ABC News – Matt O’Brien – 10/23/17
Moscow-based cybersecurity firm Kaspersky Lab, battered by suspicion of Russian government influence, wants to reassure customers by opening up its software’s underlying code for outside review. But security experts and some U.S. politicians say the move is mostly meaningless.
Security researcher Chris Wysopal said he welcomed multiple, independent reviewers, but cautioned that such analyses can provide only a snapshot of how the software works at a given moment in time. Like phone apps and other programs, security software is frequently updated.
“Even with this transparency, there’s still a level of trust you have to give the company,” said Wysopal, the chief technology officer of Veracode, a part of CA Technologies. “But this is a world we live in. There’s a supply chain. We live in a world of dynamic software, constantly updating.”