Kaspersky Lab plans to reveal the source code of its software


    Photo: TASS / Sergey Savostyanov

    Kaspersky Lab announced its readiness to provide independent experts with the source code of its software. This is done to conduct an analysis, due to which, as the company hopes, the US authorities will remove suspicions of espionage. “Laboratory”, by revealing the source code, hopes to “confirm the transparency of its activities, which is primarily aimed at protecting users from any cyber threats, regardless of their origin or purpose”. Software analysis will begin before the end of the first quarter of 2018.

    It is worth noting that these actions of the company will become part of its extensive initiative on information transparency (Global Transparency Initiative). This initiative is designed to “engage the expert community in the field of cybersecurity in verifying the integrity and reliability of the company's products, internal processes and business operations.”

    Opening source code is not all; within the framework of the announced initiative, the Laboratory plans to develop additional mechanisms for monitoring the data processing process. Three “transparency centers” in different countries will also be opened. According to the company's management, such centers will help solve almost any security issues, including customers, partners and government agencies. The first "transparency center" will be opened in 2018. And by 2020 they will begin work in Asia, Europe and the United States.

    In order to eliminate possible vulnerabilities in its software, Kaspersky Lab will increase the reward for the bug bounty program. The maximum size of payments is planned to increase from the current $ 5 thousand to $ 100 thousand.

    “The Internet was conceived to bring people together and share knowledge. Cybersecurity knows no bounds, and any attempts to divide cyberspace based on geographical territories are counterproductive. They need to put an end to. We must restore confidence in relations between companies, governments and citizens, ”says Kaspersky Lab CEO Yevgeny Kaspersky.

    The company decided to open the source code of the software after in mid-July the US government decided to exclude"Laboratory" from the list of software suppliers approved for work in US government agencies. By December 13 of this year, all government agencies in this country are required to stop using Kaspersky Lab products, replacing them with programs from other companies.

    It came to the point that Democratic senator Jin Shahin stated that the Russian company “cannot be trusted to protect critical infrastructure nodes, especially computer systems that are vital to national security.” Actually, the problem did not happen all of a sudden. From a certain point in the American press, information began to appear about certain “bookmarks” in the Lab software. These bookmarks are supposedly used to provide data to the Russian special services.

    The head of Kaspersky Lab announced the possibility of providing the US authorities with source codes for the company's products back in June . True, representatives of this country did not answer. Once Kaspersky was invited to come to the United States to attend one of the meetings of the Committee of the House of Representatives on Science, Space and Technology of the US Congress. Kaspersky agreed, but the committee meeting was adjourned.

    It is clear that after high-profile statements by the American government, the company's competitors intensified. In some cases, this strategy worked, and Kaspersky Lab customers switched to competitors. The USA is a rather large market for the Laboratory. Prior to the trial, North America accounted for about $ 24.3% of the company's total revenue. At the end of the year, Kaspersky Lab’s revenue amounted to $ 644 million.

    According to some experts, the measure proposed by the company is rational. True, on the part of the United States, confidence will be restored very difficult, if at all possible. Yes, and check the source code of modern products of the "Laboratory" - that is another task. “Auditing the source code of a program, especially as voluminous as an anti-virus solution, is a very time-consuming task. For example, the analysis of the TrueCrypt project, which has significantly less complexity and the amount of code, took a whole group of security researchers for almost two years, ”said Ilya Shalenkov, senior manager of the information risk management group at KPMG in Russia and the CIS.

    In general, if the US authorities agree to the proposal of Eugene Kaspersky, then in part this market may again open “Laboratories”. However, trust has already been lost, although perhaps unreasonably. And to prove something will be very difficult.

    Also popular now: