The U.S. Center for Disease Control (CDC) has published data showing a large political party is killing its members like a primitive cult drinking Jel Sert’s Flavor Aid. Can you guess which one? Here is a clue from ABC.

“…the 10 states with the highest vaccination rates all voted for Biden in 2020, while nine of the 10 states with the lowest vaccination rates [did not].”

It really begs the question for who in the security industry did not vote for the party that stood for national safety and preserving life, given the other one actively opposed basic security.

The ABC goes on to say there was a vast discrepancy between red and blue beliefs as death correlated to political regions. Notably, the differences were measured in “access to adequate healthcare, and the disproportionate impact of the virus on communities of color.”

People taking drinking the red stuff experienced less healthcare, more racism.

And again, given our industry is supposed to care about information integrity, we have to wonder who voted for America having a national security breach of this magnitude.

…vaccination rates and receptivity to mitigation measures have also been influenced by factors including misinformation.

Can someone ethically be a security professional who goes on Fox news to whinge about stopping breaches (that have marginal likelihood and severity) while voting for a party that attacks the country en masse (killing literally millions)?

Once a vaccine was widely available the death rates shot up nearly 40% in “red” states. This is basically a United States security dashboard where user groups who refuse baseline precautions on political grounds alone are going permanently offline at an alarming rate.

Speaking of misinformation, Jel Sert’s official grape Flavor Aid page says its primary ingredient on the left side is sugar made from cornstarch (Dextrose), yet the nutrition label doesn’t list sugar at all on the right side.

Very strange, given that dextrose powder has about 4 calories per gram just like table sugar (sucrose) and quickly raises blood glucose levels. This 4 gram package mixed with water gives 16 calories of sugar and basically nothing else (including attempts to hide the sugar as vitamin C).

Dextrose is said to lead directly to weight gain, diabetes and heart disease if you believe the science in a large-scale study from April 2014 in JAMA Internal Medicine. Such warnings about the dangers of dextrose were echoed again in 2017 by BMJ OpenHeart. So how can a sugar product have a prominent list that doesn’t include sugar?

[FDA requirement to put on a nutrition facts list] added sugars include sugars that are added during the processing of foods (such as sucrose or dextrose)… For most Americans, the main sources of added sugars are sugar-sweetened beverages…

Again speaking of misinformation, Elon Musk originally said in early 2020 that COVID19 would be gone by April, and then in late 2020 that he did not believe in safety measures and would not get a vaccine. Two years later he has both gotten the vaccine and twice been tested positive for COVID-19.

If this sounds like misinformation from a prominent political voice in America, it gets even worse. News reports say he used his bully pulpit to convince people their lives didn’t matter.

…he spent months criticizing public health measures aimed at curbing the spread of the coronavirus, promoting misinformation about COVID-19 such as insisting it wasn’t very deadly, and baselessly casting doubt on the effectiveness of vaccines.

In fact, Elon Musk said in the most political way he would move his entire operations to a “red” state after California said it was applying pandemic precautions (as well as investigating racism) to protect his workers from abuse and death.

This is unfortunately consistent with him also telling the public lies about transportation safety, allegedly profiting from cutting corners in the low-quality deceptive Teslas that caused hundreds of preventable deaths… perhaps making it the Flavor Aid of cars.

All food for thought.

Remember when Kaspersky in 2018 lost an obviously stupid lawsuit that claimed the U.S. government shouldn’t be able to prohibit products harmful to society?

U.S. District Court Judge Colleen Kollar-Kotelly wrote in her May 30 opinion that U.S. networks and computer systems are “extremely important strategic national assets” whose security depends on the government’s ability to act swiftly against potential threats, even if such actions cause adverse affects for third-party providers like Kaspersky Labs. “These defensive actions may very well have adverse consequences for some third-parties. But that does not make them unconstitutional,” Kollar-Kotelly wrote.

On a related note, Americans I know personally who foolishly agreed to attend Kaspersky CEO’s invite-only security “bash” on a tropical island… ended up with food poisoning and severe illness. Projectile vomit.

True story.

Well, the big news today is that under a 2019 law the FCC has just formally added AO Kaspersky Lab along with China Telecom and China Mobile to a national security threat list.

Kaspersky earlier this year was also in the news when the German government issued a warning, and again when their CEO gave a rather tone-deaf message about Russia invading Ukraine.

“Better to have stayed silent than to have called an invasion a ‘situation’ that requires a ‘compromise’,” Rik Ferguson, of rival cyber-security company TrendMicro, tweeted.

That makes me like TrendMicro.

Think of Kaspersky in terms of a security software vendor telling customers that a serious breach is a situation needing compromise when attackers are Russian. Who would really want to use that vendor versus one that actually defended against being breached?

Some also may remember Kaspersky’s handling of the infamously traitorous General Michael Flynn by giving him large cash payments.

Flynn also received $US11,250 ($14,667) from Kaspersky Government Security Solutions, Inc., described as the US subsidiary of Kaspersky Lab, a Russian cybersecurity firm, according to the documents.

Yes, he was traitorous. Any U.S. General full well knows how businesses and criminal enterprises in Russia are direct extensions of Russian intelligence whenever the Kremin chooses. It’s really no understatement to call Flynn a traitor.

As I told journalists in 2017 (clumsily, I admit): while Mandiant is close to NSA, Crowdstrike is close to FBI, we can’t compare the collaborations with Russia because Putin’s dictatorial control model is completely different from congressional contracts and hand-outs.

Israeli intelligence had since 2014 sounded the alarm to anyone in the U.S. willing to listen to intelligence.

Perhaps also worth mentioning here, since we’re talking about remembering things, Facebook around 2014 started to carefully audit anyone who came to their site… and then actively pushed Kaspersky code as “free” help.

The problem with Facebook is thousands of active phishing scams but the social media giant has partnered with popular security software developer firm Kaspersky so that users could identify and remove malware from their computers.

Popular security software developer firm Kaspersky? According to what population?

Let’s be honest here.

The real question is whether users could identify and remove the threat from the relatively unheard of Kaspersky software being pushed upon them by Facebook’s security team? I guarantee the vast majority of users had never heard that name before Facebook made it a required “checkpoint” to login.

Moreover, does having a problem with phishing on Facebook sound anything close to being a relevant reason to push an unfamiliar Russian content scanning tool onto people?

No. No, it does not. Now read this:

In a Facebook post, Facebook’s Software Engineer Threat Infrastructure Team head Trevor Pottinger explained: “To make this programme even more effective, Kaspersky Lab is bringing their expertise… we will offer Kaspersky Malware Scan for Facebook… in the past three months, we have helped [run Kaspersky code on] more than 2 million people’s computers.”

Facebook knew exactly who had run the Kaspersky code. They boasted about knowing how many people ran it.

You’ll never guess what happened next.

When called to account for their very precise user tracking and audit practices, Facebook tried to plead total ignorance as if there had been no factual basis to loudly boast “more than 2 million” users had Kaspersky pushed onto them.

The dubious and forked-tongue of Facebook “help” came not long after they hired an unqualified CSO, and Moscow Times in 2015 ran the headline “Kaspersky Plans Push for Sales to U.S. Government” (link now unreachable)… which was countered by the even more salacious headline “Russian antivirus firm faked malware to harm rivals – Ex-employees“.

Faked malware to harm its own employees and rival companies while pushing into U.S. Government sales. No wonder that now-disgraced Facebook CSO, known for failing to disclose the largest breaches in history, was so welcoming.

For context on why this all might sound so evil the two founders of Kaspersky served as Russian intelligence (KGB). Twice there have been major disagreements at the executive level and its CEO has had major exodus of talent as he consolidated control and refused to be transparent, allow other views, or resolve disputes.

So while it’s really good to see Kaspersky finally being handed the kind of label it has always deserved, I’m disappointed that a heavily Russian-backed Russian-asset like Facebook wasn’t included (as I’ve warned about publicly since at least February 2011 and why I deleted my Facebook account in 2009).

After this FCC explicit ban on Kaspersky should we get to call it the most anti-democratic software ever? Or does that crown remain on Facebook (not least of all for peddling Kaspersky)?

Also, US sales of Kaspersky (under $50m) is tiny compared to the UK (over $500m), so maybe the real question is how much exposure does American national security have to British system compromise.