Slashdot Mirror
Officials Fear Russia Could Try To Target United States Through Kaspersky AV (go.com)
Russia's growing aggression toward the United States has deepened concerns among U.S. officials that Russian spies might try to exploit one of the world's most respected cybersecurity firms to snoop on Americans or sabotage key U.S. systems, according to an ABC News investigation. From the report: Products from the company, Kaspersky Lab, based in Moscow, are widely used in homes, businesses and government agencies throughout the United States, including the Bureau of Prisons. Kaspersky Lab's products are stocked on the shelves of Target and Best Buy, which also sells laptops loaded by manufacturers with the firm's anti-virus software. But in a secret memorandum sent last month to Director of National Intelligence Dan Coats and Attorney General Jeff Sessions, the Senate Intelligence Committee raised possible red flags about Kaspersky Lab and urged the intelligence community to address potential risks posed by the company's powerful market position. "This [is an] important national security issue," declared the bipartisan memorandum, described to ABC News by congressional sources.
LOL,wait, there are people who think Kasperesky isn't compromised? ROFL. Using a respected and renowned cybersecurity first to as a cover seems like a no-brainer to me. I've assumed they were compromised years ago, quite frankly.
They are secure because the USA has TLAgencies that help protecting the American people.
https://socioecohistory.files....
I am sure that there are many other solipsists out there.
We're all just one automatic upgrade away from infection. ...which now that I think of it, is true for any AV product.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Russia this, Russia that - seems like the left really fears them for something despite being Soviet themselves.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
I remember when much the same concerns were raised about Chinese networking equipment. (If memory serves, being supplied into a large project in Australia).
This was before the Snowden revelations.
So, we now know that really what they were doing was preserving the supply of US networking equipment that could be pwned.
Thus, one wonders if the same thing is happening here?
Are you now or have you ever been a member of Kapersky Lab?
Fully licensed blockchain psychiatrist
The joke's on us -- the chips come from China.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
And what about Microsoft, Apple, Google? Should Russia fear all these companies as well and ban them?
Also, are there people who think Microsoft isn't compromised? ROFL. Using an operating system with the highest market share as a cover seems like a no-brainer to me. I've assumed they were compromised years ago, quite frankly.
...with this red scare stuff. Hillary lost because she was an inferior candidate.
We are amidst the beginnings of a new cold war. I have a lot of respect for Kaspersky. Being so close to the Kremlin doesn't made me feel warm and fuzzy, but they have always spoken out against state actors. I wonder if they will respond directly to this as they have always seemed to be a fairly open company with regards to data breaches and cuber security risks. https://www.scmagazineuk.com/i...
Just open a dictionary.
I haven't used anti-virus software in years. I only have Windows Defender and Malwarebytes installed on my Windows PCs.
Chips?
Most of the Catalyst switches are made in China. The 2960 series, 3560 series, 3600 series, 3750 series, and 3800 series are all made in China. The 4500 series are made in Mexico. You'd be hard-pressed to find a conventional L3 switch not manufactured outside of the United States, and I would be amazed if any L2 switches are made in the US.
Do not look into laser with remaining eye.
The two are not mutually exclusive you know.
Do not look into laser with remaining eye.
[Citation Needed].
Wasn't it kaspersky that identified an NSA rootkit a few months back? Yep, they sure are a threat.
"Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
Anything to deflect from their own transgressions, like stealing an election from Bernie Sanders.
They might make it aggressively scan everything repeatedly so that your PC is slug-city. ...Oh wait, that's McAfee.
Table-ized A.I.
But also Windows!
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
Not saying they aren't (probably are, everyone else is), but let's put it this way: "All those who believe they have an uncrackable product / network / service, take one step forward."
You'll notice the smarter / older people taking a step back when they hear that.
Spying jokes aside, if the NSA (and the greater intelligence community) had pushed for good security practices from the beginning instead of cultivating an environment that made their spying easier, we wouldn't have to worry about this. The US government needs to realize that it cannot have it's cake and eat it too.
Rule 35 of the internet: "If it can be hacked, it will be". - Charles Stross
Why would any "key U.S system" have Russian AV software installed? A key function of AV software is to be able to intercept pretty much anything that happens.
I find that quite helpful.
I put my coffee next to the fan vent on my laptop and it keeps it warm.
of course *they're* going to root-out all the nsa ones. it's the RUSSIAN ones they may ignore... the same can be said the other way around, too: an american-based company may be quick to expose (certain) foreign government efforts, but may be compelled by secret order to ignore a u.s. one.
for that reason, it may be better for us regular folks to trust kaspersky over the likes of symantec or mcafee (or microsoft, even) because our greatest threats exist within our own borders, not outside of them.
The Snowden leaks* already showed that malware signatures are submitted to AV companies so that they purposefully do not flag the files.
Frankly, kaspersky, eset, and a handful of others are part of the handful of AVs I trust because they are NOT headquartered in 5 eyes countries.
The Canadian CSES have a slide with a box clearly labeled with EXACTLY this:
"
Commercial/Industry/Relationships
Influence Technology
(provide signature to AV)
"
"It's malware we paid for with our taxes! By golly it must be good!"
Actually, that was Trump
This is exactly why I said we needed to draft John McAfee during the 2016 election.
But NOOOOO... you all said he's too erratic, and temperamentally unsuited to be President.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
"In Soviet Russia, big prop reset button threatens you!"
It's okay. Obama told me the Russians weren't a threat.
Actually, that was Trump
Relax. Trump will build a firewall around the US, and make Russia pay for it.
Or not.
If it weren't for deadlines, nothing would be late.
Of course! Even if we stipulate, that NSA/CIA routinely access our computers, I'd certainly prefer that, however unpleasant, to a foreign power doing the same. And not just any foreign power, but Russia...
But, hey, do I understand you right, that you voted for Trump because he was beholden to Russia, rather than for Clinton, who was beholden to NSA/CIA?
In Soviet Washington the swamp drains you.
Yeah, people who A: rely on evidence, B: know what they're talking about, C: Don't guess and D: Don't say "ROFL" about the situation, you dipshit.
" there are people who think Kasperesky isn't compromised? ROFL "
No it was Obama when running against Romney and you all laughed when Romney said they were a threat. Now that Hitlery lost you're all freaking out about Russians. It's fucking hilarious
ah yes, Jeff Sessions, the notorious "leftist".
"They were pure niggers." – Noam Chomsky
Simple solution: what do Russian opposition parties/organizations use? If they trust Kaspersky, it's probably pretty safe. If I were Russia, I wouldn't bother with it though. Too obvious.
The Daddy casts sleep on the Baby. The Baby resists!
They want their cold war back.
Why don't the Democrats have done with it and just re-convene the House Un-American Activities Committee? Given today's political alignment, this could even include restarting the old John Birch Society campaign against dental fluoride. What was old is new again.
If the NSA, CIA, FBI and Five eyes all can see my Pr0n browsing history, why can't the FSB joint the fun too?
*** Suerte a todos y Feliz dia!
Also, are there people who think Microsoft isn't compromised?
Probably somewhere, but there have been indications that Microsoft has been working with the NSA for a looooong time. Also, I know it sounds ridiculous, but there is a back door in Intel chips that allows you to access them, even when the OS is not installed. I know that sounds crazy, I thought so too, at first.
Also, Google secretly hands your emails over to the NSA without telling you.
"First they came for the slanderers and i said nothing."
It's better for their image that they were 'hacked' and thus victims, rather than have it be that one of their own turned whistleblower and exposed them to Wikileaks. A lot of clues point that leaker as being Seth Rich, and sadly, he isn't talking.
Tinfoil is damned expensive these daysl. You have to order it from scientific or industrial supply houses. All the consumer level stuff is aluminum now.
The meme needs an update.
so true. duh. a decade ago I said to my colleagues, well, most of the antivirus tools are made out of the US with some US sales offices. it's okay. we need to authorize a certain degree of wiretapping by our telecoms to sniff our phones for a scammer script / calls and disconnect the call immediately for us much like we authorize anti-virus tools to block incoming malware. i wonder how long that novel idea will take.
This is a stupid move from US, with its world-dominating software industry. Following the same logic, most countries in the world should ban Windows.
This is precisely why I DO use Kaspersky ... I live in Australia and so don't want my own government (which is in bed with the US & UK) having access to my personal data.
But the Russian government? I don't care ... I don't plan to go there any time soon.
AC recall the Magic Lantern (software) https://en.wikipedia.org/wiki/... and the efforts to get AV company support for a US gov keylogger.
Domestic spying is now "Benign Information Gathering"
+1 for using AV products that work and that have the skills to track groups like the Equation Group https://en.wikipedia.org/wiki/....
Why risk a US antivirus vendor cooperation https://en.wikipedia.org/wiki/... in any US product or OS?
The PRISM https://en.wikipedia.org/wiki/... list showed what US brands and OS makers would do or "allow" to happen.
Domestic spying is now "Benign Information Gathering"
Tailored Access Operations (5/15/2014)
https://arstechnica.com/tech-p...
Domestic spying is now "Benign Information Gathering"
The CIA Vault 7 efforts would show a good AV company is worth supporting. Some of the better AV brands did find and block a few of the CIA efforts given AV staff skills and long term tracking of advanced malware.
Domestic spying is now "Benign Information Gathering"
After all the news about gov US plain text documents facing the internet and staff walking out to give documents to the waiting media?
"Russia did it" is about all that can be attempted to cover up for the total lack of domestic crypto and staff vetting over decades.
Domestic spying is now "Benign Information Gathering"
Yes AC it was AV fun on the CIA Vault 7 detection list. Of the few AV brands that could detect US gov malware and all the trusted AV big brands that totally failed.
Domestic spying is now "Benign Information Gathering"
Russia this, Russia that - seems like the left really fears them for something despite being Soviet themselves.
They are the world's most powerful dictatorship. Putin has been fairly successful in pretending not to be a dictator, but the more of his critics and opponents he kills, the more obvious the charade becomes. If that's not enough cause for concern, Russian-language propaganda against the US is. (Russia's media is controlled by the state.) If that's not a cause for concern, Russia's annexation of other countries (and the world's failure to respond) is.
A cat can't teach a dog to bark.
McCarthy called, we wants his paranoia back.
Funny how nobody noticed how very suddenly everything from elections not going the favorite way to bad weather is Putins fault. Let's conveniently ignore that he's been running Russia one way or the other for twenty years.
Assuming that much of this stuff is either fabricated or wasn't important some years ago and is dragged up now - the question is why? For what purpose is the public fed the old "Russia is evil" meme again? What are we being prepared for?
Assorted stuff I do sometimes: Lemuria.org
Also, I know it sounds ridiculous, but there is a back door in Intel chips that allows you to access them, even when the OS is not installed
Technically:
1 - it's not in the Intel *CPU*, it's in the Intel *Server Motherboard Chipsets*.
By design, Intel ME (Management Engine) is a useful tool so sys-admin can remotely access and checks servers (or enterprise workstation) whose OS won't even respond anymore. (e.g.: to diagnose early boot process steps, oversee a firmware update, etc.)
It' basically a small embed CPU core running a micro embed Linux and featuring a web server for the interface and a sort of VNC server and port forwarder/remote device mapper.
In practice, this service is done very sloppily and bugs are constantly found that enable exploit and un authorized acces.
2 - Intel ME has equivalent in other manufacturer called IPMI. e.g.: most of the AMD server motherboard features that one.
Again, like with Intel ME, cirtical exploitable bug are regularily found in IPMI, meaning it similarly easy to circumvent access control.
A big chunk of these exploitable bugs in both Intel ME and IPMI are very probably due to sloppy programming for product rushed to the marker.
But given how many bugs are discovered, and how juicy light-out-management is as a target, there bound to be a few "not so honest mistakes" among these bugs.
But these not-quite-accidental bugs aren't only to be blamed on US agencies.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Puuuuh-leeeeze!
"Trump!!", the new Godwin.
So are the Russians.
Over the past 10 or 15 years, I have tried nearly all of the major (and some not-so-major) AV programs out there.
...
The absolute best I have yet used is in fact Kaspersky (Total Security and the Small Office Suite).
There has never been an instance over the past 3 years of having Kaspersky fail to fully protect all the PCs under my guard (~22 at last count).
Other AV programs have ALL allowed an infection through at one time or another: AVast, Eset, AVG, McAfee, Norton, TrendMicro,
Self-importance and self-indulgence is the root of ALL evil.
The same people accusing Russia of being the culprit are the same ones responsible for his Soviet-like disappearance.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.