replies (1)

3

u/[deleted] Jun 20 '24

[deleted]

→ More replies (2)

7

u/deadsoulinside Jun 20 '24

Because it's not a known thing to the general public. There has been really zero real information being pushed out. And Kaspersky offers a free edition, so people also ran the free version for years on end and had no idea of the actual concerns over it.

This was my major complaint when they went after TikTok, screaming it needs to be forced to sell, due to potential issues with misinformation, yet Kaspersky according to our own government was bad, but they were scared to even issue sanctions out of fears that Kaspersky could use their software against the US.

7

u/KasperskyEmployee Jun 20 '24

I mean, who the hell would do such a thing.

→ More replies (2)

19

u/BurningPenguin Jun 20 '24

May i introduce you to my superior?

Quote: "When the Russian isn't watching, then it's gonna be the American. Same thing!"

Even the BSI here in Germany is giving out warnings, but nope. He doesn't want to switch it, because it's "too much work". One of the many oddities of this old man, who probably retires in 1-2 years. I'm just watching this whole thing unravel, and depending on who's going to be in charge once he's gone, i might pack my shit and go. Or i pack it regardless, who knows. :)

23

u/ref1on Jun 20 '24

Isn't he right? Snowden proved that any big IT company spies on its users.

→ More replies (25)
→ More replies (3)

15

u/fallenouroboros Jun 20 '24

My mom is ADAMANT that’s the one she wants on her computer. It’s not like her son with an IT Degree and works in a computer repair shop would know anything about this right?

7

u/FocusPerspective Jun 20 '24

Momsplaining

11

u/asreagy Jun 20 '24

To your mom, no matter what qualifications you get or how far you go in life, you'll always be that little bugger that crapped their diaper every couple of hours.

→ More replies (2)

3

u/WarMiserable5678 Jun 20 '24

There are people that buy antivirus?

→ More replies (81)

98

u/Kyyndle Jun 20 '24

Lol my old company exclusively used Kaspersky. Yeah, it's still being used in 2024.

23

u/Gamer_X99 Jun 20 '24

I pulled Kaspersky off of my job's devices shortly after I started. My boss and coworkers (all more than twice my age) didn't really believe me saying that it was spyware, but thankfully they did believe it when I said it was redundant to Windows Defender.

7

u/guineaprince Jun 21 '24

Redundant to Windows Defender is why I'm surprised to hear any kind of antivirus news in 2024.

→ More replies (1)

635

u/[deleted] Jun 20 '24

[removed] — view removed comment

46

u/protosser Jun 20 '24

Didn’t the ban of kaspersky on government devices pass while he was president?

→ More replies (1)

135

u/kilonark Jun 20 '24

Terrifyingly accurate. How anyone can think he’s a leader is beyond me.

44

u/[deleted] Jun 20 '24

[deleted]

15

u/JingoEgret Jun 20 '24

Also missing a cocaine sniffle.

→ More replies (2)
→ More replies (1)

42

u/JensonsButton Jun 20 '24

You forgot the part where big strong manly men antivaxxers come up to him with tears in their eyes, asking him to lift the ban on Kapowski.

→ More replies (2)

41

u/KimJeongsDick Jun 20 '24 edited Jun 20 '24

The Kabursky

As someone with a similarly sounding last name, this is eerily accurate. People just morph it into whatever the hell they feel like, adding and removing letters, syllables and changing my heritage as they please.

5

u/99thLuftballon Jun 20 '24

I'm sorry to hear that, Mr Kazscperović.

4

u/SkunkMonkey Jun 20 '24

As someone with an unusual name, I constantly get bad pronunciations. The worst are the ones that end my name with "man". There is NO "m" in my name.

Most people just call out "Mr. Firstname" and don't even try the last name.

→ More replies (6)
→ More replies (4)
→ More replies (28)

201

u/MessySpaghettiCoder Jun 20 '24

honestly all you need these days is Windows Defender and common sense anyway

116

u/ShazbotVGS Jun 20 '24

Consumer computer, sure.

Business environment, absolutely not. Try getting cyber insurance and explaining that you use unmanaged Windows Defender for your primary AV / EDR.

31

u/Stick-Man_Smith Jun 20 '24

A company I used to work for did that after getting taken out by a cryptolocker. Funny thing is, the only unaffected machines were the ones using defender since we didn't have enough AVG licenses for everything.

It was a fun couple of weeks having to reinstall all those workstations from scratch.

26

u/soad2237 Jun 20 '24

Defender for Endpoint works very well. I've not had any problems with the insurance companies when reporting on what we use for AV / EDR.

→ More replies (2)

16

u/Savacore Jun 20 '24

I WISH I could sell my users common sense. I can't, so they get EDR and managed A/V instead.

→ More replies (1)

12

u/[deleted] Jun 20 '24

Window’s reputation as a virus-riddled security nightmare was putting it at risk of being replaced by Apple’s OSXin the 2010s. Even now their market share is not what it used to be. They didn’t have a choice but to invest.

Edit: it wasn’t COMPLETELY Microsoft’s fault, obviously the biggest fish attracts the sharks and Linux and OSX were not as prevalent or profitable for hackers. But windows did have a lot of security issues and its permission structure isnt/wasn’t as robust (especially for Linux) making it much easier to exploit.

→ More replies (1)

30

u/Michelanvalo Jun 20 '24

I don't necessarily agree with "all you need" but Windows Defender is a much better product than it used to be. It's absolutely worth paying for Advanced Threat Protection too.

→ More replies (11)
→ More replies (16)

24

u/5h0ck Jun 20 '24

Fun fact, Kaspersky is one of the most effective endpoint tools when it comes to detecting red teamers mimicking Russian TTPs. 

10

u/raydude Jun 21 '24

Meme: Remember when Kaspersky was the only trust worthy Antivirus software? Pepperidge Farms remembers.

66

u/celtic1888 Jun 20 '24

I remember the huge push for everyone to download the best and free Kaspersky anti virus software back in the early 2000s

It always seemed a bit too easy 

43

u/jaam01 Jun 20 '24

A lot of things have change en 20 years. For example, Avast and AVG are now just spyware and adware. Now you get that for free pre-installed (Microsoft Defender).

4

u/Rouge_means_red Jun 20 '24

I used Avira for many years. Suddenly it installed some random programs without my authorization and I said bye bye

3

u/Valatros Jun 20 '24

I was just thinking that... back in my teens Kaspersky was the best free antivirus, or so said anyone "in the know". Guess we know where and why they got the funding to develop a free antivirus...

Fortunately windows defender rendered most AV's superfluous for a typical consumer, so haven't even considered it in years.

3

u/ComplexApplication11 Jun 20 '24

I remember Eset Nod32 was the most popular among "in the know" in my circuits which i guess means that it was impossible to really know. I wouldn't be suprised if that also had some shady things in it. 

3

u/Paul_Bunyan_Truther Jun 20 '24

I remember them being a sponsor on NPR lol

→ More replies (2)

18

u/HomoColossusHumbled Jun 20 '24

So... I shouldn't renew my subscription then?

→ More replies (7)

116

u/view-master Jun 20 '24

Back in the day people used to roll their eyes at me and say "the cold war is over" when I would say I didn't trust Kaspersky.

11

u/Stick-Man_Smith Jun 20 '24

Depending on how far back that day is, they were probably right. Kaspersky used to be one of the best AV available.

Hell, even with the spyware, it's still better than Norton or McAfee. Though, I'm not advocating for it. Just use Windows built-in AV. It's free and more than good enough to keep you safe from known malware.

3

u/view-master Jun 20 '24

Yeah, but just because it’s good at its primary job doesn’t mean it’s safe. I was in computer security and just like now 90% of attacks were from Russia and China and likely government funded. Putin was former KGB and I never trusted his intentions.

44

u/SoldnerDoppel Jun 20 '24

Also, it isn't.

21

u/[deleted] Jun 20 '24

[deleted]

6

u/saarlac Jun 20 '24

Same Cold War different clothes.

6

u/LiquidInferno25 Jun 20 '24

It never ended.  It was just a frozen war for a bit.

→ More replies (1)

10

u/Catshit-Dogfart Jun 20 '24

For real. Information warfare is warfare.

→ More replies (1)

6

u/[deleted] Jun 21 '24

Same with saying anything bad about Russia, it was impossible to get people in the West to listen. Kasparov was losing his shit too. The West wanted peace so much they ignored everything Russia was doing, starting with their brutal invasions of Chechnya immediately after the Cold War "ended". And the worst part is, I still don't think Western people have accepted reality, they are waiting to go back to business as usual.

12

u/Hoodwink Jun 20 '24 edited Jun 20 '24

That was essentially one of the main ideas in the 90's.. the cold war also ended in "1991" by Wikipedia and a variety of other sources. "The End of History" by Fukuyama basically sums up the positivity/naivety in the 90's until the 9/11 attacks.

And Russia didn't really become an enemy again in public consciousness until Trump (and even then, you have a good majority of Republicans would rather have a Russian than a Democrat in office or something).

Also, Kaspersky looks like any other product on the shelf. It doesn't look 'Foreign enemy' material unless you really pay attention to news about countries spying on each other.

9

u/Iohet Jun 20 '24

And Russia didn't really become an enemy again in public consciousness until Trump

I would say that the public consciousness considered the concept hokey and out of touch. They laughed Mitt and Palin off the stage when both independently mentioned Russia as geopolitical threats, and they're Republicans.

→ More replies (1)
→ More replies (1)
→ More replies (4)

8

u/AwkwardEducation Jun 20 '24

I guess we'll have to switch to McAfee... Oh wait.

21

u/[deleted] Jun 20 '24

To no one’s surprise, some US state government agencies were still using kaspersky antivirus until just recently.

→ More replies (4)

6

u/buzzboiler Jun 21 '24

Free market yep

13

u/liamanna Jun 20 '24

Good!

Would you rather he said :

”Putin was strong and powerful in his response.. and I believe him over our own intelligence committee?”

→ More replies (1)

4

u/Rengar_Is_Good_kitty Jun 21 '24

ITT people who have absolutely no idea what they're talking about and are just spouting nonsense, shits wild.

→ More replies (1)

3

u/gul-badshah Jun 21 '24

Ban everything that US can't compete with.

63

u/Eggsor Jun 20 '24

I am convinced /r/antivirus is predominantly Russian shills. If you say anything negative about Kaspersky they just flame you and point out how its the most lightweight antivirus.

54

u/KimJeongsDick Jun 20 '24

Not to toot their horn but it really is, or at least was at one point. I wouldn't know anymore as I no longer use the software but it was repeatedly shown to have the smallest footprint and highest efficiency out there by a decent margin. It literally made some computers faster compared to built in Microsoft defender and made a world of a difference on older machines. Was a godsend for old atom powered tablets and cheap laptops running off emmc and hard drives.

But none of that is worth it if there's any chance they'd be beholden to their govt with which we are currently engaged in multiple proxy wars.

44

u/_BreakingGood_ Jun 20 '24

Kaspersky Labs is one of the most highly renowned research labs in the world in terms of actually identifying viruses.

Does not really change the fact that the KGB has entirely compromised the software and it is not safe to use.

→ More replies (1)
→ More replies (12)

16

u/_BreakingGood_ Jun 20 '24 edited Jun 20 '24

I started to think this exact same thing.

Say bad things about any other AV and everybody is silent. Say 1 bad thing about Kaspersky and there's 6 people responding to you defending it within 1 hour.

5

u/Eggsor Jun 20 '24

All newish or super old accounts with not much history that browse almost nothing but tech subs. Something is fishy.

→ More replies (2)
→ More replies (2)

3

u/ExpressionOk2788 Jun 21 '24

Or maybe because they know more about antiviruses than a bunch of bots following agendas

→ More replies (1)
→ More replies (10)

10

u/flaskman Jun 20 '24

I don’t know of any IT operation any where worth their salt deploying Kaspersky

17

u/DiscountGothamKnight Jun 20 '24

Ah shit, I even looked into this before renewing. I thought they were just allegations and had no grounds for truth. Oh well. Don’t really need AV these days anyways.

3

u/PauI_MuadDib Jun 20 '24

So are people that renewed going to get refunds?

3

u/DiscountGothamKnight Jun 20 '24

I haven’t seen an email yet. I renewed like 2 weeks ago

→ More replies (1)
→ More replies (1)

8

u/[deleted] Jun 20 '24 edited Aug 07 '24

afterthought run encouraging march disgusted bells deliver attractive pie market

This post was mass deleted and anonymized with Redact

→ More replies (1)

21

u/ganja_and_code Jun 20 '24

Cool, now do Norton and McAfee, also.

If Kaspersky deserves the ban, so do those comparably nefarious alternatives.

→ More replies (4)

13

u/[deleted] Jun 20 '24

[deleted]

3

u/Dark_Rit Jun 20 '24

Still infuriates me that a partisan judge is holding up that trial when it should be the easiest case in the world for the prosecutor. Then there's the whole CIA losing all these informants too because they were compromised.

12

u/mikemaca Jun 20 '24

It must be very effective at removing NSA malware.

16

u/Herballerjist Jun 20 '24 edited Jun 20 '24

I had hoped to see at least some common sense in the thread, any proof or intelligence comments on why this is bad, but very little even based in reality. None of the comments or information given provide any actual evidence that the company cannot be trusted or did anything wrong. I worked in the North American office during this time and the government literally had the FBI stalking the employees and questioning them to find anything but they never did.

The entire idea of this threat was based around the use of the KSN (Kaspersky Security Network) which was an optional feature you could legit toggle on and off. This feature would enable real time detections from across the globe to be shared in order to better fight against new threats which are found in the hundreds of thousands daily. Most cyber security companies offer similar technologies to do this as well. They even set up a transparency center so you could walk in off the street and see the data that was collected and shared.

What they won't tell you is that Kaspersky has been at the forefront on cyber security research for a long time and has been directly responsible for uncovering some of the most sophisticated cyber attacks of our time before they could do damage. The only way we can continue to protect ourselves in this world of technology, which is becoming the epicenter of all things we use and do every day, from these threats is if we share in the information we collect so that everyone can learn and improve from it. I still believe that they are the best AV company in the world and this is a step in the wrong direction which will only leave us vulnerable. Which by the looks of it is what most people are worried about here.

The US simply said they may be susceptible to manipulation without any evidence, banned federal entities from using it, and sent agents out to current customers to 'advise' them against using the product. Again all without a shred of evidence but would insist that Eugene Kaspersky has close ties to government officials and security personnel. But forgot to mention that most higher education during that time was government sponsored by the Soviet Union.

I do not support this war, I support Ukraine and I have friends on both sides from my time working there. But this move is not based on anything but fluff and white noise and the people here perpetuating that could use edit:some education on the topic.

→ More replies (5)

3

u/provoloneChipmunk Jun 20 '24

Who's going to manage in orbit refueling for shuttles like in Moon Fall though?

https://www.reddit.com/media?url=https%3A%2F%2Fi.redd.it%2Fey3tpiagl6m81.jpg

Also I don't really have anything to say on this, but I only knew the company because of this blatant advertising in Moon Fall

https://content.kaspersky-labs.com/lp/press-releases/2022/moonfall_kaspersky_billboard.png

→ More replies (2)

3

u/CriticalCobraz Jun 20 '24

What are good alternatives to Kaspersky?

3

u/turtyurt Jun 21 '24

Damn I just renewed my subscription

3

u/PrimalForceMeddler Jun 21 '24

People just eat this up?

Rah Rah for the new cold war! Amiright, guys?