Slashdot Mirror
Office Depot, Best Buy Pull Kaspersky Products From Shelves (bleepingcomputer.com)
Catalin Cimpanu, reporting for BleepingComputer: Both Office Depot and Best Buy have removed Kaspersky Lab products from shelves. The ban has been in effect since mid-September, and the two chains are offering existing Kaspersky customers replacement security software. The first store to remove Kaspersky products from shelves was Best Buy, on around September 8. At the time, the FBI was pressuring the private sector to cut ties with the Russian antivirus maker, which was the subject of a Senate Intelligence Committee on the suspicion it may be collaborating with Russian intelligence agencies. Kaspersky vehemently denied all accusations. A week after Best Buy removed Kaspersky products from shelves, the Department of Homeland Security (DHS) issued a Binding Operational Directive published ordering the removal of Kaspersky Lab products off government computers. A day later, Office Depot announced a similar decision to ban the sale of Kaspersky products in its stores. Additionally, Office Depot is letting customers exchange their Kaspersky copy with a one-year license for McAfee LiveSafe.
we take in products from hundreds of different countries, including digital products that are in the heart of infrastructure. we allow outsourcing of sensitive data processing all over the planet.
but this one company is being singled out by the federal government and destroyed without a trial.
lets look at companies who actually took money from Russian operatives to place political advertisements on their networks. Facebook, Google, Twitter, directly profited from Russian interference in the election, and will never face any consequences.
this has nothing to do with protecting security, it is all about nationalism and isolation, Trump thinks that by cutting out foreign competition it will somehow provide an economic boost to domestic companies.
what he doesnt seem to realize is that every isolationist country, from Japan to Russia, has a stagnating population and a stagnating economy. Interacting with the world is how China lifted itself out of poverty - us cutting ourselves off from the world is how we are going to sink into it.
It's also possible that the software is fine as delivered by Kaspersky as far as they know, but altered/backdoored covertly while in transit, somehow. The U.S. government has done as much to Cisco hardware that has been shipped worldwide, so it's not like there wouldn't be precedent.
The fact that anti-virus is so last generation and the dangers now are general purpose programmable management engine processors available in ARM, Intel, and AMD cpus/socs with no way for the physical owner (rather than the manufacturer) to disable, reprogram, audit, or otherwise ensure control of their computer systems is actually under their control.
Much like other psy-ops intended to direct attention away from the real social or technological threats, this may be another one of them. If they can backdoor your system at what amounts to the firmware level, then getting in through the operating system is just an infection vector rather than the operating environment, and since anti-virus cannot protect/easily audit against these sorts of attacks, it is already irrelevant to the most concerning vector of persistent infection already available.
I wish more people thought about/paid attention to this. And that more work was put into both taping out new chips to run our secure information systems on (even at a considerable loss in energy efficiency and performance) as well as new designs that provided the actual benefits these 'management processors' are meant to while leaving the control of them in the end user/hardware owners possession, instead of in questionable third party hands. Like Intel, AMD, (pick an ARM vendor), the NSA, or EquiFax's possession and data security..
Why? What does the Russian Government have to lose?
The fact that the ownership of Kapersky was shuffled around such that a guy with deep connections to the FSB (Former KGB) has significant control over the corp should scare anyone. This should be enhanced by the fact that the American government has apparently seen something so concerning that they are reacting to it with law enforcement assets and have bared it's use within the DOD.
This isn't much different than ZTE's three top owners being top Army officials in the PRC along with deep connections to their spy apparatus. I'd be concerned about using any Tech where the top people and owners are all connected to and beholden to that states spy apparatus. For all the talk no one on the board of Microsoft or Cisco is a top retired general that's got deep connections with the NSA. From what we learned from Snowden the NSA does their backdoor stuff on the sly by diverting packages and installing compromised firmwares after it leaves the factory instead of writing the backdoor directly into the software.
If Kapersky is truly using virus scanning to scan for files they want then they've created a tool with unparalleled power. Any computer with Kapersky software is having it's contents scanned and reported back to Russia and the Russian government is apparently able to review the database for targets. It would be trivial for them in such a situation to have the software grab the contents for them, after all it already has kernel Ring 0 access by virtue of it's status as a virus scanner. That's reason alone not to run windows.
That's the best explanation. Now everyone has received the warning. If you don't cooperate with the US three letter organisations we'll get you. They've got nothing on Kaspersky except that the software performed as expected and that is by detecting malware. Give it some time and every AV that is left on the market is forcibly unreliable.