Published: Tue, October 24, 2017
Research | By Jennifer Evans

Kaspersky Lab to open up software for independent review

Also as part of the Initiative, the company intends to provide the source code of its software - including software updates and threat-detection rules updates - for independent review and assessment. The latter refers to signatures and so-called Yara rules, which are the focus of recent allegations.

Kaspersky also plans to open three "transparency centers" in Europe, Asia, and the USA, where companies and governments will be able to access the source code review results in a safe environment.

"This is why we are launching this initiative of transparency to the world: we are totally open and we have nothing to hide", he stressed.

Back in July, CEO and cofounder Eugene Kaspersky offered to share company source code with the U.S. government to prove the software had not been compromised. These centers will allow trusted partners to review Kaspersky Lab's source code.

Moscow-based Kaspersky Lab is trying to reestablish consumer trust after the Trump administration's decision to ban its products citing national security risks.

He said they were being launched to help the company prove that there was nothing wrong with its products and services. But in the case of Kaspersky, "the reality is ... you can't trust them, so why would you trust the process they set up?"

Despite this, the company has denied any involvement with the Russian government, adding that it doesn't work with any governments in order to engage in espionage. Again, the company disputed the report and even suggested its software may have been hacked. However, the company announced it would offer up to $100,000 to researchers who discover security flaws. In June this year, a bipartisan bill was launched in Senate to restrict the U.S. government and any of its contractors from using Kaspersky Lab software, due to "a consensus in Congress and among administration officials that Kaspersky Lab can not be trusted to protect critical infrastructure". This technique is supported by most modern antivirus products and allows the AV maker to search for malware-related "strings" in users' files.

Kaspersky plans to hire a trusted partner to carry out the security audit and offer results to governments and organizations that need reassurance that Kaspersky products aren't spying on users and allowing the FSB to search and collect sensitive data from users' computers, as the USA government has alleged in the past few months. Best Buy removed the software from computers it sells based on concerns that it can be used to spy on customers.

"The Russian government has the ability to put pressure on Kaspersky".

The company's computer security Russian Kaspersky Lab announced on Monday that it would propose to neutral experts to analyze his famous antivirus to remove charges of spying for the Kremlin. Here, customers, governments and other organisations will be able to access the results of the reviews.

Like this: