• halva@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    89
    arrow-down
    3
    ·
    10 months ago

    Using Russian malware to avoid Israeli malware utilizing backdoors left by American three letter orgs. Gotta love international collaboration.

  • gravitas_deficiency@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    57
    arrow-down
    6
    ·
    10 months ago

    Simply because kaspersky is based in Russia, you should not use kaspersky. I’d be shocked if the FSB hasn’t forced them to build in backdoors at this point.

    • McDropout@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      44
      ·
      10 months ago

      Just because something is based in Russia, means that nobody should use it?

      • gravitas_deficiency@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        45
        arrow-down
        4
        ·
        10 months ago

        The government under which a corporate entity operates has direct and meaningful impact on a lot of things about said company. For instance: US companies are subject to ITAR regulations, and there are MASSIVE penalties for breaching those laws. Russia is a totalitarian surveillance state, so I wouldn’t trust any security software from a Russian company. Much the same way that I wouldn’t trust any logic design or 3D modeling software coming out of a major Chinese company, because the CCP has a long and storied history of stealing and reverse engineering shit that they’re not legally allowed to.

        • StarDreamer@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          12
          ·
          edit-2
          10 months ago

          Out of curiosity what do you think of Nginx, which was Russian based and used to have its main offices in Russia (that also got raided by Russian police) or Arch Linux, where one of the main packagers (up to 30% of official packages) is managed by Felix Yan (which I believe is a Chinese citizen)? Where is the line drawn? Is it only for profit companies, security software, or something specific?

          • BassTurd@lemmy.world
            link
            fedilink
            English
            arrow-up
            27
            ·
            10 months ago

            Both examples you listed are open source, so anyone can review their code. No government can dictate what gets published to the code, and if they can, it will be noticed and get forked.

            • StarDreamer@lemmy.blahaj.zone
              link
              fedilink
              English
              arrow-up
              13
              arrow-down
              1
              ·
              10 months ago

              This probably sounds pedantic but based on this the issue isn’t that the software is Russian. It’s that the software is under the regulation of an authoritarian government (which is Russia)

              • gravitas_deficiency@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                14
                ·
                10 months ago

                Precisely. If kaspersky were 100% open source, I would not have said what I did. But it’s closed source, and it’s owned by a Russian company, subject to Russian laws, and Russia is a authoritarian state, hostile to most of the world at this point - either directly or indirectly - so one would be forgiven for assuming the worst, in terms of what was put in the code at the FSB’s behest.

            • StarDreamer@lemmy.blahaj.zone
              link
              fedilink
              English
              arrow-up
              5
              ·
              10 months ago

              Nginx is 2-clause BSD, which I would argue is more “Open Source” than Arch Linux (official repo contains proprietary components such as discord, steam, multimedia codecs). You could argue that the majority of it (and it’s build system) is open source, but probably not “Arch Linux” is fully Open Source.

      • eskimofry@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        2
        ·
        10 months ago

        Just because it exists doesn’t mean you should use it? You sound like a horny hamster.