Imagine you are the head of the security apparatus in a totalitarian regime and you find out that a well respected international company from your country produces a piece of software that is installed in millions of computers over the world with admin privileges. Wouldn’t you lean on them? How can you not?
I have lived under a totalitarian regime (not Russia) and I can tell you that the security apparatus doesn’t fuck around. There is no asking, only cooperation, or else...
The Russians are also good at spook games, I mean, the dude is KGB trained. They don’t need to compromise the source code with backdoors that someone can find, they just ask Kaspersky to be a tiny bit more aggressive in their sample vacuuming for example. Or they just don’t do anything and sit on it, knowing that one day they can call to collect.
I personally believe Kaspersky is compromised, IMHO. I just don’t see a way that it can’t be.
I agree. You don't do business in Russia without cooperating fully with the Russian Government. I'm fully on board with the whole "red scare" perspective and saying Kaspersky just got caught up in the wrong place at the wrong time in geopolitical arguments. Being realistic though, it's silly to think the Russian gov't would allow them to operate fully independent with no oversight. They absolutely have a hand somewhere in Kaspersky, the only question is how deep a role they are requiring Kaspersky to play. Kaspersky is a fantastic company with very well respected programs, and for a vast majority of its userbase, Kaspsersky products do just fine. I did find it entertaining that the founder said he didn't really care about losing the US market, because the US accounted for very little of their overall profits.
I have lived under a totalitarian regime (not Russia) and I can tell you that the security apparatus doesn’t fuck around. There is no asking, only cooperation, or else...
The Russians are also good at spook games, I mean, the dude is KGB trained. They don’t need to compromise the source code with backdoors that someone can find, they just ask Kaspersky to be a tiny bit more aggressive in their sample vacuuming for example. Or they just don’t do anything and sit on it, knowing that one day they can call to collect.
I personally believe Kaspersky is compromised, IMHO. I just don’t see a way that it can’t be.
reply