FBI Warns US Private Sector To Cut Ties With Kaspersky

An anonymous reader quotes CyberScoop: The FBI has been briefing private sector companies on intelligence claiming to show that the Moscow-based cybersecurity company Kaspersky Lab is an unacceptable threat to national security, current and former senior U.S. officials familiar with the matter tell CyberScoop... The FBI's goal is to have U.S. firms push Kaspersky out of their systems as soon as possible or refrain from using them in new products or other efforts, the current and former officials say.

The FBI's counterintelligence section has been giving briefings since beginning of the year on a priority basis, prioritizing companies in the energy sector and those that use industrial control (ICS) and Supervisory Control and Data Acquisition (SCADA) systems. In light of successive cyberattacks against the electric grid in Ukraine, the FBI has focused on this sector due to the critical infrastructure designation assigned to it by the Department of Homeland Security... The U.S. government's actions come as Russia is engaged in its own push to stamp American tech giants like Microsoft out of that country's systems.
Meanwhile Bloomberg Businessweek claims to have seen emails which "show that Kaspersky Lab has maintained a much closer working relationship with Russia's main intelligence agency, the FSB, than it has publicly admitted" -- and that Kaspersky Lab "confirmed the emails are authentic."

Kaspersky Lab told ZDNet they have not confirmed the emails' authenticity. A representative for Kaspersky Lab says that the company does not have "inappropriate" ties with any government, adding that "the company does regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime."

Democrats have been on this

For months trying to destroy this company in an attempt to validate their bogus claims of russian hacking.

Re:Democrats have been on this

Out of all the text at the end of the article:

The issue of a code audit was dismissed as a “publicity stunt” earlier this year by Jake Williams, an ex-NSA employee who has called the U.S. government’s efforts against Kaspersky “purely political.”

Re:Democrats have been on this

Amen! Well said, comrade!

#tumputin #fagsforever

Re:Democrats have been on this

[MoarSauce123]

Maybe...but it is well known that Eugene Kaspersky is Vladimir Putin's sauna buddy. I guess they talk about more than just how hot and sweaty they are.

Re:Democrats have been on this

[MoarSauce123]

Maybe...I would take the words of ex-employees with a grain of salt.

Re:Democrats have been on this

That's literally like nothing to them, these are often the very same people who would bomb countries and kill civilians just because they are not on their side.

Re:Democrats have been on this

Explain to me exactly what their software is doing that's bad and I might believe it.
Anyone can simply assert that some company is helping Putin without evidence.
US agencies have 0 credibility without evidence to back it up.

Re:Democrats have been on this

their bogus claims of russian hacking.

It's a shame that the first casualty in all of these discussions is precision and this on a site the prides itself on nerdiness and technical prowess. How do you suppose that John Podesta's emails or the DNC emails or Hillary's emails were leaked? Somebody hacked them. The recent rise of hacking aimed at political objectives, especially during elections, cannot be explained by typical hacker motivations. Unlike carders, identity thieves and bank frauds there's no immediate financial motive and the attacks have been done to get material for leaking in coordination with fake news stories to push the narrative, not to vandalize or post hacktivist materials. Finally, the hacking is extensive and well resourced which means that somebody is paying for it. The people who hacked the DNC, John Podesta and Hillary Clinton among others during the last elections were either working for the Russians or were paid by them. For the Russians this is a relatively cheap form of payback for sanctions, perceptions of western meddling in Russian affairs and the like. The evidence overwhelmingly points to the Russians, who's state news services, including RT and Sputnik, were often the first to break the stories of the hacking or the fake news connected with the stolen emails. Almost like they had the stories ready to go and were either informed of the hacker's progress or working with so as to time the scoops. Coincidence? I think not. There's really no other plausible explanation.

Re: Democrats have been on this

We all have access to the internet, dude. We are well aware of the given story, just as we are well aware that we are constantly lied to by the very people pushing this story. Thanks for the rehash, it is quite a nice fairy tale, after all. Good job.

Re: Democrats have been on this

Evidence? I've yet to see any evidence!

Re: Democrats have been on this

We don't do that for ex-google employees so I don't see why we shouldn't here.

Re: Democrats have been on this

I agree .. American bogeymen in the tech business are ramping up the propaganda again . I don't know of anyone who has a issue with Kaspeesky

Re: Democrats have been on this

that is because you can not read coherent sentences

Re:Democrats have been on this

[johanw]

Kaspersky was the first to analyse some American attack virusses like Stuxnet and that has pissed the deep government agencies off.

Re: Democrats have been on this

A coherent sentence is of bratty your money ringing)

Re:Democrats have been on this

Obviously they aren't white listing state malware

Re: Democrats have been on this

Bingo. They get to go after 2 birds with the one tone. 1. Smear Trump and 3. Make the slaves computers less secure.

Re:Democrats have been on this

[Aighearach]

For months trying to destroy this company in an attempt to validate their bogus claims of russian hacking.

Hell, I'm a Democrat and I was saying years ago that only an idiot would trust a Russian company for computer security, because their system of civics means there they don't have such a thing as private business. All business is subject to instant regulation by the federal government, with no recourse, and death for those who try to use the courts or elections to resist. A company run by honest Russians would not be able to provide honest service.

Of course, the neckbeards on slashdot just call you a troll if you say that stuff. But I'm on the same page as the professionals on this.

Re:Democrats have been on this

[Aighearach]

I would take even the claim that he's an ex-employee with a grain of salt!

He could just as well be a guy they found at the homeless shelter and cleaned up to read a script.

I mean, wouldn't the sort of person who would be working at the NSA know that that employment is secret, and that nobody with two brain cells to rub together would believe you if you told them, because if it was true you wouldn't tell them.

If somebody who used to work there writes a book on their deathbed, maybe. If somebody is blowing the whistle on some serious crime, maybe. If somebody is just pointing a finger at legal stuff that the NSA does and claiming to have information about it, and also giving us that information, and the information is really vapid like calling a report "political," well I just don't believe it. If they arrest him, I'll believe it. But there is no law against lying about having been a secret agent, and that's why they don't arrest him.

Of course, that's all "if." I think the guy in question is just a private sector security researcher with un-named government contracting on his resume. If it is that guy, then he's just another random joe security guy who wasn't involved with the report and has no special information of any sort; which is why he made a statement. ;)

Re:Democrats have been on this

[Christinagirl1]

It was in Kaspersky's best interest to try to collaborate with Symantec because they knew they would be vulnerable to what is now called Stuxnet. Why not use a US company to uncover US government tools? (sarcasm) The Russians must think we are real idiots.

Re:Democrats have been on this

[Aighearach]

It was VirusBlokAda from Belarus that first identified it, with Brian Krebs giving the first public report in his blog. All Kaspersky did was say that it had to be a "nation-state actor," which is a "gee, really?" sort of non-informative blathering when there isn't any sort of profit angle involved.

Re:Democrats have been on this

How do you suppose that John Podesta's emails or the DNC emails or Hillary's emails were leaked?

Read your own statement a few times.
 
...were leaked
...were leaked

Do you know what that word means? It has a different meaning than "hacked".

And who was Seth Rich?

Re:Democrats have been on this

The only page you're on is a psychiatrist's patient list.

Re:Democrats have been on this

[umghhh]

It is making profits (I assume but did not check) in Russia. That is bad. If we nuke them our own companies may suffer. Also there is no free market other than one that brings profits of us.

Re: Democrats have been on this

How about writing some?

Re:Democrats have been on this

How do you suppose that John Podesta's emails or the DNC emails or Hillary's emails were leaked?

His name was Seth Rich.

Re:Democrats have been on this

...only an idiot would trust a Russian company for computer security...

Although we strongly disagree politically, I agree with you on that point.

Now, what do you think of trusting your IT support to a company whose principal members have ties to Pakistan, including at least one of their intelligence agencies?

Re: Democrats have been on this

You don't have to be Russian to fund hacking of Clinton servers. Dishonest republicans might take an interest, and any foreign power who might benefit from a weakened or chaotic USA. Russia is but one of those. There is also China. The Saudis may not have the skills, but they sure have the money to buy skilled folks - which may be found all over eastern Europe.

Re: Democrats have been on this

Of course you have the internet. Who the fuck do you think PUT it on the Internet?

Re: Democrats have been on this

What, nobody in your mom's basement ever got fucked over by Kapersky and that's supposed to be some kind of argument?

Cum grano salis

[sehlat]

Given that the FBI has repeatedly made it plain that they want unrestricted and owner-involuntary access to every piece of hardware on this planet, I'd take any cybersecurity recommendation they make with a grain of salt the size of the Benjamin Franklin.

Re:Cum grano salis

[fustakrakich]

Kaspersky can make a great advertising campaign out of this.

*Banned in the US for refusing to whitelist government malware*

Re:Cum grano salis

[Dracos]

Agreed. This sudden vendetta against Kaspersky suddenly feels less like they did something and more like they refused to do something the government wants.

Re:Cum grano salis

[gweihir]

Probably indicates that Kaspersky is not collaborating with the FBI, but doing their job. Of course, they may be collaborating with Russian intelligence instead. So to be sure to find government malware, run both Kaspersky and an FBI-approved scanner.

Re:Cum grano salis

[gweihir]

Pretty much my take also.

Re:Cum grano salis

Agreed. This sudden vendetta against Kaspersky suddenly feels less like they did something and more like they refused to do something the government wants.

If only Kaspersky's "updater" would not "drop unwanted and unasked for" software on a user's PC. In my case it was their socalled "VPN" software.

Call me a fakir or liar or whatever you want. I know I saw it with my own eyes ... eyes that are not accessible to the FBI and the NSA.

Re:Cum grano salis

*Banned in the US for refusing to whitelist government malware*

And European companies will have no qualms about trusting security software provided by the firm whose founder was KGB and maintains ties with its successor organizations and the Russian state. Right.

Re:Cum grano salis

I hate to rain on your conspiracy theory, but if that were actually true then Kaspersky could just point to the actual backdoor in the US products.

Re: Cum grano salis

Almost makes me want to get a Windows computer just to use their software. Almost.

Re:Cum grano salis

[Zemran]

I completely agree. I read this and think that I am now far more likely to use Kaspersky that I was before and I think many large businesses will think the same. The greatest cyber threats in recent years have come from the NSA, not Russia. There is a smear campaign under way and we are entering a new cold war that we may well lose. Europe have no intention of losing Russia as an ally because now they trade with them they see them as they are rather than as the propaganda paints them. This is not the 50s and the old style "Reds under the bed" propaganda does not work anymore. There is no evidence but of course they messed with our election just as we mess with their's. If they were better at it then learn from them and move on.

Re:Cum grano salis

[green1]

If you're an average citizen, you're far safer with a foreign power watching you than a domestic one. The foreign one is unlikely to be able to do anything about things they don't like.

Now if you're the one who runs the domestic spy agencies that's a different story, but for the rest of us, I always assume someone's watching, I always just hope it's nobody who has any power over me.

Re:Cum grano salis

[fustakrakich]

I read this and think that I am now far more likely to use Kaspersky that I was before and I think many large businesses will think the same.

And that's exactly what the government wants you to think. Kaspersky is really a triple agent, working for our side, along with Snowden. He's coming back with a treasure trove, real soon now...

Re:Cum grano salis

[nmb3000]

Given that the FBI has repeatedly made it plain that they want unrestricted and owner-involuntary access to every piece of hardware on this planet, I'd take any cybersecurity recommendation they make with a grain of salt

That may be true, but do you really think the Russian government is less interested in this same thing? I don't like FUD without evidence, but if you really fear the motives and reach of the US government, then you'd best be even more very worried about Russia as well.

And, ask yourself this: Would you trust a Chinese software company headquartered in Beijing more or less that Kaspersky, headquartered in Moscow, or Symantec, headquartered in Mountain View? At this point if you distrust one, you'd probably best distrust them all. At least of the three, the US is still democratic and answerable to Congress. Who do you think Putin answers to?

Re:Cum grano salis

At least of the three, the US is still democratic and answerable to Congress.

... which is answerable to lobbyists, which are answerable to multinational corporations, which are answerable to the private banking system (of which the Federal Reserve and similar institutions in most other 1st-world nations are members).

Russia is among the few BRICS nations. Brazil, Russia, India, China, South Africa. They said "hell no" to the private bankers running everything. It's no coincidence there is a concerted propaganda effort against Russia. The truth is, Putin is a chess player. He's one of the most rational leaders ever seen in recent history. He's good at not sabotaging himself. Our corporations are good at controlling media and issuing propaganda.

Re:Cum grano salis

[Luckyo]

The question will be simple: "Who are your direct competitors?"

If they're american, go with the russian software. If they're russian, go with american.

Re: Cum grano salis

So the sanctions which the EU placed on Russia are just a friendly reassurance, are they, and nothing to do with Russia invading Ukraine?

Re:Cum grano salis

Yeah, it's not like the Russians were able to poison Litvinenko in London because they didn't like what he was saying or anything is it.

The idea that Western security agencies are so bad that it's better to have foreign agencies spy on you is a myth that just needs to die. Western intelligence agencies have a lot to answer for, but at least they're not as bad as the likes of the FSB who will basically nail anyone who disagrees politically, or is gay, or otherwise different, with anything from a beating, to jail, to murder.

You're effectively saying "I don't like this beer with 5% alcohol in it, I might as well drink 100% alcohol instead". Yeah, don't try that, seriously.

If nothing else foreign security services will be more willing to use your identity, details, or steal from your bank account for their operations than domestic agencies will; i.e.:

https://www.theglobeandmail.co...

So yeah, quit it with the dangerous hyperbole, your intelligence agencies are still less likely to do you harm than that of non-Western intelligence agencies however we may be pissed off at them for overstepping their bounds. They're still not worse than the Stasi like services in places like Russia and Turkey nowadays. The kind of sky is falling pessimism that pretends Western security agencies are somehow worse than real actual fascist regimes is entirely counterproductive in terms of improving security, handing everything you own over to a known thief and fraudster because you don't like the fact the taxman took 20% of your income is grade A fucking stupid. You're saying because you don't have perfection in your own country that you might as well have complete imperfection instead.

If you don't want anyone to have any power over you then use open source software where possible, or don't use that type of software at all.

Re:Cum grano salis

Exactly. The FBI might be honest here, or they might not, and given their track record I'm much more inclined to believe this "advice" of theirs is because Kaspersky won't help them spy on US citizens.

Re:Cum grano salis

Some people just hate Russians. We need to censor anti-Russian hate speech.

Besides, 9-11 was a Jew job. ae911truth dot org

Re:Cum grano salis

[Gavagai80]

Litvinenko was a totally average citizen with no special reason to fear Russia, sure. You think the FSB goes after foreigners for insulting Putin or being gay? No, they only go after domestics, and escaped domestics who have influence in Russia, and possibly Georgians or Ukrainians. (It's the CIA that has true worldwide reach, but will only mess with you if you're a prominent politician opposing US policy in your country.) 99.999999999% of Americans or UKians are of no interest to Russia, but considerable interest to the NSA.

Re:Cum grano salis

[PPH]

Kaspersky could just point to the actual backdoor in the US products

Using this same logic, the FBI could point to the actual backdoor in Kaspersky's products.

Re:Cum grano salis

[sjames]

It's interesting how the claim that they messed with our election. They sort ofdid since they only exposed one side, but they didn't exactly manufacture the dirt, they just exposed it for all to see.

If what Russia did rises to the level of interference with the election, then what the FBI did certainly does too.

It's really sad that we've come to a point where between the Russian government and the American government, Americans are genuinely unsure who the bad guy is.

Re:Cum grano salis

[sjames]

OTOH, I am less likely to say, do, or know anything that the governments of Russia or China give a crap about. Certainly nothing they care enough about to actually launch a covert operation in the U.S. to actually do anything to me.

But as for U.S. government, all it takes is for me to see a cop commit a crime.

Re:Cum grano salis

[slashdotwannabe]

So, in other words, "who do you want to be pwned by? The Americans, or the Russians?"

Re:Cum grano salis

[slashdotwannabe]

Litvinenko was a totally average citizen with no special reason to fear Russia, sure

And you know this how? You don't; if you did, you wouldn't be talking about it, so by definition, you don't and your biases are speaking out of your ass.

State actors do the {THINGS} they do for the {REASONS} they have, and I don't know any of it, and I'm damn sure you don't either. The difference between you and me is that I don't speculate on shit I don't know on /.

Re:Cum grano salis

[Luckyo]

The exact opposite actually. The relevant question is "who do you NOT want to get pwned by?"

Better idea.

[Gravis+Zero]

Cut all ties with Microsoft and you won't even need ties to Kaspersky Lab. We should all cut ties with Microsoft.

Re:Better idea.

[MoarSauce123]

And instead increase ties with Google and Apple?

Re:Better idea.

[Gravis+Zero]

You will be shocked to learn, that there are OSes that aren't affiliated with any of those companies!

Re:Better idea.

[TheRealMindChild]

I like Windows. And Visual Studio

Re:Better idea.

[Zero__Kelvin]

So spin up a container on a Linux Box. Problem solved.

Re: Better idea.

Many sides

Re:Better idea.

Sounds like a shit experience.

Re:Better idea.

Your mom still raised you though, didn't she? Still, who knew that impacted fecal matter would eventually spawn the beauty that is you. Life is truly a miracle.

Re:Better idea.

[I'm+New+Around+Here]

Serious question: What smartphone available in the US isn't affiliated with Microsoft, Apple, or Google?

Is there one made nowadays that has an OS from another company?

Re:Better idea.

[phantomfive]

Sounds like a shit experience.

So does Windows and Visual Studio, tbh.
At my lost job, I ran Visual Studio in a VM on a Linux machine, through a laptop with x-forwarding. The VM with x-forwarding worked great.

Re:Better idea.

I thought everyone did that around 1993, but that could have been me. After I made it clear I didn't touch windows support my social group instantly contracted to people doing real IT. Did wonders for my career.

Re:Better idea.

[Zero__Kelvin]

Well you would still be running Microsoft software, so of course it is a "shit experience". The difference is that it would be a "shit experience" where you don't have to worry about malware, so it would be less of a "shit experience."

Re:Better idea.

Perhaps you'd be surprised to learn that what works for you doesn't necessarily work for the rest of the people, or industry.

Re:Better idea.

[sn0wflake]

BlackBerry OS. https://en.wikipedia.org/wiki/...

Re:Better idea.

[Gravis+Zero]

Just flash your smartphone with Sailfish or Ubuntu or Tizen or Replicant or...

Seriously, they are just computers.

Complain to World Trade Organization?

[manu0601]

I wonder if Russia can fight that at World Trade Organization's dispute settlement body? This is a flavor of protectionism US vowed to end when signing WTO treaties, after all.

Re:Complain to World Trade Organization?

[Dunbal]

I wonder if Russia can fight that at World Trade Organization's dispute settlement body?

What's the point? The US has proven time and again that it simply ignores WTO decisions (where it has lost to Nicaragua, Antigua and more recently the EU) when they become inconvenient. The WTO is meant to happen to OTHER people.

Re:Complain to World Trade Organization?

[manu0601]

If US ignores the ruling, WTO will probably grant Russia the right to ignore intellectual property rights of US firms. It did in the past for Antigua if I recall correctly.

The difference is that Antigua is not full of high-skilled programmers that could turn leaked Windows sources into a rival commercial product.

Re:Complain to World Trade Organization?

[gordguide]

If US ignores the ruling, WTO will probably grant Russia the right to ignore intellectual property rights of US firms. It did in the past for Antigua if I recall correctly.

The difference is that Antigua is not full of high-skilled programmers that could turn leaked Windows sources into a rival commercial product.

The WTO generally does not operate in that manner.

If Antigua was a signatory to the WTO, they agree as a condition of membership to respect and support the enforcement of the IP rights of other members.

What they will do, is if a harm is determined, is to give the harmed party the right to impose specific sanctions. Exactly what those sanctions are are left to the harmed party, rather than specified by the WTO. They do have to be reasonable, that is, in general equivalence with the harm done by the first (losing) party.

Re:Complain to World Trade Organization?

What they will do, is if a harm is determined, is to give the harmed party the right to impose specific sanctions. Exactly what those sanctions are are left to the harmed party, rather than specified by the WTO. They do have to be reasonable, that is, in general equivalence with the harm done by the first (losing) party.

Without some degree of punitive damages there is no deterrant against future harm. Domestically, the US tort system recognizes this. So do most others. Applying the same concept to the WTO is just a matter of scale.

Re: Complain to World Trade Organization?

That is exactly what the World Court allowed Antigua to do after the US ignored a ruling on online gambling.
Proper order of operations: research, engage brain, open mouth.

Re:Complain to World Trade Organization?

Canada has won several WTO rulings on lumber, and the US ignores them.

Re:Complain to World Trade Organization?

[squiggleslash]

Nope. The FBI's recommendation has absolutely no legal force. Any company that takes its advice does so voluntarily.

Further, the FBI isn't targeting all Russian security companies, just one high profile company. And despite the "Fake News" trolls coming out in the comments here, there's been serious doubts expressed about Kaspersky ever since Putin's control over the company increased after he started attacking their management in Russia, including arresting and charging the company's computer incidents investigation team leader for treason.

There's at least good reasons to believe Kaspersky 2016-17 is a very different company to the highly respected security company that uncovered Stuxnet et al prior to 2016. Kaspersky Labs today is under the thumb of a foreign power that's not exactly in tune with US interests. The FBI warning seems reasonable to me.

Re:Complain to World Trade Organization?

[BlueStrat]

...not exactly in tune with US interests.

Given what we've seen constituting "US interests" over the last couple of decades or so regarding the actions & behaviors of US TLAs towards the digital/online security and privacy of US citizens and the Constitutionally-guaranteed civil rights they have and are currently violating, that's a selling-point not a downside.

Strat

Re:Complain to World Trade Organization?

[xlsior]

The WTO generally does not operate in that manner.

If Antigua was a signatory to the WTO, they agree as a condition of membership to respect and support the enforcement of the IP rights of other members.

The WTO generally operates by having signatories follow the rules and abide by its rulings in the case of disputes -- but if a member country breaks the rules and does not fulfill their obligations, it's still an option that's on the table to force members to abide by the agreement.

The US violated trade agreements when they prohibited US citizens from doing business with Antigua-based online casinos. antigua complained to the WTO, and the WTO agreed and ruled in Antigua's favor. The US refused to comply and pay for damages caused by their violation of the agreement.

It was actually the WTO's who recommended Antigua suspend US copyrights to recoup $21 million worth of damages. Antigua has continued to fight this because in their opinion they are entitled to ten times that, but if there is no satisfactory agreement when the dust settles, then Antigua is 100% entitled to legally sell $21 million worth of 'pirated' software to whoever is interested.

Mr Pot, meet Mr Kettle

[PPH]

claiming to show that the Moscow-based cybersecurity company Kaspersky Lab is an unacceptable threat to national security

Ohh wait a moment...

[bogaboga]

Is this the same FBI that was sure Iraq had WMDs? We all know what happened thereafter.

The report, while seemingly convincing, was a pile of lies.

Sadly, after so much life had been lost. Folks continue to pay for the mistakes. why should we put any stock in these statements?

Re:Ohh wait a moment...

FBI does not give a fuck about external affairs. You are full of crap.

Re:Ohh wait a moment...

CIA is in charge of foreign intelligence. The FBI only investigates domestic issues.

So no, the FBI had NOTHING to do with the WMD thing.

Your ignorance indicates that you're probably a russian shill.

Re:Ohh wait a moment...

>Your ignorance indicates that you're probably a russian shill.

You are probably right. Just checked his comments, says very often something like "we (USA)" as he is speaking in the name of an US Citizen (Who the f*ck will non stop remember where he is form). And soon after takes position in favor of China, Russia, Iran, ... Anybody but US. Some other technical comments to hide, but very clear on the political side...

Re:Ohh wait a moment...

[Zemran]

"Your ignorance indicates that you're probably a russian shill." His point is still more valid than your attempt at making this ad hominem. How does one become a "shill"? Does it pay well? I would like to know because he does have a valid point even if he is ignorant of the structure of government bodies and if I could get paid for telling the truth I would be happy to do it.

Re:Ohh wait a moment...

The NSA is responsible for signal intelligence but there is often overlap between the various agencies. And the agencies battle for turf so organization charts really do not mean that much.

Re:Ohh wait a moment...

How does one become a "shill"? Does it pay well?

I don't know, you tell me. :)

I could get paid for telling the truth I would be happy to do it.

I know what you did here... Yep, clearly another Putin Puppet.

Re:Ohh wait a moment...

[gordguide]

FBI does not give a fuck about external affairs. You are full of crap.

The FBI most certainly does "give a fuck about external affairs". They interact extensively with law enforcement in other nations. Sometimes that law enforcement is the nation's Military. Or some other agency that blurs the lines between espionage and crime.

When it comes to US Citizens, there is a line drawn between the FBI and agencies like the CIA. But that line doesn't exist when it comes to other foreign nationals.

Re:Ohh wait a moment...

[Aighearach]

That's completely idiotic. The CIA is one of many foreign intelligence agencies, and the FBI is the primary generic federal law enforcement agency. They don't divide any duties at all between foreign/domestic. The FBI is the agency that investigates violations of US law all around the world. If you hack a bank in New York from Germany, it is the FBI that is coming for you. They really don't care about where you are, they have access to travel. It has to do with if the job is a law enforcement job, or not.

Get some fucking internet and you can learn shit.

Re:Ohh wait a moment...

He is, along with CyberAx, Uberbah and a few others.

Even if they're not explicitly on the payroll, they're precisely the type of useful idiot that Putin has a hard on for.

Guess which company hasn't given them access yey

[guruevi]

Symantec and the like have outright admitted cooperation with US spooks. At this point, if I were in charge of security I would be buying all computer hardware from outside sources like Huawei and Kaspersky, at least they've indicated unwillingness to cooperate with US stooges and Chinese/Russians infiltration would both be easy to detect and any positive evidence would seriously damage their reputation. Symantec and Microsoft have plainly given NSA and even BSA access to their information.

Welcome to the land of the Free

[Dunbal]

Government is telling you which software to use. You wouldn't want people to think you were a terrorist, would you?

Re:Welcome to the land of the Free

[Aighearach]

No, they're recommending which software not to use.

The police department often recommends not drinking and driving.

The weather service recommends wearing suitable clothing during a weather event.

The department of fish and game recommends keeping a tide table with you when fishing in salt water.

Are you scared of rain gear and safe driving yet?!?

What would be inappropriate?

[LeftCoastThinker]

Maybe the question to ask Kaspersky is what exactly would an inappropriate relationship with the FSB look like according to them? It seems like there is some pretty damning evidence that a bad actor state (Russia) has been working closely with Kaspersky in a way that violates the expectation of most of the free world. If Kaspersky is serious about clearing it's name, it should clearly define and limit it's relationship with the FSB and the Russian government. Unfortunately for Kaspersky, being based in Russia, a country without a constitution or bill of rights limits what they can actually back up with action, unless they shift the bulk of their organization out of Russia, and I don't see that happening.

Re:What would be inappropriate?

[Dunbal]

How about you apply those same standards to US firms and the CIA/NSA?

Re:What would be inappropriate?

[Kjella]

Maybe the question to ask Kaspersky is what exactly would an inappropriate relationship with the FSB look like according to them?

NSL.

Re:What would be inappropriate?

It seems like there is some pretty

followed by:

damning evidence

Glad you're not on my jury.

a country without a constitution

https://en.wikipedia.org/wiki/Constitution_of_Russia

or bill of rights

See the aforementioned constitution, chapter two

Now, Australia - there's a country with no bill of rights, and their constitution only deals with trade and state relations. Better not trust those bastards!

Re:What would be inappropriate?

[Zemran]

Nearly every country has a constitution, Russia is no different. http://www.constitution.ru/en/... Kaspersky is in Russia and has a relationship with the FSB just as US security companies have a relationship with the NSA. I trust Kaspersky far more than I trust Microsoft etc. because they are far more open about their relationships and what they do. If they want to remain trusted the last thing they should do is move out of Russia.

Re:What would be inappropriate?

If Kaspersky's ties to the FSB and more specifically to Putin is News to any users, then they should be embarrassed. I researched them prior to choosing their software. Do they have ties to the FSB? Well, yeah. Has there ever been a report of those ties resulting in damage to customers? Well, no. Is it a risk? I think so. But should they ever be caught, and my guess is any significantly wide-spread hacking would be discovered, they'll go out of business. I've always wondered how Kaspersky has negotiated what must be the difficult inner circle politics in Russia while maintaining their high product standards. OTOH, I think it wise that the USA government avoid the conflicts of interest which would be inevitable in they used Kaspersky's products. But I'd need to see smoking gun evidence of wrong-doing before I eliminated them from consideration for private use of their software. My guess is that the FBI is (once again) being used not as a law enforcement tool, but rather as a foreign policy tool, and is an obvious attempt to put pressure on Putin by putting pressure on his friends. I admit I haven't heard that the FBI has any substantial evidence. Do they have any? Or are they simple using innuendo and guilt by association? (as usual) Another sad day for the integrity of the FBI, I'd guess, since if the *have* evidence to support their allegations, why haven't they presented them to the public? It's easy enough to show that either the software has a back door or that it sends user sensitive information to itself or to others (Russians). So why haven't they? Or did I miss something?

Re:What would be inappropriate?

[dunkelfalke]

Seriously, what are you smoking? First of all, most countries in the world have a constitution, Russia is no exception. Second, why would you even care about FSB unless you live or visit Russia and plan to commit federal crimes there? FSB is more or less like FBI, foreign intelligence is not on their task list.

Re:What would be inappropriate?

Two words. Warrant Canary.

Odd that even Reddit's has gone down.

Re:What would be inappropriate?

[LeftCoastThinker]

Having a constitution in theory and having a constitution in practice are two very different things. I suggest you educate yourself on the actual political state of Russia. You are dangerously naive if you think there is any equivalence between the FBI and the FSB.

Re:What would be inappropriate?

[LeftCoastThinker]

There is again a difference between having a constitution in theory and in practice. You are extremely naive if you think there is equivalence between the NSA and the FSB. As far as I am aware, the US hasn't spontaneously invaded any neutral countries recently, or mounted massive cyber attacks against said countries, shot down commercial airliners etc...

Re:What would be inappropriate?

[LeftCoastThinker]

When the US wants to take over and rule the rest of the world, I would be happy to, until then your moral equivalence falls flat...

Re:What would be inappropriate?

[dunkelfalke]

It is not that I am naive, it is that you are uneducated, like you have already shown with saying that Russia has neither a constitution nor a bill of rights, and now just trying to cover it up with semantics. Yep, you are uneducated, because you also don't know that the FSB doesn't do foreign intelligence, that is the job of the SVR. The only real difference between the duties of the FSB and the FBI is that the FSB is also responsible fоr the border and the coast guards. The rest - the fight against domestic terrorism and organised crime, counterintelligence, hostage rescue - is very much the same.

Re:What would be inappropriate?

[dunkelfalke]

Seriously? "I am the good guy here, I haven't killed anybody since last Thursday", that is your argumentation? Dude, you are not only uneducated, you are downright brainwashed.

Re:What would be inappropriate?

[dunkelfalke]

So now you are going from "haven't invaded another country in the past few months" to "take over and rule the rest of the world"? That is, at the same time, moving the goal posts and a strawman argument. You are not a thinker, dude. You are a wannabe demagogue.

Re:What would be inappropriate?

[LeftCoastThinker]

Your professor clearly failed to teach you logic (or you were taught what to think instead of how to think). Take a seat because school is now in session:

No, it is not moving the goal posts. Recent invasion for the purpose of occupation and assimilation is a huge red flag indicator of a nation looking to further it's power and holdings by military action (AKA take over the world in common vernacular). Please show me any evidence that the USSR did not want to take over the world? Where is the evidence that former KGB agent and dictator for life Vladimir Putin would not take over the world given the chance? He clearly wants to restore Russia to its former dominance and has used military invasion to further that goal.

Nor is it strawman. Your argument was making moral equivalence between the US and Russia. My statement expounded on the flaws in that equivalence.

After WW2 the US was the only country on the planet with nuclear weapons and the most powerful standing military in the world. If we had wanted to, we could have subjugated the entire planet with just the threat of nuclear bombardment and seized a huge chunk of global wealth, but we did not. Since WW2 the US has only attacked when we or our allies are attacked or threatened to be attacked. Lets look at the US wars:

Iraq war: Rogue dictator threatened the US with WMD after kicking out legally required UN nuclear inspectors for several years. Afterwards we removed 200 tons of yellow cake uranium, multiple mobile bio/chem labs and his chemical weapons were later located being used by Asad, Saddams allies in Syria. The US set up a democratic government and trained an Iraqi army to facilitate the Iraq people having their own governance and sovereignty as well as building billions of dollars of infrastructure.

Afghanistan war: Religious terrorists based in Afghanistan murdered ~3000 US civilians in an unprovoked attack based in and back by the government of Afghanistan (Taliban). After we invaded, we built schools, infrastructure and set up a democratic government for the Afghani people.

Gulf (Iraq) war: Iraqi dictator invaded small US allied nation Kuait in a grab of oil fields and pipeline access to the gulf. The US freed Kuait and destroyed the Iraqi army without removing the leadership in Iraq.

Vietnam war: Tried to defend South Korea against a Chinese Communist backed coup. When the US left, millions of innocent people were slaughtered.

Korean war: Defended South Korea against a Chinese Communist backed coup. South Korea is a thriving, first world democracy. North Korea is a starving dictatorship on the verge of being obliterated on a daily basis solely because of the actions of their leader, who is still backed by the Chinese.

So please, use some facts to show how the US and our defense and intel departments are equivalent to Russia? Your examples must be systemic and not criminal acts by outliers who were subsequently punished for unsanctioned activities (outlier criminal activity cannot rationally be used to condemn organizations, only systemic or sanctioned activities and policies are valid for that purpose).

Re:What would be inappropriate?

[LeftCoastThinker]

One of us sure the hell is brainwashed.

On the one hand you have the US, the equivalent of a police officer. Not perfect, but clearly a force for good in the world. The US saved millions of lives in WW2, South Korea, etc. at our own expense of blood and treasure. After WW2, we didn't plunder and annex the losing countries. We created stable democracies where people live in peace and freedom in Japan and Germany. We tried to create peaceful democracies in Iraq and Afghanistan and spent billions to rebuild them both, but Islam is a medieval religion incompatible with freedom/democracy and we made the mistake of not destroying it like we destroyed emperor worship in Japan after WW2. When there is a disaster around the world, or a dictator is murdering innocents, after the UN has passed a meaningless resolution, the world looks to the US, and we always offer aid, and sometimes use our military to try to end the bloodshed.

OTOH, you have Russia, the former core of the USSR whose stated goal was to take over the world with military force and who held with force nearly a dozen eastern European countries for around 70 years. The USSR stole nuclear technology from the US and then spent the next 70 years threatening the rest of the free world with nuclear annihilation . Soviet Russia killed tens of millions of innocents, mostly its own citizens and more recently, former KGB agent/dictator for life Vladimir Putin invaded and annexed Crimea using military force. Around 10,000 people were killed in that agression.

But their both exactly the same right? Talk about clueless...

Re:What would be inappropriate?

[LeftCoastThinker]

I have an experiment for you:

1. Go to Russia
2. Become a Russian citizen (you can skip this if you want).
3. Start writing for a Russian news outlet or blog
4. Criticize Vladimir Putin

Let me know how well that constitution limits the power of the government or that bill of rights protects you from living out your days in a Siberian work camp.

Re:What would be inappropriate?

[Luthair]

Iraq war: Rogue dictator threatened the US with WMD after kicking out legally required UN nuclear inspectors for several years. Afterwards we removed 200 tons of yellow cake uranium, multiple mobile bio/chem labs and his chemical weapons were later located being used by Asad, Saddams allies in Syria. The US set up a democratic government and trained an Iraqi army to facilitate the Iraq people having their own governance and sovereignty as well as building billions of dollars of infrastructure.

You should really do some reading because this doesn't match reality at all. https://en.wikipedia.org/wiki/...

You've also entirely skipped the USA attempting and causing regime changes.

Re:What would be inappropriate?

[LeftCoastThinker]

I have a news flash for you: Wikipedia does not always reflect reality, especially when you get away from the hard sciences. If you think it does, you will end up ignorant and brainwashed.

Regarding Iraq, I don't need some half whit liberal shill on Wikipedia to tell me what he read from some other half whit liberal, which is what is actually on Wikipedia:

"Seymour Hersh writes that, according to a Pentagon adviser, "[OSP] was created in order to find evidence of what Wolfowitz and his boss, Defense Secretary Donald Rumsfeld, wanted to be true".

Here is a hint for you: when the author cites another author (who happens to be a liberal shill) who cites an anonymous "adviser" i.e. not an actual Pentagon employee on the record with an actual name who can be questioned for some form of proof and whose motivations can be estimated, you have a bunch of bullshit and innuendo. I happen to be immune to this kind of crap because I lived it and was paying very close attention at the time.

Fact 1: Saddam Hussein kicked out the IAEA/weapons inspectors over a year before. This material breach by it'self was grounds to resume conflict with Iraq, and there was no reason for Saddam to kick them out if he wasn't trying to pursue banned WMD fabrication.

Fact 2: everyone who knew WTF they were talking about, including Hillary Clinton and 15 plus international intelligence agencies from around the world believed that Saddam Hussein had all the tools to build nuclear weapons and he was working rapidly to that goal.

Fact 3: Saddam already had chemical weapons (he had already used them on the Kurds in the past).

Fact 4: Saddam was paying homicide bombers families a bounty if they would go and kill people in Israel, in an attempt to destabilize the region.

Fact 5: Multiple mobile bio/chem labs, which Saddam was banned from having, were captured in Iraq.

Fact 6: Over 200 tons of yellow cake uranium were seized and removed from Iraq after the war.

Fact 7: Dozens of industrial centrifuges were dug up after the war, which had been buried to hide them from the US military. These industrial centrifuges were the type used to enrich Uranium and the Iraquis who told us where to find them confirmed that they were to be used as such.

You can believe the liberal bullshit, based on lies, half truths and dishonest speculation aimed at discrediting president Bush, or you can believe the above facts, now that you have them, and realize that the US was fully justified from a legal and moral standpoint to remove Saddam Hussein from Iraq.

Offers to see code

[Tyrsal]

Considering Kaspersky has been distressed enough about this negative publicity to directly offer both the FBI and CIA access to it's source code and these offers have been rebuffed, I'm not exactly sold on anything the FBI has to say here as being anything more than a stunt

Re:Offers to see code

What would looking at the code accomplish? You have no idea if that code given to you matches the binaries.

Now if they gave the source code and the ability to compile it and distribute binaries yourself for use then that would be acceptable. They ain't gonna do that though.

Re:Offers to see code

[chill]

Access to source code is meaningless. You need to be able to match it to the different binaries, otherwise how do you know what you're looking at is what is actually executed?

With complex code that uses dynamic libraries, and is updated sometimes DAILY like anti-malware software is, there is no benefit from viewing source that you don't compile and maintain yourself.

Re:Offers to see code

[Dan+East]

Kaspersky has been distressed enough about this negative publicity to directly offer both the FBI and CIA access to it's source code

What does AV software do? At the end of the day, what does it do? Essentially it deletes files. It recognizes something is malicious, and it has complex scripts that removes it. That's what the software does, and that's what the source code was written to do. So now lets say you want to take down the electric grid of some power company, and your AV software is running on their computers. You push a virus definition file that flags critical files on those computers as malicious and the AV software deletes them. Control computers can no longer run their intended software, and bad stuff happens.

Tell me how showing anyone the source code prevents that from happening? Not to mention that AV software data files *are* executables, in that they contain scripts used for removing malware, and they are updated and pushed out almost daily.

Re:Offers to see code

... and the code for their compiler, and the build system's operating system, bootloader, firmware, CPU microcode, etc.

Or just boycott Russian software because it's the right thing to do (TM).

p.s. IMO the US is engaged in an e-war with Russia right now. If you're a US citizen and you use Kaspersky, then you're providing financial aid to the enemy = treason.

Re:Offers to see code

[johanw]

No, the neocons at the democratic and some of the republican party are at e-war with Russia. Russia needs all the support it can get against those traitors to humanity who want to start another devastating war.

Re:Offers to see code

Assume all security vendors work together with their "home governments / allied governments".

Now, decide which government you will prefer to see your data.

For me, it's slowly coming to a point where I will prefer russian / china software and hardware. I think I probably have less to lose if russia / china spies on me compared to US. US likes to throw it's weight around and ends up creating alot of issues. I meant state actors, not the malware creaters.

I only use windows for gaming, and soon even that may change to linux completely (Steam helps).

My servers run various flavours of Linux already.

Fuck Kaspersky ...

[CaptainDork]

... sever ties with the NSA.

Re:Fuck Kaspersky ...

Ah, if only we could actually do that... somehow these ties appear to be rather one-sided.

proprietary software ?

[jmccue]

Well between Microsoft, Apple and now Kaspersky seems there are little trust with Proprietary Software with vendors outside of the country of origin. And who knows what is embedded in modern cell phones.

Maybe this will finally convince people and businesses to move to Free Software. And more importantly, convince companies like Nvidia to release source of their drivers and firmware. one can always hope :)

Re:proprietary software ?

Probably not. But I can tell you I'm already sick of my Android phone spying on me. Literally every app developer is now spying on me.

Re:proprietary software ?

[johanw]

Then root the device and protect yourself.

Kasperski, Huawei, ZTE are "threats"

[williamyf]

And meanwhile, someone weaponized a couple exploits developed by the NSA, and, lo and behold, Wannacry is born...

Coño, no te jode?!

I live in Venezuela. If I have to get spied, I will better be spied by the most efficent and cost effective solution. If Kaspersky's products cathes the most Virii (NSA developed ones included), then that's the solution I'll use...

And, as an aside (or full disclosure, as you preffer), I worked for Huawei a long time ago, and I do freelance technical training for them from time to time, and yes, a long while ago (late 2000's) there was a case of some big honking telco routers phoning home to china. That was quickly rectified. From then on, no more (that I know off).

But guess what? So it happens with other provider's gear...

Again. If is not the Chinese, is the FSB (russia), or the NSA (USoA), or the MI6 (England), or the five eyes (USoA, England, Australia, New Zealand, Canada), or apple, or AWS, or Microsoft, or Google, or Opera [remember, Opera mini is a MITM browser, developed by sweedes, owned nowadays by the chinese], but someone is always able to spy on you. So, do not be moronic about it, and get the gear which is most efficient (and cost/effcient) for the task at hand.

The FBI and NSA are just pissed that is not THEIR backdors in the SW, but the FSB backdoors instead...

JM2C YMMV

No need to pay for it

More than enough free options out there if you really think you need to run this kind of software. Yes - Kaspersky also has a free version I realize.

But, if you're stuck on Windows you're better off using Defender and run Malwarebytes occasionally in safe mode.

ZOHO is next, and maybe WIX

i believe if we did deeper, we will find ZOHO and WIX to be a great asset to American companies, for the price of no privacy. a few of us knew about Kaspersky from day 1 when we were looking at their address and source coming from .ru or something like that. whois and dig, wireshark, snort and others are great tools to monitor your tools owners. keep your friends close and your enemies closer.

Re:Guess which company hasn't given them access ye

[rmdingler]

Symantec and the like have outright admitted cooperation with US spooks.

In other news, protectionism is all the rage in any nation's trade policy. It's much more sensible to appease your home government than a foreign one. General Motors and Ford are implying Toyota exhibits greater fealty to the Japanese government than to the wishes of their American counterpart.

Crazy how much power we still afford imaginary lines on the earth.

and kaspersky found the SONY ROOTKIT

and kaspersky found the SONY ROOTKIT, so why would we wish to suddenly believe they are all that evil and such...see im having this kinda if the fbi hates em i suddenly really like em, if russians want to hack me go ahead....id rather russians having a look and making sure SONY and friends are wacked right off the earth......

think

think sony rootkit ...they were oddly the only people to find it....hint hint

the nsa and fbi are at it again and this wanacry will blow your minds

and im not telling

A Little Late

[Surak_Prime]

So they've finally started giving the same advice I started giving my clients over a month ago. Boy, these guys are just Johnny-on-the-spot, aren't they?

Re:A Little Late

Did you even read the summary?

Re:A Little Late

[Aighearach]

Hell, I've been saying it right on this website for years, and I've got the downvotes to prove it. ;)

What about the ...

[CaptainDork]

... public sector and the goddam government sector?

When the shit hit the fan, I'd download Kasperky's stuff just long enough to haul an infected computer out of the ditch because it was some good shit.

Personally I am more worried...

about ClamAV (Cisco), McAfee (or whatever it is called now.), Symantec (Garbage since the Norton buy and ruination.), and Defender (Microsoft, who according to the EULA for Windows, nevermind Defender, can scan all your files and report believed infringing files to whoever they want as well as remotely access any of your files for any reason including Law Enforcement usage.)

Given all of these, and Kaspersky's overall good (but definitely not perfect) reputation as an AV company dating back 15+ years, they seem far more trustworthy than 90 percent of the field. And given that most of that 90 percent of the field is intentionally or unwillingly stooges of the US Intelligence apparatus, I would say trusting Kaspersky, as long as you have a backup a/v application/network monitoring tool, is probably far safer than most of the alternatives you can currently get free or paid for.

As stated by pp and others: the FBI/NSA/CIA have all shown a lazy interest in compromising both domestic and foreign information security for their own purposes, while doing nothing to ensure even domestic services are sufficiently hardened to keep out foreign or domestic adversaries, of which there are thousands dedicated and with resources, and millions of 'fleas' who just need that one 'big score' to move up to the big leagues. Giving them those opportunities by compromising system integrity at the hardware, firmware, and os level is a crime against humanity. But it won't be until the digital equivalent of 9/11 happens that we will see even a half assed attempt to secure those backdoors, and no doubt it will only resort in less convenience to the owner of the device, while the hackers will still have the same level of fettered access that they did in the past.

Whitelisting

[detritus.]

It probably has more to do with AV definitions and white-listing than a willingness to hand over code. Not only does the US government probably feel Kaspersky could whitelist Russian malware/heuristics, they also can't strong arm a Russian company to white-list their own.

If we want to return to secure for the user.....

If we want to return to secure for the user.....
computing, the only option at this point is fabbing new chips with end user configurable management engines, with no built in manufacturer keys, and electron microscope verification of the final fabbed chips to ensure that remains so.

I'm not sure either country has the willingness or ability to, but Venezuela+Cuba would be the perfect pair of countries to start a computing rebellion, assuming they could buy all the necessary fab gear and get a unit spun up.

If they could and were willing to work at fully verifiable consumer grade processors, even if they ~2009 era performance, I know I for one would buy them.

Ousting dangerous tech from our CPUs, our Motherboards, and our GPUs are the first steps towards taking back our systems. Without this, we are on a slow decline into the sort of dystopian nightmares that sci-fi writens have been pushing for years.

Re:Guess which company hasn't given them access ye

Symantec and the like have outright admitted cooperation with US spooks.

In other news, protectionism is all the rage in any nation's trade policy. It's much more sensible to appease your home government than a foreign one. General Motors and Ford are implying Toyota exhibits greater fealty to the Japanese government than to the wishes of their American counterpart.

Crazy how much power we still afford imaginary lines on the earth.

FYI: Japan is an island nation. (If you think an island's border is imaginary, then you must be high and/or trolling.)

p.s. I think the word you were looking for is arbitrary rather than imaginary.

My New Fav Virus scanner

[OppMan29]

I guess this one really works!!

Re:My New Fav Virus scanner

[AHuxley]

Yes help find the next Stuxnet, Equation Group, Duqu.
Kaspersky Lab https://en.wikipedia.org/wiki/...

You don't need antivirus for that

See subject: You don't need ANYTHING but 2 tools really - process explorer (or in the case of a rootkit, a Windows CD/DvD distro for fdisk & disable commands vs. rootkit drivers). Process Explorer can issue a "halt" command to ANY running process (even if hidden under services etc. & yes, it lets you see those too) & then once it is frozen, see it's properties on disk to see where the physical executable is, & destroy it (you can, as it's no longer locked by its own in memory process running as you 'froze' it earlier).

* THIS WORKS...

APK

P.S.=> It works SO well that you don't even need another good tool in autoruns to stop it starting from any possible startup areas... apk

FBI Just Keep Pissing Trump Off

Yet another thing that Trump will hate.

Re:If we want to return to secure for the user....

[gordguide]

If we want to return to secure for the user.....
computing, the only option at this point is fabbing new chips with end user configurable management engines, with no built in manufacturer keys, and electron microscope verification of the final fabbed chips to ensure that remains so.

I'm not sure either country has the willingness or ability to, but Venezuela+Cuba would be the perfect pair of countries to start a computing rebellion, assuming they could buy all the necessary fab gear and get a unit spun up.

If they could and were willing to work at fully verifiable consumer grade processors, even if they ~2009 era performance, I know I for one would buy them.

Ousting dangerous tech from our CPUs, our Motherboards, and our GPUs are the first steps towards taking back our systems. Without this, we are on a slow decline into the sort of dystopian nightmares that sci-fi writens have been pushing for years.

I think the problem with this specific approach is that Cuba and Venezuela are knee-deep with the Chinese. Everything from cellular tech to routers to buses to new cars to oil and gas rigs are China-sourced in Cuba in particular. I suspect that the US's realization that it may already be too late to displace China's influence in these two nations might be behind efforts to normalize relations with Cuba, while there is still a chance of US influence.

Biting a hand that feeds us

[aldousd666]

Again, since Washington apparently need demons to distract us from the other ones we already know about, lets choose the ones who could possibly have been our allies instead. Microcosm for the entire US-Russian relationship. Fucked up.

You can't trust ANY "security" company

That's the reality of it. Any company peddling "anti-virus" software on Microsoft Windows is a fraud. They're not able to adequately provide any real security. Real security comes from patches and the likes- not anti-virus software. Anti-virus software just can't work and doesn't in practice. If it ever catches anything chances are you're already infected by something else. Then it misses the fact a secure system can't be had without a full release of code. We don't have that today because Intel and AMD refuse to release critical components. A lot of work has to be done to reduce bloat and get a complete set of source code available for a single system. We're a long ways off to having anything remotely resembling "reasonably secure". The EOMA68 project is probably what we need to build off- but it's still not shipping yet. Soon... but not yet... a few delays unfortunately. If the issue isn't resolved shortly the project will simply make compromises and cut some functionality (unfortunately) to get it shipped.

The problem with lying

[nehumanuscrede]

all the time is, if and when you really are telling the truth, you can't get anyone to believe you.

It is a simple lesson the US Government has failed to grasp.

I don't trust my own government any more or less than a foreign one at this point.

As a result, I've simply tuned it all out.

Re:The problem with lying

[Tranzistors]

I don't trust my own government any more or less than a foreign one at this point. As a result, I've simply tuned it all out.

If you consider US and Russian governments equally bad, I don't think you have ever been tuned in. To illustrate, when people here (in Eastern Europe) are "concerned" with political climate in the US, they fear that it will turn into something like Russia.

Re:The problem with lying

[loonycyborg]

Well, I live in Eastern Europe, in city called Moscow. And I frankly don't see anything different wrt US vs Russia. Both countries are equally based on Western European groupthink ideology. Both in ideology and in practice there's no difference whatsoever, at least as far as ruling elites are concerned. They could be as well coming from same nation.

Re:The problem with lying

[Aighearach]

Play your word games in Russian, in English the place "Eastern Europe" does not include Moscow, which instead is in Russia. Which is mostly not even in Europe, but is certain not Eastern Europe. Is it in the east part of Europe? Probably, but eastern Europe and Eastern Europe have an important lexicographical difference that completely changes the meaning.

Re:The problem with lying

[loonycyborg]

If you check the map then Moscow most definitely is located in eastern part of Europe, and attaching any other meaning to it is deceptive, capitalization or no. Sometimes Eastern Europe also rather confusingly refers to Slavic dominated part of Europe, but even then Moscow still belongs there.

Re:The problem with lying

[Your.Master]

As a native English speaker, I think you're the one playing word games.

https://en.wikipedia.org/wiki/...

Moscow is a major political, economic, cultural, and scientific centre of Russia and Eastern Europe, as well as the largest city entirely on the European continent.

Saying it's in Russia and therefore "certainly" not Eastern Europe is like saying Hawaii is in the United States and certainly not the Pacific Ocean.

Re:The problem with lying

[Tranzistors]

Well, I live in Eastern Europe, in city called Moscow. And I frankly don't see anything different wrt US vs Russia.

As the folk saying goes, menshe znaesh, krepche spish.

Re:The problem with lying

[Aighearach]

If you check the map then...

Right. But, there was enough information in my post to tell you that I already have read maps. And so knowing what you know now that you've considered the map, you can go back and read my words and understand them this time. Well, you at least have some chance to.

There is a very obvious meaning of my words that doesn't require you to assume mistakes. When you assume mistakes just to make it match up with your own thinking you guarantee you won't comprehend words other people say.

Re:The problem with lying

[Aighearach]

No, you're picking out a city as a proxy for a county so that your point looks better. That is clearly a word game.

Try it again but only use the names of countries, and you'll at least be responding to what I said.

Not only is it just word games, it is really weak word games.

Like, did you really not know that the phrase "Eastern Europe" with the word Eastern capitalized is referring to a know group of countries, and that you could look that list up on the internet? Historically they were mostly defined by their allegiance to Russia, so it would be pretty obvious that Russia is therefore not on that list.

Proper names are already defined, your personal opinion of what the list should be is not relevant.

Re:The problem with lying

[loonycyborg]

No, even if I look at whole context it still makes no sense to exclude Russia. Like who else would care more about situation here, or actually know about it for that matter, other than people living in Moscow?

'unacceptable threat' doesn't mean much

[lusid1]

By comparison, so is a bottle of water in an airport, so that claim doesn't actually carry much weight anymore.

And Europe and Asia should stop

using American products, because it's been proven that most are subverted by the NSA and/or CIA. It's only reasonable, so do yourself a favor and find a European or Asian alternative, to be on the safe side.

Obviously, Kaspersky's sincerity and them being forthcoming about all of it shows that they are honest and trustworthy, and that FBI has nothing more than the American variety of froth and paranoia on display, as is usual.

MacCarthyism

These feeble anti-Russian propaganda moves have already worn thin. The US government should be punished for interfering in commercial relationships without any evidence. Ironically, it is software of US origin that HAS been found to contain some evidence of backdoors, like the NSAKEY symbol in windows, although that is not comprehensively proven. I don't see why these crazy stories about Russia are constantly posed by Americans. We don't see them anywhere else in the world, probably because they are not true. This sort of behaviour is bringing great shame to the United States.

Yeah, because Kaspersky is the only one...

[Mrakodrap]

...to be able to block WannaCry from the beginning (aka: crying wolf.) Of course without Kaspersky, NSA, CI, FBI, DHS, TSI will have much easier job to brutally violate your digital devices.

I do not trust any of this

I would not trust any Russian or Chinese company with software for an any of my devices I go out of my way to try to be sure what I install on my Mac PC phone is not originating there but that's almost impossible I don't trust their governments they are people or our government people it's a sad world we live in. I did have direct contact with Chinese companies and their employees I quit my job over it they are the most dishonest people I have ever dealt with. People have no idea how important their privacy really is as country after country including ours set the foundation for security states.

They were on GSA Schedule

[Christinagirl1]

The part that really tweaks me is that a Russian company that has the capacity of Kaspersky was actually on GSA Schedule. In case you are wondering that means they were permitted and preferred for US government contracts! I'm sure you can figure out where those back doors could lead! https://www.govconwire.com/201... Not surprisingly, many commercial businesses look to the government to lead in their selection in security vendors. You know, the reasoning that if the US government trusts them they must be okay. It is truly baffling how this can happen.

Re:They were on GSA Schedule

[iggymanz]

if you are a U.S. citizen the biggest threat to your privacy, liberty and security is the U.S. government, not the Russian one. What's messed up is the the U.S. government IS backdooring systems, while allegations of the Russian governmet doing so are without proof thus far.

Re:They were on GSA Schedule

[Christinagirl1]

That's not the point. It's about being proactive and avoiding this kind of penetration into US interests. I have a lot of respect for Kaspersky, I just think there are limits to what we share and who should have access to our government systems. After all, we are not all one Global nation. As for commercial businesses, they are our backbone. Wall Street is an example. And, I don't think any foreign nation should have access to what gives the US a financial lead. A collapse of the stock market would be detrimental to our well being as a nation and being proactive is not only logical, but expected by most US citizens who are invested in the markets.

Re:If we want to return to secure for the user....

[williamyf]

Gordguide is right.

And also, the sorry state of science missmanagement (please understand that is a management problem, the scientists are fine) will impede any directed long time efforts into this. I could tell you stories abut the Nanotechnology lab in my alma mater (hint - Non Existent). The guy behind the effort worked for me at one time (before we went to his masters degree) and is now working in Fishkill in GloFo, on the push to develop 7nm litho.

So no, do not pin your hopes on Cuba-Venezuela. Or Iran. Something like that could come from a place like singapore/indonesia, or a place like India/southAfrica/Brazil (if you notice, three of the brics).

There is a way to do that

You go through the courts and you outlaw it.
Silly me I thought we still had an actual government.

Re:Guess which company hasn't given them access ye

[guruevi]

You shouldn't rely solely on antivirus, but many companies require it as part of a complete security pantheon, sadly, too many people still run Windows on the desktop and click on anything that itself says is trustworthy.

Symantec, Norton etc has in the past whitelisted NSA malware like FinFisher and R2D2 which were quite crude and readily detected by "foreign" AV like Kaspersky and ESET and we also know NSA has developed malware for Mac, Windows and Linux/BSD such as the recent Samba vulnerabilities.

I do not trust any A/V company...

...that is based in a country with a government. Why? Because that company is subject to being controlled by the government, or IS the government.

That's why I only use Open Source A/V.

You just convinced me to...

...move to BeOS! Maybe OS/2 Warp?

Open Source & Reproducible Builds

[NZheretic]

The solution is to just open source licence the source code and publish in a Reproducible format. The Virus matching data and backend can be kept a proprietary service. This could open up a new business model, scanning source code for potential hostile actions and vulnerabilities.

Really?

Like these US companies don't do the very same... ALL OF THEM, not only the AV ones. Hypocrites!