There has always been an uncomfortable relationship between a customer and their security vendors, in particular with the relationship between the vendor and state agencies. Normally a concern with US vendors, bur lately Kapersky has been accused of providing Russian Agencies access to their customers. It should be pointed out that the proof provided is not good, but enough for actors like the US Government banning the use of all Kapersky products. An breakdown of the allegation can be found in this analysis from ArsTechnica, summing up the info from primarily sources behind pay-walls.
When should you stop trusting you vendors?
