- cross-posted to:
- news@lemmy.linuxuserspace.show
- cross-posted to:
- news@lemmy.linuxuserspace.show
removed by mod
It’s an older interview, but I like to bring this up whenever Kaspersky comes up as a topic:
If you had the power to change up to three things in the world today that are related to IT security, what would they be?
Internet design–that’s enough.
That’s it? What’s wrong with the design of the Internet?
There’s anonymity. Everyone should and must have an identification, or Internet passport. The Internet was designed not for public use, but for American scientists and the U.S. military. That was just a limited group of people–hundreds, or maybe thousands. Then it was introduced to the public and it was wrong…to introduce it in the same way.
Fuck that.
Yeah, I sure as shit wouldn’t use the internet if it wasn’t anonymous, seems like a weird thing to want when people are more concerned for their privacy than ever before.
So Kaspersky are starting to make Linux viruses then?
malware for linux system exists. maybe you’re just ignorant of it.
Kaspersky itself is malware.
Ever heard of Microsoft?
How is Microsoft related to a tool to scan Linux for malware?
Microsoft is a Malware itself.
Ok cool…
Apples grow on trees.
It’s a fact.
So much whoooosh
removed by mod
Okay I gotta know how the hell you got from A to B. Where is the racism in any of this?
Yes, and they have similar issues
Wer’re aware of it, comrade.
Gasoline is not the solution to a small fire.
Corsica represent!
10-foot pole ---------------- Kaspersky
Kaspersky actually has a good track record of NOT being anything malicious (Except for old times when it seemed to flag pirate software quite often).
However, if the tool is closed-source, this is naturally against Linux ethos and is generally something to avoid, given extensive permissions.
I’m not sure I’d give Russian software root access to my systems.
What about 7zip?
I don’t give 7zip admin access to my system.
They actually had a good track record but I think a FSB stooge took a board position and at that point…
Well, on the other side I have Steam and most of the games there are closed source… Yes they run in user mode and (usually) don’t have kernel level access.
Yes, kernel level access is what makes it a much bigger deal.
I don’t like that either
Support ClamAV instead of this trash
It isn’t terribly good
removed by mod
“ClamAV is bad so instead of improving it I’m going to cuck to proprietary standards instead”
I never said ClamAV was good or bad, nor was that the point.
removed by mod
removed by mod
Was that what got my comment removed?
My entire career is one counterexample to this after another. It’s not that I’ve seen different; I’ve only seen different.
Or that?
Now go fud someone else if you want your weekly bonus, comrade.
It reminds me of a joke that ends in “I don’t know, and I don’t care”, but the setup seems so much more relevant.
removed by mod
removed by mod
The latter is beyond lacking in open source ecosystem
And yet software like Wazuh (https://github.com/wazuh) exist… Which are complete SIEM and XDR platform. Which does more than any antivirus could ever dream to do. But somehow OSS security is lacking? Sounds like you haven’t looked at the security field seriously in decades. Kaspersky doesn’t lead the pack in anything and it isn’t in a “level field”. Quite the contrary Antivirus as a concept has been commodified in IT. They’re all generally drop in replacements for each other and are not what is actually used to prove to security auditors that systems are secure. You may get %1 detection differences between platforms or maybe an update 30 minutes or an hour earlier. This is generally meaningless and the modern tools actually used to prove security go way deeper than an antivirus.
Lying to yourself is never going to solve problems.
Seems to work for you though?
removed by mod
you would realise security even without the cloud is critical to protecting systems
Wazuh, the software I specifically called out. Is not “cloud”. They offer a cloud service, yes (that’s how they make money, on lazy admins or orgs that are too small to house their own infra). But it is self-hosted and designed to be run within the network.
You clearly have no idea what the current security market looks like. Nor what half of the terms you use actually mean.
Edit: Forgot to address this too
Virtualising every single system endpoint is practically impossible, which Wazuh seems to rely on.
No. The agent can be installed on ANY system. They recommend you install the orchestration/control node virtualized, which you don’t have to do. You can install it on a raw system though that would be a huge waste of resources. You seem to have missed that.
Does it find itself?
It just removes itself along with Nvidia, Realtek and Broadcom
removed by mod
Yay, let’s install Spyware on our Linux computers 👌
Does it scan for Kaspersky?
How much are they paying you?
To mention anything remotely associated with Russia is to be a paid Putler puppet; a lot of people are saying. See you at Tolstoy & the Dostoevsky book burning.
oh look another troll dragging geopolitical culture war bullshit into everything
This is very cool! Is it FOSS though? Kaspersky is doing good stuff, but I Antivirus is also problematic, and has like all the privileges you can get
No thanks
I HIGHLY doubt that they would detect the XZ backdoor
xz --version
Böhmermann in freier Wildbahn gesichtet
War auch überrascht
Even if it did, what would you do? rm -rf /?
XZ is part of the core system
Why? It’s not hard. They typically hash files and look for hits against a database of known vulnerabilities.
Yes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore.
As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits
The xz backdoor was a packaged file distributed with the standard packages though. It would be trivial to find.
This is obviously not about this known file.
It is about “would this scanner detect a system package from the official repos opening an ssh connection”
Sorry, I was responding to:
I HIGHLY doubt that they would detect the XZ backdoor
That doesn’t work against polymorphic malware
I think the best way is to monitor calls and behavior. Doing that is a privacy nightmare
Who’s talking about polymorphic malware? We were talking about the xz backdoor.
Oh well in that case there is no chance
First is it open source, and why do they made a such tool? 😂
So they have made a Linux antivirus?
ClamAV is the OG
AFAIK, clamAV hunts Window viruses, not Linux malware. The linux equivalent I know of is rkhunter.
There are plenty if Linux end point protection tools. However, I think the best protection is security patching.
For personal use I don’t think there is any good malware detection tools. I think you just need to harden your browser and not install random packages from online. Best if you stick with distro repos only.
Really? I just found enterprise grade e.g. server security tools. Most sites I found were ourdated, where the Linux EndpointSecurity tools were discontinued (even tho the server tools would probably as good as EndpointSecurity)
I am talking about enterprise grade
removed by mod
I’m sure I’m going to regret asking this, but how is not liking Kaspersky, in and of itself, racist or xenophobic?
It is because so many people see a Russian security company and just go on and on about “Russian company? they can’t be trusted!” While they act like US companies/government is somehow trustworthy by default (or at least by the omission of only dunking on the “always evil” vibes of anything Russian). Russia is very up front about their laws and their opinions of how they do or want to do. While US companies and the US gov love to also push that narrative hard and loud all the time.
They go on and on about “privacy” being like the most crucial thing ever. But they are also the very same fucks that have and actively at this moment find every way to just vacuum up all of our information, chats, searches, etc… And even when we get proof beyond proof that the US gov and private companies are doing this on their own or colluding. It is somehow the Russian companies (or insert whichever country) that are somehow more “evil” for doing shit.
Hell, the US is constantly spying on and inside our own allies. I really don’t see why our allies would freak out about shit like Chinese cell technology. But they are tripping over themselves to willingly build complete infrastructure with shit that the US gov most certainly has backdoors to backdoors inside. It isn’t about Russian companies being more or less trustworthy. But it is dumb as fuck to act like they are somehow worse than US companies with gov contracts. I am honestly more worried about what my own gov is doing to me than shit other nations companies might be doing. Do I want other nations companies having access to my shit? Fuck no, but acting like they are actively more a threat to spying on me as a US citizen than the profit chasing companies Enshittifying everything with adware/spyware. AND knowing that my own tax dollars are also being paid to them to give my gov access to it and me is stupid.
Because being critical of a Russian company = racism. At least according to lemmy.ml and lemmygrad.ml users.
removed by mod
I don’t normally say this but maybe its time to go outside. I haven’t found any Xenophobic or racist comments. Maybe they were removed or something.
The amount of disinformation bots or actors on any thread anywhere— despite what blamethrowing you might see in any direction — is incalculable. Trust no comment!