Eugene Kaspersky says U.S. government can examine his company's source code

“Anything I can do to prove that we don’t behave maliciously I will do it.”

Eugene Kaspersky says U.S. government can examine his company's source code

Eugene Kaspersky says he's ready for U.S. government officials to examine his company's source code for indications of influence by the Kremlin.

On 1 July, the founder of anti-virus firm Kaspersky Lab told Associated Press he is willing to make his company's source code available to the U.S. government. He hopes federal officials take him up on the offer so they can see for themselves that Kaspersky Lab doesn't collude with the Russian government. As quoted by Associated Press:

"If the United States needs, we can disclose the source code. Anything I can do to prove that we don't behave maliciously I will do it."

Kaspersky also said he's open to testifying before U.S. lawmakers.

These gestures come amidst widespread suspicion among U.S. intelligence officers that Kaspersky Lab operates under the Kremlin's thumb.

Fear of "Russian government influence" against the company is apparently so great that the Senate Armed Services Committee proposed prohibiting the Department of Defense from using Kaspersky's products in fiscal year 2018.

Not only that, but a "counter-intelligence inquiry" led the FBI to the homes of at least a dozen Kaspersky employees in the United States on 25 June, where agents questioned employees about their company's operations.

Kaspersky Lab's founder revealed to AP his relationship with the FBI is now spoiled:

"Unfortunately, now the links to the FBI are completely ruined. It means that if some serious crime happens that needs Russian law enforcement to cooperate with FBI, unfortunately it's not possible."

As for the potential ban against his technologies, Eugene Kaspersky fears such a move would bring with it a number of "negative side-effects". For instance, he thinks the world would suffer from reduced international cooperation as well as innovation and competition in the digital security market. To counter these potential consequences, Kaspersky said he's contemplating moving part of his research work to the United States.

The U.S. government still has yet to disclose any evidence of an "influential" relationship between Kaspersky Lab and the Russian government. We can only hope U.S. officials will hear Eugene Kaspersky's words, take up his offer, and thereby put all this baseless speculation to rest.

Tags: , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

, , ,

8 Responses

  1. Bob

    July 4, 2017 at 8:19 pm #

    https://www.lawfareblog.com/inspection-anti-virus-source-code-demonstrate-lack-offensive-cyber-capabilities

  2. Isaiah.Tech

    July 4, 2017 at 11:04 pm #

    That seems like a bold step to take, given the size of the audience that would likely have access to said source code.

    • Aaron in reply to Isaiah.Tech.

      July 5, 2017 at 2:14 pm #

      For that bold of a step then they must not have anything to hide.

  3. James C. Reesman

    July 5, 2017 at 6:08 am #

    Jim
    I had Kaspersky on my computer for over a year. I became suspicious of it when it never reported any attempt by any software to affect my computer. I am sure many people would say that was an example of how well the software does it's job. However, I am also a retired intelligence analyst and I am sure that nothing comes out of Russia without a backdoor for future manipulation.

  4. Mark Jacobs

    July 5, 2017 at 2:46 pm #

    However, what source code is he going to make public – the stuff without backdoors, or the secret code with them? Kaspersky was our company's main AV for a few years, before we realised it was getting worse with each upgrade, and it didn't stop infections happening when other products would have. We changed to Webroot and it's much better, but still not perfect.

    • Someone from a crowd in reply to Mark Jacobs.

      July 6, 2017 at 7:54 pm #

      Really Mark? I am using Kaspersky at least 10 years and had virus breached only once when virus entered through USB stick making Kaspersky crash. And yes, you can't just throwing upgrades without clean reinstallation of Kaspersky after few months to clean up update databases… that is only major flaw in Kaspersky. Same with windows, it gets degraded after some time and do need clean installation… it is inevitable.

Leave a Reply