[jakelarkin]

how Kaspersky was ever thought to be "okay" in the US enterprise/government market has always been perplexing to me. Antivirus, something which literally inspects all of your files and network activity, made in the country that's a hotbed of blackhat activity and home one of the most aggressive cyber-espionage militaries outside the US. yea okay great, sign me up.

[cm2187]

In general there is much to be said about the huge amount of code that runs from thousands of sources on every machine.

Most OS comes with hundreds of drivers, many created by hardware makers all over the world, running with root privileges / kernel mode. And then you add to that all of the software that you install, developed by companies or volunteers all over the world, and running all sort of third party libraries, etc.

The chain of trust is huge. I'd be shocked if there was any computer in any US administration that wasn't running some piece of code written by a russian national.

[shawn-furyan]

Downvoted, not because your general sentiment is wrong, but rather that this comment what-about's a specific threat identification. It is useful to raise awareness of general threats or wide-spread operational malpractice, but doing so in direct response to the identification of a specific threat is a distraction that primarily serves to engender a sense of nihilism about defense in general. That is counter-productive, and a specific strategy in propoganda.

Defense is not hopeless. Some threats are more immediate than others.

note: this is not an endorsement of the gp comment. I merely think that discussion of the gp comment should be focused on its own merits rather than nihilistic dismissals of it.

[joe_the_user]

Well, at this point, which anti-virus product you use is gradually devolving to "which state do you want to spy on you?". And the problem is, the answer may not be "the state I live in", since that state is the most likely to tax and otherwise regulate you.

[lallysingh]

https://www.clamav.net/ ?

[gooftop]

In this day and age of FUD, what are the odds that said open source software has a vulnerability or malicious code inserted by some state actor (ours included)?

[lallysingh]

Probably low.

[dreamfactored]

Maybe rather than playing cat and mouse over taxes, a person who avoids taxes should be more fairly and simply designated as a foreign national or stateless?