Office Depot, Best Buy Pull Kaspersky Products From Shelves (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

Office Depot, Best Buy Pull Kaspersky Products From Shelves (bleepingcomputer.com)

Posted by msmash on Monday October 9, 2017 @05:25AM from the shape-of-things-to-come dept.

Catalin Cimpanu, reporting for BleepingComputer: Both Office Depot and Best Buy have removed Kaspersky Lab products from shelves. The ban has been in effect since mid-September, and the two chains are offering existing Kaspersky customers replacement security software. The first store to remove Kaspersky products from shelves was Best Buy, on around September 8. At the time, the FBI was pressuring the private sector to cut ties with the Russian antivirus maker, which was the subject of a Senate Intelligence Committee on the suspicion it may be collaborating with Russian intelligence agencies. Kaspersky vehemently denied all accusations. A week after Best Buy removed Kaspersky products from shelves, the Department of Homeland Security (DHS) issued a Binding Operational Directive published ordering the removal of Kaspersky Lab products off government computers. A day later, Office Depot announced a similar decision to ban the sale of Kaspersky products in its stores. Additionally, Office Depot is letting customers exchange their Kaspersky copy with a one-year license for McAfee LiveSafe.

36 of 155 comments (clear)

Min score:

Reason:

Sort:

Kaspersky may well be innocent by mi · 2017-10-09 05:31 · Score: 4, Insightful

I'm perfectly willing to believe, the authors of the Kaspersky software and the owners of the company want to have to provide a good anti-virus and do not want to cooperate with Russia's spies. But the decision may not be up to them — Russian government has many more instruments at their disposal to convince businesses and individuals to "cooperate", than do the governments of free(er) countries.
Yes, American government has some such instruments as well — just pick, who you trust more...

--
In Soviet Washington the swamp drains you.
1. Re:Kaspersky may well be innocent by mysidia · 2017-10-09 06:01 · Score: 5, Informative
  
  Russian government has many more instruments at their disposal to convince businesses and individuals to "cooperate"
  While that might be true; I doubt they would risk it.
  Probably you are at a MUCH higher risk if you replace Kaspersky software with McAfee LiveSafe, just because the McAfee offering is crap.
  Also, the risk of VULNERABILITIES in your AV product is at a much higher risk than an intentional backdoor existing (IMO).
  Personally; I use neither antivirus product favoring WebRoot instead, but I have some respect for Kaspersky, and nobody's shown any evidence specific to Kaspersky that they could not be trusted.
2. Re:Kaspersky may well be innocent by Rick+Schumann · 2017-10-09 06:15 · Score: 4, Insightful
  
  Do as we say or we'll confiscate your business, your assets, imprison your family, and beat you senseless
  That's about how I'd figure that conversation would go in Putin's Russia.
  
  The real question here is: In 2017, can we trust ANYTHING to run on our computers that we didn't compile ourselves, after personally vetting the sourcecode -- and then, can we trust the compiler to not be compromised, too? Really, honestly, seriously, I'm starting to feel like we're getting to that point -- and even if what we're running isn't compromised as soon as it's installed, there doesn't seem to be much of anything that can prevent the mahcine from being compromised externally, unless you're never connected to the Internet, ever -- and even then, security researchers keep exposing exploits that can compromise a computer that's completely air-gapped.
3. Re:Kaspersky may well be innocent by Gravis+Zero · 2017-10-09 06:19 · Score: 3, Funny
  
  Yes, American government has some such instruments as well — just pick, who you trust more...
  I trust Linux more than either government. ;)
  
  --
  Anons need not reply. Questions end with a question mark.
4. Re:Kaspersky may well be innocent by rahvin112 · 2017-10-09 06:22 · Score: 3, Interesting
  
  While that might be true; I doubt they would risk it.
  Why? What does the Russian Government have to lose?
  The fact that the ownership of Kapersky was shuffled around such that a guy with deep connections to the FSB (Former KGB) has significant control over the corp should scare anyone. This should be enhanced by the fact that the American government has apparently seen something so concerning that they are reacting to it with law enforcement assets and have bared it's use within the DOD.
  This isn't much different than ZTE's three top owners being top Army officials in the PRC along with deep connections to their spy apparatus. I'd be concerned about using any Tech where the top people and owners are all connected to and beholden to that states spy apparatus. For all the talk no one on the board of Microsoft or Cisco is a top retired general that's got deep connections with the NSA. From what we learned from Snowden the NSA does their backdoor stuff on the sly by diverting packages and installing compromised firmwares after it leaves the factory instead of writing the backdoor directly into the software.
  If Kapersky is truly using virus scanning to scan for files they want then they've created a tool with unparalleled power. Any computer with Kapersky software is having it's contents scanned and reported back to Russia and the Russian government is apparently able to review the database for targets. It would be trivial for them in such a situation to have the software grab the contents for them, after all it already has kernel Ring 0 access by virtue of it's status as a virus scanner. That's reason alone not to run windows.
5. Re:Kaspersky may well be innocent by Anonymous Coward · 2017-10-09 06:27 · Score: 3, Insightful
  
  Pick the one that can hurt you the least. Who is the greater threat Russian secret police or American? Trust but verify. RR
6. Re:Kaspersky may well be innocent by Killall+-9+Bash · 2017-10-09 06:29 · Score: 2
  
  The problem is that open source projects can be contributed to by anyone, including state sponsored bad actors.
  
  Heartbleed. Tell me that the Heartbleed bug, the heartbeat function it fucked up the security on, and the RFC the heartbeat function was based on weren't all state sponsored.
  
  --
  "Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
7. Re:Kaspersky may well be innocent by Archon · 2017-10-09 06:45 · Score: 4, Insightful
  
  "This should be enhanced by the fact that the American government has apparently seen something so concerning that they are reacting to it with law enforcement assets and have bared it's use within the DOD."
  Is this the same government that deliberately start wars and invade other countries based on their own propaganda (aluminum tubes and babies being pulled from incubators, anyone)? Yeah, I thought so. So now it's show your proof or GFY.
8. Re:Kaspersky may well be innocent by Jeremiah+Cornelius · 2017-10-09 06:49 · Score: 2
  
  I'm perfectly willing to believe, the authors of the Symantec software and the owners of the company want to have to provide a good anti-virus and do not want to cooperate with United States' spies. But the decision may not be up to them — US government has many more instruments at their disposal to convince businesses and individuals to "cooperate", than do the governments of free(er) countries.
  Yes, Russian government has some such instruments as well — just pick, who you trust more...
  https://www.reuters.com/articl...
  https://www.muckrock.com/news/...
  https://www.dailykos.com/stori...
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
9. Re:Kaspersky may well be innocent by Presence+Eternal · 2017-10-09 06:57 · Score: 2, Insightful
  
  You're forgetting about TPM. You may be fully compromised even when the machine isn't booted.
10. Re:Kaspersky may well be innocent by Gravis+Zero · 2017-10-09 07:03 · Score: 3, Informative
  
  The problem is that open source projects can be contributed to by anyone, including state sponsored bad actors.
  You're not even wrong! However, it requires someone accept the contribution and never have someone notice the flaw. In the closed source model, nobody will ever have the chance to notice the flaw. Also, with a bit of pressure, a business will insert whatever blatantly evil code a state-sponsored actor insists on.
  
  Heartbleed. Tell me that the Heartbleed bug, the heartbeat function it fucked up the security on, and the RFC the heartbeat function was based on weren't all state sponsored.
  I can tell you for a certainty that shitty code occurs in the wild without the help of any state-sponsorship. OpenSSL was neglected but hey, thanks for the conspiracy theory!
  
  --
  Anons need not reply. Questions end with a question mark.
11. Re:Kaspersky may well be innocent by Hentes · 2017-10-09 07:14 · Score: 2
  
  Yes, American government has some such instruments as well
  Yep, like spreading FUD about AV that doesn't cooperate and coercing businesses to stop using/selling it.
12. Re: Kaspersky may well be innocent by mSparks43 · 2017-10-09 08:09 · Score: 2
  
  i wouldnt give either absolute permission over all files on my computer. lets be honest, after windows, the anti virus that runs on it is the biggest security hole a computer can have.
  Personally i think you are an idiot if you donâ(TM)t believe every single av vender is a key foothold for its respective governments intelligence service.
13. Re:Kaspersky may well be innocent by F.Ultra · 2017-10-09 08:15 · Score: 3, Informative
  
  Yes but #1 that is code from the part of NSA whose job it is to increase security and #2 that code has been verified and vetted from top to bottom, it's not like they supplied a binary blob. Not to mention that the code itself have been heavily altered by the community over the years.
14. Re:Kaspersky may well be innocent by F.Ultra · 2017-10-09 08:25 · Score: 2
  
  If so then you have to somehow connect Robin Seggelmann with some state since he was one of the authors of the RFC and the one that introduced the bug in OpenSSL (the bug is however only in this particular implementation and not in the RFC itself).
15. Re:Kaspersky may well be innocent by Enigma2175 · 2017-10-09 08:43 · Score: 2
  
  Um, that doesn't make them innocent, that makes them guilty but coerced. Innocent would be if the Russian spies were sniffing through their telemetry without them knowing, but that still means they are just as much of a security hole. I will admit that I didn't know that anti-virus software sent the user's files off-site for "inspection" if they were "suspicious". That is ridiculously insecure for the user's private data.
  Your "innocent" scenario is exactly what Kaspersky says (may have) happened in the case with the case where an NSA contractor's files were scanned by Kaspersky and then immediately hacked by the Russians. From Eugene Kaspersky:
  
  Even though we have an internal security team and run bug bounty programs, we can’t give a 100% guarantee that there are no security issues in our products ... Now, if we assume that what is reported is true: that Russian hackers exploited a weakness in our products installed on the PC of one of our users
  
  --
  Enigma
They probably refused to ignore NSA malware by gweihir · 2017-10-09 05:35 · Score: 4, Insightful

And now they are killed via a classical attack on their reputation, which may or may not be completely without merit. Of course, this only concerns the US market.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
1. Re:They probably refused to ignore NSA malware by Narcocide · 2017-10-09 05:44 · Score: 4, Interesting
  
  It's also possible that the software is fine as delivered by Kaspersky as far as they know, but altered/backdoored covertly while in transit, somehow. The U.S. government has done as much to Cisco hardware that has been shipped worldwide, so it's not like there wouldn't be precedent.
2. Re:They probably refused to ignore NSA malware by rmsilva123 · 2017-10-09 06:07 · Score: 2
  
  Yes. Just like other malware creators are required by law to submit samples to AV companies.
3. Re: They probably refused to ignore NSA malware by endoflife · 2017-10-09 06:08 · Score: 2
  
  Do you really think that US Intel isn't upset that the Kaspersky crew busted them for stuxnet?
4. Re:They probably refused to ignore NSA malware by tinkerton · 2017-10-09 06:52 · Score: 3, Interesting
  
  That's the best explanation. Now everyone has received the warning. If you don't cooperate with the US three letter organisations we'll get you. They've got nothing on Kaspersky except that the software performed as expected and that is by detecting malware. Give it some time and every AV that is left on the market is forcibly unreliable.
5. Re:They probably refused to ignore NSA malware by gweihir · 2017-10-09 10:46 · Score: 2
  
  It may be a good idea to run Kaspersky in addition to your regular scanner on everything suspicious. It may also be an excellent idea to buy their product to make sure they stay on the market. At least against US government malware, it seems they are currently getting the highest endorsement possible.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Well... by burtosis · 2017-10-09 05:42 · Score: 2

Are they at least going to update my NSA backdoors that kaspersky removed?
trumpistan by Anonymous Coward · 2017-10-09 05:44 · Score: 3, Interesting

we take in products from hundreds of different countries, including digital products that are in the heart of infrastructure. we allow outsourcing of sensitive data processing all over the planet.
but this one company is being singled out by the federal government and destroyed without a trial.
lets look at companies who actually took money from Russian operatives to place political advertisements on their networks. Facebook, Google, Twitter, directly profited from Russian interference in the election, and will never face any consequences.
this has nothing to do with protecting security, it is all about nationalism and isolation, Trump thinks that by cutting out foreign competition it will somehow provide an economic boost to domestic companies.
what he doesnt seem to realize is that every isolationist country, from Japan to Russia, has a stagnating population and a stagnating economy. Interacting with the world is how China lifted itself out of poverty - us cutting ourselves off from the world is how we are going to sink into it.
"off the shelves" = zero impact by xxxJonBoyxxx · 2017-10-09 05:44 · Score: 4, Insightful

Remember when you'd buy software? With a disc in a cardboard package? From a retail store you'd have to enter?

No? Me either.
1. Re:"off the shelves" = zero impact by Kaenneth · 2017-10-09 06:10 · Score: 2
  
  'Member meticulously transcribing source code from paper magazines, then leaving the computer on 24/7, because you couldn't afford the tape drive for a few more months?
Re: What we can learn from this by Anonymous Coward · 2017-10-09 05:49 · Score: 2, Funny

Agreed. Maybe a kinda chartreuse color?
Re:What we can learn from this by DontBeAMoran · 2017-10-09 05:54 · Score: 3, Funny

We have nice weather while Americans have tornados! The Cold War is over but The Warm War is working!

--
#DeleteFacebook
Also possible this is all to whitewash... by Anonymous Coward · 2017-10-09 05:58 · Score: 2, Interesting

The fact that anti-virus is so last generation and the dangers now are general purpose programmable management engine processors available in ARM, Intel, and AMD cpus/socs with no way for the physical owner (rather than the manufacturer) to disable, reprogram, audit, or otherwise ensure control of their computer systems is actually under their control.
Much like other psy-ops intended to direct attention away from the real social or technological threats, this may be another one of them. If they can backdoor your system at what amounts to the firmware level, then getting in through the operating system is just an infection vector rather than the operating environment, and since anti-virus cannot protect/easily audit against these sorts of attacks, it is already irrelevant to the most concerning vector of persistent infection already available.
I wish more people thought about/paid attention to this. And that more work was put into both taping out new chips to run our secure information systems on (even at a considerable loss in energy efficiency and performance) as well as new designs that provided the actual benefits these 'management processors' are meant to while leaving the control of them in the end user/hardware owners possession, instead of in questionable third party hands. Like Intel, AMD, (pick an ARM vendor), the NSA, or EquiFax's possession and data security..
They should've... by nwaack · 2017-10-09 06:18 · Score: 5, Insightful

They should've just let themselves get hacked and had all their customer's information stolen. Then the IRS would've probably given them a multi-million dollar contract!
Who is the worst? by William+Baric · 2017-10-09 06:29 · Score: 2

1. Considering the fact that American companies are forced to "cooperate" with the American government
2. Considering the spying habit of the NSA
3. Considering that I live in Canada, where Russia has no influence (the chance that I would be extradited to Russia for wrong think are nil)
I'd much rather use a Russian antivirus than an American one! (That is, I'd much prefer that Russia spies on me than the US.)
1. Re:Who is the worst? by AHuxley · 2017-10-09 14:52 · Score: 2
  
  Recall the US "Magic Lantern" keystroke logger and demands for antivirus vendor cooperation.
  Magic Lantern (software) https://en.wikipedia.org/wiki/...
  
  --
  Domestic spying is now "Benign Information Gathering"
Is there any actual proof of anything? by fredrated · 2017-10-09 06:42 · Score: 4, Insightful

Or do we just trash businesses based on opinion?
Re:The Definition of Racism? by HiThere · 2017-10-09 06:54 · Score: 2

No. This isn't racism, this is nationalism, or possibly jingoism.
OTOH, it's also a very real recognition that the Russian govt. can coerce any backdoor it wants into Kapersky software. So it makes perfect sense for US govt. machines to avoid it. (I'm not saying they should trust McAfee,)
That said, the Russians would probably be reluctant to share their info with the US spooks, so Kapersky's software is likely a better choice for those living under a US regime than many alternatives. But perhaps avoiding it should be required for those holding a security clearance.
OTOH, for other reasons I prefer Linux, so this is, on my part, moot. I really dislike the last MS EULA I read, and that was the reason I switched to Linux. Reports since then have consistently been that the EULA has gotten worse and more restrictive. For awhile I switched to Apple, but then *they* tried to smuggle an abusive EULA change in as a "required security upgrade". I've still got a few Apples, but they never touch the internet in either direction. That was over a decade ago now.
If I were mainly concerned about security, then I'd switch to one of the BSDs. (OpenBSD?) My concerns were more about legal agreements, as I *try* to be law abiding...though not because I feel the laws always deserve to be honored. (If I thought pirating CDs or videos would damage the RIAA or MPAA, I'd be doing it right and left.)

--

I think we've pushed this "anyone can grow up to be president" thing too far.
Re:What we can learn from this by benjfowler · 2017-10-09 07:13 · Score: 2

There are still quite a few unanswered questions about Joe McCarthy and his motivations and affiliations.
It's telling that the Russian trolls are still bashing us over the head with the 'McCarthyism' trope...
Trust the brand that helped find by AHuxley · 2017-10-09 09:37 · Score: 2

Stuxnet
Flame
Equation Group
Duqu
https://en.wikipedia.org/wiki/...
Highly sophisticated malware gets found and the internet is safer.

--
Domestic spying is now "Benign Information Gathering"