The other day I sent out a “Tweet” and proceeded to lose 30% of my combined followers, literally overnight. The Tweet explained how the 53rd Street Library in New York City had expressed weariness over allowing me to instruct or teach lessons at their facility after coming to the realization I work with and source a great deal of my content through international partners. I had cracked the joke; “Rogue Security is getting the Kaspersky treatment? Must be moving up in the world?…”
For those of you who might not be familiar with the backdrop or sarcasm expressed here, Kaspersky Lab has recently become one of the most polarizing names in cyber security dating back to the 2016 US Presidential election. This is because many people have come to believe that the Kremlin deliberately altered Russian Law in order to corrupt/compromise Russian based businesses, which Kaspersky is, into handing over confidential information relating to customer databases. Moreover, considering that Kaspersky Lab was one of the most widely utilized software developers purchased by US Government employees and contractors over the years, it is now believed that Kaspersky Lab itself was one of the key players behind the whole Russian hacking election fiasco – whether they voluntarily intended to be or not. For this very reason, dating back to December 2017, all Kaspersky products have since been banned on the Federal level and their software has been pulled off the shelves of stores including Staples and Best Buy – though their products still remain legal on the civilian level.
However, it must be noted that what the Kremlin did is nothing new. In fact, this practice has been employed by the United States Government for far longer. You might be surprised to know that it is 100% illegal for any computer, privacy or cyber security company based out of the US to refuse to hand over their data, servers or customer records to the US Government, provided those servers and data are stored within United States borders. Believe it or not, it is even illegal for US based businesses operating servers/companies overseas to refuse to hand over their data if requested by US authorities. While Microsoft is currently taking this obligation to the Supreme Court, throughout the course of 2016 and 2017 multiple lower courts have upheld the US Governments right to demand this information. Not only this, but the acting attorney General, Jeff Sessions, has also vowed to make unfettered end-to-end encryption illegal as long as he is in office.
Therefore, at least when it comes to your data privacy, claiming that “those Russians” are any better or any worse than “those Americans” is nothing more than farcical, and your information is no more protected in the hands of The White House than it is the Kremlin. So, no matter how strong your sense of Patriotism or Nationalistic pride may be, the fact of the matter remains that your computer isn’t more secure just because you buy from an American company. In fact, you might be surprised to know that multiple independent tests and studies have confirmed Kaspersky Lab is the most secure software platform for Windows based devices, and other studies list Microsoft’s own platforms as the worst. Moreover, there is a very real reason none of the world’s top privacy/security companies host their services inside US territories.
With that established, let’s take a closer look at some of the other most notable countries in the field of cyber security these days.
Dont Necessarily Buy Into The Swiss Hype
Over the course of the last 3-4 years one of the biggest trends I’ve noticed is all of the “hype” surrounding Switzerland and their world renown reputation for protecting business privacy and confidentially. Traditionally, Switzerland has acquired this reputation for protecting foreign investors within their banking systems. However, it must be noted that the same protections afforded/granted to the multi-billion dollar banking system are not necessarily extend to the cyber security industry, and you can bet your ass that you are never going to get the same level of privacy or protection from the Swiss Government for your $50 a year VPN connection or email account that an investor is going to get for their multi-million dollar bank account – get it? Any thought to the contrary is just, well, dumb – really.
For lack of a better term, in 2018 it is a generally known fact that many companies are simply trying “bank” on Switzerland’s historic reputation and turn it into a few extra dollars for their cyber security companies. This is not to say however that there are not some top notch countries currently operating out of Switzerland.
In fact, for the very laws as they now exist inside Russia, Eugene Kaspersky has vowed to move all of his companies servers out of Russia and into Switzerland to provide his customers with a greater level transparency in hopes of regaining their trust. Other companies such as ProtonMail and Tutanota also operate out of Switzerland and are two of cyber securities most trusted vendors. Many of the industry’s top VPN service providers also operate their servers out of Switzerland. As always though, do your research and just be weary/cautious of all new tech startups in the country.
Don’t Trust The Netherlands
The Netherlands really started to lose the trust of the cyber security community dating back to 2016, following the closing of GhostMail email servers and a series of raids on VPN service providers around the country. Dutch authorities have remained quite about their recent change of policy, but prior to 2016 the Netherlands was considered by many to be one of the worlds fastest growing and most trusted names in cyber security/digital privacy. Because of this, the underground hacking community has long since speculated that the Dutch Government was ultimately pressured to crack down on digital privacy providers following a joint effort undertaken by the US Federal Bureau of Investigation and European Police (EUROPOL), whom had essentially had enough of criminals and/or terrorists taking advantage of security platforms operated out of the country. Fast forward into 2018, while there are still a few legacy companies operating out of the country, almost all new startups know not to do business there.
In March of 2018 I personally reached out to GhostCom Ltd, the original founders of Ghostmail, for comment on their closing and the true extend of the operation undertaken by Dutch/International police, but their legal team has declined any comments to this day.
Belgium & Ecuador Offer The Strongest Privacy Protections In The World
Ecuador is world renown for protecting digital privacy, internet rights and international freedom fighters. This is not only evidenced by Julian Assanges continued political asylum, Ecuador has also granted asylum to some of the worlds most elite and dangerous hackers over the course of the last several decades. By now, it is a well known fact that the Government of Ecuador is willing to do more than almost anyone else to shelter/protect political activists and members of the digital underground, helping them to continue doing what they are do safely and securely. For example, despite all of the “hoopla” surrounding Wikileaks, the Ecuadorian Government actually controls 100% of Julian Assanges internet connectivity. Yet, have you ever heard of any one of Assanges sources being compromised over the years? That is also exactly my point. For all these reasons, Ecuador is considered one of, if not the most trustworthy country in the world when it relates to data privacy and cyber security related practices.
Belgium on the other hand has a legal system in place which ensures Government accountability and restricts potential abuses of privacy/authority. This is because every request, subpoena or warrant for information, data, servers and digital accounts made in Belgium must first be brought in front of a judge, officially in court, and proven to be valid or legitimate before any Belgium authorities can have access to it. In other countries such as the United States for example, Federal employees can simple print out a file document, sign your name onto it and automatically have the right to search your accounts – it’s literally that easy for them. For this very reason, Belgium is considered to be one the most trustworthy and accountable countries in the world to do cyber security business with, leading the way in terms of informational security. On a side note, if I was a betting man, I would expect to see many more privacy/cyber security companies start popping up all over Belgium throughout the course of the next 5-10 years, especially given all of the recent changes/overhauls to internet/data laws now being enforced by the European Union.
Colombia On The Up & Up?
This really has nothing to do with computer security, it’s just a growing trend you might have started to pick up on recently. Starting around 2015, first led by small time internet activists and Anonymous, more and more website owners across the world began shifting or creating new domains with .co – this was done for a multitude of reasons. First off, .co is often times much cheaper than .com domains. Second, it is becoming harder and harder to find an original, unique or appropriate .com domain for your business, third because more people associate the word “company” with .co instead of .com, and lastly, .co helps make your website that much more unique and stand out from the crowd – which can be an asset in today’s overcrowded online marketplace.
As for Colombia itself, I think the rise of the .co domain only helps the country look that much more innovative comparatively to the rest of the world, which is why the Colombian Government has never really pushed back on all the international vendors registering new domains through their country, including myself.