Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Warns US Private Sector To Cut Ties With Kaspersky (cyberscoop.com)

Posted by EditorDavid on from the watching-in-Washington dept.

An anonymous reader quotes CyberScoop: The FBI has been briefing private sector companies on intelligence claiming to show that the Moscow-based cybersecurity company Kaspersky Lab is an unacceptable threat to national security, current and former senior U.S. officials familiar with the matter tell CyberScoop... The FBI's goal is to have U.S. firms push Kaspersky out of their systems as soon as possible or refrain from using them in new products or other efforts, the current and former officials say.

The FBI's counterintelligence section has been giving briefings since beginning of the year on a priority basis, prioritizing companies in the energy sector and those that use industrial control (ICS) and Supervisory Control and Data Acquisition (SCADA) systems. In light of successive cyberattacks against the electric grid in Ukraine, the FBI has focused on this sector due to the critical infrastructure designation assigned to it by the Department of Homeland Security... The U.S. government's actions come as Russia is engaged in its own push to stamp American tech giants like Microsoft out of that country's systems.
Meanwhile Bloomberg Businessweek claims to have seen emails which "show that Kaspersky Lab has maintained a much closer working relationship with Russia's main intelligence agency, the FSB, than it has publicly admitted" -- and that Kaspersky Lab "confirmed the emails are authentic."

Kaspersky Lab told ZDNet they have not confirmed the emails' authenticity. A representative for Kaspersky Lab says that the company does not have "inappropriate" ties with any government, adding that "the company does regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime."

103 of 173 comments (clear)

  1. Democrats have been on this by Anonymous Coward · · Score: 1, Offtopic

    For months trying to destroy this company in an attempt to validate their bogus claims of russian hacking.

    1. Re:Democrats have been on this by Anonymous Coward · · Score: 2, Funny

      Out of all the text at the end of the article:

      The issue of a code audit was dismissed as a “publicity stunt” earlier this year by Jake Williams, an ex-NSA employee who has called the U.S. government’s efforts against Kaspersky “purely political.”

    2. Re:Democrats have been on this by MoarSauce123 · · Score: 2

      Maybe...I would take the words of ex-employees with a grain of salt.

    3. Re:Democrats have been on this by johanw · · Score: 1, Insightful

      Kaspersky was the first to analyse some American attack virusses like Stuxnet and that has pissed the deep government agencies off.

    4. Re:Democrats have been on this by Aighearach · · Score: 1

      I would take even the claim that he's an ex-employee with a grain of salt!

      He could just as well be a guy they found at the homeless shelter and cleaned up to read a script.

      I mean, wouldn't the sort of person who would be working at the NSA know that that employment is secret, and that nobody with two brain cells to rub together would believe you if you told them, because if it was true you wouldn't tell them.

      If somebody who used to work there writes a book on their deathbed, maybe. If somebody is blowing the whistle on some serious crime, maybe. If somebody is just pointing a finger at legal stuff that the NSA does and claiming to have information about it, and also giving us that information, and the information is really vapid like calling a report "political," well I just don't believe it. If they arrest him, I'll believe it. But there is no law against lying about having been a secret agent, and that's why they don't arrest him.

      Of course, that's all "if." I think the guy in question is just a private sector security researcher with un-named government contracting on his resume. If it is that guy, then he's just another random joe security guy who wasn't involved with the report and has no special information of any sort; which is why he made a statement. ;)

    5. Re:Democrats have been on this by Christinagirl1 · · Score: 1

      It was in Kaspersky's best interest to try to collaborate with Symantec because they knew they would be vulnerable to what is now called Stuxnet. Why not use a US company to uncover US government tools? (sarcasm) The Russians must think we are real idiots.

    6. Re:Democrats have been on this by Aighearach · · Score: 1

      It was VirusBlokAda from Belarus that first identified it, with Brian Krebs giving the first public report in his blog. All Kaspersky did was say that it had to be a "nation-state actor," which is a "gee, really?" sort of non-informative blathering when there isn't any sort of profit angle involved.

    7. Re:Democrats have been on this by umghhh · · Score: 1

      It is making profits (I assume but did not check) in Russia. That is bad. If we nuke them our own companies may suffer. Also there is no free market other than one that brings profits of us.

  2. Cum grano salis by sehlat · · Score: 5, Insightful

    Given that the FBI has repeatedly made it plain that they want unrestricted and owner-involuntary access to every piece of hardware on this planet, I'd take any cybersecurity recommendation they make with a grain of salt the size of the Benjamin Franklin.

    1. Re:Cum grano salis by fustakrakich · · Score: 4, Insightful

      Kaspersky can make a great advertising campaign out of this.

      *Banned in the US for refusing to whitelist government malware*

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:Cum grano salis by Dracos · · Score: 2, Insightful

      Agreed. This sudden vendetta against Kaspersky suddenly feels less like they did something and more like they refused to do something the government wants.

    3. Re:Cum grano salis by gweihir · · Score: 1

      Probably indicates that Kaspersky is not collaborating with the FBI, but doing their job. Of course, they may be collaborating with Russian intelligence instead. So to be sure to find government malware, run both Kaspersky and an FBI-approved scanner.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:Cum grano salis by gweihir · · Score: 1

      Pretty much my take also.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    5. Re:Cum grano salis by Anonymous Coward · · Score: 1

      I hate to rain on your conspiracy theory, but if that were actually true then Kaspersky could just point to the actual backdoor in the US products.

    6. Re:Cum grano salis by Zemran · · Score: 2, Interesting

      I completely agree. I read this and think that I am now far more likely to use Kaspersky that I was before and I think many large businesses will think the same. The greatest cyber threats in recent years have come from the NSA, not Russia. There is a smear campaign under way and we are entering a new cold war that we may well lose. Europe have no intention of losing Russia as an ally because now they trade with them they see them as they are rather than as the propaganda paints them. This is not the 50s and the old style "Reds under the bed" propaganda does not work anymore. There is no evidence but of course they messed with our election just as we mess with their's. If they were better at it then learn from them and move on.

      --
      I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
    7. Re:Cum grano salis by green1 · · Score: 2, Insightful

      If you're an average citizen, you're far safer with a foreign power watching you than a domestic one. The foreign one is unlikely to be able to do anything about things they don't like.

      Now if you're the one who runs the domestic spy agencies that's a different story, but for the rest of us, I always assume someone's watching, I always just hope it's nobody who has any power over me.

    8. Re:Cum grano salis by fustakrakich · · Score: 2

      I read this and think that I am now far more likely to use Kaspersky that I was before and I think many large businesses will think the same.

      And that's exactly what the government wants you to think. Kaspersky is really a triple agent, working for our side, along with Snowden. He's coming back with a treasure trove, real soon now...

      --
      “He’s not deformed, he’s just drunk!”
    9. Re:Cum grano salis by Anonymous Coward · · Score: 2, Interesting

      At least of the three, the US is still democratic and answerable to Congress.

      ... which is answerable to lobbyists, which are answerable to multinational corporations, which are answerable to the private banking system (of which the Federal Reserve and similar institutions in most other 1st-world nations are members).

      Russia is among the few BRICS nations. Brazil, Russia, India, China, South Africa. They said "hell no" to the private bankers running everything. It's no coincidence there is a concerted propaganda effort against Russia. The truth is, Putin is a chess player. He's one of the most rational leaders ever seen in recent history. He's good at not sabotaging himself. Our corporations are good at controlling media and issuing propaganda.

    10. Re:Cum grano salis by Luckyo · · Score: 1

      The question will be simple: "Who are your direct competitors?"

      If they're american, go with the russian software. If they're russian, go with american.

    11. Re: Cum grano salis by Anonymous Coward · · Score: 1

      So the sanctions which the EU placed on Russia are just a friendly reassurance, are they, and nothing to do with Russia invading Ukraine?

    12. Re:Cum grano salis by Anonymous Coward · · Score: 1

      Yeah, it's not like the Russians were able to poison Litvinenko in London because they didn't like what he was saying or anything is it.

      The idea that Western security agencies are so bad that it's better to have foreign agencies spy on you is a myth that just needs to die. Western intelligence agencies have a lot to answer for, but at least they're not as bad as the likes of the FSB who will basically nail anyone who disagrees politically, or is gay, or otherwise different, with anything from a beating, to jail, to murder.

      You're effectively saying "I don't like this beer with 5% alcohol in it, I might as well drink 100% alcohol instead". Yeah, don't try that, seriously.

      If nothing else foreign security services will be more willing to use your identity, details, or steal from your bank account for their operations than domestic agencies will; i.e.:

      https://www.theglobeandmail.co...

      So yeah, quit it with the dangerous hyperbole, your intelligence agencies are still less likely to do you harm than that of non-Western intelligence agencies however we may be pissed off at them for overstepping their bounds. They're still not worse than the Stasi like services in places like Russia and Turkey nowadays. The kind of sky is falling pessimism that pretends Western security agencies are somehow worse than real actual fascist regimes is entirely counterproductive in terms of improving security, handing everything you own over to a known thief and fraudster because you don't like the fact the taxman took 20% of your income is grade A fucking stupid. You're saying because you don't have perfection in your own country that you might as well have complete imperfection instead.

      If you don't want anyone to have any power over you then use open source software where possible, or don't use that type of software at all.

    13. Re:Cum grano salis by Gavagai80 · · Score: 1

      Litvinenko was a totally average citizen with no special reason to fear Russia, sure. You think the FSB goes after foreigners for insulting Putin or being gay? No, they only go after domestics, and escaped domestics who have influence in Russia, and possibly Georgians or Ukrainians. (It's the CIA that has true worldwide reach, but will only mess with you if you're a prominent politician opposing US policy in your country.) 99.999999999% of Americans or UKians are of no interest to Russia, but considerable interest to the NSA.

      --
      This space intentionally left blank
    14. Re:Cum grano salis by PPH · · Score: 1

      Kaspersky could just point to the actual backdoor in the US products

      Using this same logic, the FBI could point to the actual backdoor in Kaspersky's products.

      --
      Have gnu, will travel.
    15. Re:Cum grano salis by sjames · · Score: 1

      It's interesting how the claim that they messed with our election. They sort ofdid since they only exposed one side, but they didn't exactly manufacture the dirt, they just exposed it for all to see.

      If what Russia did rises to the level of interference with the election, then what the FBI did certainly does too.

      It's really sad that we've come to a point where between the Russian government and the American government, Americans are genuinely unsure who the bad guy is.

    16. Re:Cum grano salis by sjames · · Score: 1

      OTOH, I am less likely to say, do, or know anything that the governments of Russia or China give a crap about. Certainly nothing they care enough about to actually launch a covert operation in the U.S. to actually do anything to me.

      But as for U.S. government, all it takes is for me to see a cop commit a crime.

    17. Re:Cum grano salis by slashdotwannabe · · Score: 1

      So, in other words, "who do you want to be pwned by? The Americans, or the Russians?"

      --
      This comment is my opinion and does not represent an official position of Donald Trump or others I do not work for
    18. Re:Cum grano salis by slashdotwannabe · · Score: 1

      Litvinenko was a totally average citizen with no special reason to fear Russia, sure

      And you know this how? You don't; if you did, you wouldn't be talking about it, so by definition, you don't and your biases are speaking out of your ass.

      State actors do the {THINGS} they do for the {REASONS} they have, and I don't know any of it, and I'm damn sure you don't either. The difference between you and me is that I don't speculate on shit I don't know on /.

      --
      This comment is my opinion and does not represent an official position of Donald Trump or others I do not work for
    19. Re:Cum grano salis by Luckyo · · Score: 1

      The exact opposite actually. The relevant question is "who do you NOT want to get pwned by?"

  3. Better idea. by Gravis+Zero · · Score: 3, Insightful

    Cut all ties with Microsoft and you won't even need ties to Kaspersky Lab. We should all cut ties with Microsoft.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:Better idea. by MoarSauce123 · · Score: 2

      And instead increase ties with Google and Apple?

    2. Re:Better idea. by Gravis+Zero · · Score: 3, Informative

      You will be shocked to learn, that there are OSes that aren't affiliated with any of those companies!

      --
      Anons need not reply. Questions end with a question mark.
    3. Re:Better idea. by TheRealMindChild · · Score: 1

      I like Windows. And Visual Studio

      --

      "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    4. Re:Better idea. by Zero__Kelvin · · Score: 1

      So spin up a container on a Linux Box. Problem solved.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    5. Re:Better idea. by I'm+New+Around+Here · · Score: 1

      Serious question: What smartphone available in the US isn't affiliated with Microsoft, Apple, or Google?

      Is there one made nowadays that has an OS from another company?

      --
      If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
    6. Re:Better idea. by phantomfive · · Score: 1

      Sounds like a shit experience.

      So does Windows and Visual Studio, tbh.
      At my lost job, I ran Visual Studio in a VM on a Linux machine, through a laptop with x-forwarding. The VM with x-forwarding worked great.

      --
      "First they came for the slanderers and i said nothing."
    7. Re:Better idea. by Zero__Kelvin · · Score: 1

      Well you would still be running Microsoft software, so of course it is a "shit experience". The difference is that it would be a "shit experience" where you don't have to worry about malware, so it would be less of a "shit experience."

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    8. Re:Better idea. by Gravis+Zero · · Score: 1

      Just flash your smartphone with Sailfish or Ubuntu or Tizen or Replicant or...

      Seriously, they are just computers.

      --
      Anons need not reply. Questions end with a question mark.
  4. Complain to World Trade Organization? by manu0601 · · Score: 1

    I wonder if Russia can fight that at World Trade Organization's dispute settlement body? This is a flavor of protectionism US vowed to end when signing WTO treaties, after all.

    1. Re:Complain to World Trade Organization? by Dunbal · · Score: 1

      I wonder if Russia can fight that at World Trade Organization's dispute settlement body?

      What's the point? The US has proven time and again that it simply ignores WTO decisions (where it has lost to Nicaragua, Antigua and more recently the EU) when they become inconvenient. The WTO is meant to happen to OTHER people.

      --
      Seven puppies were harmed during the making of this post.
    2. Re:Complain to World Trade Organization? by manu0601 · · Score: 1

      If US ignores the ruling, WTO will probably grant Russia the right to ignore intellectual property rights of US firms. It did in the past for Antigua if I recall correctly.

      The difference is that Antigua is not full of high-skilled programmers that could turn leaked Windows sources into a rival commercial product.

    3. Re:Complain to World Trade Organization? by gordguide · · Score: 1

      If US ignores the ruling, WTO will probably grant Russia the right to ignore intellectual property rights of US firms. It did in the past for Antigua if I recall correctly.

      The difference is that Antigua is not full of high-skilled programmers that could turn leaked Windows sources into a rival commercial product.

      The WTO generally does not operate in that manner.

      If Antigua was a signatory to the WTO, they agree as a condition of membership to respect and support the enforcement of the IP rights of other members.

      What they will do, is if a harm is determined, is to give the harmed party the right to impose specific sanctions. Exactly what those sanctions are are left to the harmed party, rather than specified by the WTO. They do have to be reasonable, that is, in general equivalence with the harm done by the first (losing) party.

    4. Re:Complain to World Trade Organization? by squiggleslash · · Score: 1

      Nope. The FBI's recommendation has absolutely no legal force. Any company that takes its advice does so voluntarily.

      Further, the FBI isn't targeting all Russian security companies, just one high profile company. And despite the "Fake News" trolls coming out in the comments here, there's been serious doubts expressed about Kaspersky ever since Putin's control over the company increased after he started attacking their management in Russia, including arresting and charging the company's computer incidents investigation team leader for treason.

      There's at least good reasons to believe Kaspersky 2016-17 is a very different company to the highly respected security company that uncovered Stuxnet et al prior to 2016. Kaspersky Labs today is under the thumb of a foreign power that's not exactly in tune with US interests. The FBI warning seems reasonable to me.

      --
      You are not alone. This is not normal. None of this is normal.
    5. Re:Complain to World Trade Organization? by BlueStrat · · Score: 1

      ...not exactly in tune with US interests.

      Given what we've seen constituting "US interests" over the last couple of decades or so regarding the actions & behaviors of US TLAs towards the digital/online security and privacy of US citizens and the Constitutionally-guaranteed civil rights they have and are currently violating, that's a selling-point not a downside.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
    6. Re:Complain to World Trade Organization? by xlsior · · Score: 1

      The WTO generally does not operate in that manner.

      If Antigua was a signatory to the WTO, they agree as a condition of membership to respect and support the enforcement of the IP rights of other members.

      The WTO generally operates by having signatories follow the rules and abide by its rulings in the case of disputes -- but if a member country breaks the rules and does not fulfill their obligations, it's still an option that's on the table to force members to abide by the agreement.

      The US violated trade agreements when they prohibited US citizens from doing business with Antigua-based online casinos. antigua complained to the WTO, and the WTO agreed and ruled in Antigua's favor. The US refused to comply and pay for damages caused by their violation of the agreement.

      It was actually the WTO's who recommended Antigua suspend US copyrights to recoup $21 million worth of damages. Antigua has continued to fight this because in their opinion they are entitled to ten times that, but if there is no satisfactory agreement when the dust settles, then Antigua is 100% entitled to legally sell $21 million worth of 'pirated' software to whoever is interested.

  5. Guess which company hasn't given them access yey by guruevi · · Score: 4, Informative

    Symantec and the like have outright admitted cooperation with US spooks. At this point, if I were in charge of security I would be buying all computer hardware from outside sources like Huawei and Kaspersky, at least they've indicated unwillingness to cooperate with US stooges and Chinese/Russians infiltration would both be easy to detect and any positive evidence would seriously damage their reputation. Symantec and Microsoft have plainly given NSA and even BSA access to their information.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
  6. Welcome to the land of the Free by Dunbal · · Score: 4, Interesting

    Government is telling you which software to use. You wouldn't want people to think you were a terrorist, would you?

    --
    Seven puppies were harmed during the making of this post.
    1. Re:Welcome to the land of the Free by Aighearach · · Score: 1

      No, they're recommending which software not to use.

      The police department often recommends not drinking and driving.

      The weather service recommends wearing suitable clothing during a weather event.

      The department of fish and game recommends keeping a tide table with you when fishing in salt water.

      Are you scared of rain gear and safe driving yet?!?

  7. What would be inappropriate? by LeftCoastThinker · · Score: 5, Insightful

    Maybe the question to ask Kaspersky is what exactly would an inappropriate relationship with the FSB look like according to them? It seems like there is some pretty damning evidence that a bad actor state (Russia) has been working closely with Kaspersky in a way that violates the expectation of most of the free world. If Kaspersky is serious about clearing it's name, it should clearly define and limit it's relationship with the FSB and the Russian government. Unfortunately for Kaspersky, being based in Russia, a country without a constitution or bill of rights limits what they can actually back up with action, unless they shift the bulk of their organization out of Russia, and I don't see that happening.

    --
    If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
    1. Re:What would be inappropriate? by Dunbal · · Score: 1

      How about you apply those same standards to US firms and the CIA/NSA?

      --
      Seven puppies were harmed during the making of this post.
    2. Re:What would be inappropriate? by Kjella · · Score: 1

      Maybe the question to ask Kaspersky is what exactly would an inappropriate relationship with the FSB look like according to them?

      NSL.

      --
      Live today, because you never know what tomorrow brings
    3. Re:What would be inappropriate? by Zemran · · Score: 1

      Nearly every country has a constitution, Russia is no different. http://www.constitution.ru/en/... Kaspersky is in Russia and has a relationship with the FSB just as US security companies have a relationship with the NSA. I trust Kaspersky far more than I trust Microsoft etc. because they are far more open about their relationships and what they do. If they want to remain trusted the last thing they should do is move out of Russia.

      --
      I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
    4. Re:What would be inappropriate? by dunkelfalke · · Score: 2

      Seriously, what are you smoking? First of all, most countries in the world have a constitution, Russia is no exception. Second, why would you even care about FSB unless you live or visit Russia and plan to commit federal crimes there? FSB is more or less like FBI, foreign intelligence is not on their task list.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
    5. Re:What would be inappropriate? by LeftCoastThinker · · Score: 1

      Having a constitution in theory and having a constitution in practice are two very different things. I suggest you educate yourself on the actual political state of Russia. You are dangerously naive if you think there is any equivalence between the FBI and the FSB.

      --
      If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
    6. Re:What would be inappropriate? by LeftCoastThinker · · Score: 1

      There is again a difference between having a constitution in theory and in practice. You are extremely naive if you think there is equivalence between the NSA and the FSB. As far as I am aware, the US hasn't spontaneously invaded any neutral countries recently, or mounted massive cyber attacks against said countries, shot down commercial airliners etc...

      --
      If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
    7. Re:What would be inappropriate? by LeftCoastThinker · · Score: 1

      When the US wants to take over and rule the rest of the world, I would be happy to, until then your moral equivalence falls flat...

      --
      If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
    8. Re:What would be inappropriate? by dunkelfalke · · Score: 1

      It is not that I am naive, it is that you are uneducated, like you have already shown with saying that Russia has neither a constitution nor a bill of rights, and now just trying to cover it up with semantics. Yep, you are uneducated, because you also don't know that the FSB doesn't do foreign intelligence, that is the job of the SVR. The only real difference between the duties of the FSB and the FBI is that the FSB is also responsible fоr the border and the coast guards. The rest - the fight against domestic terrorism and organised crime, counterintelligence, hostage rescue - is very much the same.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
    9. Re:What would be inappropriate? by dunkelfalke · · Score: 1

      Seriously? "I am the good guy here, I haven't killed anybody since last Thursday", that is your argumentation? Dude, you are not only uneducated, you are downright brainwashed.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
    10. Re:What would be inappropriate? by dunkelfalke · · Score: 1

      So now you are going from "haven't invaded another country in the past few months" to "take over and rule the rest of the world"? That is, at the same time, moving the goal posts and a strawman argument. You are not a thinker, dude. You are a wannabe demagogue.

      --
      "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
    11. Re:What would be inappropriate? by LeftCoastThinker · · Score: 1

      Your professor clearly failed to teach you logic (or you were taught what to think instead of how to think). Take a seat because school is now in session:

      No, it is not moving the goal posts. Recent invasion for the purpose of occupation and assimilation is a huge red flag indicator of a nation looking to further it's power and holdings by military action (AKA take over the world in common vernacular). Please show me any evidence that the USSR did not want to take over the world? Where is the evidence that former KGB agent and dictator for life Vladimir Putin would not take over the world given the chance? He clearly wants to restore Russia to its former dominance and has used military invasion to further that goal.

      Nor is it strawman. Your argument was making moral equivalence between the US and Russia. My statement expounded on the flaws in that equivalence.

      After WW2 the US was the only country on the planet with nuclear weapons and the most powerful standing military in the world. If we had wanted to, we could have subjugated the entire planet with just the threat of nuclear bombardment and seized a huge chunk of global wealth, but we did not. Since WW2 the US has only attacked when we or our allies are attacked or threatened to be attacked. Lets look at the US wars:

      Iraq war: Rogue dictator threatened the US with WMD after kicking out legally required UN nuclear inspectors for several years. Afterwards we removed 200 tons of yellow cake uranium, multiple mobile bio/chem labs and his chemical weapons were later located being used by Asad, Saddams allies in Syria. The US set up a democratic government and trained an Iraqi army to facilitate the Iraq people having their own governance and sovereignty as well as building billions of dollars of infrastructure.

      Afghanistan war: Religious terrorists based in Afghanistan murdered ~3000 US civilians in an unprovoked attack based in and back by the government of Afghanistan (Taliban). After we invaded, we built schools, infrastructure and set up a democratic government for the Afghani people.

      Gulf (Iraq) war: Iraqi dictator invaded small US allied nation Kuait in a grab of oil fields and pipeline access to the gulf. The US freed Kuait and destroyed the Iraqi army without removing the leadership in Iraq.

      Vietnam war: Tried to defend South Korea against a Chinese Communist backed coup. When the US left, millions of innocent people were slaughtered.

      Korean war: Defended South Korea against a Chinese Communist backed coup. South Korea is a thriving, first world democracy. North Korea is a starving dictatorship on the verge of being obliterated on a daily basis solely because of the actions of their leader, who is still backed by the Chinese.

      So please, use some facts to show how the US and our defense and intel departments are equivalent to Russia? Your examples must be systemic and not criminal acts by outliers who were subsequently punished for unsanctioned activities (outlier criminal activity cannot rationally be used to condemn organizations, only systemic or sanctioned activities and policies are valid for that purpose).

      --
      If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
    12. Re:What would be inappropriate? by LeftCoastThinker · · Score: 1

      One of us sure the hell is brainwashed.

      On the one hand you have the US, the equivalent of a police officer. Not perfect, but clearly a force for good in the world. The US saved millions of lives in WW2, South Korea, etc. at our own expense of blood and treasure. After WW2, we didn't plunder and annex the losing countries. We created stable democracies where people live in peace and freedom in Japan and Germany. We tried to create peaceful democracies in Iraq and Afghanistan and spent billions to rebuild them both, but Islam is a medieval religion incompatible with freedom/democracy and we made the mistake of not destroying it like we destroyed emperor worship in Japan after WW2. When there is a disaster around the world, or a dictator is murdering innocents, after the UN has passed a meaningless resolution, the world looks to the US, and we always offer aid, and sometimes use our military to try to end the bloodshed.

      OTOH, you have Russia, the former core of the USSR whose stated goal was to take over the world with military force and who held with force nearly a dozen eastern European countries for around 70 years. The USSR stole nuclear technology from the US and then spent the next 70 years threatening the rest of the free world with nuclear annihilation . Soviet Russia killed tens of millions of innocents, mostly its own citizens and more recently, former KGB agent/dictator for life Vladimir Putin invaded and annexed Crimea using military force. Around 10,000 people were killed in that agression.

      But their both exactly the same right? Talk about clueless...

      --
      If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
    13. Re:What would be inappropriate? by LeftCoastThinker · · Score: 1

      I have an experiment for you:

      1. Go to Russia
      2. Become a Russian citizen (you can skip this if you want).
      3. Start writing for a Russian news outlet or blog
      4. Criticize Vladimir Putin

      Let me know how well that constitution limits the power of the government or that bill of rights protects you from living out your days in a Siberian work camp.

      --
      If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
    14. Re:What would be inappropriate? by Luthair · · Score: 1

      Iraq war: Rogue dictator threatened the US with WMD after kicking out legally required UN nuclear inspectors for several years. Afterwards we removed 200 tons of yellow cake uranium, multiple mobile bio/chem labs and his chemical weapons were later located being used by Asad, Saddams allies in Syria. The US set up a democratic government and trained an Iraqi army to facilitate the Iraq people having their own governance and sovereignty as well as building billions of dollars of infrastructure.

      You should really do some reading because this doesn't match reality at all. https://en.wikipedia.org/wiki/...

      You've also entirely skipped the USA attempting and causing regime changes.

    15. Re:What would be inappropriate? by LeftCoastThinker · · Score: 1

      I have a news flash for you: Wikipedia does not always reflect reality, especially when you get away from the hard sciences. If you think it does, you will end up ignorant and brainwashed.

      Regarding Iraq, I don't need some half whit liberal shill on Wikipedia to tell me what he read from some other half whit liberal, which is what is actually on Wikipedia:

      "Seymour Hersh writes that, according to a Pentagon adviser, "[OSP] was created in order to find evidence of what Wolfowitz and his boss, Defense Secretary Donald Rumsfeld, wanted to be true".

      Here is a hint for you: when the author cites another author (who happens to be a liberal shill) who cites an anonymous "adviser" i.e. not an actual Pentagon employee on the record with an actual name who can be questioned for some form of proof and whose motivations can be estimated, you have a bunch of bullshit and innuendo. I happen to be immune to this kind of crap because I lived it and was paying very close attention at the time.

      Fact 1: Saddam Hussein kicked out the IAEA/weapons inspectors over a year before. This material breach by it'self was grounds to resume conflict with Iraq, and there was no reason for Saddam to kick them out if he wasn't trying to pursue banned WMD fabrication.

      Fact 2: everyone who knew WTF they were talking about, including Hillary Clinton and 15 plus international intelligence agencies from around the world believed that Saddam Hussein had all the tools to build nuclear weapons and he was working rapidly to that goal.

      Fact 3: Saddam already had chemical weapons (he had already used them on the Kurds in the past).

      Fact 4: Saddam was paying homicide bombers families a bounty if they would go and kill people in Israel, in an attempt to destabilize the region.

      Fact 5: Multiple mobile bio/chem labs, which Saddam was banned from having, were captured in Iraq.

      Fact 6: Over 200 tons of yellow cake uranium were seized and removed from Iraq after the war.

      Fact 7: Dozens of industrial centrifuges were dug up after the war, which had been buried to hide them from the US military. These industrial centrifuges were the type used to enrich Uranium and the Iraquis who told us where to find them confirmed that they were to be used as such.

      You can believe the liberal bullshit, based on lies, half truths and dishonest speculation aimed at discrediting president Bush, or you can believe the above facts, now that you have them, and realize that the US was fully justified from a legal and moral standpoint to remove Saddam Hussein from Iraq.

      --
      If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
  8. Offers to see code by Tyrsal · · Score: 5, Insightful

    Considering Kaspersky has been distressed enough about this negative publicity to directly offer both the FBI and CIA access to it's source code and these offers have been rebuffed, I'm not exactly sold on anything the FBI has to say here as being anything more than a stunt

    1. Re:Offers to see code by chill · · Score: 4, Insightful

      Access to source code is meaningless. You need to be able to match it to the different binaries, otherwise how do you know what you're looking at is what is actually executed?

      With complex code that uses dynamic libraries, and is updated sometimes DAILY like anti-malware software is, there is no benefit from viewing source that you don't compile and maintain yourself.

      --
      Learning HOW to think is more important than learning WHAT to think.
    2. Re:Offers to see code by Dan+East · · Score: 2

      Kaspersky has been distressed enough about this negative publicity to directly offer both the FBI and CIA access to it's source code

      What does AV software do? At the end of the day, what does it do? Essentially it deletes files. It recognizes something is malicious, and it has complex scripts that removes it. That's what the software does, and that's what the source code was written to do. So now lets say you want to take down the electric grid of some power company, and your AV software is running on their computers. You push a virus definition file that flags critical files on those computers as malicious and the AV software deletes them. Control computers can no longer run their intended software, and bad stuff happens.

      Tell me how showing anyone the source code prevents that from happening? Not to mention that AV software data files *are* executables, in that they contain scripts used for removing malware, and they are updated and pushed out almost daily.

      --
      Better known as 318230.
    3. Re:Offers to see code by johanw · · Score: 1

      No, the neocons at the democratic and some of the republican party are at e-war with Russia. Russia needs all the support it can get against those traitors to humanity who want to start another devastating war.

  9. Fuck Kaspersky ... by CaptainDork · · Score: 1

    ... sever ties with the NSA.

    --
    It little behooves the best of us to comment on the rest of us.
  10. Re:Ohh wait a moment... by Anonymous Coward · · Score: 1

    >Your ignorance indicates that you're probably a russian shill.

    You are probably right. Just checked his comments, says very often something like "we (USA)" as he is speaking in the name of an US Citizen (Who the f*ck will non stop remember where he is form). And soon after takes position in favor of China, Russia, Iran, ... Anybody but US. Some other technical comments to hide, but very clear on the political side...

  11. proprietary software ? by jmccue · · Score: 1

    Well between Microsoft, Apple and now Kaspersky seems there are little trust with Proprietary Software with vendors outside of the country of origin. And who knows what is embedded in modern cell phones.

    Maybe this will finally convince people and businesses to move to Free Software. And more importantly, convince companies like Nvidia to release source of their drivers and firmware. one can always hope :)

    1. Re:proprietary software ? by johanw · · Score: 1

      Then root the device and protect yourself.

  12. Kasperski, Huawei, ZTE are "threats" by williamyf · · Score: 1

    And meanwhile, someone weaponized a couple exploits developed by the NSA, and, lo and behold, Wannacry is born...

    Coño, no te jode?!

    I live in Venezuela. If I have to get spied, I will better be spied by the most efficent and cost effective solution. If Kaspersky's products cathes the most Virii (NSA developed ones included), then that's the solution I'll use...

    And, as an aside (or full disclosure, as you preffer), I worked for Huawei a long time ago, and I do freelance technical training for them from time to time, and yes, a long while ago (late 2000's) there was a case of some big honking telco routers phoning home to china. That was quickly rectified. From then on, no more (that I know off).

    But guess what? So it happens with other provider's gear...

    Again. If is not the Chinese, is the FSB (russia), or the NSA (USoA), or the MI6 (England), or the five eyes (USoA, England, Australia, New Zealand, Canada), or apple, or AWS, or Microsoft, or Google, or Opera [remember, Opera mini is a MITM browser, developed by sweedes, owned nowadays by the chinese], but someone is always able to spy on you. So, do not be moronic about it, and get the gear which is most efficient (and cost/effcient) for the task at hand.

    The FBI and NSA are just pissed that is not THEIR backdors in the SW, but the FSB backdoors instead...

    JM2C YMMV

    --
    *** Suerte a todos y Feliz dia!
  13. Re:Guess which company hasn't given them access ye by rmdingler · · Score: 1

    Symantec and the like have outright admitted cooperation with US spooks.

    In other news, protectionism is all the rage in any nation's trade policy. It's much more sensible to appease your home government than a foreign one. General Motors and Ford are implying Toyota exhibits greater fealty to the Japanese government than to the wishes of their American counterpart.

    Crazy how much power we still afford imaginary lines on the earth.

    --
    Happiness in intelligent people is the rarest thing I know.

    Ernest Hemingway

  14. A Little Late by Surak_Prime · · Score: 1

    So they've finally started giving the same advice I started giving my clients over a month ago. Boy, these guys are just Johnny-on-the-spot, aren't they?

    --
    :::The Spear in the heart of the Other is the Spear in the heart of You; You are He - Surak of Vulcan:::
    1. Re:A Little Late by Aighearach · · Score: 1

      Hell, I've been saying it right on this website for years, and I've got the downvotes to prove it. ;)

  15. What about the ... by CaptainDork · · Score: 1

    ... public sector and the goddam government sector?

    When the shit hit the fan, I'd download Kasperky's stuff just long enough to haul an infected computer out of the ditch because it was some good shit.

    --
    It little behooves the best of us to comment on the rest of us.
  16. Personally I am more worried... by Anonymous Coward · · Score: 3, Interesting

    about ClamAV (Cisco), McAfee (or whatever it is called now.), Symantec (Garbage since the Norton buy and ruination.), and Defender (Microsoft, who according to the EULA for Windows, nevermind Defender, can scan all your files and report believed infringing files to whoever they want as well as remotely access any of your files for any reason including Law Enforcement usage.)

    Given all of these, and Kaspersky's overall good (but definitely not perfect) reputation as an AV company dating back 15+ years, they seem far more trustworthy than 90 percent of the field. And given that most of that 90 percent of the field is intentionally or unwillingly stooges of the US Intelligence apparatus, I would say trusting Kaspersky, as long as you have a backup a/v application/network monitoring tool, is probably far safer than most of the alternatives you can currently get free or paid for.

    As stated by pp and others: the FBI/NSA/CIA have all shown a lazy interest in compromising both domestic and foreign information security for their own purposes, while doing nothing to ensure even domestic services are sufficiently hardened to keep out foreign or domestic adversaries, of which there are thousands dedicated and with resources, and millions of 'fleas' who just need that one 'big score' to move up to the big leagues. Giving them those opportunities by compromising system integrity at the hardware, firmware, and os level is a crime against humanity. But it won't be until the digital equivalent of 9/11 happens that we will see even a half assed attempt to secure those backdoors, and no doubt it will only resort in less convenience to the owner of the device, while the hackers will still have the same level of fettered access that they did in the past.

  17. Whitelisting by detritus. · · Score: 3, Insightful

    It probably has more to do with AV definitions and white-listing than a willingness to hand over code. Not only does the US government probably feel Kaspersky could whitelist Russian malware/heuristics, they also can't strong arm a Russian company to white-list their own.

  18. My New Fav Virus scanner by OppMan29 · · Score: 1

    I guess this one really works!!

    1. Re:My New Fav Virus scanner by AHuxley · · Score: 1

      Yes help find the next Stuxnet, Equation Group, Duqu.
      Kaspersky Lab https://en.wikipedia.org/wiki/...

      --
      Domestic spying is now "Benign Information Gathering"
  19. Re:Ohh wait a moment... by Zemran · · Score: 1

    "Your ignorance indicates that you're probably a russian shill." His point is still more valid than your attempt at making this ad hominem. How does one become a "shill"? Does it pay well? I would like to know because he does have a valid point even if he is ignorant of the structure of government bodies and if I could get paid for telling the truth I would be happy to do it.

    --
    I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
  20. Re:Ohh wait a moment... by gordguide · · Score: 1

    FBI does not give a fuck about external affairs. You are full of crap.

    The FBI most certainly does "give a fuck about external affairs". They interact extensively with law enforcement in other nations. Sometimes that law enforcement is the nation's Military. Or some other agency that blurs the lines between espionage and crime.

    When it comes to US Citizens, there is a line drawn between the FBI and agencies like the CIA. But that line doesn't exist when it comes to other foreign nationals.

  21. Re:If we want to return to secure for the user.... by gordguide · · Score: 1

    If we want to return to secure for the user.....
    computing, the only option at this point is fabbing new chips with end user configurable management engines, with no built in manufacturer keys, and electron microscope verification of the final fabbed chips to ensure that remains so.

    I'm not sure either country has the willingness or ability to, but Venezuela+Cuba would be the perfect pair of countries to start a computing rebellion, assuming they could buy all the necessary fab gear and get a unit spun up.

    If they could and were willing to work at fully verifiable consumer grade processors, even if they ~2009 era performance, I know I for one would buy them.

    Ousting dangerous tech from our CPUs, our Motherboards, and our GPUs are the first steps towards taking back our systems. Without this, we are on a slow decline into the sort of dystopian nightmares that sci-fi writens have been pushing for years.

    I think the problem with this specific approach is that Cuba and Venezuela are knee-deep with the Chinese. Everything from cellular tech to routers to buses to new cars to oil and gas rigs are China-sourced in Cuba in particular. I suspect that the US's realization that it may already be too late to displace China's influence in these two nations might be behind efforts to normalize relations with Cuba, while there is still a chance of US influence.

  22. Biting a hand that feeds us by aldousd666 · · Score: 1

    Again, since Washington apparently need demons to distract us from the other ones we already know about, lets choose the ones who could possibly have been our allies instead. Microcosm for the entire US-Russian relationship. Fucked up.

    --
    Speak for yourself.
  23. The problem with lying by nehumanuscrede · · Score: 1

    all the time is, if and when you really are telling the truth, you can't get anyone to believe you.

    It is a simple lesson the US Government has failed to grasp.

    I don't trust my own government any more or less than a foreign one at this point.

    As a result, I've simply tuned it all out.

    1. Re:The problem with lying by Tranzistors · · Score: 1

      I don't trust my own government any more or less than a foreign one at this point. As a result, I've simply tuned it all out.

      If you consider US and Russian governments equally bad, I don't think you have ever been tuned in. To illustrate, when people here (in Eastern Europe) are "concerned" with political climate in the US, they fear that it will turn into something like Russia.

    2. Re:The problem with lying by loonycyborg · · Score: 1

      Well, I live in Eastern Europe, in city called Moscow. And I frankly don't see anything different wrt US vs Russia. Both countries are equally based on Western European groupthink ideology. Both in ideology and in practice there's no difference whatsoever, at least as far as ruling elites are concerned. They could be as well coming from same nation.

    3. Re:The problem with lying by Aighearach · · Score: 1

      Play your word games in Russian, in English the place "Eastern Europe" does not include Moscow, which instead is in Russia. Which is mostly not even in Europe, but is certain not Eastern Europe. Is it in the east part of Europe? Probably, but eastern Europe and Eastern Europe have an important lexicographical difference that completely changes the meaning.

    4. Re:The problem with lying by loonycyborg · · Score: 1

      If you check the map then Moscow most definitely is located in eastern part of Europe, and attaching any other meaning to it is deceptive, capitalization or no. Sometimes Eastern Europe also rather confusingly refers to Slavic dominated part of Europe, but even then Moscow still belongs there.

    5. Re:The problem with lying by Your.Master · · Score: 1

      As a native English speaker, I think you're the one playing word games.

      https://en.wikipedia.org/wiki/...

      Moscow is a major political, economic, cultural, and scientific centre of Russia and Eastern Europe, as well as the largest city entirely on the European continent.

      Saying it's in Russia and therefore "certainly" not Eastern Europe is like saying Hawaii is in the United States and certainly not the Pacific Ocean.

    6. Re:The problem with lying by Tranzistors · · Score: 1

      Well, I live in Eastern Europe, in city called Moscow. And I frankly don't see anything different wrt US vs Russia.

      As the folk saying goes, menshe znaesh, krepche spish.

    7. Re:The problem with lying by Aighearach · · Score: 1

      If you check the map then...

      Right. But, there was enough information in my post to tell you that I already have read maps. And so knowing what you know now that you've considered the map, you can go back and read my words and understand them this time. Well, you at least have some chance to.

      There is a very obvious meaning of my words that doesn't require you to assume mistakes. When you assume mistakes just to make it match up with your own thinking you guarantee you won't comprehend words other people say.

    8. Re:The problem with lying by Aighearach · · Score: 1

      No, you're picking out a city as a proxy for a county so that your point looks better. That is clearly a word game.

      Try it again but only use the names of countries, and you'll at least be responding to what I said.

      Not only is it just word games, it is really weak word games.

      Like, did you really not know that the phrase "Eastern Europe" with the word Eastern capitalized is referring to a know group of countries, and that you could look that list up on the internet? Historically they were mostly defined by their allegiance to Russia, so it would be pretty obvious that Russia is therefore not on that list.

      Proper names are already defined, your personal opinion of what the list should be is not relevant.

    9. Re:The problem with lying by loonycyborg · · Score: 1

      No, even if I look at whole context it still makes no sense to exclude Russia. Like who else would care more about situation here, or actually know about it for that matter, other than people living in Moscow?

  24. 'unacceptable threat' doesn't mean much by lusid1 · · Score: 1

    By comparison, so is a bottle of water in an airport, so that claim doesn't actually carry much weight anymore.

  25. Yeah, because Kaspersky is the only one... by Mrakodrap · · Score: 1

    ...to be able to block WannaCry from the beginning (aka: crying wolf.) Of course without Kaspersky, NSA, CI, FBI, DHS, TSI will have much easier job to brutally violate your digital devices.

  26. They were on GSA Schedule by Christinagirl1 · · Score: 1

    The part that really tweaks me is that a Russian company that has the capacity of Kaspersky was actually on GSA Schedule. In case you are wondering that means they were permitted and preferred for US government contracts! I'm sure you can figure out where those back doors could lead! https://www.govconwire.com/201... Not surprisingly, many commercial businesses look to the government to lead in their selection in security vendors. You know, the reasoning that if the US government trusts them they must be okay. It is truly baffling how this can happen.

    1. Re:They were on GSA Schedule by iggymanz · · Score: 1

      if you are a U.S. citizen the biggest threat to your privacy, liberty and security is the U.S. government, not the Russian one. What's messed up is the the U.S. government IS backdooring systems, while allegations of the Russian governmet doing so are without proof thus far.

    2. Re:They were on GSA Schedule by Christinagirl1 · · Score: 1

      That's not the point. It's about being proactive and avoiding this kind of penetration into US interests. I have a lot of respect for Kaspersky, I just think there are limits to what we share and who should have access to our government systems. After all, we are not all one Global nation. As for commercial businesses, they are our backbone. Wall Street is an example. And, I don't think any foreign nation should have access to what gives the US a financial lead. A collapse of the stock market would be detrimental to our well being as a nation and being proactive is not only logical, but expected by most US citizens who are invested in the markets.

  27. Re:Ohh wait a moment... by Aighearach · · Score: 2

    That's completely idiotic. The CIA is one of many foreign intelligence agencies, and the FBI is the primary generic federal law enforcement agency. They don't divide any duties at all between foreign/domestic. The FBI is the agency that investigates violations of US law all around the world. If you hack a bank in New York from Germany, it is the FBI that is coming for you. They really don't care about where you are, they have access to travel. It has to do with if the job is a law enforcement job, or not.

    Get some fucking internet and you can learn shit.

  28. Re:If we want to return to secure for the user.... by williamyf · · Score: 1

    Gordguide is right.

    And also, the sorry state of science missmanagement (please understand that is a management problem, the scientists are fine) will impede any directed long time efforts into this. I could tell you stories abut the Nanotechnology lab in my alma mater (hint - Non Existent). The guy behind the effort worked for me at one time (before we went to his masters degree) and is now working in Fishkill in GloFo, on the push to develop 7nm litho.

    So no, do not pin your hopes on Cuba-Venezuela. Or Iran. Something like that could come from a place like singapore/indonesia, or a place like India/southAfrica/Brazil (if you notice, three of the brics).

    --
    *** Suerte a todos y Feliz dia!
  29. Re:Guess which company hasn't given them access ye by guruevi · · Score: 1

    You shouldn't rely solely on antivirus, but many companies require it as part of a complete security pantheon, sadly, too many people still run Windows on the desktop and click on anything that itself says is trustworthy.

    Symantec, Norton etc has in the past whitelisted NSA malware like FinFisher and R2D2 which were quite crude and readily detected by "foreign" AV like Kaspersky and ESET and we also know NSA has developed malware for Mac, Windows and Linux/BSD such as the recent Samba vulnerabilities.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
  30. Open Source & Reproducible Builds by NZheretic · · Score: 1

    The solution is to just open source licence the source code and publish in a Reproducible format. The Virus matching data and backend can be kept a proprietary service. This could open up a new business model, scanning source code for potential hostile actions and vulnerabilities.