Slashdot Mirror
Kaspersky Software Banned From US Government Systems Over Concerns About Russia (betanews.com)
Mark Wilson writes: The Department of Homeland Security has told US government agencies to remove Kaspersky software from their systems. The directive was issued because of concerns about influence exerted over the company by the Russian government. Government agencies have been given three months to identify and start to remove Kaspersky's security products. Kaspersky has constantly denied connections to the Russian government, but the US is simply not willing to take the risk.
What else?
jimstone.is
After hackers released all the NSA hackware files, Kaspersky went through them and plugged all the holes. That would explain why American intelligence is telling people to avoid Kaspersky.
Let me repeat an old story on this site . . . .
Years ago, (2012 or so) a Norton programmer contacted me and told me that both Norton and McAfee had people permanently stationed at Microsoft, and their only job was to cooperate with Microsoft and make sure their system security products did not close any NSA backdoors that Microsoft put there for the NSA. This is cold hard irrefutable fact, not internet rumor.
So do you think I am going to listen when American intelligence tells me to avoid Kaspersky, WHICH HAS NO PEOPLE SITTING AT MICROSOFT, cooperating to make sure no holes get plugged? Also of note: This programmer made no mention of Trend Micro, so maybe Trend Micro products actually work too.
Anyway, testing the waters here with Kaspersky (and hopefully not testing fate!)
I will certainly keep you updated.
Show some proof or this just a ploy to distract. I wonder how much of the company putins pud pulling pals actually own?
the only thing going between the really really white right in the US government is this is the only Russian connection they can sever and look like heroes.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Will they try to use the Kaspersky uninstall tool and expect everything to be removed? Only a full clean reinstall of Windows will remove everything. And is there an independent tool to run to confirm that Kaspersky has actually been removed?
Microsoft, Symantec, McAfee, etc. are probably happy. I wonder whether they had any influence in this turn of events....
I tried to uninstall but bash repeatedly reported program not found or something to do with my "path"? What do?
Interesting that they are discussing the possibility of something like a backdoor on it. Just wondering how the rest of the world should behave when we have several US-made softwares that were already proved to contain NSA backdoors.
hahah, well, I guess they just got off the hash.
E Proelio Veritas.
Yup, basically what I logged in to say. "Removing" software that already had administrative/root access to your systems after telling the vendor that you're going to do it a couple months down the road for a product that has auto-update capabilities built into it is borderline criminal negligence if you sincerely thought there was a legitimate risk to begin with. Silly.
In answer to your second question, no, there is not. And there can't be. The system can never be trusted until wiped down to the firmware level (and maybe not even then if you don't trust the hardware manufacturers or physical access was compromised in some way). Any tool you might build can be lied to by the underlying kernel and/or firmware that you must assume is already compromised.
The stupid. It burns.
rm -rf /
Will they try to use the Kaspersky uninstall tool and expect everything to be removed? Only a full clean reinstall of Windows will remove everything. And is there an independent tool to run to confirm that Kaspersky has actually been removed?
I wouldn't bother with such a tool, as you pointed out earlier, the most efficient tool to confirm that Kaspersky has been uninstalled is the Windows Installer. On the positive side I suppose a bunch of federal IT workers will be getting some fat overtime payments which will stimulate the economy (YAY! Capitalism!).
This is cold hard irrefutable fact, not internet rumor.
Got any more hard irrefutable facts I'm supposed to blindly believe? Just checking before I make any important decisions. BTW, I'm on the internet, and I'm seeing this claim made on the internet by a totally anonymous person with no actual attribution or sources backing it up, so that kinda, by definition, makes it an "internet rumor".
Better known as 318230.
Then, Microsoft will report to the NSA that you are running Kaspersky, you will be put on a special list and they will put more effort into accessing your system. They have several ways, some of which an anti-virus can't do anything about.
Everything I write is lies, read between the lines.
Of all possible attack vectors into a system, antivirus software would have to be the most ideal mechanism for taking over or otherwise collecting data. By its very design it must have full reign of the system, read the data of every file accessed by any process, and have the ability to edit and delete any file on the system.
However, the most concerning part is that antivirus software must receive new functionality and data on a practically daily basis to detect and remove newly created malware. An antivirus program can take down its host system at any time by simply receiving a virus definition that causes it to remove or corrupt critical system files. It can also do the same targeting any specific application.
Personally I don't trust ANY antivirus company to wield that sort of power over my system.
Better known as 318230.
In the same way that some US three-letter-acronym could walk up, serve Cisco or any other company with a FISC order and associated national security gag order so they couldn't even talk about it.... Lets face it, in terms of net capability US FISC/FISA orders ~= FSB knock at the door ~= PLA/MSS order ~= UK GCHQ and Home Secretary order China already forces homegrown buys for government. As do many countries for this reason. The only real news here is that it took so long to happen.
You fool! You are going to delete the /proc directory!
On the other hand, that command is perfectly safe and the recommended way to remove Kaspersky on Linux:
rm -rf --one-file-system /
Everything I write is lies, read between the lines.
This makes no sense though from a government perspective. The US isn't banning Kaspersky from US consumers, but only from US government computers, for which ostensibly they already have several means of intercepting and tracking data. Those computers are already government property, not the property of the employees who use them.
Look back up at my post, now look back down, you're on the Internet. Now look back up. I'm a signature.
This is totally dumb. So all Russian government should not use US antivirus software because it may contain CIA backdoor to get in?
Hurr hurr.
You say that as if the "US government" is a homogenous group with common goals. I'd really like that to be the case, but there is ample evidence that there are many factions that practically carry out a cold war. The controversies over "unmasking" should suffice as an example.
Aah, change is good. -- Rafiki
Yeah, but it ain't easy. -- Simba
It's generally pretty hard to get any irrefutable facts on things like this. While people are fond of disclosing secrets like this, they never do so when they expect a permanent record.
An example: the author of once-dominant anti-virus program in Poland (mks_vir) used to brag about releasing tens of viruses himself. It was illegal even then, but what can you do? If I'd say "this guy said this to my dad, then my dad repeated this to me", is this a proof good enough? (The guy died in 2004, so at least there's no reputation to tarnish.)
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
Right now the only thing stopping K from calling out US backdoors is that its for sale in the US. When that's no longer true they'll be able to go after all of those spy tools with no repercussions.
this is entirely about America's unprecedented paranoia and the spreading of F.U.D as propaganda.
How many times does this story have to be repeated?
“He’s not deformed, he’s just drunk!”
All branches of government including Homeland Security will continue to use these very popular products.
Neither Smirnoff nor Stolichnaya Vodka pose a risk to American national security according to a report from Nightclub Security Consultants, The American Nightlife Association and The National Association Of Bartenders.
Cheers.
jimstone.is
After hackers released all the NSA hackware files, Kaspersky went through them and plugged all the holes. That would explain why American intelligence is telling people to avoid Kaspersky.
Let me repeat an old story on this site . . . .
Years ago, (2012 or so) a Norton programmer contacted me and told me that both Norton and McAfee had people permanently stationed at Microsoft, and their only job was to cooperate with Microsoft and make sure their system security products did not close any NSA backdoors that Microsoft put there for the NSA. This is cold hard irrefutable fact, not internet rumor.
Why would the government need to worry about Kaspersky plugging "NSA backdoors" on systems they personally own and have full physical access to? If they want to see what's on their own systems they can, in a worst-case scenario, just walk in the take them.
It is the US government who makes companies insert spy software into their machines. I run Kaspersky because they aren't under threat from the NSA to look the other way about back doors that The NSA and CIA might be putting on my computers.
Whoooooooooooosh.
You hear that? Of course you don't. The stupid, it burns.
This is cold hard irrefutable fact, not internet rumor.
Got any more hard irrefutable facts I'm supposed to blindly believe? Just checking before I make any important decisions. BTW, I'm on the internet, and I'm seeing this claim made on the internet by a totally anonymous person with no actual attribution or sources backing it up, so that kinda, by definition, makes it an "internet rumor".
The guy is providing what we could call 'inside information' and you want him/her to identify themselves?
The ultimate irony: the US government worried about other governments compromising security software.
Since a lot of classified info nowadays resides on home computers of elected officials and their aides, you would have to ban any software containing foreign-forged components from all of these machines. This will mean all the software in existance, as well as all current/former government employees!
Most important fact, you can't trust any thing a slashdot user with a 4 digit UID says.
You don't seriously believe that everything someone writes anonymously on the Internet counts as inside information, do you? To provide inside information anonymously, you deliver original documents and/or reveal other knowledge that only insiders should have. The receiver then tries to validate these documents or claims by comparing it with other evidence, expert testimony, and further sources.
He's not anonymous. Just follow the link given and you get to the stereotype of a nutty whacko conspiracy "insider information" site, including the black background and creepy images.
1600 Pennsylvania avenue?
Another thing that makes these claims rediculous is that if they really where working with Microsoft they wouldn't need and holes at all.
Recall the Magic Lantern (software). https://en.wikipedia.org/wiki/...
Why do some 5 eye nations have issues?
https://en.wikipedia.org/wiki/...
The good work done on Stuxnet, Flame, Equation Group.
https://en.wikipedia.org/wiki/...
Domestic spying is now "Benign Information Gathering"
And yet if you search a sentence from his comment, it's taken verbatim from a single comment from a clearly sleezy site debunking HIV, denying the holocaust. And posted here to try to make it believable.
Copy and paste a sentence from that ACs comment and see only two hits come up. Here and the place it was stolen from. And judge for yourself how credible that source is.
And yet if you search a sentence from his comment, it's taken verbatim from a single comment from a clearly sleezy site debunking HIV, denying the holocaust. And posted here to try to make it believable.
Copy and paste a sentence from that ACs comment and see only two hits come up. Here and the place it was stolen from. And judge for yourself how credible that source is.
Which search engine should I use to get the same results as you?
You don't seriously believe that everything someone writes anonymously on the Internet counts as inside information, do you?
Of course not. But let us suppose for a moment that the info is [or seems to be] legit. Do you still want him identified?
I'm not a software expert. I'm just an average consumer. Should we trust Kaspersky? I do not know the answer. I'm hoping more enlightened people would know the answer to this. I have to discount what the government position is as there are sanctions against Russia because of political reasons and their [the us] position might be more retaliation than fact. I have not seen any factual evidence from the us or from Kaspersky either. I have had Kaspersky software products on my computer for years and have not had grief from attacks or viruses in all that time. A time or two I have had chance to have trouble and Kaspersky did it's job and protected me. However I know Russians are aggresive on their hacking. Should it be prudent to change or is this an attempt to destroy a company because it is Russian?
Just 'cos the government said it, don't make it true.....
You don't have the clearance level for those facts. You'll never see the details or the proof because it'll expose the spooks and their tools.
What. Utter. Bullshit.
How much is Kaspersky paying you?
Nice try tho.
Next you're gonna tell me Norton isn't a bloatware NSA backdoor.
altavista
So do you think I am going to listen when American intelligence tells me to avoid Kaspersky
Why not? You were happy to listen to somebody who:
a) May be imaginary
b) May or may not have been a Norton programmer
c) May have been telling you a load of BS for the lolz
webcrawler
It little behooves the best of us to comment on the rest of us.
...when security agencies get involved in the internet? Everybody stops trusting everybody else. The thing is, the internet's based on trust. The country that created the internet is now slowly strangling it to death.
But none that The Shadow Brokers hasn't released.
It little behooves the best of us to comment on the rest of us.
The NSA isn't the government. NSA does have its plugs in lots of systems e.g. I know they do in large(r) academia networks but they can only reach the higher ups, sysadmin level people aren't supposed to know about the existence of a black box on their network partially because they aren't vetted and it's too many people with little to lose and loose lips.
If the NSA directly interfered with government operations, people would have a fit especially on the smaller, local levels. Federal buildings often share space with non-federal government agencies (e.g. Where I live, federal buildings double as DMV and state and DA offices), solely for political posturing it would be a shitstorm.
Custom electronics and digital signage for your business: www.evcircuits.com
... pun cleverly crafted, is to install the hell out of Kaspersky right now.
It little behooves the best of us to comment on the rest of us.
Most important fact, you can't trust any thing a slashdot user with a 4 digit UID says.
Liar! What you just said is a cold hard irrefutable fact!
The NSA and the security advisors have full access to every computer from the USG? I thought there were other sectors in the government.
I also thought that Wikileaks just published CIA's ExpressLane project, showing the "cyber operations the CIA conducts against liaison services", which includes the NSA, DHS and the FBI, proving that this kind of group does hack into other sectors of the USG too (and not just innocent foreigners in their own homes).
Even if they could walk in and get the computers, being able to hack gives them much more power. It's funny that when the Chinese government wants people using IE everybody knows that it is to keep people hackeable, but when the USG does similar things most Americans just fall for it, as if they had the people's best interests in mind and the habit of following the law.
How much proof that they are more interested in obtaining more power than in protecting the American people do Americans need?
This is a political stunt, not based on any real threat. If they really cared about security, they would be banning MICROSOFT WINDOWS - the greatest security risk in all of computing. Notice how the biggest threats are never taken seriously:
FBI Probed Israeli White House Espionage During Clinton Term
"It's a huge security nightmare... the implications are severe."
http://www.rense.com/general18/esp.htm
Despite Coverup, Israel Caught Spying in Washington Again
https://www.washingtonreport.me/2000-june/despite-coverup-israel-caught-spying-in-washington-again.html
CBS Reports Suspicious Cell Phone Tower Activity In Washington DC
https://yro.slashdot.org/story/17/03/18/2312217/cbs-reports-suspicious-cell-phone-tower-activity-in-washington-dc
Hack Attack Snagging Cell Phone Data Across D.C.
http://freebeacon.com/national-security/hack-attack-cell-phone-data-dc/
US increased military aid to Israel ahead of Trump visit
http://www.jpost.com/Israel-News/Politics-And-Diplomacy/US-increases-military-aid-to-Israel-in-the-wake-of-Trumps-visit-493865
The United States agreed Wednesday to send a record $3.8 billion in new military aid to Israel
https://www.usatoday.com/story/news/world/2016/09/14/united-states-military-aid-israel/90358564/
IS ISRAEL BLACKMAILING AMERICA?
FOX NEWS SPIKES FOUR PART STORY ON PHONE TAPPING SCANDAL
http://www.whatreallyhappened.com/WRHARTICLES/blackmail.html
Why Does the United States Give So Much Money to Israel?
https://www.theatlantic.com/international/archive/2016/09/united-states-israel-memorandum-of-understanding-military-aid/500192/
I honestly can't tell if that's intentional satire.
"So long and thanks for all the fish."
This is cold hard irrefutable fact, not internet rumor
No, it really isn't.
Remember: What can be asserted without evidence can be dismissed without evidence.
Only a full clean reinstall of Windows will remove everything.
You mean everything except what is supposed to be there for the benefit of NSA. So now we have officially good backdoors and bad backdoors.
Very funny. Kaspersky is the only AV that works and that I trust. I guess they didn't want to "cooperate" with the NSA, so they are being demonized. Another reason to keep using.
[Citation needed]
As far as I know, Kaspersky doesn't have a reputation for being hard to remove. Or is this 'just in case' thinking?
The NSA put the backdoors in Windows and Norton and McAffee. The NSA does not have access to all the machines, e.g. not the Windows machines that you type on now.
So the reason they do not want you to use Kapersky is not so much that it would make it possible for the Russians to have access, but because it would make it harder or even impossible for the NSA to access all your data.
As far as I can tell, the Russians will use the NSA leaks as well. So it is better to use Kaperski.
reason:
If you use e.g. Norton, the NSA and Russia will read your data.
If you use Kaperski, only the Russians will read your data.
Don't fight for your country, if your country does not fight for you.
Yes, remove that bad Russian code from our hardware, all our beautiful Chinese hardware. Made in China.
Windows banned from Russia government systems over concerns about USA
Will $CURRENT_YEAR be the year of the Linux Desktop?
Hey! I resemble that remark!
Just junk food for thought...
I don't want him identified in either case, whether his claims are true or not, because I believe in the value of web anonymity and pseudonymity. But I also believe in the value of voting down ACs when necessary and in not taking ACs seriously when they make wild, unsubstantiated claims.
This is about the DHS telling government agencies to avoid Kaspersky. I haven't heard anything from US intelligence agencies. I am completely unaffected by any such request. I'm not a government agency, but rather a private citizen. Personally, I"m not worried about the Russian government spying on me, so I'm fine with Kaspersky.
Of course, no antivirus vendor whose product didn't detect the Sony rootkit (which is pretty much all of them) can be trusted.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Just-in-case thinking. If Kaspersky is the mostly harmless company it claims to be, the ban is unnecessary. If Kaspersky is spying on the US government, then Kaspersky is doubtless putting additional features in so they can pwn US computers.
Therefore, it makes very little sense to uninstall Kaspersky in the standard manner. Either it is insufficient, or id didn't need to be done.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
both
Everything I write is lies, read between the lines.