Slashdot Mirror
Officials Fear Russia Could Try To Target United States Through Kaspersky AV (go.com)
Russia's growing aggression toward the United States has deepened concerns among U.S. officials that Russian spies might try to exploit one of the world's most respected cybersecurity firms to snoop on Americans or sabotage key U.S. systems, according to an ABC News investigation. From the report: Products from the company, Kaspersky Lab, based in Moscow, are widely used in homes, businesses and government agencies throughout the United States, including the Bureau of Prisons. Kaspersky Lab's products are stocked on the shelves of Target and Best Buy, which also sells laptops loaded by manufacturers with the firm's anti-virus software. But in a secret memorandum sent last month to Director of National Intelligence Dan Coats and Attorney General Jeff Sessions, the Senate Intelligence Committee raised possible red flags about Kaspersky Lab and urged the intelligence community to address potential risks posed by the company's powerful market position. "This [is an] important national security issue," declared the bipartisan memorandum, described to ABC News by congressional sources.
Puuuuh-leeeeze!
LOL,wait, there are people who think Kasperesky isn't compromised? ROFL. Using a respected and renowned cybersecurity first to as a cover seems like a no-brainer to me. I've assumed they were compromised years ago, quite frankly.
first post
Guy is stuck in the 50's
I seem to remember a news report that touched on Cisco network equipment being altered (chips being replaced) at customs when exported to other countries.
Listening devices in jars of caviar.
Seriously, these guys are just thinking up movie plots...
They are secure because the USA has TLAgencies that help protecting the American people.
We cannot trust the Russians. Russians cannot trust their own government. There is no real liberty or freedom. The Russian government has taken all the power from the citizens.
Russians cannot trust the United States. The Snowden document dump shows that the USA three letter agencies cannot be trusted by anybody. US citizens cannot trust their own government.
I tend to think that war is averted when spy agencies effectively keep everything under control. They keep the peace for us. What a wonderful world!
Everyone Else Fears Russia Could Try To Target United States Through US President.
https://socioecohistory.files....
I am sure that there are many other solipsists out there.
Would not be surprised if all of them are compromised in some way. What a perfectly legitimate way to hide a snooping/scanning software inside something that already have a legitimate reason to scan all your files and chew up a quarter of your CPU cycles
It would be fair turnabout as we're already spying on Russia and China using compromised Cisco equipment.
We're all just one automatic upgrade away from infection. ...which now that I think of it, is true for any AV product.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Russia this, Russia that - seems like the left really fears them for something despite being Soviet themselves.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
I remember when much the same concerns were raised about Chinese networking equipment. (If memory serves, being supplied into a large project in Australia).
This was before the Snowden revelations.
So, we now know that really what they were doing was preserving the supply of US networking equipment that could be pwned.
Thus, one wonders if the same thing is happening here?
Are you now or have you ever been a member of Kapersky Lab?
Fully licensed blockchain psychiatrist
In capitalist America, US President downloads software.
In soviet Russia, software uploads choose US President.
And what about Microsoft, Apple, Google? Should Russia fear all these companies as well and ban them?
Also, are there people who think Microsoft isn't compromised? ROFL. Using an operating system with the highest market share as a cover seems like a no-brainer to me. I've assumed they were compromised years ago, quite frankly.
...with this red scare stuff. Hillary lost because she was an inferior candidate.
Compromised by the NSA or CIA, more likely.
We are amidst the beginnings of a new cold war. I have a lot of respect for Kaspersky. Being so close to the Kremlin doesn't made me feel warm and fuzzy, but they have always spoken out against state actors. I wonder if they will respond directly to this as they have always seemed to be a fairly open company with regards to data breaches and cuber security risks. https://www.scmagazineuk.com/i...
Just open a dictionary.
I haven't used anti-virus software in years. I only have Windows Defender and Malwarebytes installed on my Windows PCs.
like a bad attempt at getting people to ditch Kaspersky AV and buy the less secure American products. It's too bad most people won't use reason, and just gulp up whatever shit is served to them on the TV..
And "Russia's growing aggression towards the U.S."? please, that's laughable. There is no other country showing as much aggression as the U.S. both towards its citizens and outwards to other countries.
Slashdot is really turning into a shitty mouthpiece for American propaganda.
It's okay. Obama told me the Russians weren't a threat.
Coder's Stone: The programming language quick ref for iPad
The two are not mutually exclusive you know.
Do not look into laser with remaining eye.
[Citation Needed].
Anything to deflect from their own transgressions, like stealing an election from Bernie Sanders.
They might make it aggressively scan everything repeatedly so that your PC is slug-city. ...Oh wait, that's McAfee.
Table-ized A.I.
But also Windows!
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
Yes. Next question?
Very often, people confuse simple with simplistic. The nuance is lost on most. - Clement Mok
Not saying they aren't (probably are, everyone else is), but let's put it this way: "All those who believe they have an uncrackable product / network / service, take one step forward."
You'll notice the smarter / older people taking a step back when they hear that.
Spying jokes aside, if the NSA (and the greater intelligence community) had pushed for good security practices from the beginning instead of cultivating an environment that made their spying easier, we wouldn't have to worry about this. The US government needs to realize that it cannot have it's cake and eat it too.
Rule 35 of the internet: "If it can be hacked, it will be". - Charles Stross
Why would any "key U.S system" have Russian AV software installed? A key function of AV software is to be able to intercept pretty much anything that happens.
I find that quite helpful.
I put my coffee next to the fan vent on my laptop and it keeps it warm.
Ugh - I keep getting exemptions on my corporate computers to not scan my .vmdk files in my vm folder, and then they keep disappearing. I've never seen a bigger waste of resources.
Normally take at least a 15-minute break when that starts up.
"It's malware we paid for with our taxes! By golly it must be good!"
This is exactly why I said we needed to draft John McAfee during the 2016 election.
But NOOOOO... you all said he's too erratic, and temperamentally unsuited to be President.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
You shouldn't use any type of software that comes from Russia or China.
Anyone claiming that any non trivial peice of software has *no* bugs is either delusional, a liar or an idiot.
Of course! Even if we stipulate, that NSA/CIA routinely access our computers, I'd certainly prefer that, however unpleasant, to a foreign power doing the same. And not just any foreign power, but Russia...
But, hey, do I understand you right, that you voted for Trump because he was beholden to Russia, rather than for Clinton, who was beholden to NSA/CIA?
In Soviet Washington the swamp drains you.
See subject: ... FIND a valid one in it. The code's been audited by Malwarebytes' personnel who found it well-written & safe + so do ~60 antivirus programs @ Google's VirusTotal https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/
* 1 of the users of my program said this after monitoring it as it ran in a VM for him: "I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell
The code ITSELF is self-checking vs. alterations too (such as viral infestation @ tail end jump tables OR hexeditors) & also protects hosts itself above & beyond WFP/SFP (nothing usermode can bust into it & yes, I've tried).
APK
P.S.=> I know a few here (detractors like yourself) have taken a peek @ it & tried to find bugs (not a SINGLE one yet since 2012 public release) - It's not a "super-complex" system & built from PROVEN componentry (of the part I didn't write the Delphi/Object Pascal provides only) in what I call a "hyper-alloy combat chassis" design... apk
Why?
Yeah, people who A: rely on evidence, B: know what they're talking about, C: Don't guess and D: Don't say "ROFL" about the situation, you dipshit.
" there are people who think Kasperesky isn't compromised? ROFL "
ah yes, Jeff Sessions, the notorious "leftist".
"They were pure niggers." – Noam Chomsky
"The left" isn't "US officials" you retarded Trumpy illiterates... sorry, Russia may have gotten your babytalking daughter-molesting golfosexual elected but they can't keep him from getting impeached in 6 weeks. Pooooor idiots.
If you think antivirus software is so bad, then stop bragging about how much Malwarebytes employees love your software. You can't have it both ways.
slide 22:
https://assets.documentcloud.org/documents/1690224/doc-6-cyber-threat-capabilities.pdf
Simple solution: what do Russian opposition parties/organizations use? If they trust Kaspersky, it's probably pretty safe. If I were Russia, I wouldn't bother with it though. Too obvious.
The Daddy casts sleep on the Baby. The Baby resists!
They want their cold war back.
Cool trick !!!
Why don't the Democrats have done with it and just re-convene the House Un-American Activities Committee? Given today's political alignment, this could even include restarting the old John Birch Society campaign against dental fluoride. What was old is new again.
See subject: They host my ware - & IF I'm 'bragging' (which I'm not)? At least I have something to 'brag' about.
APK
P.S.=> Face it - you WISH you were me & hate my demographic (doers, not talkers) but the REAL TRUTH of "your kind"? You hate yourselves for being hotair windbag "ne'er-do-wells" & you KNOW it (the rest of us do, so don't fool yourself anymore)... apk
Most all electronics and computers are made in China. Let's boycott them too.
If the NSA, CIA, FBI and Five eyes all can see my Pr0n browsing history, why can't the FSB joint the fun too?
*** Suerte a todos y Feliz dia!
I've got a file I'm sending you right now. Why don't you go and open it right away. It will check out on your virus scanner so you have no evidence of it being malicious. Go on open it ....don't tell me you are not going to open it based on the fact you THINK it might be malicious. You've got no evidence!
ROFL
ROFL
ROFL
ROFL
ROFL
ROFL
ROFL
ROFL......ROFL
Also, are there people who think Microsoft isn't compromised?
Probably somewhere, but there have been indications that Microsoft has been working with the NSA for a looooong time. Also, I know it sounds ridiculous, but there is a back door in Intel chips that allows you to access them, even when the OS is not installed. I know that sounds crazy, I thought so too, at first.
Also, Google secretly hands your emails over to the NSA without telling you.
"First they came for the slanderers and i said nothing."
It's better for their image that they were 'hacked' and thus victims, rather than have it be that one of their own turned whistleblower and exposed them to Wikileaks. A lot of clues point that leaker as being Seth Rich, and sadly, he isn't talking.
See subject & http://blog.talosintel.com/2016/08/vulnerability-spotlight-multiple-dos.html/ http://blog.talosintel.com/2016/09/vulnerability-spotlight-kaspersky.html/ http://www.dshield.org/diary/Kaspersky+Anti-Virus+Products+Remote+Heap+Overflow+Vulnerability/719/ https://firstlook.org/theintercept/2015/06/22/nsa-gchq-targeted-kaspersky/ http://slashdot.org/submission/4787123/former-employees-accuse-kaspersky-lab-of-faking-malware/ http://www.theregister.co.uk/2015/09/08/kaspersky_0day/
* FAR from a complete list mind you...
APK
P.S.=> APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ has no bugs, is lighter on resources & less moving parts complexity for exploit + makes you faster (& is native to the IP stack (no filtering drivers) vs. "Bolt on 'MoAr'" stupidity)... apk
so true. duh. a decade ago I said to my colleagues, well, most of the antivirus tools are made out of the US with some US sales offices. it's okay. we need to authorize a certain degree of wiretapping by our telecoms to sniff our phones for a scammer script / calls and disconnect the call immediately for us much like we authorize anti-virus tools to block incoming malware. i wonder how long that novel idea will take.
This is a stupid move from US, with its world-dominating software industry. Following the same logic, most countries in the world should ban Windows.
AC recall the Magic Lantern (software) https://en.wikipedia.org/wiki/... and the efforts to get AV company support for a US gov keylogger.
Domestic spying is now "Benign Information Gathering"
Hi Wally. How's it going?
Come on, that stupid suggestion didn't stop the intel backdoor within AMT / IME of Intel CPU's. You saved face and spammed the thread of that backdoor claiming you blocked that too thru your router. I have downloaded your hosts file engine, but removed it from my system after it is phoning home everywhere. How about you release the source code of your hosts file so I can audit it?
Kaspersky can identify our rootkits. Don't use them because we can't spy on you.
After all the news about gov US plain text documents facing the internet and staff walking out to give documents to the waiting media?
"Russia did it" is about all that can be attempted to cover up for the total lack of domestic crypto and staff vetting over decades.
Domestic spying is now "Benign Information Gathering"
Yes AC it was AV fun on the CIA Vault 7 detection list. Of the few AV brands that could detect US gov malware and all the trusted AV big brands that totally failed.
Domestic spying is now "Benign Information Gathering"
The only thing it communicates with is download servers in the hosts file security community & what your favorite sites are to make resolve faster locally proofing you vs. dns security issues too.
APK
P.S.=> LOL! You're REALLY 'reaching' UNIDENTIFIABLE anonymous stalker - my security setup @ all levels defended me perfectly in that case - it can't "talk back to C&C mama" for orders OR data transit, either way - per Symantec's research of it as to how it worked & what it communicates with (I bust those ports to NULL)... apk
Yes, of course Kaspersky is controlled by Putin. Seems like an apt choice for a country whose president is controlled by Putin.
From the blurb:
> "Kaspersky Lab's products are stocked on the shelves of Target and Best Buy [...]"
Oh, yeah. And at night they leave the shelves and go "BRAAAAINS...". But no brains at Target or Best Buy :-(
Russia this, Russia that - seems like the left really fears them for something despite being Soviet themselves.
They are the world's most powerful dictatorship. Putin has been fairly successful in pretending not to be a dictator, but the more of his critics and opponents he kills, the more obvious the charade becomes. If that's not enough cause for concern, Russian-language propaganda against the US is. (Russia's media is controlled by the state.) If that's not a cause for concern, Russia's annexation of other countries (and the world's failure to respond) is.
A cat can't teach a dog to bark.
Surely some mistake going on here........
Russia's growing agression to the United States?
Really, man you should seek employment with the Guardian or any number of Alphabet News outlets.
I think you will find the agression comes from er.............well the United States. It is a small error and confusing sometimes but please get your facts straight.
McCarthy called, we wants his paranoia back.
Funny how nobody noticed how very suddenly everything from elections not going the favorite way to bad weather is Putins fault. Let's conveniently ignore that he's been running Russia one way or the other for twenty years.
Assuming that much of this stuff is either fabricated or wasn't important some years ago and is dragged up now - the question is why? For what purpose is the public fed the old "Russia is evil" meme again? What are we being prepared for?
Assorted stuff I do sometimes: Lemuria.org
This "warning" is nothing but FUD dressed up as an excuse to force tensions and further a political agenda.
Also, I know it sounds ridiculous, but there is a back door in Intel chips that allows you to access them, even when the OS is not installed
Technically:
1 - it's not in the Intel *CPU*, it's in the Intel *Server Motherboard Chipsets*.
By design, Intel ME (Management Engine) is a useful tool so sys-admin can remotely access and checks servers (or enterprise workstation) whose OS won't even respond anymore. (e.g.: to diagnose early boot process steps, oversee a firmware update, etc.)
It' basically a small embed CPU core running a micro embed Linux and featuring a web server for the interface and a sort of VNC server and port forwarder/remote device mapper.
In practice, this service is done very sloppily and bugs are constantly found that enable exploit and un authorized acces.
2 - Intel ME has equivalent in other manufacturer called IPMI. e.g.: most of the AMD server motherboard features that one.
Again, like with Intel ME, cirtical exploitable bug are regularily found in IPMI, meaning it similarly easy to circumvent access control.
A big chunk of these exploitable bugs in both Intel ME and IPMI are very probably due to sloppy programming for product rushed to the marker.
But given how many bugs are discovered, and how juicy light-out-management is as a target, there bound to be a few "not so honest mistakes" among these bugs.
But these not-quite-accidental bugs aren't only to be blamed on US agencies.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Puuuuh-leeeeze!
"Trump!!", the new Godwin.
when the crimean/ukraine thing happened, I began looking into Kaspersky and decided I wished to go with a different company. Its not so much that I feared this sort of thing though, the amount of resources to run it, and value didn't seem to be there.
back when Kaspersky first came out, all of the bigname viruses came from Russia. My thought back then was, "why on earth would I give administrator access to an antivirus program written in the same place where all viruses come from?"...
the mind boggles...
Yes... this sudden vile vile hatred of Russia by the evil leftists is almost as strange as the sudden need to defend Russia at every opportunity that the honest rightists display.
What a brave new world!
Why would they bother with subverting Kaspersky? Subverting MS Defender is much easier. You don't even need a password.
See subject: What happened to Google w/ EFast is not going to happen to me & Malwarebytes' hpHosts already audited my code.
APK
P.S.=> You don't even code - what would YOU even do w/ it? Of course, you're welcome to PROVE you've done some code of your own now too (of course, I've never seen code w/ the author UNIDENTIFIABLE anonymous coward trolling worm either though, lol)... apk
Over the past 10 or 15 years, I have tried nearly all of the major (and some not-so-major) AV programs out there.
...
The absolute best I have yet used is in fact Kaspersky (Total Security and the Small Office Suite).
There has never been an instance over the past 3 years of having Kaspersky fail to fully protect all the PCs under my guard (~22 at last count).
Other AV programs have ALL allowed an infection through at one time or another: AVast, Eset, AVG, McAfee, Norton, TrendMicro,
Self-importance and self-indulgence is the root of ALL evil.
The same people accusing Russia of being the culprit are the same ones responsible for his Soviet-like disappearance.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.