Kaspersky Source Code In the Wild

← Back to Stories (view on slashdot.org)

Kaspersky Source Code In the Wild

Posted by Soulskill on Monday January 31, 2011 @10:04AM from the somebody-get-attenborough-to-find-it dept.

mvar writes "The source code of an older version of 'Kaspersky Internet Security' has been circulated on the internet. The code was created in late 2007 and was probably stolen in early 2008. Names contained in the source indicate that the stolen code was probably a beta version of the 2008 software package – the current release is Kaspersky Internet Security 2011. According to a Russian language report by CNews (Google translation), the code was copied by a disgruntled ex-employee. The thief has reportedly been trying to sell the code on the black market for some time, and Kaspersky says that the code archive already appeared in various private forums last November."

154 comments

Min score:

Reason:

Sort:

And, in other news... by NewtonsLaw · 2011-01-31 10:11 · Score: 1

And, in other news, Microsoft has released Windows 95 to rapturous applause.
Is there a difference?
How many people (perhaps apart from malware writers) will really be affected by this disclosure of the source for some 4-year-old software?
1. Re:And, in other news... by nicholas22 · 2011-01-31 10:13 · Score: 4, Insightful
  
  This probably comes as news to you (you're not a developer, are you?) but when you build new software, you basically build upon older code. So yes, even the extreme scenario you talk about, would cause some headaches to Microsoft.
2. Re:And, in other news... by armanox · 2011-01-31 10:24 · Score: 1
  
  Not as much as you imply, seeing that the DOS-based platform and Windows 9x were both abandoned in favor of the NT-based platform (which traces back to OS/2).
  
  --
  I'm starting to think GNU is the problem with "GNU/Linux" these days.
3. Re:And, in other news... by hairyfeet · 2011-01-31 10:27 · Score: 4, Informative
  
  Actually MSFT releasing the Win9X source would be WONDERFUL news, because if you haven't tried it Win9X can make a great embedded OS with better driver support and lower specs than pretty much any embedded OS out there.
  And as for why anyone would care about TFA, that's simple: Often you don't "throw the baby out with the bathwater" and significant portions of the code will be reused. This means the black hats pretty much have a roadmap to use to trash Kaspersky AV. Even if they didn't use much of the previous code it most likely will allow them to see how the Kaspersky AV team treats PC resources like memory, giving them a good idea of where the weak spots are. Bad news for Kaspersky users I'd say.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
4. Re:And, in other news... by Beardo+the+Bearded · 2011-01-31 10:33 · Score: 3, Insightful
  
  Here's the thing.
  The people who write malware already have this code. They might not have the C source, but they've got a good handle on the IO flow and undoubtedly have it in assembly. Is this a game-changer for the malware writers? Not even remotely. Even if this was the source code for the latest version from 2011, it wouldn't change anything.
  "They" have access to the exact same software that we have. They can download Avast! or AVG or Kaspersky or MSE and write the malware to be untraceable under those security suites. Hell, if they really wanted it they could find disgruntled employees or cleaning crews and get access to the repositories for cash monies.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
5. Re:And, in other news... by joshki · 2011-01-31 10:34 · Score: 1
  
  NT actually traces its roots to VMS, not OS/2...
  
  --
  I do not read or respond to AC's. If you want a discussion, log in. Otherwise, don't waste your time.
6. Re:And, in other news... by belmolis · 2011-01-31 10:41 · Score: 1
  
  The designer of NT came from a VMS background but NT was not based on VMS code.
7. Re:And, in other news... by calzakk · 2011-01-31 10:45 · Score: 1
  
  Not necessarily true. I worked for an AV company several years ago. While the legacy product was in maintenance, a completely new version was in development and used very little code from the original product.
8. Re:And, in other news... by commodore6502 · 2011-01-31 10:57 · Score: 1
  
  >>>The designer of NT came from a VMS background but NT was not based on VMS [or OS/2] code.
  FTFY. And Netscape's designers came from their previous creation Mosaic for Amiga, Mac, and PC, but Netscape was not based on Mosaic code. Many moons later the Mozilla Suite spun-off from the never-released Netscape 5, and eventually became Seamonkey, but lo the users were not happy with Seamonkey's bloat, so they split-off the browser half and called it Firefox. And it was good.
  Thus spake the book of mozilla. (Meanwhile I continue to believe Internet Explorer never actually existed, despite claims that it was released with Windows 95 Service Pack 1.) (And netscape devolved to a low-end dialup service: http://www.getnetscape.com/ )
  
  --
  Information wants to be expensive AND wants to be free. So you have Value vs. Cheap distribution fighting each other.
9. Re:And, in other news... by commodore6502 · 2011-01-31 11:16 · Score: 0
  
  Embedded OS? Why not just run DOS and get rid of the Windows shell?
  We used VxWorks on our Pentium-based system.
  
  --
  Information wants to be expensive AND wants to be free. So you have Value vs. Cheap distribution fighting each other.
10. Re:And, in other news... by Samantha+Wright · 2011-01-31 11:16 · Score: 1
  
  That page you linked to is insane. "Enhanced security"? From Windows 9x and its legendarily bad TCP stack, not likely. "Advanced next generation hardware support"? What about all those WDMI-only drivers from the current generation, guys? Or using more than 256 MB of RAM? Or a hard drive with more than 20 GB capacity? It's schizophrenia at its best!
  
  --
  Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
11. Re:And, in other news... by Anonymous Coward · 2011-01-31 11:33 · Score: 0
  
  That page is the most ridiculous thing I've read in a while. "enhanced security"... from Windows 9x... hahah
12. Re:And, in other news... by DarkOx · 2011-01-31 11:34 · Score: 1
  
  That may be so, but its not the bottom in kernel level stuff anyone is interested in the Windows code base leaking for (well some crackers and other criminals might be) there are plenty of FOSS kernels that are every bit as good on NT to choose from. What's good about Windows is the stack of libraries. Lots of those are present in WIndows 9x and the complete source to Windows 95 even today would be of great use to someone who wanted to support win32 subsystems on top of some other platform.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
13. Re:And, in other news... by davidshewitt · 2011-01-31 11:34 · Score: 1
  
  Embedding Win9X does not sound like a good idea security-wise if the device is going to go anywhere near the internet.
14. Re:And, in other news... by DarkOx · 2011-01-31 11:37 · Score: 1
  
  Not really, the old Navigator was just called the Mozilla suite until Firefox shipped. The Seamokey project is run by a group that still wanted to continue development of the suite, which by the way is now no bigger than today's bloaty Firefox, used the same engine so displays pages exactly as well but offers more features and is an all around SUPERIOR browser. Firefox was good when it was actually smaller but these days is pretty pointless. What the should do is keep the FF name because its well marketed drop the FF and TB projects and rebrand Seamonkey as Fire Fox.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
15. Re:And, in other news... by joshki · 2011-01-31 11:47 · Score: 1
  
  There are a whole lot of people who disagree with you. NT was VMS, reimplemented.
  
  --
  I do not read or respond to AC's. If you want a discussion, log in. Otherwise, don't waste your time.
16. Re:And, in other news... by Anonymous Coward · 2011-01-31 11:47 · Score: 0
  
  Ironically, before Seamonkey 2.0, it was FASTER than Firefox itself and less buggy. Why they adopted the so called "faster rendering" that's slower and bloated back into Seamonkey for 2.x I have no idea. Probably some placebo of marketing.
  Seamonkey 1.x FTW! Plus, it's the most modern browser you can run on Windows 95. 2.x requires 2000/XP because they're a holes.
17. Re:And, in other news... by Sarten-X · 2011-01-31 12:10 · Score: 1
  
  Right... Because the computer I built as a recipe box for my kitchen certainly needs 8 GB of RAM, 3 TB disk space, and a video card that can ray-trace 1080p in real time.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
18. Re:And, in other news... by hairyfeet · 2011-01-31 12:19 · Score: 1
  
  Why is that? We are talking about an embedded OS not some desktop where you could surf with the thing. Most likely you would simply have a VPN connection to the main server to say process CC info for a purchase. And don't forget we are not talking vanilla Win9X but a stripped down version with only enough files/features to run the single app you are using it for.
  So I think you and the rest of the guys here are looking at it the wrong way. You can't judge this by running vanilla win9X on the net because the thing would only go to a single address and perform a single function so you would have to physically hack the machine or break into the corporate network from the other side, no different than any other kiosk.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
19. Re:And, in other news... by Samantha+Wright · 2011-01-31 13:15 · Score: 1
  
  So what are you trying to say? That a Win98 box is "next generation" compared to most embedded systems? 'cause otherwise, the fact stands that the EOS guys are spinning total BS.
  
  --
  Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
20. Re:And, in other news... by h4rr4r · 2011-01-31 13:16 · Score: 1
  
  No but it should be running a better OS. No issue at all getting linux into something like that, pretty common in the embedded world already.
21. Re:And, in other news... by h4rr4r · 2011-01-31 13:17 · Score: 1
  
  Still no reason to go adding the risks that come with win9x. Lots of better options available.
22. Re:And, in other news... by morgauxo · 2011-01-31 16:38 · Score: 1
  
  NT was built on Multics code, extended with concepts from VMS
23. Re:And, in other news... by malloc · 2011-01-31 16:45 · Score: 2
  
  This means the black hats pretty much have a roadmap to use to trash Kaspersky AV. Even if they didn't use much of the previous code it most likely will allow them to see how the Kaspersky AV team treats PC resources like memory, giving them a good idea of where the weak spots are. Bad news for Kaspersky users I'd say.
  The moment you give someone your binary you've given them your code, just in a harder to read format. Any black-hat that cares will merely read the disassembly. Original source code not required.
  -Malloc
  
  --
  ___________________ I want to be free()!
24. Re:And, in other news... by armanox · 2011-01-31 16:52 · Score: 1
  
  It would probably be a boon to the WINE project, if nothing else.
  
  --
  I'm starting to think GNU is the problem with "GNU/Linux" these days.
25. Re:And, in other news... by Sarten-X · 2011-01-31 17:22 · Score: 1
  
  I'm saying that arbitrary hardware requirements do not have any relation to how well something actually does its job, and the examples you gave are ridiculously off-base for an embedded system in the first place.
  As an example, ATMs get new anti-counterfeiting devices all the time (certainly often enough to refer to any particular device as "next-gen"), yet they run old operating systems without significant problems. Sure, there's the occasional virus, but the overall rate of infection is far lower than desktop PCs, even after the latest antivirus updates. Would running a new OS make the ATM any better at handing out money? No.
  Think about each component of a modern OS, and determine whether it really needs to be on an embedded system. Does an ATM really need wireless functionality, or even TCP at all? What about support for rendering HTML? Is generic TWAIN support more cost-effective and bug-free than a custom driver? What about file and printer sharing? They're all potential attack vectors, so removing unneeded components is necessary. Newer operating systems have more components, and they're more tightly integrated. That means more unpredictable security overall, which just costs more to install and maintain.
  Few embedded systems are simply a desktop computer in a fancy box. There are many design challenges, and every device is different. While I'm sure there are cases where an embedded system needs to store 20 GB inside itself, it's not the kind of issue that comes up often.
  As another example of how different embedded systems are, consider an impressive bit of embedded mastery: Apollo 11's Automated Guidance Computer. That machine was responsible for landing humans on the moon. It did its job almost perfectly. Assuming it were running at full capacity throughout the entire flight, Apollo 11 ran fewer calculations than a few minutes playing World of Warcraft.
  Excessive hardware is merely excessive.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
26. Re:And, in other news... by Sarten-X · 2011-01-31 17:24 · Score: 1
  
  It currently runs Debian, stripped down to about 100 megs, and that's with only removing packages. A friend of mine (who is more familiar with the Linux internals) says that figure can easily be cut in half. The spare hard drive I stuck in the box is 2 GB, so I'm not particularly worried. Text recipes don't take that much space.
  The first version I set up actually ran Windows 98, because I had originally written my recipe program in Visual Basic. It has since been translated to a language that causes less pain, and the OS was changed shortly thereafter, purely because I love the FHS.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
27. Re:And, in other news... by Samantha+Wright · 2011-01-31 17:46 · Score: 1
  
  Hold up: we're not talking about visiting natural satellites here. The page advertises EOS for web kiosks and FTP servers. An FTP server is probably something you want to have considerable disk space for, web kiosks by their very nature have to be user-accessible (and thus virus-prone!), and both are going to be relying on that TCP stack. So you may want to look more closely before making generalisations about the typical usage of the word "embedded".
  
  Check out this quote: "EOS is Secure. Security for both you and your customers. We can build systems that resist tampering from your customers and your competitors. We secure your (and our) intellectual property against intrusion."
  
  Does that sound like Windows 98 to you? It sounds like system policies to me.
  
  --
  Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
28. Re:And, in other news... by vegiVamp · 2011-01-31 20:43 · Score: 1
  
  There's a very limited number of people who can actually read large swathes of disassembled code, though, and I believe the majority of that already small number has more interesting things to do than see what makes another antivirus suite tick.
  Well, until Kapersky manages to tick one of them off, that is.
  
  --
  What a depressingly stupid machine.
29. Re:And, in other news... by DrXym · 2011-01-31 22:48 · Score: 1
  
  How many people (perhaps apart from malware writers) will really be affected by this disclosure of the source for some 4-year-old software?
  The answer is lots of people. Customers of Kaspersky may suddenly discover themselves infected with malware that sidesteps, disables or otherwise interferes with their AV or firewall software. Other people might receive emails offering "free" and apparently legit Kaspersky software which subsequently holds their machine to ransom, or installs a bot. And everyone else who suddenly finds new botnets springing up spamming and DDOS'ing with wild abandon thanks to a flood of compromised machines appearing.
30. Re:And, in other news... by DrXym · 2011-01-31 22:54 · Score: 1
  The issues with Mozilla / Seamonkey were largely usability issues but there were some performance issues too:
  
  More buttons, menus etc. Firefox was designed to create a clean, minimalist browser experience. The Mozilla suite was cluttered with functionality for email, composition etc.
  Runtime overhead. The more complex UI meant more chrome overlays, more registered components, more cruft. This meant the suite took longer to start and respond. Of course on the flip side if you did run Thunderbird / Firefox side by side your runtime overhead was probably higher than the combined suite.
  Increase headaches for development, QA and release trying to release basically 3x the UI when the browser was the primary component. By splitting the projects, it means they can follow their own more natural development lifecycles.
  I used to love the whole Mozilla suite but I understand why the split was made and I think it was the right thing to do. I continued to use Thunderbird but these days the amount of spam I get means I've more or less given up on a thick client email. It's easier to route my POP account through gmail where the spam gets efficiently stripped out for me.
31. Re:And, in other news... by Sarten-X · 2011-02-01 00:29 · Score: 1
  
  Also industrial control and monitoring, remote instrumentation and telemetry, smart appliances, and research.
  An FTP server probably needs a TCP stack, but it likely doesn't need support for laptop power management. On the other hand, a remote monitor might need to run with a backup battery, but communicate over a serial line. Again, embedded systems involve a lot of choices. The field of embedded machines is enormous, and there is certainly no single OS (and especially no single configuration) that will fit all needs.
  What I get from that quote is that the custom configuration EOS is promoting eliminates several attack vectors. As an example, look right underneath, where it's mentioned that Plug and Play is disabled. Even if the case is compromised, modifications to the machine wouldn't work easily. It sounds like protecting against both known and unknown bugs by adopting a minimalist strategy. There's less stuff, so less stuff can go wrong.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
32. Re:And, in other news... by DaveRichmond · 2011-02-01 00:31 · Score: 1
  
  You forgot the part where one of the internal timers overflows after about 30 days and it crashes. Then again, 30 minutes is typically a good uptime for windows 9x.
33. Re:And, in other news... by commodore6502 · 2011-02-01 00:33 · Score: 1
  
  >>>Win9X can make a great embedded OS with better driver support and lower specs than pretty much any embedded OS out there.
  >>>
  Embedded OS? Why not just run DOS directly, and get rid of the Win95 shell?
  We used VxWorks on our Pentium-based system.
  
  --
  Information wants to be expensive AND wants to be free. So you have Value vs. Cheap distribution fighting each other.
34. Re:And, in other news... by commodore6502 · 2011-02-01 00:38 · Score: 1
  
  >>>the old Navigator was just called the Mozilla suite
  It's in-house codename was Seamonkey.
  
  --
  Information wants to be expensive AND wants to be free. So you have Value vs. Cheap distribution fighting each other.
35. Re:And, in other news... by commodore64_love · 2011-02-01 01:29 · Score: 1
  
  Hey!
  Linux fans - Can I use Ubuntu Live CD to virus-check my Windows XP machine? It goes to desktop and then freezes almost immediately.
  
  --
  "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
36. Re:And, in other news... by dave420 · 2011-02-01 02:03 · Score: 1
  
  Forget it. You will never win this one. Explaining that it doesn't run *anything* other than what you tell it to, and that it's not the desktop version, is pointless. Their minds are made up.
37. Re:And, in other news... by hesaigo999ca · 2011-02-01 02:07 · Score: 1
  
  Most app companies do build on old code, EXCEPT AV companies, because not only do they need to change their signatures all the time, but also because viruses and malware mutate all the time their attack vectors, so the AV companies follow suit, changing the path where you will install, the registry keys, the names of files and folders....the list goes on, all to avoid detection by the malware people, and the malware people do the same with their apps, creating dynamic dlls, changing the code constantly to avoid signature detection, even splitting dlls into chunks and adding them to ends of other files, or hidden inside header data to then be reused to create the compiled code...all in an effort to be creative in evading detection.
  Ironically enough, both sides use the same tactics to circumvent the other...sort of like cpt. kirk using cloaking technology against the klingons...priceless...
38. Re:And, in other news... by tehcyder · 2011-02-01 03:15 · Score: 1
  
  Windows 9x is "next generation" compared to MS-DOS.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
39. Re:And, in other news... by tehcyder · 2011-02-01 03:18 · Score: 1
  
  I had originally written my recipe program in Visual Basic.
  It takes a brave man to write a sentence like that on slashdot.
  
  --
  To have a right to do a thing is not at all the same as to be right in doing it
40. Re:And, in other news... by mikechant · 2011-02-01 03:34 · Score: 1
  
  It would probably be a boon to the WINE project, if nothing else.
  Not really...
  You're forbidden from working on Wine if you've ever seen Windows source code:
  http://wiki.winehq.org/DeveloperFaq#head-fed5011434f62ae1a88baebfb8193a37ea795101
41. Re:And, in other news... by malloc · 2011-02-01 05:01 · Score: 1
  
  I don't disagree but I think, by the same token, people that can't (or are too lazy to) read the assembly are less likely to have the m4d sk1lls (or attention span) to do something very serious with/to the anti-virus program. But, as you say, once you get into "ticked the general populace off" territory (instead of just "highly-skilled dude working for evil overlord for big$" territory), having the easier-to-read source laying around won't help.
  
  --
  ___________________ I want to be free()!
42. Re:And, in other news... by hairyfeet · 2011-02-01 09:39 · Score: 1
  
  It just goes to show you how rabid the blind hate and fanboyism is here on Slashdot. I mean when you point out the entire OS is fitted onto a 16Mb flash and hardwired to ONLY run a single app and connect to a single address and they STILL think it "is a security risk"?
  I'd sure as hell hate to have these guys work on anything at any of my SMBs as they are probably the type that thinks you can just slap any Linux or Mac on the net with no firewall or anything because "its not Windows and is safe from viruses" or some such rot. Shame we have so many here that don't seem to understand basics like it is impossible to infect files that don't exist or to do a malware driveby when it only goes to a single address on a corporate network. Just ridiculous.
  But as someone who actually built a couple of boxes using embedded Win98 it is actually VERY nice. I was able to use a fanless SFF 200MHz P1 with 32Mb of RAM as a frontend for a VB6 GUI that hooked into a DB at the main office. It was incredibly quiet, instant on thanks to the compact flash card replacing the HDD, only used a max 18w of power, could run in an un-air conditioned warehouse, and thanks to embedded Win98 I could just use the off the shelf drivers for the box.
  For devices such as kiosks, warehouse PCs, etc it actually works quite well and allows you to use really cheap throw away hardware to make really tough industrial PCs.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
Well by zoomshorts · 2011-01-31 10:11 · Score: 0

This may lead to a better version, but I think not. Dr. Kaspersky is much better than most at detecting stuff than most. False positives included.
McLaughee and Norton are douche bags across the board. Tireless self-promoters as it were. Now if Frans Veldman would ressurect ThundetByte.
We can only hope.
Pretty useless now by ArchieBunker · 2011-01-31 10:12 · Score: 4, Interesting

Code to a 4 year old anti virus app, whats that going to be worth? Kaspersky was great until a few years ago. Then one release made my parents older p4 system near unusable. It went from firefox loading in a few seconds to close to 30 seconds. Forums were filled with the same complaints and no real fixes. I changed to Avast and its been great.

--
Only the State obtains its revenue by coercion. - Murray Rothbard
1. Re:Pretty useless now by nicholas22 · 2011-01-31 10:17 · Score: 1
  
  Avira is also good. But Kaspersky is even better. You should use it with more modern hardware. Otherwise stick with Avast and all is good.
2. Re:Pretty useless now by giorgist · 2011-01-31 10:26 · Score: 2
  
  Simply it would be interesting to see if they have an GPL code or any questionable code in there.
  Open source using companies can be procecuted if the wrong thing slips in.
  Closed source companies can't be ...
  
  See Oracle Vs Google.
  
  G
3. Re:Pretty useless now by Anonymous Coward · 2011-01-31 10:31 · Score: 0
  
  Yeah man, anything that doesn't run well on a pentium4 with 512ram, alongside every piece of software/game (malware/spyware) that your parents archived to their computer over the last 6 years must be junk software. I mean why should your parents have to upgrade their computer just because everyone else does? You should have them go back to the version of Kaspersky that this topic references. I'm sure it will be a much better match for the performance characteristics of their hardware.
4. Re:Pretty useless now by ic3p1ck · 2011-01-31 10:56 · Score: 1
  
  Well, if your assertion is correct, then wouldn't the 4 year code be worth quite a lot? Seeing as it is a better version before it went downhill?
5. Re:Pretty useless now by Patch86 · 2011-01-31 12:01 · Score: 1
  
  I know it's never likely to be popular on these message boards, but I've actually been having a good experience with Microsoft Security Essentials on the one machine I've tried it on. I've got other machines with AVG Free and avast! on, and MSE has come across relatively simple and light-weight. I'm told it has reviewed pretty well in AV testing too.
  Not that I have any complaints from any of the main free AV programmes I've used, but it's nice to see another decent option in the line up.
6. Re:Pretty useless now by h4rr4r · 2011-01-31 13:18 · Score: 1
  
  Buy a faster computer just to run anti-virus?
  You windows kids make me laugh.
7. Re:Pretty useless now by h4rr4r · 2011-01-31 13:19 · Score: 1
  
  Sure they can. Quite common to run strings against binaries to see what you get. The busybox folks have sued more than one closed source vendor.
8. Re:Pretty useless now by h4rr4r · 2011-01-31 13:23 · Score: 1
  
  Or maybe use a better OS. Upgrading a PC just for antivirus is a hilarious concept.
9. Re:Pretty useless now by triffid_98 · 2011-01-31 14:14 · Score: 1
  
  I used to be a big fan of Kaspersky, but their 2010 update is a real piece of junk. A failed update should not cause a corrupted database that it can't rollback from. It also should not give up and force you to manually download updates from their support website.
  And yet this exact thing kept happening every few months like clockwork until I gave up and dumped it. When it worked, it worked very well, but dang.
10. Re:Pretty useless now by dudpixel · 2011-01-31 14:53 · Score: 1
  
  Avira is also good. But Kaspersky is even better. You should use it with more modern hardware. Otherwise stick with Avast and all is good.
  (emphasis mine)
  not according to av-comparatives.org. kaspersky has slipped behind quite a bit while avast and avira are still front-runners.
  
  --
  This seemed like a reasonable sig at the time.
11. Re:Pretty useless now by Anonymous Coward · 2011-01-31 17:58 · Score: 0
  
  Get your hand off it. You'll go blind. (From a Linux user of 11 years.)
12. Re:Pretty useless now by xtracto · 2011-02-01 01:06 · Score: 1
  
  IIRC Antivirus software is divided in the "app engine" and the "virus signatures" so, Kaspersky might be using the same engine that is in the source code but only updated the virus signatures in the new versions.
  
  --
  Ubuntu is an African word meaning 'I can't configure Debian'
13. Re:Pretty useless now by markhb · 2011-02-01 02:40 · Score: 1
  
  I got hit with something nasty a few years ago, and the first thing it did was disable my CA Antivirus (provided by my ISP) from updating. Lo and behold, there was no way that I could find to manually update CA AV at all. I finally was able to clean the machine using Kaspersky's online virus scanner, and I was sufficently happy with it that I bought the product; I'd be perfectly happy with the occasional manual database download if the alternative was having no way to update the signatures, ever.
  
  --
  Save Maine's economy: write stuff down. All comments are exclusively my own, not my employer.
14. Re:Pretty useless now by triffid_98 · 2011-02-01 03:07 · Score: 1
  
  Manual database download = press update button? fine. Manual database download = navigate through the vendors site looking for download-able updates = not fine. I can't think of any reason for this besides sloppy coding. Corrupted updates completely disabling the AV protection until I happen to notice, also = not fine.
Pay developers more! by nicholas22 · 2011-01-31 10:12 · Score: 4, Funny

Another disgruntled employee. I wonder why he is disgruntled...
1. Re:Pay developers more! by djdanlib · 2011-01-31 10:40 · Score: 3, Funny
  
  Perhaps he has only misplaced his gruntle, and is not fully disgruntled.
2. Re:Pay developers more! by leswt · 2011-01-31 12:42 · Score: 1
  
  So one should always keep ones employees gruntled!
3. Re:Pay developers more! by dudpixel · 2011-01-31 14:57 · Score: 1
  
  it clearly states he was disgruntled. I therefore assume he had his gruntle stolen and that's why he went and stole the code off them. you know, in a "you take my gruntle I'll take your code" kind of way...
  
  --
  This seemed like a reasonable sig at the time.
4. Re:Pay developers more! by SnarfQuest · 2011-02-01 04:03 · Score: 1
  
  What would it take to regruntle him? If losing his gruntle causes him to jump into the deep end, then getting his gruntle back might bring him back to his senses. Maybe it would make a good movie, like "How Timmy Got his Gruntle Back"?
  
  --
  Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
Stolen?? by Jaxoreth · 2011-01-31 10:13 · Score: 5, Funny

I wish them luck recovering it so they don't have to rewrite it from scratch.
(Copyright infringement is not theft.)

--
In general, it is safe and legal to kill your children. -- POSIX Programmer's Guide
1. Re:Stolen?? by nicholas22 · 2011-01-31 10:16 · Score: 1
  
  Bhahahaha, what are you smoking man? What on earth makes you think they would rewrite everything?? This is the real world.
2. Re:Stolen?? by Anonymous Coward · 2011-01-31 10:18 · Score: 0
  
  An awesome comment. I wish I had mod points. Or an account for that matter.
3. Re:Stolen?? by Rockoon · 2011-01-31 10:26 · Score: 1
  
  woooooooooooosh!!
  
  --
  "His name was James Damore."
4. Re:Stolen?? by amiga3D · 2011-01-31 10:45 · Score: 2
  
  Why.....if their source code was stolen then they don't have it anymore. If their source code is gone they will have to rewrite it. Unless they recover it somehow.
  Get it yet?
5. Re:Stolen?? by Anonymous Coward · 2011-01-31 10:47 · Score: 0
  
  Bhahahaha, what are you smoking man? What on earth makes you think they would rewrite everything?? This is the real world.
  You're a reactionary fucktard who can't be bothered to understand something before he responds to it.
  
  See how fucked up of a nation the USA is? Yeah, that's because most of its population has become just like you.
6. Re:Stolen?? by Opportunist · 2011-01-31 10:48 · Score: 1
  
  I bet now they wish that software could be multiplied easily. If that was only possible, I'd have this great idea where you could create a copy of your software, then store it somewhere safe in case some thief gets in, empties out your servers and makes it away with that big bag with that huge $$ sign on it.
  I'll be rich when this finally becomes possible!
  Dammit, I should have patented it before posting here...
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
7. Re:Stolen?? by Anonymous Coward · 2011-01-31 11:10 · Score: 0
  
  He tried to make a point, copying intellectual property is not theft. I'm guessing you are new here...
8. Re:Stolen?? by onkelonkel · 2011-01-31 11:16 · Score: 1
  
  "You keep using that word. I do not think it means what you think it means."
  
  Reactionary - extreme conservatism or rightism in politics; opposing political or social change.
  
  --
  None of them can see the clouds; The polished wings don't care.
9. Re:Stolen?? by gilbert644 · 2011-01-31 11:27 · Score: 3, Insightful
  
  Here's another one: Identity theft. Language evolves. Deal with it.
10. Re:Stolen?? by Anonymous Coward · 2011-01-31 11:42 · Score: 0
  
  "You keep using that word. I do not think it means what you think it means." Reactionary - extreme conservatism or rightism in politics; opposing political or social change.
  First rule of Slashdot: never, ever miss a chance to "score an easy victory" by nitpicking something while missing the actual point being made. Got to look superior to someone to feel better about yourself, after all. That's easier than uplifting yourself, isn't it?
  
  Here's something I think you will appreciate: you used a hyphen ("-") when the grammatically correct punctuation for that usage is a dash ("--"). You keep using that English language. I do not think you have mastered it enough to worry about what other people are writing.
  
  If I were like you I'd enjoy some kind of smug satisfaction from having found fault.
11. Re:Stolen?? by Jaxoreth · 2011-01-31 11:52 · Score: 1
  
  Here's another one: Identity theft. Language evolves. Deal with it.
  Calling copyright infringement theft is a deliberate attempt to equate infringers with criminals (or the result of having been influenced by same) -- not an accidental evolution of language -- whereas identity theft is, in fact, a crime.
  Furthermore, if someone copies your code then at worst you've "lost sales" but at least your program still works. If someone steals your identity, then your identity itself is compromised (in its function as a unique identifier) and your ability to use your identity is reduced. So yes, you have lost something, and 'theft' is not an inappropriate term.
  
  --
  In general, it is safe and legal to kill your children. -- POSIX Programmer's Guide
12. Re:Stolen?? by DittoBox · 2011-01-31 12:38 · Score: 1
  
  The legal and economic definitions of theft indicate the loss of a physical item. If I steal something from a store, that item needs to be replaced. If I infringe your copyright by downloading your music, you've at worst lost a sale. The economic impact is a lot less because you're not actually losing real goods that already have work invested into them.
  Is it wrong? Yes.
  Does it suck? Yes.
  Is it a theft. No.
  
  --
  Good. Cheap. Fast. Pick Two.
13. Re:Stolen?? by bad_fx · 2011-01-31 12:42 · Score: 1
  
  WTS: Sense of humour, stolen from nicholas22. Barely used.
14. Re:Stolen?? by Anonymous Coward · 2011-01-31 14:32 · Score: 0
  
  > Here's another one: Identity theft. Language evolves. Deal with it.
  Identity theft is where they impersonate you in order to steal from someone or to frame you for something. You lose the use of your good name (not to mention any cash they happen to steal).
  But I do understand your broader point. That's why I came up with the term "imaginary property" to better convey my thoughts on the matter.
15. Re:Stolen?? by dudpixel · 2011-01-31 14:55 · Score: 1
  
  whoosh
  
  --
  This seemed like a reasonable sig at the time.
16. Re:Stolen?? by noidentity · 2011-01-31 15:15 · Score: 1
  
  Language devolves. Deal with it.
  
  There, fixed that for you.
17. Re:Stolen?? by Anonymous Coward · 2011-01-31 17:08 · Score: 2, Informative
  
  Here's another one: Identity theft. Language evolves. Deal with it.
  Heck no... framing bank fraud as "identity theft" puts the onus on the victim instead of where it properly belongs.
18. Re:Stolen?? by noidentity · 2011-01-31 17:24 · Score: 1
  
  Maybe they stole some copies and kept them on backup tapes. So they just have to steal them back to their machines.
19. Re:Stolen?? by Anonymous Coward · 2011-01-31 18:11 · Score: 0
  
  Looks like someone was butthurt and went on a downmod rage, am I right?
20. Re:Stolen?? by Anonymous Coward · 2011-01-31 21:01 · Score: 1
  
  Identity theft is not theft either. Language may evolve, but that doesn't change the law.
21. Re:Stolen?? by Ginger+Unicorn · 2011-02-01 00:04 · Score: 1
  
  Newspeak gets plusgood, Winston. Bellyfeel it.
  
  --
  (1.21 gigawatts) / (88 miles per hour) = 30 757 874 newtons
22. Re:Stolen?? by xtracto · 2011-02-01 01:07 · Score: 1
  
  (Score:3, Insightful)
  Here's another one: Identity theft. Language evolves. Deal with it.
  So, today is the "we are in pro of theft = copyright infringement day" in slashdot??
  mhm
  
  --
  Ubuntu is an African word meaning 'I can't configure Debian'
23. Re:Stolen?? by Anonymous Coward · 2011-02-06 05:36 · Score: 0
  
  Here's another one: Identity theft. Language evolves. Deal with it.
  Fraud? Impersonation?
The bad news is by cyberfin · 2011-01-31 10:13 · Score: 1

Kaspersky users might need to think about ditching their antivirus. The good news is Ubuntu will welcome them with open arms.

--
"I'm taking this loop off." - Jack O'Neill
1. Re:The bad news is by Anonymous Coward · 2011-01-31 10:15 · Score: 0
  
  Until they need help and get trolled on forums for not RTFM N000B LOL
2. Re:The bad news is by Anonymous Coward · 2011-01-31 10:24 · Score: 0
  
  why do you guys keep insisting unix/linux is the answer?????
  SECURITY IS JUST A STATE OF MIND
3. Re:The bad news is by MonsterTrimble · 2011-01-31 10:31 · Score: 1
  
  What? Actually, the Ubuntu Forums are very clean and helpful. I have never seen anyone badmouth somebody.
  
  Oh wait, you wanted to be fed.. My bad.
  
  --
  I call it 'The Aristocrats'
4. Re:The bad news is by sqlrob · 2011-01-31 10:37 · Score: 4, Funny
  
  That won't work. The source for Ubuntu has already leaked.
5. Re:The bad news is by Beardo+the+Bearded · 2011-01-31 10:41 · Score: 1, Insightful
  
  You know what?
  Ubuntu can get viruses just as easily as other OSes. The Apache servers that control botnets aren't running IIS. Wine is a weak point, and Flash is a cross-platform single-point-of-failure. How many times have you blindly added a repository based on what some random untrusted person on the Internet tells you to do? I know I have.
  The only reason that it's not as 0wn3d as Windows is that Windows was easy pickings and has huge market share. Now the bad guys are going to focus on smartphones because that's where the easy targets are. (A computer that's always on, is usually glitchy, and you can't look around in it because the telcos lock it down from you? Awesome!)
  Selling Ubuntu as a secure OS is simply incorrect. It's more secure by virtue of both user capabilities and user-only access, but anything that is connected to the Internet is always subject to OMGPWNIES.
  If you are going to use Windows, apparently the best AV is MSE.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
6. Re:The bad news is by cyberfin · 2011-01-31 10:45 · Score: 1
  
  Damn. You're right.
  
  --
  "I'm taking this loop off." - Jack O'Neill
7. Re:The bad news is by Opportunist · 2011-01-31 10:51 · Score: 1
  
  You don't spend much time on Ubuntu boards, do you?
  I've seen questions that make me cringe (after years and years of support, you usually can stomach even questions that eventually lead up to "Are you really, really sure it is plugged in?"), but the people there answer even the tenth identical question with the same stoic patience as the first time.
  I can't remember seeing a RTFM or LMGTFY on a Ubuntu board.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
8. Re:The bad news is by Anonymous Coward · 2011-01-31 10:51 · Score: 1
  
  Certain people keep saying the only reason there's no such thing as Linux malware is market share.
  The fact that applications running on Linux can't alter system files has absolutely nothing to do with it.
  Prove it. Release your exploit already.
  BTW, Wine is notoriously bad at running malware.
9. Re:The bad news is by Anonymous Coward · 2011-01-31 10:53 · Score: 0
  
  Humor. It's free and it's good for you. If mine was a bad joke, criticize accordingly.
10. Re:The bad news is by Opportunist · 2011-01-31 10:54 · Score: 3, Funny
  
  Dammit, now Linux is hellish insecure!
  Why didn't anyone inform the community? That's so irresponsible!
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
11. Re:The bad news is by sqlrob · 2011-01-31 10:59 · Score: 2
  
  Drop an executable in ~, change ~/.profile and ~/.bashrc to put those directories first, pwned.
  Easy to clean, true, but if you're not looking for it, it's not there. Also defeatable by mounting home noexec but how many user installs do that?
12. Re:The bad news is by commodore6502 · 2011-01-31 11:02 · Score: 0
  
  >>>Ubuntu can get viruses just as easily as other OSes
  Hey!
  Linux fans - Can I use Ubuntu Live CD to virus-check my Windows XP partition? It goes to desktop and then freezes almost immediately. Or - can I get a Virus program to run off a floppy?
  
  --
  Information wants to be expensive AND wants to be free. So you have Value vs. Cheap distribution fighting each other.
13. Re:The bad news is by Anonymous Coward · 2011-01-31 11:21 · Score: 1
  
  You seem to be confused about how botnets are currently being controlled.
  Hint: It's not through Apache.
14. Re:The bad news is by uglyduckling · 2011-01-31 11:29 · Score: 1
  
  Yes, and ...yes.
15. Re:The bad news is by djp928 · 2011-01-31 12:06 · Score: 1
  
  This is mainly because Wine is notoriously bad at running anything.
  
  --
  Making fun of dumb people since 2009
16. Re:The bad news is by Anonymous Coward · 2011-01-31 12:16 · Score: 0
  
  'Beardo The Bearded' learn how to think, so you will will stop believing all the BS.
  first if you use window, dont surf the web as administrator. if you using {basic, home, or premium} you cant configure your system to keep out the corporate maffia from installing microsoft sanctioned spyware. If your going to use windows you have to use ultimate so you can at least try to close all the open doors in the OS, yet you'll only discover that all your efforts were futile because of some 3 year old exploit. Also i dont think you know what ativirus software is so i'll try to briefly explain;#1 scan all software on intire system, #2 send this information back to the developer. #3 developer knows all about your porn and iligal software. #4 developer sells this information to law inforcment, record industry, etc.. #5 frighten the user to keep the A.V. software. #6 tell the user a virus was found..
  why did Intel buy McFee? because with av software you have a real-time look at all the software on millions of peoples computer. with this informations any piece of software can be located or stop from being distributed accross the network. All the file signiture from millions of peoples computers are stored, and only what is tolorated will be allow over the network. welcome to the new world order, you are infected?
17. Re:The bad news is by Anonymous Coward · 2011-01-31 13:07 · Score: 0
  
  Are you kidding?? I tried to install ubuntu 10.10 today. It crashed twice during install and once after install...
  3 hours later it asked for 241 updates!! It's only a 3 month old build and it wants 241 updates??!
  Already deleted it again. I'll take Windows 7 over that homebrew crap any day.
18. Re:The bad news is by Anonymous Coward · 2011-01-31 13:42 · Score: 0
  
  Ubuntu can get viruses just as easily as other OSes. The Apache servers that control botnets aren't running IIS. Wine is a weak point, and Flash is a cross-platform single-point-of-failure. How many times have you blindly added a repository based on what some random untrusted person on the Internet tells you to do? I know I have."
  Ubuntu getting viruses? Yeah, maybe, if you're really (un)lucky. But just as easily as other OSes? Eh... no, if only partially because you'll be a smaller target, and if you do get something... it will only have user-level privileges. It will not be able to infect other users' files, which aren't permissible to access by the infected user. To make it more difficult to even get infected in the first place, the file must be given executable permissions, or be extracted from an archive retaining all of its read/execute bits, before being executed. So no, it is *not* "just as easy" to get infected.
  Want to be safe? Avoid using Wine, and if you must use it, ONLY USE KNOWN-SAFE WINDOWS PROGRAMS. Do a Web search to see if a program is safe, or use an anti-virus program (there are some free virus scanning services online, and check appdb.winehq.org for Wine compatibility). Avoid Flash as much as possible; only install it if absolutely 100% required, and use NoScript to eliminate the chances of some unknown and/or untrusted site from fucking with your system. Only allow those sites you trust to use scripting, and only if required to use the site's full functionality.
  As for "blindly adding a repository based on what some random untrusted person on the Internet tells you to do"... no, sorry, I don't recall ever doing that. Aside from the distro's official repos, I might add its community-supported and non-free repositories, maybe the official nVidia/Opera/Chrome ones, and for multimedia either Debian Multimedia or MediBuntu. You're fucking nuts and deserve to get fucking owned if you do what I paraphrased you saying above (and yet you said... and I'm quoting you again... "I know I did."). ALWAYS stick to OFFICIAL and/or TRUSTED repositories. *ALWAYS*. Otherwise, really, you might as well just go back to using Windows. The security "problems" are the user in this situation, simple as that. NOT the OS.
  
  The only reason that it's not as 0wn3d as Windows is that Windows was easy pickings and has huge market share. Now the bad guys are going to focus on smartphones because that's where the easy targets are. (A computer that's always on, is usually glitchy, and you can't look around in it because the telcos lock it down from you? Awesome!)
  Windows also has a long and recent history of being extremely poorly coded in terms of security, from its single-user origins as DOS to strong design preferences towards automation and ease of use. Add to that Win32 with all of its vulnerabilities, patches over patches, hacks, and other garbage, which prevents even the NT series from completely escaping its disgusting roots of DOS/Win9x.
  So this leaves post-XP Windows (Vista, 7), which you will probably bring up, with their supposedly more secure design including UAC. And originally, if asked maybe a year ago, I would say that these two successors are a major step up over XP. But in reality, I've found that they can just as easily be fucked up, and just as much, as their notoriously-insecure predecessor. I've seen some Vista and 7 machines every bit as fucked up as I've seen XP and previous releases in the Win9x line.
19. Re:The bad news is by Omestes · 2011-01-31 17:55 · Score: 1
  
  Are you kidding?? I tried to install ubuntu 10.10 today. It crashed twice during install and once after install...
  Probably a bad burn... Burn it at an insanely low speed, and verify (I use ImgBurn, generally). I went through this with a Windows 7 a week ago, I burned over 5 DVDs with varying speeds and never got one to actually work. They were from an official source, using an official downloader, even (Digital River, we got the student discount shortly after release, and they lied about sending the actual install media we paid for), and they all passed an MD5 and other hash checks, AND verified through ImgBurn.
  Oddly a copy I "pirated" (is it pirating if I have a purchased license?) from Pirate Bay worked the first time.
  Upon installing it, I spend the next day download updates. Their might not have been 241 of them, but there was over 100. Around five of which wouldn't install since they were installing out of order (all of which were .Net updates). It made me really wish that MS would use something sane like Synaptic.
  Damn bad RAM.
  On my Nettop I just installed XP, which didn't work since it wasn't SP3. It wouldn't update, period. Then I installed Vista (sadly don't have another 7 license, don't want to spend $70-100 for it), spend two full days updating it, same .Net madness as on Windows7. Going to install an up-to-date "pirated" copy of XP (have a valid license, why is piracy always more convenient than official channels?) when Newegg send me my new HDD, I'm sure it will be as, if not more, hellish as installing Vista or Win7.
  Ubuntu needed 200 updates because you had an old install DVD/image. It happens, all OSs do this. It happened on my last fresh install of OS X too. It happened on my last install of Ubuntu, my last install of Kubuntu, and my last install of OpenSuse. OS installation is generally the nastiest bit of most OSs, but most Linux distros have a leg up with things like Synaptic. Windows would rock if they just got rid of NTFS (defraging is obsolete, or at least should be), and got some sort of decent package management, perferably system-wide and not just for MS software.
  
  --
  A patriot must always be ready to defend his country against his government. -edward abbey
20. Re:The bad news is by unapersson · 2011-01-31 21:46 · Score: 1
  
  That's still not an example of modifying system files. So you're dropping an executable in root then running some code to edit some files so you can run the executable. Isn't there some kind of circular reference problem there?
21. Re:The bad news is by sqlrob · 2011-02-01 05:59 · Score: 1
  
  You can't modify the system files. Notice I said run from ~, not /.
  Arbitrary file write in a browser or plugin or mail client, and you're in, compromise. Granted, just for that user but that's all you need for most personal systems. It's more than good enough for a botnet - you can make connections out and harvest any e-mail addresses / private data from ~.
  There's actually an additional hole in *nix that's not present in Windows (or more accurately, Firefox on those systems). You can write a browser plugin in home in Unix but not in Windows; only an elevated admin can write the plugin in Windows.
Copied, not stolen... by Anonymous Coward · 2011-01-31 10:24 · Score: 1

"The source code of an older version of 'Kaspersky Internet Security' has been circulated on the internet. The code was created in late 2007 and was probably copied in early 2008. Names contained in the source indicate that the copied code was probably a beta version of the 2008 software package - the current release is Kaspersky Internet Security 2011. According to a Russian language report by CNews (Google translation), the code was copied by a disgruntled ex-employee. The copier has reportedly been trying to sell the code on the black market for some time, and Kaspersky says that the code archive already appeared in various private forums last November."
Now, isn't that better?
1. Re:Copied, not stolen... by halivar · 2011-01-31 10:44 · Score: 0
  
  Everybody here understands exactly what happened. Nobody cares about the semantics. You have contributed nothing.
2. Re:Copied, not stolen... by Anonymous Coward · 2011-01-31 10:53 · Score: 0
  
  Not really, he copied it without the owners permission which is stealing.
  steal - take (another person's property) without permission or legal right and without intending to return it.
  Seems like he did indeed steal it.
  If I take an apple from your apple tree is that stealing? It's just a copy of the original apple that the tree grew from (you have the tree still), but the fact is it was made from your resources.
  Likewise a copy of source code can only be made using the owners resources, so if someone makes a copy they are in fact taking resources from the owner without their consent - which is called stealing. The fact that the original source code is still there does not detract from the undeniable fact that it is impossible to make a copy without using electricity, CPU cycles and probably the employees time... all of which are the property of the original owner.
3. Re:Copied, not stolen... by Anonymous Coward · 2011-01-31 10:53 · Score: 0
  
  I feel your pain. However this is where the bread analogy fumbles.
  When closed-source source code has an unauthorized release, it's no longer closed-source. That bread is gone, and a new loaf has to be made to market. The string of ones and zeros is no longer what it was -- their value has been stolen.
4. Re:Copied, not stolen... by Anonymous Coward · 2011-01-31 10:58 · Score: 0
  
  You've contributed far less.
  Regardless of who cares about the semantics, they are still important.
5. Re:Copied, not stolen... by Anonymous Coward · 2011-01-31 11:01 · Score: 0
  
  If I take an apple from your apple tree is that stealing?
  
  If I copy your apple tree entirely using a replicator then take an apple, is that stealing? What have you lost?
6. Re:Copied, not stolen... by Anonymous Coward · 2011-01-31 11:24 · Score: 0
  
  if someone makes a copy of your car without your permission you still have your car.
7. Re:Copied, not stolen... by exomondo · 2011-01-31 12:27 · Score: 1
  
  We all know what 'stolen' means in the context of data, it means 'copied without permission of the owner', im sorry you fail to understand that.
8. Re:Copied, not stolen... by Anonymous+Psychopath · 2011-01-31 19:35 · Score: 1
  
  Tomayto, tomahto. If it were your credit card number being passed around and being used to buy goat porn, you'd probably tell your credit card company it was stolen. Even if some self-rationalizing freeloader came along and pointed it that it can't be stolen since it's still in your wallet. Semantics, at least in this case, really are unimportant.
  
  --
  Eagles may soar, but weasels don't get sucked into jet engines.
I just stopped using anti-virus by blahbooboo · 2011-01-31 10:28 · Score: 1

I changed from XP to Windows 7 and skipped anti-virus on my computer. Gmail screens all my documents I receive for viruses, chrome browser has pretty good security, applications I download are from legitimate sources, good backup and archiving, and the occasional malwarebytes scan (yet to find anything in 18 months). Why did I go this route? Well I found I had malware despite having a fully updated Mcafee AV on my XP computer. I realized safe computing and a modern OS would likely be enough for an educated user -- thus far it has been.
1. Re:I just stopped using anti-virus by Opportunist · 2011-01-31 10:46 · Score: 3, Informative
  
  It's a very good start. Brain 1.0 is still the best virus scanner out there.
  Still, there are threats that can't be defeated that way. Scenario: Exploit in a major flash application that affects all possible plugins (since they are essentially the same with different interfaces to the browser), an iframe hidden in a webpage on a, say, hotel homepage you happen to visit because you are planning your vacation, infection complete. If you happen to dislike plugins, browsers themselves can have their loopholes (IIRC the MHTML hole already made it to /. today), not to mention that browsers do also rely on APIs in the end, which are the same, no matter what browser you use.
  I'm not saying get a AV tool. All I say is that there are still vectors you cannot defeat just by being careful. A system's security is the minimum of the user's and the system's ability. Not the average.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
2. Re:I just stopped using anti-virus by calzakk · 2011-01-31 10:49 · Score: 1
  
  Consider this: the legitimate source's website is hacked, and all its downloads are infected with new malware not yet seen in the wild. This remains unnoticed for several days, during which time the malware has been downloaded by hundreds or even thousands of users. By the time the AV companies get a sample, it's too late for all those downloaders...
3. Re:I just stopped using anti-virus by blahbooboo · 2011-01-31 11:03 · Score: 1
  
  Consider this: the legitimate source's website is hacked, and all its downloads are infected with new malware not yet seen in the wild. This remains unnoticed for several days, during which time the malware has been downloaded by hundreds or even thousands of users. By the time the AV companies get a sample, it's too late for all those downloaders...
  Sure these things can happen. But they are very rare. Risk am willing to take over the slow down AV software packages add to my nice clean system
4. Re:I just stopped using anti-virus by blahbooboo · 2011-01-31 11:06 · Score: 1
  
  It's a very good start. Brain 1.0 is still the best virus scanner out there.
  Still, there are threats that can't be defeated that way. Scenario: Exploit in a major flash application that affects all possible plugins (since they are essentially the same with different interfaces to the browser), an iframe hidden in a webpage on a, say, hotel homepage you happen to visit because you are planning your vacation, infection complete. If you happen to dislike plugins, browsers themselves can have their loopholes (IIRC the MHTML hole already made it to /. today), not to mention that browsers do also rely on APIs in the end, which are the same, no matter what browser you use.
  I'm not saying get a AV tool. All I say is that there are still vectors you cannot defeat just by being careful. A system's security is the minimum of the user's and the system's ability. Not the average.
  I also use Flash Block :)
  
  You do make a very good point about flash as is your point that nothing is ever full proof. I felt after having done the "right thing" and getting malware, coupled with Mcafee not even allowing me to uninstall it completely, I was sick of the game and decided to try Brain 1.0.
5. Re:I just stopped using anti-virus by steelfood · 2011-01-31 11:23 · Score: 4, Insightful
  
  But that's not what an AV is for, despite the industry trying to market it as such. Antivirus software is reactionary. The company has to receive an unknown virus and analyze it before they can put the virus in the next definition file update. And any heuristics module included is typically useless against all but the most basic attacks.
  AV is at best a catch-all for uncontrolled or uncontrollable situations. Office computers, shared family home machines, etc. that are subject to illogical users' whims would benefit from AV. But AV cannot stop zero-day exploits, cannot prevent malicious JS, and is completely useless against a determined attacker with physical access to a machine.
  Proper computer security addresses each attack vector separately. A properly-configured software firewall will take care of most of the threats though the network. In fact, hiding behind a NAT will take care of 99% of the zero-day threats; whitelisting outbound traffic is just good security practice. Noscript and safe surfing habits will guard against anything coming in through the browser. Obviously, preventing unauthorized physical access to the system requires physical security.
  All AV will do is maybe stop that infected autorun from your kid's buddy's flash drive, or delete that exe file you accidentially downloaded from a questionable site you were surfing. But that's what's it's really there for:all the cases you don't really know or expect to have to guard against.
  
  --
  "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
6. Re:I just stopped using anti-virus by Anonymous Coward · 2011-01-31 11:39 · Score: 0
  
  I almost googled "Brain 1.0". Almost.
7. Re:I just stopped using anti-virus by Haedrian · 2011-01-31 12:06 · Score: 1
  
  Not recommended.
  A bunch of malware nowadays appears on:
  1. Hacked Websites
  2. Advertising
  Yeah, if you disable JavaScript and Flash you might have a 'safe experience'. But then if your favourite news website gets hacked, you'll catch a virus.
  Its not worth it , truly. Or, your flash drive might get infected from someone (there was a printing bureau which actually had this sort of worm on their pcs - infected tons of people).
8. Re:I just stopped using anti-virus by LordLimecat · 2011-01-31 15:33 · Score: 1
  
  So... how much do you trust that flash plugin you got? How about silverlight?
  And McAfee is really quite mediocre as AVs go. Avast | AVG | MSSE are all far better.
9. Re:I just stopped using anti-virus by Anonymous Coward · 2011-02-07 11:20 · Score: 0
  
  Oy, you are infected, you just don't know it. The bad guys just love people like you.
or by Anonymous Coward · 2011-01-31 10:36 · Score: 0

everyone change to a real operating system and forget about viruses altogether.
1. Re:or by Opportunist · 2011-01-31 11:02 · Score: 2
  
  Linux is not inherently more secure. Why would it be?
  You might notice now and then that an exploit gets discovered in a Linux program. BIND and sendmail have for some time been the poster child for "yet another Linux security hole". Even BIND 9 has its issues. Now, why BIND and sendmail? Are they so horribly insecure compared to the rest of the system?
  No. But compromising them is profitable. Simple as that.
  Likewise, finding security holes in Windows is profitable. The average Windows user is less clued than the average Linux user. And that's not up for discussion. Not because Linux would need more knowledge, simply because to use Linux you'd first of all have to know it exists, something the average Joe Randombrowser doesn't even know, or he mistakes Linux for some sort of odd interface that runs on top of Windows.
  Porting all those Joes to Linux now does not solve the problem. Because the problem stays the same: As long as users allow everything, disable all security and hand over root credentials to any program in exchange for Dancing Pigs, the system is powerless to defend against this.
  And THIS is the core problem of security today. Not a hole in the technical security, it's a hole in the user's ability and awareness of security.
  If you now move all those Joes to Linux, all that will change is that the same kind of malware crap we see today for Windows will start to pop up for Linux. The only reason why there is not more malware for Linux is simply that the market is too small. It's a bit like the game market. Why is there not more games for Linux? Simple: More money in making games for Windows. Simply because it's a bigger market.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:Obey husbands more! by Anonymous Coward · 2011-01-31 10:44 · Score: 0

Another wife beater. I wonder why he beats his wife...
Re:Obey husbands more! by Archangel+Michael · 2011-01-31 10:55 · Score: 1

In Soviet My House, wife beats me!

--
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Disgruntled employee steals? by ZappedSparky · 2011-01-31 11:01 · Score: 1

I have a lovely stapler at home.
Like Netscape.... by mr_lizard13 · 2011-01-31 11:22 · Score: 1

Like Netscape, who released their source code so a bloated, unwieldy application could be improved upon and re-released as something that's actually functional, it seems Kaspersky are following suit. Good on them.

--
"We live in a global world" - Harvey Pitt, former Securities and Exchange Commission Chairman
Someone... by Windwraith · 2011-01-31 11:46 · Score: 1

Someone check this out to see the quality of this closed code!
Code quality is often a excuse for commercial software to sell VS OSS, and I am interested on how "higher" the quality of this stuff is.
1. Re:Someone... by Anonymous Coward · 2011-01-31 15:15 · Score: 0
  
  Why does anybody need the source code to tell this? Looking at the ASM is enough to infer the degree of crap in the original source, it's not
2. Re:Someone... by Anonymous Coward · 2011-01-31 21:47 · Score: 0
  
  Isn't the ASM normally a product of the compiler, optimisations and all?
Link by Anonymous Coward · 2011-01-31 12:15 · Score: 0

Download.
No antivirus software... by alexborges · 2011-01-31 12:27 · Score: 1

Works nowdays anyhow so... i really dont care.
Besides, im on Linux.

--
NO SIG
Great Scot! by Anonymous Coward · 2011-01-31 12:42 · Score: 0

I'd be curious as to how many backdoors it may contain.
here is the source code: by rent · 2011-01-31 13:35 · Score: 5, Funny

I visited some of these forums today, and fair enough.. the source code is there. Here is what I found: #include <stdio.h> #include <kaspersky.h> char make_prog_look_big[1600000]; main() { if (detect_cache()) disable_cache(); if (fast_cpu()) set_wait_states(lots); set_mouse(speed, very_slow); set_mouse(action, jumpy); set_mouse(reaction, sometimes); printf("Please wait, Kaspersky is scanning your computah)\n"); if (system_ok()) crash(to_dos_prompt); else system_memory = open("a:\swp0001.swp", O_CREATE); while(1) { sleep(5); scan_a_single_file(); sleep(5); update_progress_bar(); sleep(5); if (rand() < 0.9) crash(complete_system); } return(unrecoverable_system); } }
1. Re:here is the source code: by Rizimar · 2011-01-31 14:45 · Score: 1
  
  How long ago was this source leaked? Because when I compile it, I get Windows 95.
2. Re:here is the source code: by Anonymous Coward · 2011-01-31 16:53 · Score: 0
  
  either missing a { on line 31 or there's an extra } on line 36
3. Re:here is the source code: by Anonymous Coward · 2011-02-01 00:19 · Score: 0
  
  looks legit for 2011 package...
4. Re:here is the source code: by Anonymous Coward · 2011-02-01 04:01 · Score: 0
  
  I visited some of these forums today, and fair enough.. the source code is there. Here is what I found:
  #include <stdio.h> #include <kaspersky.h>
  char make_prog_look_big[1600000];
  main() { if (detect_cache()) disable_cache();
  if (fast_cpu()) set_wait_states(lots);
  set_mouse(speed, very_slow); set_mouse(action, jumpy); set_mouse(reaction, sometimes);
  printf("Please wait, Kaspersky is scanning your computah)\n");
  if (system_ok()) crash(to_dos_prompt); else system_memory = open("a:\swp0001.swp", O_CREATE);
  while(1) { sleep(5); scan_a_single_file(); sleep(5); update_progress_bar(); sleep(5); if (rand() < 0.9) crash(complete_system); } return(unrecoverable_system); }
  }
  
  Nicely done :-)
Kaspersky security?? by translab · 2011-01-31 14:41 · Score: 1

Been using Kaspersky for home and business for over ten years. Given that this is a company whose primary business is security, I find it beyond comprehension that a 'disgruntled employee' could steal and distribute source code. Trust destroyed...
1. Re:Kaspersky security?? by _Shad0w_ · 2011-01-31 18:24 · Score: 1
  
  Why? You have to balance security with usability - in this case the ability to actually do your job - which fundamentally means you have to trust your developers with your source code.
  If you're a larger company you can break your code down and only allow people access to the module they're working on, for smaller to mid sized companies that's not such a viable option; people generally work on whatever bit of code needs working on. I doubt Kaspersky actually employees that many developers.
  That's assuming it was a developer, it could just as easily have been a systems administrator; controlling their access is often even more difficult because their roles often mean they can circumvent security restrictions. You can audit events like that, of course, but that's usually an after-the-fact thing.
  A lot of roles entail a level of implied trust. Sometimes that trust gets betrayed.
  
  --
  Yeah, I had a sig once; I got bored of it.
slashdot comments and language use by Anonymous Coward · 2011-01-31 17:08 · Score: 0

I found myself incapable of replying to a comment (sidenote: no javascript, clicked the 'enable classic discussion system' link but no change occurred, fuck it), so I'll just agree with poster above re: copyright infringement not being theft.
as to the evolution of language, theft still has clear legal and dictionary definitions, and can't be applied to things spuriously just because you like to use poorly thought out retorts.
Hope Kapersky Fails for Thier Prvacy Comment by BrendaEM · 2011-01-31 23:25 · Score: 1

If memory serves me correctly, someone at Kapersky stated that they didn't believe that people were entitled to privacy.
I wish nothing but the worst for their company.

--
https://www.youtube.com/c/BrendaEM
Call Jackie Chan... by Anonymous Coward · 2011-02-01 02:00 · Score: 0

If i recall Jackie Chan was doing some tv ads for them...i guess they better call him in.