Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

pacoboyd ,
@pacoboyd@lemm.ee avatar

We gonna have to worry about 7zip?

sepulcher ,

If American really cared about security, they would use free software.

gallopingsnail ,
@gallopingsnail@lemmy.sdf.org avatar

If anyone cared about security, they would use free software.

splonglo ,

Russia has computers???

mlg ,
@mlg@lemmy.world avatar

FBI on its way to arrest me because I used MPC-BE to play dolby digital content without a license for the ac3 codec like 10 years ago lol

spyd3r ,
@spyd3r@sh.itjust.works avatar

They can pry MPC-BE from my warm cheeze curl stained hands! I've been using it to play 4K BluRays on an HTPC, and to decode all these new proprietary surround sound codecs so I don't need to buy a new expensive ass AVR.

hark ,
@hark@lemmy.world avatar

Only pure all-American spyware on my machine. 🇺🇲🇺🇲🇺🇲🦅

rottingleaf ,

Why would anybody in their right mind use Kasper by now.

orphiebaby ,

Wow the comments and upvotes/downvotes here are stupid.

Kolanaki ,
@Kolanaki@yiffit.net avatar

Will this affect websites, too? Cs.rin.ru is a good resource for a certain type of thing.

mansfield ,

Kaspersky is just one piece of software to avoid. Others include:

  • Telegram
  • Avast AV
  • Anything from 360 Safe / Qihoo 360
  • Opera browser ... now owned by above
  • Zoom
  • FileZilla / UTorrent / other PUA that bundles adware and acts essentially as a trojan
Speculater ,
@Speculater@lemmy.world avatar

Ah fuck, what's the alternative to FileZilla?! I've been using that for like 17 years.

mansfield ,

So just to illustrate, I went to the normal FileZilla download page and downloaded the Win64 package. Then I submitted it to VirusTotal.

https://filezilla-project.org/download.php?platform=win64#close

https://www.virustotal.com/gui/file/dbde8a4bd71bb1fbc0511cdb657dfeffdaedc513aa425f856043532a7cba6fce

Cornelius_Wangenheim ,

If you click other versions, there are installers without the adware.

twisterpop3 ,

As someone who has used FileZilla for years, I am shook and I appreciate you pasting the link

NaoPb ,

Those dumbasses have been doing this for years. I don't know if it has viruses and such in it but it has had the bundled stuff for a while now.

I wish it didn't since it's a great program.

0x2d ,

filezilla has an opencandy installer

Contend6248 ,

Dolphin on KDE/Linux and WinSCP on Windows

sugar_in_your_tea ,

I think whatever GNOME calls their file browser supports FTP as well.

Contend6248 ,

It surely does, but i'm not sure if you can switch to side-by-side view

AnUnusualRelic ,
@AnUnusualRelic@lemmy.world avatar

Then use the kde file browse.

atthecoast ,

Cyberduck

NaoPb ,

Same here.

CrossFTP seems promising. Also has the multi OS support.

cyberpunk007 ,

Winscp?

Apalacrypto ,

Out of curiosity, why Telegram? (Im out of the loop on this one)

As for uTorrent, I’ve got version 2.2.1 and have never allowed it to update in the last decade or however long it’s been. I think that was the last version that didn’t allow any ads or otherwise and was simply a solid p2p client at the time.

cyberpunk007 ,

Because Russians started it I guess?

0xD ,

If you forget everything else, it's basically an unencrypted chat where the company behind it can read all your messages.

Harbinger01173430 ,

Like discord?

0xD ,

I never cared about discord so I don't know, but I'd assume so, yes.

rottingleaf ,

Because it's less (because of history stored on server and use of OTR being problematic) secure than ICQ in year 2003, prone to phishing and, yes, made by people I wouldn't trust.

ShadowCat ,

may I ask why didn't you just switch to qbittorrent? is there a feature that utorrent has but qbit doesn't?

Apalacrypto ,

Never needed to or even thought about it. uTorrent never gave me any issues and was super lightweight. Additionally, there was a fansubbed anime site I was a member of for a long time that had a limited whitelist of p2p clients last they would allow their trackers to function on. uT 2.2.1 was one of those.

That pc seldom gets used anymore nowadays anyway, as my main pc is running OpenSuse and ktorrent does all I need it to.

sugar_in_your_tea ,

Add in:

  • TikTok
  • Facebook, Instagram, Whatsapp, and Threads
  • Reddit :)

For antivirus, Microsoft's built-in one is fine. Ideally use an OS that has better security and lower default permissions like popular Linux distros (at the very least, it's a smaller target than Windows). I haven't checked recently, but using Malware Bytes for occasional runs (not as active protection though) was good and is probably still good.

But in general, use FOSS, at the very least they'll probably not pull a Reddit and screw over their users.

A_Random_Idiot ,
@A_Random_Idiot@lemmy.world avatar

Seriously. Windows Defender is an excellent piece of software, and its all you need. Paying for anything else is kinda foolish.

If you're on windows, you dont need anything else except maybe to install malware bytes once a month, run the scan, and uninstall it.

FlyingSquid ,
@FlyingSquid@lemmy.world avatar

This is Lemmy. Chances of people here not using Windows is relatively high.

A_Random_Idiot ,
@A_Random_Idiot@lemmy.world avatar

You know what they say about assuming things.

FlyingSquid ,
@FlyingSquid@lemmy.world avatar

I would say that the fact that I used the word 'chances' would suggest I wasn't assuming anything.

I would also suggest that the very large Linux communities would support my non-assumption.

A_Random_Idiot ,
@A_Random_Idiot@lemmy.world avatar

Oh, so its like a card game

"I say Chance! and nullify your Astral Assumption card!"

FlyingSquid ,
@FlyingSquid@lemmy.world avatar

No? It's like a guess. You've heard of guesses before, right?

SquirtleHermit , (edited )

Yeah, always make assumptions. They make conversations faster.

istanbullu ,

Telegram is better than WhatsApp. At least it has a decent Linux client, and all clients are open source. WhatsApp has neither.

SpaceMan9000 ,

Unless you're constantly using secret chats all your data is stored in plain text... This is actually worse than WhatsApp

rottingleaf ,

You got an answer why it's not.

Suffocate9920 ,

Maybe better client and more features. But Russians have full access to servers and messages. They could read whatever they want. It's a fact that proved during war that Russia started in Ukraine.

istanbullu ,

This is nonsense. The Founders of Telegram are exiles from Russia.

NaoPb ,

I'd say avoid AVG too then since it's basically Avast.

Duamerthrax ,

I don't even use antivirus software anymore. Previously, every time I found a new one recommended by security experts I thought I could trust, about a year later, it turned to shit or was relieved to always having been shit. Now I just backup my stuff and vet any executable. I don't do any serious work on my Windows install anyway, so nuking it isn't a problem.

Ohi ,

Does Escape from Tarkov make the list?

KingThrillgore ,
@KingThrillgore@lemmy.ml avatar

Just don't use it for secure comms and anything tangentially connected for what you consider "secure" matters. Simple as.

Dark_Arc ,
@Dark_Arc@social.packetloss.gg avatar

This just feels like a random hit list; how did you come up with it?

Why zoom? It's based out of San Francisco.

I also object to the Telegram inclusion. Unless you want to include Discord, and various other server side encrypted communication apps. The founders may be Russians by birth but they have Ukrainian roots, are no longer Russian citizens, had their first company stolen from them by the Kremlin, etc. Also I always like to note, Einstein was a German by birth but he was no Nazi.

What's the FileZilla connection? Tim Kosse (which as far as I can tell it's still the primary author) is a German.

Ross_audio ,

Honestly, Zoom just has a hilariously high frequency of vulnerabilities being discovered.

Dark_Arc ,
@Dark_Arc@social.packetloss.gg avatar

I mean... That's fair, I don't recommend zoom, but those reasons have nothing to do with Russia and everything to do with a company that was willing to lie that they had E2EE and didn't.

mansfield ,

This very partial list is based on my being in cyber security for 20 years and working a variety of incidents involving these apps. You all can do whatever you want with your computers.

magnusrufus ,

That you didn't give a helpful answer makes me doubt you where as before I was interested in what you had to say.

Harbinger01173430 ,

Telegram ftw. Down with WhatsApp.

yildolw ,

Signal has better defaults and a less compromised origin

Harbinger01173430 ,

Nobody I know is using it so the point is almost moot :(

sepulcher ,

There's nothing really wrong with telegram.

It's just social media for people who aren't indoctrinated by the west.

tacosanonymous ,

You’d think the fact that Kaspersky is useless would be enough to keep people from using it.

Contend6248 ,

It's not useless for brainless users sadly

CluelessDude ,
@CluelessDude@lemmy.zip avatar

You would think that but I have a Friend that bought the paid version and swears by it, he had more than enough problems with it blocking everything it wants, I don't say anything anymore I just shake my head and move on.

HootinNHollerin ,

Why would anyone trust, want to use, and yet alone pay for Russian antivirus software

Atlaty ,

Because it's a good antivirus

HootinNHollerin ,

Good luck

Kata1yst ,
@Kata1yst@kbin.social avatar

You found one video supporting your viewpoint. Kaspersky's role in Russian intelligence has been an open secret since the mid 2010s. This is Facebook Anti-Vaxxer "research" methodology.

rottingleaf ,

Not that it was a secret at any point. That company has that approach to advertising and PR reminiscent of hacker movies as normies, lamers and "Windows power users" perceive them. Usually when there's bullshit in one part, you expect it to be there in other parts too.

But - their "antivirus check tool" or something was very convenient for me to remove winlockers somewhere in 2007. I do remember the good things.

Atlaty , (edited )

The guy ho made the video works as data analyst, plus Kaspersky works perfectly as antivirus.
Can you gave me evidence supporting your claim?

KingThrillgore ,
@KingThrillgore@lemmy.ml avatar

Kaspersky was actually good a long time ago, but there was a shakeup and the FSB started to get more involved in their operations somehow. Its not safe now, is what i'm saying.

sugar_in_your_tea ,

I'm not sure how that's relevant. People should be free to use whatever they want. I'm not interested in Russian software, but that doesn't mean banning it is okay. The same goes for Chinese software like TikTok (not touching that), Iranian software, or North Korean software, if that's even a thing. I don't care if literal Nazis made the software, people should be free to use what they want.

The only areas the government should get involved are:

  • government owned devices
  • public advisories
  • prosecution of crimes where the software is involved

The software I choose to use is not the government's business. If I violate a law, charge me with a crime, but don't preemptively ban stuff.

Plastic_Ramses ,

What if said software is being used to manipulate national interests from a civilian level and its owned by an adverserial nation?

sugar_in_your_tea ,

That's one of the costs of liberty. The government will need to find another way.

The barrier to banning something in the interests of national security must be much higher than "this could be used by our enemies." That's the entire basis for the War on a Terror, the Patriot Act, and the NSA spying on Americans, and I won't stand for it. It's also the same idea as banning books, that's just not how a free society works.

You combat misinformation through integrity and transparency, not bans.

RidcullyTheBrown ,

That’s one of the costs of liberty. The government will need to find another way.

No, that’s not liberty. If the average user would have any way of detecting when software is doing nefarious thighs, then sure, you’d be right, but the average user can’t possibly know that software is misbehaving just like they couldn’t have possibly known that asbestos or lead was bad for them. Software is opaque. As long as it remains opaque, consumers are unsuspecting victims and need help.

sugar_in_your_tea ,

average user can't possibly know

Hence the information campaign to make people aware.

Look at cigarettes, they are harmful and therefore have a strong information campaign to inform the public. I highly doubt you'll find anyone today who isn't aware of the dangers of smoking, but just 100 years ago, it was considered classy and largely innocuous. The difference was a big information campaign to counter the tobacco lobby's attempts to spin smoking as somehow healthy.

The government's role should be to make opaque things transparent, not to bad things that could be harmful. At the same time, they can spy on other countries to get an idea of what types of control they can exert, which would help them better inform the public.

But at the end of the day, it's up to the individual what they choose to believe. Liberty is having the freedom to make poor choices, and to live with the consequences. The government's role should be to earn our trust, but they violate it at every opportunity in the name of "security" (NSA, TSA, etc). Yes, a lot of people will ignore it, and that's a part of having liberty.

RidcullyTheBrown ,

Hence the information campaign to make people aware.

There are still those who think the lunar landing didn’t happen so this is not a valid option for something that might pose an immediate danger to society.

But at the end of the day, it’s up to the individual what they choose to believe. Liberty is having the freedom to make poor choices, and to live with the consequences.

Government backed malicious software is not just dangerous to the user, it’s a societal level threat. And unlike smoking, which is banned wherever it poses a danger to more than just the smoker, there isn’t a way to restrict usage in a way in which it only affects the user.

sugar_in_your_tea ,

immediate danger to society

But what exactly is the definition of that?

For example, which of these meet that definition:

  • an antivirus that ignores viruses from the county of origin
  • a social media app that collects data from a device and sends it home
  • a social media app that likely promotes content with a specific political agenda the government doesn't like
  • an app that hides monetary transaction details, which is commonly used by terrorists and other criminals
  • a social media app that doesn't id users and allows criminals to use it to communicate

The first two are probably the initial targets, but a law enforcement agency could make a decent case for the rest. Where does it stop?

That's why I think we need a hard limit on government authority here. It's better for some bad stuff to propagate than for the scope of what's blocked to expand and effectively limit freedoms of speech, association, press, etc.

Government have a lot of tools at their disposal, I honestly don't think banning software needs to be one of them.

RidcullyTheBrown ,

There is no way you of knowing what closed software does, especially software such as Kaspersky. Any piece of software can act as a backdoor for total control of all your devices and network. And when that software has the power of a state like Russia or China behind it, it can gain access to all sorts of secrets it shouldn’t have access to and can be used to corrupt people, compromise entire corporate level security systems and entire state level security systems.

Government have a lot of tools at their disposal, I honestly don’t think banning software needs to be one of them.

I really don’t understand why this is where you think the line should be drawn. Countries routinely decide to stop trading with various other countries for multiple reasons. For example, Russia is already under an embargo, why should software of all things be left free. Software is one of the least controllable goods that can be traded across borders.

effectively limit freedoms of speech, association, press, etc.

Since when do you have the freedom to associate with non-US citizens? Do you even understand what this is about!

sugar_in_your_tea ,

There is no way you of knowing what closed software does

Sure, and that's why I very much prefer FOSS and avoid nonsense like Kaspersky. I also actively tell everyone I know to prefer FOSS.

Countries routinely decide to stop trading with various other countries for multiple reasons

I'm also against that, generally speaking. I think open trade promotes freedom and therefore democracy, and blocking trade just encourages more authoritarianism. I have yet to see a case where it actually impacts the leadership enough to matter, especially when it comes to larger countries like Russia.

Since when do you have the freedom to associate with non-US citizens?

Why wouldn't I? If they have the freedom to associate with me, I should have the freedom to associate with them.

RidcullyTheBrown ,

Why wouldn’t I? If they have the freedom to associate with me, I should have the freedom to associate with them.

That’s a very very big “if” considering US’ foreign policy. An “if” that translates to you not actually having this freedom.

I very much prefer FOSS and avoid nonsense like Kaspersky. I also actively tell everyone I know to prefer FOSS.

How noble of you, but what do you suggest we do about people who aren’t reached by your words of wisdom?

sugar_in_your_tea ,

An “if” that translates to you not actually having this freedom.

I'm not sure what your point is. Someone not having the freedom to associate with me doesn't limit my freedom of association. Someone else being locked away in jail doesn't mean I'm in jail just because I can't freely associate with them.

We should be pushing to remove barriers to association, not responding in kind. And yes, that includes changing our foreign policy.

what do you suggest

As I mentioned, the government should raise awareness around the issues of proprietary software, especially software originating from adversarial countries. Don't raise FUD, but instead fund research into these software products. Get researchers onto platforms where they can reach a wide audience, like late night talk shows, popular YouTube and similar channels, etc.

For individuals, promote and donate to organizations like Mozilla, the EFF, and Proton that push for open software and privacy. Use those services and recommend them to your friends and family.

If you ban something, you just get the Streisand effect and erode trust. If something is dangerous, the best strategy is to be completely transparent about why and provide information that can be independently verified.

RidcullyTheBrown ,

Someone not having the freedom to associate with me doesn’t limit my freedom of association.

US visas & other things make it so that otherwise free people cannot do business in US or even enter the US. This means that, by definition, your state prevents you from associating with them.

the government should raise awareness around the issues of proprietary software

But this doesn't remove the threat at all. Look at tiktok, governments have been raising awareness about it and flagging it as a national security concern and yet the user count is growing.

There are things where raising awareness makes sense, e.g. alcohol consumption, smoking, etc. There are other cases where state intervention is required, e.g. working with asbestos, led, mercury, etc. Software falls in the latter category, because, like I said, it's not just a matter of personal choice. S

If you ban something, you just get the Streisand effect and erode trust.

I really doubt that banning Karspersky would have the effect of more people using Kaspersky. That's silly.

sugar_in_your_tea ,

US visas & other things

I agree, and I'm absolutely in favor of dramatically relaxing our immigration policy. If I could snap my fingers, I'd double immigration quotas and guarantee visa renewal for anyone here legally who has not been convicted of a crime. I work with some wonderful immigrants, and I think we need more.

That said, my freedom of association isn't being limited with poor immigration policy, I can still collaborate with them online, share software with them, etc. The only limitation is physical proximity. That's an issue, but I don't see it as an abridgement of my freedom of association in at all the same way as banning software.

yet the user count is growing

Then the people have spoken. They prefer whatever that app provides over national security.

The government should step up the awareness campaign and find legitimate issues to substantiate the guidance to avoid it.

But I do not consent to the government banning any form of media.

Software falls in the latter category, because, like I said, it's not just a matter of personal choice

What's special about software? The defense here is proper security practices at all levels. The main risks are:

  • botnets - ISPs should shut that down
  • worms - proper security
  • identity theft - insurance and criminal prosecution

Honestly, if governments pressured computer vendors to properly sandbox applications, we'd have far fewer problems. That's where the awareness campaign would do wonders, naming and shaming when vendors cut corners on security.

I really doubt that banning Karspersky would have the effect of more people using Kaspersky.

Maybe not, I don't think people have a real sense of loyalty to their antivirus.

But I think it could totally be a thing for TikTok.

RidcullyTheBrown ,

Then the people have spoken. They prefer whatever that app provides over national security.

You should read about the tyranny of majority.

sugar_in_your_tea ,

I'm quite familiar with it.

But think of it this way. The majority is often poorly informed and will likely agree to some group making decisions on their behalf. That group is not necessarily subject to the will of the people and instead operates in its own bureaucracy where "security" is preferred over other priorities the people may have. Look at the TSA, they have been blinded by a pursuit of the appearance of security that they have gone well past the effective controls necessary to provide reasonable security to likely threats (e.g. bullet proof cockpit doors), and have failed to actually prevent things their tools are designed to detect.

The majority want safety, and a government agency wants to maintain relevance. Solving the problem by granting the government more power will devolve into the agency looking for more reasons to stay relevant and keep its funding. There's plenty of examples of that, so it's not an unfounded slippery slope argument.

So instead of the majority blindly handing over their responsibilities to a third party, we should instead teach the majority to avoid the worst of it. And then we can use the agencies we already have to gather information about potential threats and shut them down through other means (e.g. instead of banning potentially harmful apps, they could sue the app makers for actual damages).

RidcullyTheBrown ,

through other means (e.g. instead of banning potentially harmful apps, they could sue the app makers for actual damages).

but that’s just the point, isn’t it? There are no means of obtaining compensation from an adversarial state or its companies and the damage caused might be irreparable. The discussion is not about countries that US has strong ties with. This is foreign policy. And just like your fundamental US granted rights are not guaranteed outside the US borders, nor should adversaries enjoy the same rights in the US. Since the country in question, Russia, makes no commitment to observing any US laws and since there is no way of coercing it or punishing it when it doesn’t, why should US citizens be exposed to this?

And by the way, I think there’s another piece of info that you’re missing. Software bans are not the same as other bans. Banning Kaspersky, for example, just means that the company cannot officially trade and advertise their products in the US. But there is no way of preventing users from using those products(unfortunately).

sugar_in_your_tea ,

There are no means of obtaining compensation from an adversarial state or its companies

If they do business here, they are subject to our laws. TikTok, for example, does have an entity here, so they would be subject to our laws. I don't know about Kaspersky though.

why should US citizens be exposed to this?

Because they choose to. Restricting that is a restriction on US citizens' freedom of association.

Banning Kaspersky, for example, just means that the company cannot officially trade and advertise their products in the US

It goes further than that, it also restricts companies like Google and Apple from including them in their app stores. And for something like Apple, that effectively means users cannot install the app on their device because Apple does not allow other app stores.

I may reconsider if there were no practical limits on what users can do with their devices. Any restrictions should purely be on the companies offering the service, and it should never be illegal for me to use a given piece of software, even if it's on the government's "do not trade" list or whatever. What I do with that software may be illegal, but merely possessing and using it without violating other laws should never be illegal.

I also don't think it should be illegal for any app store to distribute and process payment for a given piece of software, though perhaps it could be illegal to promote it. Otherwise, that's a restriction on the freedom of the app store as well.

KingThrillgore ,
@KingThrillgore@lemmy.ml avatar

The cost of liberty and freedom is eternal vigilance from those who want to harm us, and those who claim to protect us.

Kedly ,

Side tangent, but your oopsie of Nefarious Things to "Nefarious Thighs" fucking FLOORED me xD Wish I could detect nefarious thighs!

RidcullyTheBrown ,

Hah! I'm not changing it

abrinael ,

Sounds like a George Michael song to go along with Careless Whisper.

0xD ,

Banning software is not the same as banning books, lol. Books are passive ideas, software is active and can be used for espionage. You're creating a false equivalence here.

sugar_in_your_tea ,

They're absolutely in the same category.

If the government can ban things in the name of "national security" based on little more than "it's potentially dangerous," what's stopping them from labeling any platform that doesn't censor information the way they want as "dangerous" and subject to bans?

The government doesn't get to choose what I run on my computers, nor do they get to choose what books I read, what movies I watch, etc.

0xD ,

Oh yeah, the fallacious slippery slope again. How creative and intellectual!

sugar_in_your_tea ,

If there's anything it applies to, it's government overreach. Look at how the TSA expanded its violation of personal privacy in the name of "security," or how the NSA and FBI have expanded surveillance of individuals. Look at the militarization of police.

Once you let the government ban a handful of apps, it's going to use that new power more frequently. That's what bureaucrats do, when you give them a hammer, everything looks like a nail.

There are so many examples of government getting its foot in the door and steadily expanding its control. That's what it does.

ATDA ,

You do just as you did. Tell people and let them make up their minds. Posts like yours convinced me in the past and it will others in the future
.

Miaou ,

Can't wait for the EU to ban Facebook :(

Kedly ,

I mean, yeah? I'm down!

Harbinger01173430 ,

I'd still use it if my friends and most of the people I know do

maynarkh ,

Country in a trade war / cold war with another country decides to block imports of some product from said other country, citing fears of the product being poisoned. It's barely news.

crazyCat ,

It’s news worthy enough for a technology sublemmy, I’d think.

maynarkh ,

Yeah it is, and I'm happy about it being posted, it's not that. I should be less sarcastic and more direct, I am just getting jaded. Thanks for pointing it out.

I guess what I am saying is more that of course the US is going to try to limit Russian influence and trade, just as Russia does as much as it can. Same with China and Tiktok and whatever.

It's reasonable, it's actually one of the more reasonable things the US does. There are a ton of people around here who cosplay as communists while rooting for fascist Putin who try to blow these things up as an attack on free trade or freedom of speech.

It's not like Putin's people literally wrote and published a book about how they want to do election interference using stuff like this.

crazyCat ,

Cool cool, agreed.

orphiebaby , (edited )

It's news. That's all that matters.

Also this is actually a pretty unique and interesting scenario. You ever seen a digital embargo of software from a single country imposed on citizens? Not to mention the dignity and rights violations on both sides...

maynarkh ,

Yes, I've seen digital embargoes preventing companies in other countries doing business in mine, because their legal environment differs from ours.

Google Analytics got banned in several European countries comes to mind. I remember some small blogs writing about that, not much else.

orphiebaby ,

I mean, regardless of semantics about whether it's new to us or not, that's still news.

alsu2launda ,

😂😂😂.

American software is created by Jesus Christ.

tastysnacks ,

Damn immigrant

KingThrillgore ,
@KingThrillgore@lemmy.ml avatar

American software is created by some dude in Nebraska maintaining libg++ at no financial gain to him.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • technology@lemmy.world
  • random
  • incremental_games
  • meta
  • All magazines
    •