What are Gabrielli and Baldoni really up to on Kaspersky?

by Umberto Rapetto

What are Gabrielli and Baldoni really up to on Kaspersky? Start Magazine

The comment by Umberto Rapetto, director of infosec.news

Software is dangerous stuff. It is the soul of the electronic "machines" that we use every day, it is the true invisible "pilot" of the activities that the IT tools perform on a daily basis. And if we are talking about a program that has a "pharmaceutical" character, it would be necessary to know its contraindications before proceeding with its purchase and subsequent "administration". Surely Kaspersky has never had any intention of poisoning our systems, but equally certainly no one is able to say and demonstrate what a certain antivirus (and therefore also others from different sources) combines on the devices that entrust their security to the installation of a certain safety product. The not very comforting picture of slender client capacity and questionable suitability to choose what to buy is proven by the lightness with which the government authorities have sanctioned the elimination of a specific type of protection. "Uninstall!" and "Remove!" are the buzzwords that echo and whose echo seems to say "What are you waiting for?!?". Nobody ("I swear no one, not even destiny" would have sung Mina) has taken by the ears those who have selected and placed on the servers of the Public Administration (even in "delicate" contexts such as Foreign, Defense or Police Forces) anything which could arouse some perplexity. Nobody ("you can judge me" would add Caterina Caselli) has announced that they have opened an investigation to vivisect the procedure that led to the certification of a software that now needs to disappear quickly ... It would have been nice if it wasn't the editorial acid I wrote on February 22 that drew attention to the possible problem, but an official statement from the indispensable Cybersecurity Agency. It would have been even more beautiful if that press release had been accompanied by operational instructions on what and how to remedy the evident risk situation (or inconvenience for those who - courageous beyond all limits - do not fear danger). But - to paraphrase Frassica in the role of Father Antonino da Scasazza in "Those of the night" - what is beautiful is not beautiful but how beautiful, how beautiful, how beautiful ... Leaving aside the not done or the done with no innocent delay (the prevention of cyber risk should start promptly) given that these things have been talked about for more than five years, it is legitimate to want to know if an emergency plan has been drawn up to systematically address a situation of objective urgency. A few mouse clicks are not enough to “really” remove an antivirus. Don't think about "moving to the trash" and be done. Like grease stains, computer security products have a certain persistence and penetrate the connective tissue textures in which they have been inserted. Have the cyber experts already drawn up the practical instructions for carrying out all the essential steps without neglecting the effectiveness of the "remediation" to be carried out in order not to leave any potentially explosive" "debris"? Has anyone already compiled an inventory of the contexts in which it is necessary to intervene? Who administers those systems is already organized for the "switch-off", or rather to rotate the fateful switch? And, above all, does that IT manager know what to do next? Has a comparative table been prepared to guide the choice of the antivirus that will have to take over from the "not recommended" product? Has the supply time and the gap between the removal of the "old" and the entry into operation of the "new" been calculated? How long do you think it will take to reach the long-awaited shore of safety? How much are you supposed to spend? Are the funds there? ... The Cyber Agency undoubtedly already has all the answers. Those who have to provide only ask to be able to read them as soon as possible.