Slashdot Mirror
Moscow Has Turned Kaspersky Antivirus Software Into a Global Spy Tool, Using It To Scan Computers For Secret US Data (wsj.com)
WSJ has a major scoop today. From a report: The Russian government used a popular antivirus software to secretly scan computers around the world for classified U.S. government documents and top-secret information, modifying the program to turn it into an espionage tool (could be paywalled), according to current and former U.S. officials with knowledge of the matter. The software, made by the Moscow-based company Kaspersky Lab, routinely scans files of computers on which it is installed looking for viruses and other malicious software. But in an adjustment to its normal operations that the officials say could only have been made with the company's knowledge, the program searched for terms as broad as "top secret," which may be written on classified government documents, as well as the classified code names of U.S. government programs, these people said. The Wall Street Journal reported last week that Russian hackers used Kaspersky's software in 2015 to target a contractor working for the National Security Agency, who had removed classified materials from his workplace and put them on his home computer, which was running the program. The hackers stole highly classified information on how the NSA conducts espionage and protects against incursions by other countries, said people familiar with the matter. But the use of the Kaspersky program to spy on the U.S. is broader and more pervasive than the operation against that one individual, whose name hasn't been publicly released, current and former officials said. This link should get you around WSJ's paywall. Also read: Israeli Spies 'Watched Russian Agents Breach Kaspersky Software'
I've been telling you people that Kaspersky is nothing more than a tool to send the KGB (now FSB) your files for over a year.
You won't have seen my warning unless you brows at -1 because Slashdot is infested with Russian sock-puppets, idiots, and traitors.
It also has daily updates for my pleasure.
It's the weaponization of something considered a base necessity to the functioning of computers. It's the equivalent of poisoning a city's primary water supply. Yes there are others but this one is well known and been used for so long that many are dependent on it for what it provides.
The globalists have been pissed that Kaspersky figured out how to disable Intel's Management Engine so they turn all their shill propaganda rags against it. It's over for you guys.
more like they scan for nsa spyware.
The argument can be made that Slashdot's editors are Russian spies sent here on a mission to discredit Democrats.
We know already. Yes, there are some denialists but who cares. Give us some news.
Also, if you are of no interest to the Russian government but are afraid of NSA snooping, maybe it's time to install Kaspersky.
former officials are now working for companies selling consulting services and have every reason to make this look as terrifying as possible to increase demand for their services
It's the mouthpiece of reality that you really object to.
I'm sorry that you are loyal to Russia instead of America, and that you want Americans to continue running Russian government spyware.
If you were a loyal American instead of a traitor you would understand that it's important to warn you fellow Americans of a hostile foreign adversary's attack on your country and your computers.
WSJ has a major scoop today.
From a report
according to current and former U.S. officials
How many times are we going to let this go? Every week there is something else.
Shocking news to grab your attention by a series of reputable outlets that have changed ownership or management in the last few years. From a report, sounds so official. With vague anonymous sources that are official in some way.
I am not saying this is entirely "fake news". That rarely exists whole-cloth, but just look into it a little closer when it looks like a duck and quacks like a duck.
The US government, and by extension the media sources that make their money by having cooperative contacts within it, got pissed off at Kaspersky for exposing their dirty Stuxnet secrets. Double points for Kaspersy being Russian at a time when anything remotely critical of Trump is made of ad impression gold.
So now they set the hounds against Kaspersky and we have to put up with a media blitz. Story after story with no real proof other than "trust us, we are the media and government" when we should be doing the opposite for the same reason.
it just seems like propaganda, to further incite Cold War 2.
Shocked, I tell you.
I said, oh, 3 or 5 years ago, or maybe it was 10? ...that an obvious vector was the antivirus product itself. Because trust has to start somewhere, and people tend to trust their antivirus software, because otherwise, what do you do? Throw out your computer and go back to books? (Now that I write that, it doesn't sound like a half bad idea.)
And this was even before the useless nagware McAfee Security Scan started being bundled in everything to hell and gone.
So, in a way, I'm glad this happened, because it might cause people (well, some people... well, a few people) to look a little more critically at their antivirus software.
So everyone should convert to Windows Defender. Just kidding.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
We now know that Kaspersky only cracks security in the service of the Russian government.
This intel chip security hack you are so happy about only compromises your computer for the Russian government.
You are mad because we exposed the Russian botnet you participate in.
Is anyone that stupid they didn't see this 10+ years ago? Of course it's an espionage platform. Fucking duh.
With a paywall link to boot. SMH
The NSA was compromising Cisco network gear to spy on damn near everyone:
https://www.recode.net/2014/5/18/11627004/in-letter-to-obama-cisco-ceo-complains-about-nsa-allegations
I'm sure the Russians, and the Chinese, and everyone else with an intelligence agency just copied the tactic.
hasn't already done this with Microsoft, McAfee and Norton security software? Privacy and Internet Security is a myth in the 21st century. I'm sure that it won't be long before they will have the ability to listen to every home with a Amazon echo in it.
...WSJ has a major scoop today.:...
From the WSJ article itself:
...Israel’s spying on Kaspersky, which U.S. officials said provided crucial evidence that Kaspersky Lab was working with the Russian government, and the use of Kaspersky to scan for classified keywords was first reported Tuesday by the New York Times. ...
[my emphasis] The NYTimes may not be my favorite newspaper, but credit where credit isude, eh?
ALERT ALERT ALERT LAUNCH ALL RUSSIA SHILLS!!!
Claim it is US corporate interests against Russia company; failure imminent. Redirect rhetoric to: If this were Germany or UK or Israel it would be no big deal, so why for friend Russia?
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Anti-virus software detects various forms of malware.
The surveillance software used by the NSA and other government agencies is effectively malware. To serve the purpose intended by the NSA this malware needs to go undetected and unreported by anti-virus software. Kaspersky wouldn't play along with this whitelisting, then they found themselves the target of blacklisting.
I LOVE Russia! They are a great friend to the United States! MAGA!
This reminds me of a sci-fi story where the NSA somehow created a code module sometime in the past that has made its way into every anti-virus software (lot of hand waving here). The idea being that most computers have anti-virus software running and the anti-virus software won't be looking at itself (who is watching the watchers?) This allows the NSA to make every computer a part of a giant botnet, basically a global super-computer using the free CPU cycles of billions of computers. They aren't using the computers to spy on individual computer users as much as using that raw computing power to ask questions and get answers. At some point I think the giant botnet becomes self-aware.
Just before Trump appeared on the political horizon Russia and Putin were scoring a lot of points with Democrats and the Left. Putin was seen as the opposition to supposed Ukrainian fascists. He was also propping up Venezuela's regime with military collaboration; arms sales, TU-144 flights and such.
A decent piece by Hacker News (https://thehackernews.com/2017/10/kaspersky-nsa-russian-hackers.html) correctly points out that there is no evidence, just anonymous sources and nation state he said she said. Even if Russian ops did gain access through Kaspersky, Kaspersky might not have allowed access and are victims themselves. US intelligence does this all the time, ask Cisco about the backdoor added to their hardware mid route (thanks Edward Snowden for the revelation).
Blaming a company without any substantial proof at this time is just more fear mongering playing into the current narrative. The fact that it's easy to take previous known code from an intelligence program and re-purpose it/style to frame another country is never mentioned in theses "OMG THE BAD GUY HACKED US!" stories is very disingenuous. But I suppose after weeks of this allegation and congressional hearings, we'll still know nothing and the story will slowly fade away except for the occasional talking point of why we should sanction/hack/declare war with Russia.
Antivirus software doesn't remove viruses, it actually IS a virus...
Wrong. The Intel Management Engine being hacked doesn't "compromise" anything other than the US government's ability to compromise your computer at the hardware level. I'm sure you're well aware of that though.
Over here we say "boy who cried wolf." That "peter and the wolf" thing is pretty much strictly a Russian idiom. Just so you know, going forward.
Never confront a republican/trump zombie with facts. What are you trying to do, start a zombie apocalypse and get us all killed? STOP THAT!
Garbage inedeed.
Except that it was scanning for particular names and phrases, not just virus signatures.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Shill disinformation vector 3: doubt fork of FUD activated!
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Holy Shit...Really? I never would have guessed that a country run by a world class spy would have access and then use Kaspersky Labs. Why is everyone so shocked?
The Intel Management Engine being hacked doesn't "compromise" anything other than the US government's ability to compromise your computer at the hardware level.
It literally compromises everything on the system. It's like you can't understand what the IME does--or don't want to understand.
I remember one day buying a computer from Best Buy and while I was paying for it the employee proceeded to open the brand new box saying he was about to install some anti-virus software. I don't know if it was Kaspersky, but I said something along the lines of "Hell no" and put an end to that.
So nowadays antivirus software has moved on from not doing anything useful to spying on you while not doing anything useful.
SlashdotMedia has turned Slashdot into the democrats' mouthpiece. You all are starting to make Trump look like a rational human being.
It used to be republicans were the ones who hated the Russians the most. Were do you get that Democrats like Russians? Russia doesn't care about republican vs. democrat, they want to do whatever they can, no matter the avenue to make America weaker.
I'd prefer simplier reason.
AV scans for some unusual call patterns.
In this case it was debug versions of NSA malware.
Of course it was man-analysed and, as soon as the source (i. e. NSA) was identified russian government authorities were in play hacking further in that gaping hole.
I cannot blame Kaspersky for this. Malware makers are same kin as drug dealers or terrorists - no difference IMO.
Well if EVERYTHING is compromised, it must be good! Can you point out the specific way my computer is more susceptible to Russian hackers without IME? Is it the remote power on/off functionality that protects me? Or the remote BIOS settings management? Having network access outside of the OS? Or is it shit like the Silent Bob is Silent vulnerability that keeps me safe?
If this would be true, then WHY does German intelligence services finds NO evidence of that ?????
Israel is spying Russians that are spying Americans ? That nice piece of troll.... apparently it works... everything is Russia's fault right ?
Who is manufacturing consent ?
https://www.reuters.com/article/usa-security-kaspersky-germany/germany-no-evidence-kaspersky-software-used-by-russians-for-hacks-idUSL8N1MM4ZV
How is Windows 10 any different? that openly collect every thing you make,open send. Every image, every doc, every email is scanned/collected.Every word spoken. So knowing this why hasn't every country in the world not blocking or not allow windows 10 to be installed on any government/employees PC? And those saying they don't do what i said lol
Jack of all trades,master of none
This is Slashdot. Not even the submitter reads these things.
The editors we have are indistinguishable from a Perl script that posts any random story about Russia.
I still haven't forgotten the funny one where DNS queries from Russian spam referencing a Russian bank sent to a 3rd party marketing site by a Trump-affiliated company was top news for a while.
Microsoft is already spying you at the OS level, they gain nothing spying on you on the AntiVirus level.
Also, Windows defender is free, and complies with "certification" requirements (like PCI).
Now, for Mac and Linux (where you should be running an Antivirus anyway) the choices are more complicated. You could go with ClamAV, but that may pose problems for "certification", or go with a commercial vendor, with all the caveats that entails.
Your choice.
*** Suerte a todos y Feliz dia!
The _NSAKEY was discovered in Windows NT 4 in August 1999 by Andrew Fernandes of Cryptonym. It could be confirmed and reset by any hacker with a copy of NT. I did cleared mine and most of my tech colleagues did the same
https://en.wikipedia.org/wiki/...
Gates was interviews by BBC news and flout out denied its existence.
https://cryptome.org/nsakey-ms...
Exactly. Out of curiosity, do you actually have a list? I did a quick search and found this article which had some interesting points.
I've been seeing simplistic, noisy posts like that with such steadily increasing regularity over the last couple of years that I'm beginning to wonder whether there may be an operator with many accounts intentionally seeding doubt, filth, hate, etc. in order to reduce the likelihood of thoughtful discourse.
It is hard to believe the explanation that previously thoughtful appearing "geeks" were actually hiding all of this inside and have now been freed by the current atmosphere to come out of their closets. It is a long-standing tactic of those wanting to break up a good forum to simply create so much noise that the forums thoughts are drowned out.
There will probably be some wonderful examples in response to this post :-)
Kaspersky is probably the only Russian software company that has had any amount of success and tragically the Russian government will destroy it.
Indeed. The technique of the "Big Lie" (known a long time, but refined and documented by Goebbels) is to just tell people again and again what you want them to accept as truth. This technique is clearly employed here. The most obvious reason for this attack on Kaspersky is that they refuse to ignore NSA malware and do things that the tame US vendors would never dare to do. It does also not really matter whether Kaspersky gets hacked by Russian intelligence, as all other AV products are pretty likely to suffer exactly the same fate as Kaspersky. That they get singled out and that the proof presented so far is more than flimsy and stinks of having been manufactured fits the picture nicely.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I don't trust my country to tell the truth, especially when it concerns stealing information. That happens far worse and with far greater reach from American agencies. Those three letter agencies can ruin my life. An antivirus cannot.
Ha. I should have done more than scan the outline of the link!!! It is a wonderful example of another tactic that has emerged - flip the script - use the fact that everyone is human and thus not all smart people are smart about how they say things to marginalize them and make them appear dumb. Cool.
Yay, can we just call them for what they are, which is a CIA propaganda machine.
The RUSSIANS DID IT! RUN RUN RUN! Fucking fools are still pushing this RUSSIAN-bullshit, but bigger FOOLS are still buying into it.
Let's assume for a moment that you're a US citizen. What, exactly, can the FSB (or any other Russian agency) do to you personally that US agencies couldn't do to you with complete (or de-facto) legality (including things that harm you as 'collateral damage', even if they aren't targeting you specifically or accusing you of any wrongdoing)?
At least the FSB won't break into your back yard & kill your dog for barking at them while they execute a no-knock warrant against your neighbor. Or destabilize your computer (and the computers of 17 million other Americans) & cause it to randomly crash courtesy of their malware in the hope it'll assist them in catching 2 or 3 child molesters?
As others have noted, the feds are pissed at Kaspersky for getting in the way of their OWN malware. Anybody who thinks US agencies haven't done the same thing with American software is naive. That doesn't make what Russian intelligence agencies did *right*, but arguably, if having Russian malware on your PC means it's protected from American malware, it's debatable whether that's bad for an individual American.
Back in the paper days, physical access was controlled, so stamping them with an appropriate classification made sense.
Unfortunately as things went digital, < ENTITIES > used headers/footers embedded in the document to replace these stamps.
This makes it levels of magnitude easier to separate the wheat from the chaffe... just grep for secret|confidential|noforn|etc...
Eventually watermarks were used instead, but then you only need to look for those.
PGP has been around for what? 3 decades now?
That's plenty of time for even the slowest moving < ENTITIES > to implement a document request system based on need to know.
It uses proven technology with an adaptation that is obvious to practicing security professionals and would significantly minimize leaks.
But, hey, its not like many security professionals are volunteering to help so long as there are variations of the (Un-)Patriot Act.
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Ben Franklin
Regarding the NSA contractor, it sounds like Kaspersky AV was working as designed. It detected the malware the contractor was working on and sent the file back to Kaspersky Labs for analysis. It sounds to me like the NSA's security policy needs some work if a contractor can download classified files to a non-secure computer.
Now as far as Kaspersky AV scanning for classified documents, that's certainly plausible but where's the evidence? Not running the software on sensitive computers sounds like good policy, but there's a lot of software that shouldn't be run on those types of systems. That being said, how do we know all foreign made computers themselves haven't been compromised at the factory?
If Kapersky is spying for the Russians, then set up an odd-looking but plausible server, run AV on it, then use it to feed disinformation to the Russians.
Kaspersky actually makes available real-time infection info on ALL machines it's installed on. So, the earlier reports that the Ruskies used that info to identify a target to hack didn't seem to me to be smoking gun evidence of collusion. I've used Kaspersky for some years and am aware that Putin and Kaspersky are "friends" and that he likely has some difficult politics to navigate in Russia to appease the powers that be and market a good product while resisting the pressures towards subversion and corruption. But allowing keywords which could target ANY sensitive information (not just US gov't) is way over the line of what I view is acceptable in my anti-malware. I'll wait for the company's response, but they've probably lost a customer. They have been strangely (stupidly?) silent on this so far. Perhaps they're hoping their US customers are not paying attention.
>The most obvious reason for this attack on Kaspersky is that they refuse to ignore NSA malware and do things that the tame US vendors would never dare to do.
Now that the Israelis are officially involved in the story, it has gone beyond the NSA being mad at Kaspersky for detecting their malware.
Why is it every single russia story is always sourced back to "official" sounding, yet always anonymous sources? Where is the actual EVIDENCE? Surely if this was in this widespread antivirus software, the proof could be reproduced and demonstrated on demand in a test environment. I would think the average slashdot reader could at least see through the bullshit when it comes to stuff that happens on everyone's computers.
There isn't any evidence. There never is. This is just an extension of the narrative that russia is out to get us that the reader is supposed to connect this loosely to the russia trump collusion lie.
Nice try but no.
Our government being told to use US programs with backdoors has been public knowledge since the 1980s in Australia.
Why are there government computers running windows at all?
Wake up and smell the coffee, people.
Computers do not need to run virus scanners.
STEP 1:
Ban all MS Windows computers from government use
STEP 2:
There is no step 2.
http://www.stolk.org/tlctc
"Washington and Washington have turned US mainstream media into a domestic propaganda bullhorn, using it to stir up public sentiment against a foreign country with conspiracy theories and hatchet-job reporting."
There, fixed it.
By the way, this new anti-Russian scare is making you people a laughing stock, just like in the 1950s.
>The most obvious reason for this attack on Kaspersky is that they refuse to ignore NSA malware and do things that the tame US vendors would never dare to do.
Now that the Israelis are officially involved in the story, it has gone beyond the NSA being mad at Kaspersky for detecting their malware.
Are you that naive? I'm not a conspiracy theorist, but having America's little buddy Israel joining in (yeah yeah me tooing), doesn't hold any weight. If anything, it makes me believe this less now... And I had no reason to not believe the story before Israel got involved.
The article states: "Israeli Spies Watched Russian Agents Breach Kaspersky Software".
The only "fact" that i can find reading the articles is: "Israeli Spies SAY THAT THEY Watched Russian Agents Breach Kaspersky Software".
I don't see any evidence of anything else, everything stems from what a foreign spy agency told the US.
The way I interpret it is "the Israeli spy agency found a hole in Kaspersky Software and has been using it to spy on the US". Now the hole has been fixed (or it is no longer viable) and wants to make sure the targets of Israeli Spies use another software for which they have known holes.
Call me skeptic...
Intriguing interpretation, certainly no more conspiratorial than others in this thread. Wonder why you got modded -1?
Does Facebook use Kaspersky anti virus on their servers? Is that how the DNC got infected?
Does Trump have a hotel next to Kaspersky labs or something?
I can't believe anyone, especially our government, would give credence to this BS story. Our government (the portion controlled by the deep state) is waging an economic war against Russia to prevent us (the people of the United States) and Russia getting together and fighting the terrorists that justify our defense spending, among other things. The backers of the WSJ benefit from war, that's why they publish this crap.
Get ready for chaos, the establishment class people that back the WSJ are planning all out civil war here in the US rather than let the Donald flush the swamp dwellers back to the hell from which they came.
TO be forewarned is to be forearmed.
OK, bots and trolls, flame on!
If you were watching that show this info is almost 2 weeks old already. And The White House bought the Anti Virus software big time. So.. There go our secrets!!
Really? Who would be stupid enough to believe an country that has no moral compass, believes in vodka is the only way to make it through a day of hell in the pithole they call "motherland", and still believes in Communism will some how work even though it has failed for 100 years?
Remember years ago when the NSA was intercepting shipments of Cisco routers and adding spy stuff? Color me un-surprised.
I wonder why Israel would reveal that they had the capacity to eavesdrop on russian spies.
The Russians now know what kind of messed up porn I'm into! The shame!
Yeah, that's 27 kinds of horseshit.
...for business method patent violation
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
Windows Offender
When I was installing Kaspersky 10 years ago on my company's computers it occurred to me that installing Russian antivirus software might be a bad idea. I was young and my boss didn't seem to mind. Lesson learned. Follow your gut.
The US does the same with Symantec, and everybody knows that OpenBSD is a Canadian honey pot to steal hockey related information.
https://www.bankinfosecurity.com/10-reactions-kaspersky-lab-allegations-a-10363
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2017/BSI_Stellungnahme_Kapersky_11102017.html;jsessionid=4128C7FCAB2F71771F11664AD3D44794.1_cid351
I suspect all AV as being partisan. Not that they're phoning home, just that they're ignoring particular other malware that IS phoning home.
"according to current and former U.S. officials with knowledge of the matter. "
Who? Citations? Evidence of any infinitessimal kind please?
Windows 10 is just one big lump of spyware.
Shoot them on site. Traitors to our Western culture and modern society.
This is all just for the build-up of a yet-unannounced Rocky remake.
"according to current and former U.S. officials with knowledge of the matter" Hmm... who would all be Jewish, I suspect...
It's almost as if the Jewish media wants the U.S. to go to war with Russia, because Russia isn't doing what it's told by its Jewish 'masters'...
Kaspersky sends data to You!
Yet Another Major Russia Story Falls Apart. Is Skepticism Permissible Yet? https://theintercept.com/2017/...
"wonder whether there may be an operator "
Yes it's called the Russian state. Have you not been paying attention?
That link describes the tactics used here but unfortunately it seems to be promoting chemtrails and other crazy stuff ("geoengineering") which somewhat detracts from the message.
This can only be good news. The world is sick of a 'strong America' striding the globe arrogantly, visiting war, mayhem, regime change and murderous interventions with impunity. The legacy, still continuing since WWII has been a global holocaust of peoples who've died, been injured as a result of the US's cult of impunity, acting as a rogue state outside international law. Many have got so used to US global behaviour they accept the rogue state to act as it wants, without constraint or recourse to international law.
A 'weak America' is good news NOT bad news. We can only hope that its aggressive foreign policy, and murderous military will one day diminish, and the US ceases to run amok, murder and maim, treating the rest of the world as its deadly playground.
The US is largely a corrupt and regressive backwater these days. Let's hope that the backwardness of US policies, both domestic and foreign, will face some credible opposition from more progressive countries. America is increasingly becoming a particularly ugly example of a corrupt and totalitarian nightmare. One only has to look at who the 'choices' for president were, to realise that the system of government there has long since ceased to function in any moderately representative way, let alone democratic.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
I was deciding between Kaspersky and Bitdefender for Mac AV. Which do you recommend?