Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
United States Government

Proposal To Sanction Russian Cybersecurity Firm Over Ukraine Invasion Splits Biden Administration (wsj.com) 62

Posted by msmash from the in-a-pickle dept.
The Biden administration is divided over whether to impose sanctions on Kaspersky Lab, a Russian cybersecurity giant that officials warn could be used by the Kremlin as a surveillance tool against its customers, The Wall Street Journal reported Thursday, citing people familiar with the matter. From the report: The White House's National Security Council has pressed the Treasury Department to ready the sanctions as part of the broad Western campaign to punish Russia for its invasion of Ukraine, according to officials familiar with the matter. While Treasury officials have been working to prepare the package, sanctions experts within the department have raised concerns over the size and scope of such a move. The company's software is used by hundreds of millions of customers across the world, making it difficult to enforce the sanctions. In addition, some officials in the U.S. and Europe fear sanctioning Kaspersky Lab will increase the likelihood of triggering a cyberattack against the West by Moscow, even potentially leveraging the software itself. It wasn't clear whether the sanctions would go forward, and one official said the idea had been put on hold for now. The debate reflects how agencies within the Biden administration are weighing in real time options to deliver more economic pain to the Russian economy in response to its invasion of Ukraine.
This discussion has been archived. No new comments can be posted.

Proposal To Sanction Russian Cybersecurity Firm Over Ukraine Invasion Splits Biden Administration More

Proposal To Sanction Russian Cybersecurity Firm Over Ukraine Invasion Splits Biden Administration

Comments Filter:
  • That's the situation you get when you run untrustworthy closed-source snake oil with the highest possible privileges on your computer. If you don't control your computer, someone else does. Or in most cases, several others, at will.

  • Is there any AV software that isn't vulnerable to interference by government, doesn't screw the customer like Acura/Norton/McAfee, and actually works reasonably well?

    • Re: (Score:2)

      by tlhIngan ( 30335 )

      Is there any AV software that isn't vulnerable to interference by government, doesn't screw the customer like Acura/Norton/McAfee, and actually works reasonably well?

      Alas, not really.

      The problem Kaspersky has is they are operating under an authoritarian government that can dictate they do something, and they're forced to do so because of dire consequences.

      Whereas Norton/etc work under a more democratic government and thus have a few freedoms as well. There have been cases where government interference was o

    • Re: (Score:2)

      by kiviQr ( 3443687 )
      How about Microsoft's Defender for Endpoint? At least if government wants access they probably already have thru Windows so you have only one vendor-vector of attack.

      • At this point, I don't think there is any reason to use antivirus other than Microsoft Defender.

        At its best, antivirus doesn't work very well.

        • Re: (Score:2)

          by taustin ( 171655 )

          It's the only one I've ever used that wasn't bloated pigware that slows down the system to the point of not being usable.

          And generally, some someone does independent testing of various AV software, it's not #1, but it's always in the top 5.

        • At this point, I don't think there is any reason to use antivirus other than Microsoft Defender.

          +5

          Can't Biden start a propaganda war in the USA to get everybody to uninstall it? It's mostly bloated scareware these days anyway.

      • Re: (Score:2)

        by gweihir ( 88907 )

        Sure. But MS is even less trustworthy than AV vendors. MS openly spies on its users these days. AV vendors at least think it may be bad for their business if they do that and then are found out.

        • Adding Defender to what's already shipped with Windows doesn't make this any worse, and it at least doesn't suck every last drop of performance out of the system. Most AV software is worse than what it allegedly protects against.

          • Re: (Score:2)

            by gweihir ( 88907 )

            Sure. I am just commenting on the attack-surface. Defender seems to be reasonable these days. No need to spend money for an additional attack-vector into your system. Just do not put stuff you really want protected on a Windows-system in the first place. It cannot be trusted.

      • Re: (Score:2)

        by AmiMoJo ( 196126 )

        Given that Defender is practically impossible to disable now, you kind of have to trust it.

    • Kaspersky have shown themselves to be "good guys" over the many years they have been in business. Twenty years ago, their product was worth using... but I'm not convinced we need it now.

      The accusation that they could (perhaps at literal gunpoint) be forced to push out a malicious update is _plausible_ but unlikely.

      They are a Russian corporation, and should not be immune to general sanctions targeted at the Russian economy. I do not see any reason to target them specifically, however; as they are not known

      • Re: (Score:2)

        by AmiMoJo ( 196126 )

        I see that Kaspersky still offers their live CD distro. That might be the best way to use it. Boot it, update the virus databases, remove the network cable and then mount the drives to be scanned. I suppose it could still inject malware onto your drives.

        The other advantage of that is that the Linux NTFS driver can't be screwed with to hide the virus from the OS. Back in the XP days that was a common way that viruses hid from anti-virus software.

    • Re: (Score:3)

      by gweihir ( 88907 )

      By its very operating principle, all system-integrated AV software is "trusted", i.e. can easily attack you. Updates routinely not only contain signatures but also code. An exception are file-scanners on the web, for example Virustotal (https://www.virustotal.com/). But this is restricted to files and means you have to potentially expose your files to a 3rd party (Google).

      Hence, no AV software is safe from government interference unless your government is limited by law and courts to not be able to do this

  • The sanctions we have today against Russia are stupid, primarily because we aren't actually sanctioning the main sources of revenue (gas and oil) or Russia can find enough buyers willing to go against sanctions the sanctions are not having any effect. Because too many people need that gas and oil, there is effectively no way to have sanctions that include them.

    However, although they are not having any effect on stopping the war - they are having plenty of effect on destroying the lives of innocent people t

    • And the longer the sanctions go, the more the people in Russia that supported the west will turn against us.

      They are getting off incredibly easy not having their homes bombed to rubble like the Ukrainians. They can keep their new USSR level economy for life even if they are too dumb to know why.

      • If I have to pay more at the pump because of Ukraine, then I think it's not unfair to ask the Russian citizens to take some economic pain as well. It is their country invading another, after all.

        • If I have to pay more at the pump because of Ukraine, then I think it's not unfair to ask the Russian citizens to take some economic pain as well. It is their country invading another, after all.

          Absolutely. It is sad their government keeps the Russian people in the dark, but if not for the sanctions most of them would be completely clueless that anything out of the ordinary is happening at all. There is no reason at all to keep them immune from reality.

        • If I have to pay more at the pump because of Ukraine

          I know this has been the meme lately, but it's not correct. Oil prices are up because OPEC cut production due to reduced demand during Covid-19 lockdowns [nytimes.com]. Now that the economies of the world are reopening they're all about that sweet, sweet profit, rather than increasing production.

          It might be nice to think that you're filling up your tank with freedom for those extra bucks, but it's still just plain old fashioned oil industry greed.

    • You are missing time horizon. Weapons help in the short term, sanctions in the long-term. We are in the odd middle-ground right now, so you need pressure everywhere you can get it.

      As for Kaspersky, a sanction is the wrong tool, but repeating security warnings is a good start.

      • Weapons help in the short term, sanctions in the long-term.

        In what way will sanctions help in the long term? Russia is setting up to keep selling oil and gas for a currency they can use anywhere, which is a very long term answer to the sanctions we have imposed.

        Long term Russia is actually better off than most western country, because Russia is rich with commodities that people need, and will pay for, and Russia has very little debt compared to most western governments.

        Long term what the sanctions have don

    • The sanctions are having a lot of effect. Look at all the billionaire yachts that have been taken.

      • Re: (Score:2)

        by taustin ( 171655 )

        When the billionaire oligarchs get tired of the sanctions (and they eventually will), Putin will mysteriously disappear, never to be seen again. That is the real target of the sanctions.

        • When the billionaire oligarchs get tired of the sanctions (and they eventually will), Putin will mysteriously disappear, never to be seen again.

          If this were any western nation I would agree. But this is Russia, and that is simply not how Russia works.

          In Russia the Ogligacrhs are rich, but have zero power, and basically exist at the whim of Putin.

          Not to mention, they all have the bulk of their wealth still held in Russia, and have the kind of money where losing a mega yacht is kind of like dropping an ice-c

        • Re: (Score:2)

          by djinn6 ( 1868030 )

          Putin will mysteriously disappear, never to be seen again. That is the real target of the sanctions.

          Yep, just like how Kim Il-sung, Fidel Castro, Saddam Hussein and Mao Zedong all mysteriously disappeared after sanctions were imposed on their respective countries. Oh wait...

    • However, although they are not having any effect on stopping the war - they are having plenty of effect on destroying the lives of innocent people that live in Russia who want nothing to do with the war in Ukraine but have no say.

      If you are suffering under the effects of the sanctions, then they are working as intended. If you want them to end, your government needs to end the war on Ukraine. It is up to you to control your government. Claiming you have no say is an abdication of your responsibility.

      • If you are suffering under the effects of the sanctions, then they are working as intended.

        Is it moral at all to make people suffer who have absolutely no ability to change what you want to stop? The people of Russia have absolutely NO WAY, even en masse, to effect change in Russia. So we are making them suffer for absolutely no reason. I guess I'm the only person that has a problem with making innocent people suffer just because they happen to live in Russia?

        I want the war to end in Ukraine as much as a

        • The people of Russia have absolutely NO WAY, even en masse, to effect change in Russia.

          Bullshit.

    • No individual common Russian is to blame. But collective, in a way, they are. Just like all democrats were still to blame for your last republican president's actions. If it's only economic, I don't mind if they get to feel it to the point of great discomfort and beyond. Before you call me heartless and unreasonable, think of Mariupol and the almost daily lies of letting people out, then shooting at them.

  • Let's not pretend even an otherwise immaculate Kaspersky is not a major Russian war asset providing foreign exchange and tax money to Putin's war machine.

  • ... to win the hearts and minds of people. I just watched the dumbest movie ever ... Moonfall. Something I noticed however is that Kaspersky had a BIG outdoor sign in one of the scenes of a devastated city and Kaspersky software was on the space shuttle systems! LOL. Kaspersky software protecting Space Shuttle systems. Big bold letters too. Too freakin' funny. I wonder how much Kaspersky paid to have their product placement in such a ridiculous place? Given the stupidity of the movie it fit right in I guess
  • When i heard about the first attacks against ISPs. One of the first things i did was check that i had no Russian controlled software installed on any of my machines. It sadens me a bit but things like kaspersky simply pose a security risk. That has nothing to do with sanctions, its just too easy for an oppressive government to force companies under its control to do things which are not in its or its customers interest. This idiotic war causes even more damage than one might initially have assumed.
    • Trust Kaspersky, based on previous performance. In the past they have been first to catch many, first to deconstruct nasty ones, teaching budding CERT experts, and first to provide (free) effective removal tools. And shut down botnets. Think for a moment - their whole business model relies on trust and efficiency. Oh, they have been unfairly slandered, but never, nothing bad shown - only the reverse. One exception - if you live in a conflict country. OTOH Pegasus spyware, and derivatives are used widely - a

      • Trust Kaspersky, based on previous performance.

        How has Kaspersky performed previously when their staff and their families are threatened with imprisonment, physical harm, a little novichok in the underpants, etc. by the Russian government?

        I think that the only reasonable answer here is "we don't know." It's possible that there's never been any such attempted coercion. It's possible that there has been attempted coercion, and Kaspersky managed to stand up to it. What we do know is that such thuggery is all too plausible given recent events, so I'm per

        • Reputational Damage, and risk assessment is the key. Even is USA the govt can rubber hose people and telcos with a secret orders, including tapping senators and journalists - apparently the constitution is watered down. Presently very skilled US people have poured over Kaspersky with a fine toothcomb looking for any excuse. Evidence based fact checking says nothing, ever. They also poured over Huawei, and found nothing to support libelous accusations . Maybe they did for a custom exchange product for one cu
      • I trust Kaspersky, the problem is not Kaspersky. The problem is that Kaspersky is under full control of a government hostile to the "democratic" world. Your government can ask for your private keys and it can prevent you from telling anyone. The real question is do i trust Kaspersky would choose torture and prison to prevent their government to use them in an exploit?
  • How can anyone be sitting on the fence anymore?

    Just look at what the Russians are doing in Ukraine. It is pure evil.

    There is no grey area.

    Either you worship the devil or you reject it.

    Make your choice!

Slashdot Top Deals

Solutions are obvious if one only has the optical power to observe them over the horizon. -- K.A. Arsdall

Close