• Random Dent@lemmy.ml
      link
      fedilink
      English
      arrow-up
      89
      arrow-down
      5
      ·
      6 months ago

      It’s an older interview, but I like to bring this up whenever Kaspersky comes up as a topic:

      If you had the power to change up to three things in the world today that are related to IT security, what would they be?

      Internet design–that’s enough.

      That’s it? What’s wrong with the design of the Internet?

      There’s anonymity. Everyone should and must have an identification, or Internet passport. The Internet was designed not for public use, but for American scientists and the U.S. military. That was just a limited group of people–hundreds, or maybe thousands. Then it was introduced to the public and it was wrong…to introduce it in the same way.

        • Shadowedcross@lemmy.world
          link
          fedilink
          arrow-up
          21
          ·
          edit-2
          6 months ago

          Yeah, I sure as shit wouldn’t use the internet if it wasn’t anonymous, seems like a weird thing to want when people are more concerned for their privacy than ever before.

  • Allero@lemmy.today
    link
    fedilink
    arrow-up
    58
    arrow-down
    4
    ·
    6 months ago

    Kaspersky actually has a good track record of NOT being anything malicious (Except for old times when it seemed to flag pirate software quite often).

    However, if the tool is closed-source, this is naturally against Linux ethos and is generally something to avoid, given extensive permissions.

      • ssm@lemmy.sdf.org
        link
        fedilink
        arrow-up
        25
        arrow-down
        5
        ·
        edit-2
        6 months ago

        “ClamAV is bad so instead of improving it I’m going to cuck to proprietary standards instead”

        I never said ClamAV was good or bad, nor was that the point.

            • corsicanguppy@lemmy.ca
              link
              fedilink
              arrow-up
              1
              ·
              5 months ago

              Was that what got my comment removed?

              My entire career is one counterexample to this after another. It’s not that I’ve seen different; I’ve only seen different.

              Or that?

              Now go fud someone else if you want your weekly bonus, comrade.

              It reminds me of a joke that ends in “I don’t know, and I don’t care”, but the setup seems so much more relevant.

          • Saik0@lemmy.saik0.com
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            1
            ·
            6 months ago

            The latter is beyond lacking in open source ecosystem

            And yet software like Wazuh (https://github.com/wazuh) exist… Which are complete SIEM and XDR platform. Which does more than any antivirus could ever dream to do. But somehow OSS security is lacking? Sounds like you haven’t looked at the security field seriously in decades. Kaspersky doesn’t lead the pack in anything and it isn’t in a “level field”. Quite the contrary Antivirus as a concept has been commodified in IT. They’re all generally drop in replacements for each other and are not what is actually used to prove to security auditors that systems are secure. You may get %1 detection differences between platforms or maybe an update 30 minutes or an hour earlier. This is generally meaningless and the modern tools actually used to prove security go way deeper than an antivirus.

            Lying to yourself is never going to solve problems.

            Seems to work for you though?

              • Saik0@lemmy.saik0.com
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                1
                ·
                edit-2
                6 months ago

                you would realise security even without the cloud is critical to protecting systems

                Wazuh, the software I specifically called out. Is not “cloud”. They offer a cloud service, yes (that’s how they make money, on lazy admins or orgs that are too small to house their own infra). But it is self-hosted and designed to be run within the network.

                You clearly have no idea what the current security market looks like. Nor what half of the terms you use actually mean.

                Edit: Forgot to address this too

                Virtualising every single system endpoint is practically impossible, which Wazuh seems to rely on.

                No. The agent can be installed on ANY system. They recommend you install the orchestration/control node virtualized, which you don’t have to do. You can install it on a raw system though that would be a huge waste of resources. You seem to have missed that.

  • boredsquirrel@slrpnk.net
    link
    fedilink
    arrow-up
    33
    arrow-down
    9
    ·
    6 months ago

    This is very cool! Is it FOSS though? Kaspersky is doing good stuff, but I Antivirus is also problematic, and has like all the privileges you can get

    • laurelraven@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      10
      arrow-down
      3
      ·
      6 months ago

      I’m sure I’m going to regret asking this, but how is not liking Kaspersky, in and of itself, racist or xenophobic?

      • d-RLY?@lemmy.ml
        link
        fedilink
        arrow-up
        5
        arrow-down
        1
        ·
        6 months ago

        It is because so many people see a Russian security company and just go on and on about “Russian company? they can’t be trusted!” While they act like US companies/government is somehow trustworthy by default (or at least by the omission of only dunking on the “always evil” vibes of anything Russian). Russia is very up front about their laws and their opinions of how they do or want to do. While US companies and the US gov love to also push that narrative hard and loud all the time.

        They go on and on about “privacy” being like the most crucial thing ever. But they are also the very same fucks that have and actively at this moment find every way to just vacuum up all of our information, chats, searches, etc… And even when we get proof beyond proof that the US gov and private companies are doing this on their own or colluding. It is somehow the Russian companies (or insert whichever country) that are somehow more “evil” for doing shit.

        Hell, the US is constantly spying on and inside our own allies. I really don’t see why our allies would freak out about shit like Chinese cell technology. But they are tripping over themselves to willingly build complete infrastructure with shit that the US gov most certainly has backdoors to backdoors inside. It isn’t about Russian companies being more or less trustworthy. But it is dumb as fuck to act like they are somehow worse than US companies with gov contracts. I am honestly more worried about what my own gov is doing to me than shit other nations companies might be doing. Do I want other nations companies having access to my shit? Fuck no, but acting like they are actively more a threat to spying on me as a US citizen than the profit chasing companies Enshittifying everything with adware/spyware. AND knowing that my own tax dollars are also being paid to them to give my gov access to it and me is stupid.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      3
      ·
      6 months ago

      I don’t normally say this but maybe its time to go outside. I haven’t found any Xenophobic or racist comments. Maybe they were removed or something.

    • beefbot@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      6 months ago

      The amount of disinformation bots or actors on any thread anywhere— despite what blamethrowing you might see in any direction — is incalculable. Trust no comment!