I just read this item from my Code Project newsletter for today, 06/04/2024. I’m not sure about how much I trust Kaspersky, because of where it resides, so I decided to ask my fellow FOSSser what all of you think about getting this tool, and using it.
Ernie
I think I am more worried about Kaspersky, because of where they reside, than I am about the possibility of malware on my Linux computer.
That’s what I currently think anyway. That is subject to change with new information.
Kaspersky
No thanks, its not working on windows so would let it near my linux boxes
Thank you for your reply. Your thoughts are pretty much how I feel about it. I simply hope that others may have more information about Kaspersky than I have.
Ernie
I agree with your logic,
Ernie
At the end of the article it says;
“BleepingComputer has not tested the effectiveness, nor can it guarantee the safety of KVRT, so use the tool at your own risk.”
No Thanks.
Just my 2 cents here (probably my biased political-not-correct opinion) 
The security firm notes that despite the common misconception that Linux systems are intrinsically secure from threats, there has been a constant supply of “in the wild” examples that prove otherwise, most recently, the XZ Utils backdoor.
The better security of a Linux system stands on 2 legs:
1: users of a Linux system are (at least usually) more concious, don’t run blindly anything from unknown source. Additionally these users have an idea how to set up their systems.
2: Linux systems are there in a less number, I mean 5 billion people run Windows on their computer, while myabe only couple millions run a Linux… So targeting Linux with a malware is way much less worthwile, because the attack surface is much less (except servers of course, but those are maintained and supervised by professionals).
===========
The XZ utils backdoor was catched before it reached real systems, so that incident is indeed a pain in the @ss, but as it was catched, in my reading it prooves the opposite: yes, Linux is more secure in general.
So thanks, I don’t want Kaspersky on any of my Linux powered boxes.
(I would not want McAfee either if there was an option for that…)
I saw that too. It’s most likely the author’s way of telling readers that he won’t take responsibility if you choose to use the app. I usually only use software offered on my distribution’s repositories. When I find something I want to use/try, I ask the devs to check it out, and perhaps add it. Failing that, I look for an app-image or flatpak (both of which are easily removed if needed), but I try to keep those two options to a minimum.
Ernie
Thank you! I heartily agree!
Ernie
That is an important first step towards a secure home system.
I know. That’s why I do that. I have used flatpaks and AppImages, but only if I want to try out an app before asking that it be included in the distribution’s repositories. When/if the app’s added, I remove the flatpak/appimage, and download/install the version from the repo.
Ernie
Other ways are
These are great suggestions! Thanks. I’ll probably try out all of them 
If you have a DNS server in your home network, which can log queries, opens the possibility to have a look at what sites your test machine tries to look up.
Good way catching suspicious activity.
I was kind of surprised looking at how my Philips smart TV does phone-home 
I still have zero idea how my TP-Link cameras can be viewed from the mobile app, when I’m several km away from my home WiFi… I haven’t subscribed to their “cloud” bullshit - which sounds like a scam - if not a scam - then at least a trap to grab you by the curlies (like how I paid $2.50 p/m to Google for a couple years rather than do housekeeping on my inbox or g drive - I’ve since fixed that and cancelled my google pay for it service).
I don’t have such a camera, but if I had some, and was curious how it does this, I’d look at what sites they (try to) connect to.
I bet, your cameras connect to a server somewhere, where you have an account, which accaount was created from within that mobile app.
Is there a way to determine whether your cameras have a direct connection to the Internet/have put themselves into the DMZ on your local network? If they do anything like that, I’d suggest moving them to a guest connection (isolating them from your other devices)/changing their configuration so they can’t do that/replace them with more security conscious devices.
Ernie
That’s impossible. DMZ means port frowarding all incoming connections to one (and only 1) specific IP in the LAN. @daniel.m.tripp has more cameras.
DMZ is configurable in the router via router admin access, so if one camera could do it, it has to know the credentials (hopefully not admin/admin ), plus it has to know in what men setting is this function placed - this is different on all brands.
O.K. I’m no networking expert. I was only including all the ways a device may be able to be connected directly to the Internet. The one possibility I didn’t consider was that the cameras may be connecting directly to their vendor’s server without ever touching the LAN. I don’t know how to check for that possibility because then the cameras would have their own IP address, wouldn’t they?
Ernie
The camera “phones home” (usually a server on AWS, according to wireshark here) if allowed. There is a setting (in the camera, usually under network settings) to enable/disable that. Many default on. On most cameras that I have seen it is Network > Bonjour. If it is enabled, you will see a UUID kind of identifier. That is how their server knows it belongs to your app. I turn it off on all cameras and NVR’s.