back to article US Homeland Security says hardly any Kaspersky software left on federal networks

Only 15 per cent of US federal agencies still have Kaspersky Lab software anywhere on their networks. So said the United States' Department of Homeland Security (DHS) assistant secretary for cyber security, Jeanette Manfra, at a Tuesday hearing of the House Committee on Science, Space, and Technology's oversight subcommittee …

  1. Khaptain Silver badge

    And the alternative is ?

    It would be interesting to know what they are using as a replacement and especially in which country the software was written.

    1. Anonymous Coward
      Anonymous Coward

      Re: And the alternative is ?

      Something that does not flag NSA, sorry "Equation Group" files as malware.

    2. Rob D.

      Re: And the alternative is ?

      The later comments by the DoD representation indicated that the DoD have McAfee and Symantec available for internal and home use by employees (and contractors possibly). Also specifically noted that Kaspersky is not on their list.

    3. Anonymous Coward
      Anonymous Coward

      Re: And the alternative is ?

      According to this hilarious commercial, it's the All American Antivirus:

      https://www.youtube.com/watch?v=TlPMo5_Pi84

      (According to reviews on the Internet, the software ain't no good. Must've been dem russian norks, dem's all behind anything)

  2. Anonymous Coward
    Anonymous Coward

    MS' Windows 10 conduited baked-in 'slurped' malware uploads work in exactly the same way.

    Let's hope all those malware 'conduited' upload feeds from Windows 10 machines (opted in by default, with a catch-all opt-in, i.e. sensitive user files) are secure too then and can't be intercepted either at the point of transmission (on the machine itself), during transmission or during the upload to MS servers via a prism type intercept or that the in-built MS Defender software can't be manipulated to send the slurping results elsewhere.

    How's the Microsoft Windows 10 slurping model any different from Kaspersky, other than the final destination?

    Mozilla Firefox's new so called, screengrab 'convenient screenshot' technology built directly into the browser sets a dangerous precedent too, baking it directly into the browser. It will end in tears, as it has for Kaspersky.

    If you directly bake slurping spyware directly into products, whether it be MS, Mozilla or Kaspersky. Someone will try to enable those API handles for their own benefit, because you have left the tools inside the shed, to help see, extract and remove the items from the shed, as any Garden thief would tell you, carrying everything off in your own free wheeling wheelbarrow.

    1. David 132 Silver badge
      Unhappy

      Re: MS' Windows 10 conduited baked-in 'slurped' malware uploads work in exactly the same way.

      Firefox's built-in screen-grab tool is just another example of their annoying bloat. It's a browser for goodness' sake, please make it view web-pages as well & as quickly as possible. Nothing else.

      "Oh, but our users often need to screen-shot webpages while browsing, so we put this in for their convenience!"

      Yeah, you know what else people tend to do while browsing the web? They listen to music. They work on documents. They conduct IM conversations. They do background rendering tasks. But surely, Mozilla, you wouldn't think it reasonable to add a music player, spreadsheet, IM client and Blender to Firefox?

      Aw, shoot. I just gave them ideas, didn't I.

      1. BongoJoe

        Re: MS' Windows 10 conduited baked-in 'slurped' malware uploads work in exactly the same way.

        David: Do one thing, and do it well.

        Upvote from me

      2. Anonymous Coward
        Anonymous Coward

        Re: MS' Windows 10 conduited baked-in 'slurped' malware uploads work in exactly the same way.

        Try FF Quantum, you may be pleasantly surprised on the speed front.

        Now default browser.

      3. Anonymous Coward
        Anonymous Coward

        Re: MS' Windows 10 conduited baked-in 'slurped' malware uploads work in exactly the same way.

        "Aw, shoot. I just gave them ideas, didn't I."

        Not really, you just reinvented Chrome OS.

        1. Captain DaFt

          Re: MS' Windows 10 conduited baked-in 'slurped' malware uploads work in exactly the same way.

          "Aw, shoot. I just gave them ideas, didn't I."

          Not really, you just reinvented Chrome OS.

          <conspiratorial tone> Are you sure that Chrome isn't actually Emacs hiding behind a fancy UI?</conspiratorial tone> ☺

  3. hplasm Silver badge
    Big Brother

    Oth the gripping hand...

    85 per cent of US federal agencies are now open to the NSA 'free backup' service.

  4. GruntyMcPugh Silver badge

    So Kaspersky detects NSA snooping tools, Homeland Security suddenly drop Kaspersky products. Are the NSA using their own tools against their own staff therefore? Can't they figure out how to exclude stuff?

  5. Cuddles Silver badge

    Really?

    "Manfra also told the hearing the DHS had no “conclusive evidence” of any breaches among Kaspersky users."

    ..."except by us, of course", he added.

  6. Rob D.

    Supply chain risk

    Dr Jacobson's testimony is interesting at ~46min. That and other references to supply chain threats is really where the opposition to Kaspersky comes from. It almost doesn't matter whether there is any specific evidence of actual harm - the key driver is the assessment of risk (to the US) associated with the presence of Kaspersky products on the government systems.

    If for example McAfee was in the pocket of the NSA and eagerly shipping everything it found to hidden servers buried deep below Fort Meade, then it doesn't matter in this assessment because McAfee does not get assessed as a risk.

    It will be helpful to those who want to elevate the perceived risk of Kaspersky (for whatever reason, relevant or not, political or not) that the NSA malware exposure may have involved Kaspersky, whether incidental, deliberate or otherwise i.e. guilt by association allows an increased perception of risk.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019