Slashdot Mirror

← Back to Stories (view on slashdot.org)

Moscow Has Turned Kaspersky Antivirus Software Into a Global Spy Tool, Using It To Scan Computers For Secret US Data (wsj.com)

Posted by msmash on from the boom dept.

WSJ has a major scoop today. From a report: The Russian government used a popular antivirus software to secretly scan computers around the world for classified U.S. government documents and top-secret information, modifying the program to turn it into an espionage tool (could be paywalled), according to current and former U.S. officials with knowledge of the matter. The software, made by the Moscow-based company Kaspersky Lab, routinely scans files of computers on which it is installed looking for viruses and other malicious software. But in an adjustment to its normal operations that the officials say could only have been made with the company's knowledge, the program searched for terms as broad as "top secret," which may be written on classified government documents, as well as the classified code names of U.S. government programs, these people said. The Wall Street Journal reported last week that Russian hackers used Kaspersky's software in 2015 to target a contractor working for the National Security Agency, who had removed classified materials from his workplace and put them on his home computer, which was running the program. The hackers stole highly classified information on how the NSA conducts espionage and protects against incursions by other countries, said people familiar with the matter. But the use of the Kaspersky program to spy on the U.S. is broader and more pervasive than the operation against that one individual, whose name hasn't been publicly released, current and former officials said. This link should get you around WSJ's paywall. Also read: Israeli Spies 'Watched Russian Agents Breach Kaspersky Software'

108 of 267 comments (clear)

  1. I told you so! by Anonymous Coward · · Score: 1, Insightful

    I've been telling you people that Kaspersky is nothing more than a tool to send the KGB (now FSB) your files for over a year.

    You won't have seen my warning unless you brows at -1 because Slashdot is infested with Russian sock-puppets, idiots, and traitors.

    1. Re:I told you so! by Anonymous Coward · · Score: 5, Insightful

      I wouldn't be surprised if AV made in the USA does the same, just sending copies to a different three letter agency.

    2. Re:I told you so! by roc97007 · · Score: 1

      Which just goes to show, being paranoid doesn't mean someone isn't really out to get you.

      --
      Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
    3. Re:I told you so! by pigsycyberbully · · Score: 2, Informative

      https://hardenedlinux.github.i...

      00 ME: Management Engine

      First introduced in Intel’s 965 Express Chipset Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip (for Core 2 family CPUs which is separate from the northbridge), or PCH chip replacing ICH(for Core i3/i5/i7 which is integrated with northbridge).

      The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system’s memory as well as to reserve a region of protected external memory to supplement the ME’s limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).

      The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC. It is a threat to freedom, security, and privacy that can’t be ignored.

    4. Re:I told you so! by sabri · · Score: 1

      "Could be paywalled" is Slashdot's equivalent of "additional fees may apply".

      Ergo, on Slashdot, "Could be" means "is".

      --
      I'm not a complete idiot... Some parts are missing.
    5. Re:I told you so! by NettiWelho · · Score: 3, Interesting

      I wouldn't be surprised if AV made in the USA does the same, just sending copies to a different three letter agency.

      Windows 10 Defender absolutely does this. The description however promises that if the file is a "personal document" it asks for your permission first.. Upon asked what count as personal document microsoft has anwsered it means a file created with "default windows 10 apps".

    6. Re:I told you so! by sexconker · · Score: 1

      I always browse at -1 with all comments loaded. And I put more stock in AC posts than others.

    7. Re:I told you so! by Anonymous Coward · · Score: 1

      Indeed. Pot meet kettle.

      I remember the days we used to mock communists for mass surveillance. Now we do it too. And it isn't even a partisan thing. Crypto tyrants on both sides of the aisle.

    8. Re:I told you so! by F.Ultra · · Score: 2

      Why would Microsoft bother with Defender to do this when they already own your whole computer with Windows?

    9. Re:I told you so! by markhb · · Score: 1

      So, is Netcraft right? Is Linux dying?

      --
      Save Maine's economy: write stuff down. All comments are exclusively my own, not my employer.
    10. Re:I told you so! by NettiWelho · · Score: 1

      Why would Microsoft bother with Defender to do this when they already own your whole computer with Windows?

      Defender is the perfect cover for something that scans your shit and sends hashes of found files to some outside entity because that what it literally does in the first place.

    11. Re:I told you so! by F.Ultra · · Score: 1

      And the Windows Kernel does the very same every time you ask an application to load or save a file so there is no need to implement this in Defender and risk missing an opportunity (i.e that some people don't install it).

    12. Re:I told you so! by Moof123 · · Score: 1

      If everyone was out to get you, you'd be paranoid too.

    13. Re: I told you so! by CaptainDork · · Score: 2

      Tear up a "Made in USA" computer and look at the country of origin of the chips in there, shithead.

      --
      It little behooves the best of us to comment on the rest of us.
    14. Re:I told you so! by sexconker · · Score: 1

      No, u.

    15. Re:I told you so! by Xenographic · · Score: 2

      It's not clear that it's exactly sending it to the Kremlin directly, nor would it have to. If they have anything like what we have, they simply tap the internet traffic. Our government almost certainly does something similar. Kaspersky told us back in 2015 that they caught a Stuxnet-like malware invading them, so there's some credibility to this one, though there's not a lot of info other than anonymous rumors repeated by the press.

      It's fair to criticize both spying apparatuses for that, mind you. I don't know how to stop either one, though. They have some pretty crazy tools at their disposal, if you've ever seen the TAO catalog.

    16. Re:I told you so! by arglebargle_xiv · · Score: 1

      If no-one was out to get me I'd be paranoid too. As a government employee I'm required to be nondiscriminatory.

    17. Re: I told you so! by F.Ultra · · Score: 2

      Since the data sent between Windows and Microsoft HQ is encrypted no researched can know if what it sends are hashed files or any other data. And since Windows both phones home for updates as well as telemetry this could just as easily be handled there.

    18. Re:I told you so! by RockDoctor · · Score: 1

      Slashdot is infested with Russian sock-puppets, idiots, and traitors.

      What about the people who read Slashdot and who are patriots - but Russian citizens?

      If your'e walking the streets of America you might have fair grounds to think that the next person you meet is likely to be an American. When you're walking the streets of the internet, you've no grounds for continuing with such a belief.

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
    19. Re: I told you so! by Brockmire · · Score: 1

      Yes, "chips" just fucking design PCB traces to connect the chips to the outside world and comes with software for calling home to the motherland all on their own, behind the American engineer's back. Fuck off.

    20. Re: I told you so! by CaptainDork · · Score: 1

      And just where do you think the engineers come from?

      --
      It little behooves the best of us to comment on the rest of us.
  2. This is why I use Windows Defender by Gabest · · Score: 1

    It also has daily updates for my pleasure.

    1. Re:This is why I use Windows Defender by Vincent77 · · Score: 1

      Which sends data to Microsoft. Is that safer?

    2. Re:This is why I use Windows Defender by roc97007 · · Score: 1

      Right, because if someone is spying on me, I want it to be 'muricans, dammit!

      --
      Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
    3. Re:This is why I use Windows Defender by Sperbels · · Score: 1

      Yeah, but 'murcans just end up selling it the Russians. The Russians thought they'd bypass the middleman. Like Tom Shane.

    4. Re:This is why I use Windows Defender by amicusNYCL · · Score: 1

      What the hell? Did you just casually lob a jewelry joke into the political discussion?

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    5. Re:This is why I use Windows Defender by tattood · · Score: 1, Insightful

      Which sends data to Microsoft. Is that safer?

      As long as it's not going to Russia, then yes!

      --
      WTB [sig], PST!!!
    6. Re: This is why I use Windows Defender by Anonymous Coward · · Score: 1

      So you'd rather have your own neighbors spying on you(neighbors who make decisions that impact you)rather than Russia who has no control over you?

    7. Re:This is why I use Windows Defender by 93+Escort+Wagon · · Score: 1

      Now you have a friend in the spy business!

      --
      #DeleteChrome
  3. That's an act of war, right? by H3lldr0p · · Score: 1, Interesting

    It's the weaponization of something considered a base necessity to the functioning of computers. It's the equivalent of poisoning a city's primary water supply. Yes there are others but this one is well known and been used for so long that many are dependent on it for what it provides.

    1. Re:That's an act of war, right? by Mordaximus · · Score: 5, Insightful

      It's the weaponization of something considered a base necessity to the functioning of computers. It's the equivalent of poisoning a city's primary water supply. Yes there are others but this one is well known and been used for so long that many are dependent on it for what it provides.

      If running an antivirus is a base necessity, you've chosen your operating system poorly.

    2. Re:That's an act of war, right? by Train0987 · · Score: 4, Insightful

      Act of war? Spy services spy. That's why they exist and every country has spy services. How this is a shock to anyone is beyond me. Do you think that the NSA hasn't exploited every single A/V provider, hell, every single online anything?

    3. Re:That's an act of war, right? by Anonymous Coward · · Score: 1

      I hope most Americans consider it as such. I am tired of living but don't want the world to go on after I'm gone since I don't like missing out on things.

    4. Re:That's an act of war, right? by ctilsie242 · · Score: 2

      AV is not necessary to the base functioning of a computer. It is poorly designed OS architectures and architectures brought forward from antediluvian hardware which made AV a need in the first place. In reality, you are far better off with a signed executable mechanism, an ad blocker, and your web browser in a VM or container than you ever will be with AV software. Mainly because AV doesn't catch the latest stuff.

      Yes, AV sells, but it is more of a legal checkbox than something useful for an active defense.

    5. Re:That's an act of war, right? by gnick · · Score: 1

      Or every single thing with computer chips, (basically everything), in general.

      I heard from a highly reliable source that they can turn microwaves into cameras.

      --
      He's getting rather old, but he's a good mouse.
    6. Re:That's an act of war, right? by 93+Escort+Wagon · · Score: 2, Insightful

      Kellyanne isn't much more reliable than her boss. Her boss lies like a rug.

      He lies; she's mainly just an idiot.

      --
      #DeleteChrome
    7. Re:That's an act of war, right? by Guybrush_T · · Score: 2

      But still, the reason why there is no way I would go back to windows after having switched to linux 15 years ago is this : antiviruses. Having a program constantly using your CPU and hard-drive is a nonsense.

      And no, I don't buy the "if 99% of people would use linux there would be viruses on Linux too" argument. Many Android phones out there and no one runs an anti-virus (security updates, on the other hand, would be welcome).

    8. Re:That's an act of war, right? by Ol+Olsoc · · Score: 1

      Act of war? Spy services spy. That's why they exist and every country has spy services. How this is a shock to anyone is beyond me. Do you think that the NSA hasn't exploited every single A/V provider, hell, every single online anything?

      Well fuck then. Why don't you get a clearance, then get some Top secret stuff and march right over to the nearest Russian embassy and hand it to them .They'll appreciate it, and since "spy agencies spy" It'll all be good, no problem, and mybe the people you stole teh information from will give you a promotion.

      Sorry, I get this way when people make abysmally stupid remarks. The problem Boris, is that when you get caught, you then suffer the Ire of the nation you committed treason against. Sometimes the spy survives the experience, sometimes the spy gets a loadapolonium gift.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    9. Re:That's an act of war, right? by rtb61 · · Score: 3, Insightful

      Keep in mind the reality of the story. The Israeli spy agency whilst commuting criminals acts reports that Kaspersky is harvesting 'spy tools', not harvesting the target computer of it's data but harvesting the tools ie getting a copy of that virus and it settings, plus the type of data it sends and where it sends it and hopefully where it came from. Isn't this what they are meant to do, get those hacking tools, analyse them and break them but then no story like an old story https://www.youtube.com/watch?... and now twisted to attack Kaspersky why, because they were doing to good a job perhaps and exposing NSA and CIA activities and are being punished for it. This is not even a Russia propaganda thing, this is punishing a security company for exposing NSA/CIA/MOSSAD criminal activities.

      As for Israel claims of hacking, well, the spy vss spy crowd is always obvious, they always lie, it is their nature. They claim online hacking, than it is a lie, Kaspersky you have for profit Mossad moles with offshore tax haven bank accounts, want to find them, track where they went for holidays, tax haven stays are a pretty solid indicator of criminal activity. In fact any security company, any where in the world, should advise it's staff that stays in tax havens will be considered a sign of criminal intent, it is, just the way it is.

      --
      Chaos - everything, everywhere, everywhen
    10. Re:That's an act of war, right? by quax · · Score: 1

      I think you got your genders confused.

    11. Re:That's an act of war, right? by Mordaximus · · Score: 1

      All you nerdy nerds think the rest of have the fuckin time to be script kiddies like you? No, we don't, we've got other shit to do, like paying bills so kids like you can stay at home until they're in their mid 30's.

      All the nerdy nerds, on a site with news for nerds. Shocking. Sigh. I remember when Slashdot had a thriving and witty troll community. Now we're reduced to angst filled random text generators.

    12. Re:That's an act of war, right? by Mordaximus · · Score: 1

      This comment is almost as stupid as saying that if you need an immune system, then your genes are defective and you should have made a better choice.

      And yet no where near as stupid and your comment, apt-analogy boy.

  4. Re:Amazing by Train0987 · · Score: 1

    The argument can be made that Slashdot's editors are Russian spies sent here on a mission to discredit Democrats.

  5. Not again by Anonymous Coward · · Score: 1

    We know already. Yes, there are some denialists but who cares. Give us some news.

    Also, if you are of no interest to the Russian government but are afraid of NSA snooping, maybe it's time to install Kaspersky.

  6. Treason by Anonymous Coward · · Score: 1, Interesting

    It's the mouthpiece of reality that you really object to.

    I'm sorry that you are loyal to Russia instead of America, and that you want Americans to continue running Russian government spyware.

    If you were a loyal American instead of a traitor you would understand that it's important to warn you fellow Americans of a hostile foreign adversary's attack on your country and your computers.

    1. Re:Treason by PopeRatzo · · Score: 5, Informative

      We are not at war with Russia. In fact, they're our allies.

      Generally, allies don't have missiles pointed at each other, nor do they have missile defense systems to block the other's missiles.

      According to the State Department, officially, Russia is not our ally. If you disagree, don't argue with me, take it up with Rex Tillerson and Donald Trump.

      --
      You are welcome on my lawn.
    2. Re:Treason by liquid_schwartz · · Score: 1, Interesting

      It's the mouthpiece of reality that you really object to.

      I'm sorry that you are loyal to Russia instead of America, and that you want Americans to continue running Russian government spyware.

      If you were a loyal American instead of a traitor you would understand that it's important to warn you fellow Americans of a hostile foreign adversary's attack on your country and your computers.

      Supporting Russia or Russians isn't treason. We are not at war with Russia. In fact, they're our allies.

      Treason includes giving aid or comfort the the nation's enemies (foreign or domestic).

      Indeed. In Southern California you see about as many Mexican flags as American flags, and Mexican nationals have killed far more Americans via murder and drunk driving than the Russians ever will. Yet oddly we deem that as deserving of Sanctuary while the Russians are considered a menace. Strange how we pick our enemies on anything *but* logic.

    3. Re:Treason by cyn1c77 · · Score: 1

      Supporting Russia or Russians isn't treason. We are not at war with Russia. In fact, they're our allies.

      Treason includes giving aid or comfort the the nation's enemies (foreign or domestic).

      Treason involves betraying or attempting to overthrow one's country. It doesn't matter if there is an enemy or ally involved in the process.

    4. Re:Treason by Ol+Olsoc · · Score: 1

      Supporting Russia or Russians isn't treason. We are not at war with Russia. In fact, they're our allies.

      Treason includes giving aid or comfort the the nation's enemies (foreign or domestic).

      You need to get out of Moscow once in a while, because you are not only wrong - One country does not have to be ar war with another country for that country to be an adversary - if not openly an enemy, and if you don't know that, and are willing to say such bullshit, I gotta say, You ain't no American, or at the very least an unintelligent traitor. Or a modern crypto conservative - but there I go repeating myself. Take your pick there Vladimir.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    5. Re:Treason by Yunzil · · Score: 1

      We are not at war with Russia. In fact, they're our allies.

      Oh you sweet summer child.

    6. Re: Treason by poity · · Score: 1

      This fact about missiles and the adversarial nature of the US-Russia relationship is as true now as it was back in 2008. Yet those who defended Romney's remarks about Russia and Putin were a tiny fraction of the current mass typing incessantly of "KGB shills" and "traitors". Going back as recently as the Crimea invasion and the dispatching of navy ships off the coast of Syria, none if those things triggered as much backlash and grandstanding as email hacking and Facebook ads have now. Why are people rolling their eyes at this spontaneous new breed of patriots and nationalists rising out of the left? Well it seems they only discovered their sentiments exactly 11 months ago.

      --
      your thin skin doesn't make me a troll
    7. Re: Treason by PopeRatzo · · Score: 1

      Going back as recently as the Crimea invasion and the dispatching of navy ships off the coast of Syria, none if those things triggered as much backlash and grandstanding as email hacking and Facebook ads have now.

      It's pretty straightforward. Attacking other countries is not as series as an attack on the US homeland (via the electoral system).

      And specifically, Romney said that Russia was the "greatest geopolitical threat" to the US. That's what was ridiculed. There's a lot of ground between "greatest geopolitical threat" and "ally".

      --
      You are welcome on my lawn.
    8. Re: Treason by Gavagai80 · · Score: 1

      The notion that anyone should be upset with Russia for sending navy ships to the coast of an allied government who requested it, whereas the USA navy forever patrolling off the coasts of countries that don't want them there (Iran, China, etc)... is absurd. Just goes to show how bad your double standards are.

      --
      This space intentionally left blank
    9. Re: Treason by Gavagai80 · · Score: 1

      Also, there's a time and place for the truth. From a certain perspective Russia was and is the greatest geopolitical threat (because it's far more powerful than other countries), but a politician saying so to the media is unhelpful to relations and increases the threat.

      --
      This space intentionally left blank
    10. Re:Treason by Gavagai80 · · Score: 1

      There are about 3 million Russian-Americans. Nobody considers them a threat.

      --
      This space intentionally left blank
    11. Re:Treason by sexconker · · Score: 1

      I never said treason required a declaration of war.

      Learn to read, idiot.

      Supporting Russia or Russians isn't treason.

      Fact.

      We are not at war with Russia. In fact, they're our allies.

      Also a fact. Like it or not, we are both in the UN.

      Treason includes giving aid or comfort the the nation's enemies (foreign or domestic).

      Notice they key element here. I'm referring to the nation's enemies (foreign or domestic). That does not require a declaration of war. It doesn't even require the enemy be a non-citizen. Hell, a good chunk of US politicians are guilty of treason.

    12. Re:Treason by sexconker · · Score: 1

      http://www.un.org/

      They're legally our allies.

      They're factually our allies.

      When WW III starts, they're more likely to be our allies than China, and far more likely to be more effective allies than any other other Euro-zone nation.

      Read a fucking history book you shit.

    13. Re:Treason by Anonymous Coward · · Score: 1

      I think "officially" Rex Tillerson and Donald Trump are also not our allies.

    14. Re: Treason by Anonymous Coward · · Score: 1

      "In fact, they're our allies."

      No they're not and to say they are because they're also in the UN is absurd. By that reasoning, North Korea and Iran are "our" allies. You must be a Putinbot.

    15. Re:Treason by liquid_schwartz · · Score: 1

      Your red herring is bullshit. Illegal immigrants have a lower crime rate than US citizens.

      Legal immigrants have a lower crime rate than the US average. Illegal immigrants do not. Are you conflating the two as mass immigration supporters usually do? There's a good write up on this common fallacy here:

      http://thehill.com/blogs/pundi...

      The statistics for illegal immigrants are truly shocking when they can be found. Here's one example: One 2001 study that does take country of origin and geographic concentration factors into account found that Mexican immigrants “commit between 3.5 and 5 times as many crimes as the average native.” It also pointed out the large concentration of Mexican immigrants in the Southwest, which indicates that a nation-wide sample may not represent what is happening in states with a large concentration of criminal aliens. from this article: http://www.heritage.org/immigr...

  7. Same song and dance. by Anonymous Coward · · Score: 3, Insightful

    WSJ has a major scoop today.

    From a report

    according to current and former U.S. officials

    How many times are we going to let this go? Every week there is something else.

    Shocking news to grab your attention by a series of reputable outlets that have changed ownership or management in the last few years. From a report, sounds so official. With vague anonymous sources that are official in some way.

    I am not saying this is entirely "fake news". That rarely exists whole-cloth, but just look into it a little closer when it looks like a duck and quacks like a duck.

    The US government, and by extension the media sources that make their money by having cooperative contacts within it, got pissed off at Kaspersky for exposing their dirty Stuxnet secrets. Double points for Kaspersy being Russian at a time when anything remotely critical of Trump is made of ad impression gold.

    So now they set the hounds against Kaspersky and we have to put up with a media blitz. Story after story with no real proof other than "trust us, we are the media and government" when we should be doing the opposite for the same reason.

    1. Re:Same song and dance. by rahvin112 · · Score: 1

      The Wall Street Journal (WSJ) has been owned by Murdoch since the 90's if I recall correctly. That's near on 30 years. Apparently you and I have a different opinion of what recent means. But I know, downplay it, for all anyone knows you could be one of the Russians paid to spread propaganda on the internet.

    2. Re: Same song and dance. by Xuranova · · Score: 2, Interesting

      From wiki:
      "Three months later, on August 1, 2007, News Corporation and Dow Jones entered into a definitive merger agreement.[24] The US$5 billion sale added The Wall Street Journal to Rupert Murdoch's news empire, which already included Fox News Channel, financial network unit and London's The Times, and locally within New York, the New York Post, along with Fox flagship station WNYW (Channel 5) and MyNetworkTV flagship WWOR (Channel 9).[25]"

      --
      "There is no real right or wrong, just what the majority accepts at the time."
    3. Re:Same song and dance. by Jahoda · · Score: 1

      I am not saying this is entirely "fake news". That rarely exists whole-cloth, but just look into it a little closer when it looks like a duck and quacks like a duck.

      The US government, and by extension the media sources that make their money by having cooperative contacts within it, got pissed off at Kaspersky for exposing their dirty Stuxnet secrets. Double points for Kaspersy being Russian at a time when anything remotely critical of Trump is made of ad impression gold.

      Oh look, an AC shilling for Russia who wants us to know the whole thing is just fake news from Fox-owned WSJ (another hit job on Trump, amirite?), and even if it isn't fake news it's probably just the US government having a tantrum about Stuxnet. I'm curious, did you upmod yourself, Mr. AC Shill?

    4. Re:Same song and dance. by Guybrush_T · · Score: 1

      Yep, had the same reaction. Please show proof. The software is almost publicly available, let's show where in the code there is this "top secret" filter.

      Not saying it's true or not, but this is very serious accusation and Kaspersky has explicitely stated that no, they were not that kind of company doing things for the russian secret services. So if they are really lying, please show proofs, everyone wants to know.

      But information coming from US Officials is not reliable (or even less) in the Trump era. Any journalist would just relay the information (WSJ or others, they're not scientists, they're clickbaitists) so that doesn't add any value. And there are certainly good reasons for the US government to hurt Kaspersky labs because they are doing security software and they are on the "wrong" side.

    5. Re:Same song and dance. by Yunzil · · Score: 1

      The software is almost publicly available, let's show where in the code there is this "top secret" filter.

      Sure, and you know for a fact that the binary running on your PC was generated from that source, right?

    6. Re:Same song and dance. by tinkerton · · Score: 1

      Meanwhile the germans see no reason to warn about Kaspersky.
      https://www.reuters.com/articl...

      I mean, the Russians are decades ahead in propaganda warfare, they own the US president, they only need a tiny budget to subvert US elections , they control everyone's computers through AVs , and Germany is in denial! It's a new Red Dawn I'm tellin ya!

  8. I'm shocked. by roc97007 · · Score: 4, Interesting

    Shocked, I tell you.

    I said, oh, 3 or 5 years ago, or maybe it was 10? ...that an obvious vector was the antivirus product itself. Because trust has to start somewhere, and people tend to trust their antivirus software, because otherwise, what do you do? Throw out your computer and go back to books? (Now that I write that, it doesn't sound like a half bad idea.)

    And this was even before the useless nagware McAfee Security Scan started being bundled in everything to hell and gone.

    So, in a way, I'm glad this happened, because it might cause people (well, some people... well, a few people) to look a little more critically at their antivirus software.

    So everyone should convert to Windows Defender. Just kidding.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
    1. Re:I'm shocked. by ctilsie242 · · Score: 1, Insightful

      Since AV software requires kernel level access, or as close to it as possible, having AV software be a Trojan or a spying tool isn't surprising.

      I just wonder why we even have AV in the first place. Scanning for signatures is a pointless task. The two biggest entry points for infection are Trojans (that invoice that was E-mailed with the CEO's name, even though the return header is from a Lower Elbonian site), and malvertising/weaknesses in the Web browser.

      The browser issues are addressed by virtual machines (with their completely separate file system) and ad blocking, where signatures actually do work and are relevant.

      Trojan executables will always be a threat, but what would help mitigate this are multiple signed repositories for programs. Not one, so there can't be a monopoly, but several big players to obtain programs from, and who actively curate what is offered there. Of course, the Dancing Bunnies attack can get a user to add a malicious repository, but outside of locking an OS down like iOS, there is little an OS maker can do to prevent that, other than having a stern warning about non mainstream repos.

      AV software scanning can be useful, but it needs to be based around hash signatures and large databases similar to VirusTotal that can throw a lot of heuristic scanning at an executable, rather than just a single database.

      As proof of this, I an point to AIX, Solaris, BSD, and Linux... all of which have never needed AV software, other than to make legal eagles happy.

    2. Re:I'm shocked. by technosaurus · · Score: 1

      I dropped the "anti-" prefix years ago.

  9. How do we know that the US Government... by Hey_Jude_Jesus · · Score: 1

    hasn't already done this with Microsoft, McAfee and Norton security software? Privacy and Internet Security is a myth in the 21st century. I'm sure that it won't be long before they will have the ability to listen to every home with a Amazon echo in it.

    1. Re:How do we know that the US Government... by amicusNYCL · · Score: 2

      This isn't a zero sum game, it doesn't matter to this particular story what the US government did. Maybe other things are similarly compromised, maybe not. It would be useful to expose each one that is without trying to distract by talking about unrelated products.

      I'm sure that it won't be long before they will have the ability to listen to every home with a Amazon echo in it.

      It's cute that you think they don't have that ability now. If we've learned one thing from commercial software (which goes for cell phones, "smart" TVs, etc), it's that security is often an afterthought. Hell, even the military decided to just drop the encryption on the video streams from Predator/Reaper drones because of the negative performance impact of the encryption. I don't know if they've gotten better hardware to fix that at this point, hopefully they have, but security is often one of the things that gets axed first unless the product is specifically a security product. I doubt that Echo or the Google devices are bullet-proof in any way, and expect that significant resources have been spent by multiple countries to find a way to compromise them. The same goes for cell phone microphones and cameras.

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    2. Re:How do we know that the US Government... by Anonymous Coward · · Score: 2, Insightful

      Alternative reading of this: The NSA and CIA have found that the Kaspersky AV does a good job of keeping their spyware off computers, so they spread FUD to persuade users to switch to less effective AV that doesn't keep out NSA/CIA spyware.

    3. Re:How do we know that the US Government... by AHuxley · · Score: 1

      1+ for that AC.
      All the work on Stuxnet, Equation Group and other efforts.
      https://en.wikipedia.org/wiki/...

      --
      Domestic spying is now "Benign Information Gathering"
  10. Did the editor even read the article? by QuietLagoon · · Score: 5, Informative

    ...WSJ has a major scoop today.:...

    From the WSJ article itself:

    ...Israel’s spying on Kaspersky, which U.S. officials said provided crucial evidence that Kaspersky Lab was working with the Russian government, and the use of Kaspersky to scan for classified keywords was first reported Tuesday by the New York Times. ...

    [my emphasis] The NYTimes may not be my favorite newspaper, but credit where credit isude, eh?

  11. Who is watching the watcher? by irrational_design · · Score: 1, Interesting

    This reminds me of a sci-fi story where the NSA somehow created a code module sometime in the past that has made its way into every anti-virus software (lot of hand waving here). The idea being that most computers have anti-virus software running and the anti-virus software won't be looking at itself (who is watching the watchers?) This allows the NSA to make every computer a part of a giant botnet, basically a global super-computer using the free CPU cycles of billions of computers. They aren't using the computers to spy on individual computer users as much as using that raw computing power to ask questions and get answers. At some point I think the giant botnet becomes self-aware.

    1. Re:Who is watching the watcher? by Anonymous Coward · · Score: 2, Funny

      That wasn't a sci-fi story, it was one of the Snowden leaks.

  12. Problem with WSJ article by Anonymous Coward · · Score: 5, Insightful

    A decent piece by Hacker News (https://thehackernews.com/2017/10/kaspersky-nsa-russian-hackers.html) correctly points out that there is no evidence, just anonymous sources and nation state he said she said. Even if Russian ops did gain access through Kaspersky, Kaspersky might not have allowed access and are victims themselves. US intelligence does this all the time, ask Cisco about the backdoor added to their hardware mid route (thanks Edward Snowden for the revelation).

    Blaming a company without any substantial proof at this time is just more fear mongering playing into the current narrative. The fact that it's easy to take previous known code from an intelligence program and re-purpose it/style to frame another country is never mentioned in theses "OMG THE BAD GUY HACKED US!" stories is very disingenuous. But I suppose after weeks of this allegation and congressional hearings, we'll still know nothing and the story will slowly fade away except for the occasional talking point of why we should sanction/hack/declare war with Russia.

    1. Re:Problem with WSJ article by gweihir · · Score: 1, Troll

      I agree. But the stupid masses have accepted this flimsy propaganda story already. Let's hope Kaspersky survives this, because otherwise we all become notably less secure.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:Problem with WSJ article by AHuxley · · Score: 1

      If a nation was smart enough to find another nations spyware, staging servers it would not get detected on the internet tubes later.
      Human spies and other trusted networks would warn that all US gov/mil staff, networks are been watched.
      That any code, gems or code litter was now been tracked in real time as US staff worked.
      No skilled nation would fall for that a later cyber tracking trap.

      --
      Domestic spying is now "Benign Information Gathering"
  13. Re:You are mad because we exposed the Russian botn by Anonymous Coward · · Score: 1

    Wrong. The Intel Management Engine being hacked doesn't "compromise" anything other than the US government's ability to compromise your computer at the hardware level. I'm sure you're well aware of that though.

  14. Re:Peter and the wolf by Anonymous Coward · · Score: 2, Funny

    Over here we say "boy who cried wolf." That "peter and the wolf" thing is pretty much strictly a Russian idiom. Just so you know, going forward.

  15. Re:good job for AV software by Impy+the+Impiuos+Imp · · Score: 1, Flamebait

    Except that it was scanning for particular names and phrases, not just virus signatures.

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  16. Re:Does anyone actually believes this stuff.... by Impy+the+Impiuos+Imp · · Score: 2

    Shill disinformation vector 3: doubt fork of FUD activated!

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  17. Best Buy by jetkust · · Score: 1

    I remember one day buying a computer from Best Buy and while I was paying for it the employee proceeded to open the brand new box saying he was about to install some anti-virus software. I don't know if it was Kaspersky, but I said something along the lines of "Hell no" and put an end to that.

    So nowadays antivirus software has moved on from not doing anything useful to spying on you while not doing anything useful.

  18. Re:Amazing by Anonymous Coward · · Score: 2, Insightful

    SlashdotMedia has turned Slashdot into the democrats' mouthpiece. You all are starting to make Trump look like a rational human being.

    It used to be republicans were the ones who hated the Russians the most. Were do you get that Democrats like Russians? Russia doesn't care about republican vs. democrat, they want to do whatever they can, no matter the avenue to make America weaker.

  19. How is Windows 10 any different? by Stan92057 · · Score: 1

    How is Windows 10 any different? that openly collect every thing you make,open send. Every image, every doc, every email is scanned/collected.Every word spoken. So knowing this why hasn't every country in the world not blocking or not allow windows 10 to be installed on any government/employees PC? And those saying they don't do what i said lol

    --
    Jack of all trades,master of none
  20. NSA & Microsoft have been at this for 20 years by Martin+S. · · Score: 2, Informative

    The _NSAKEY was discovered in Windows NT 4 in August 1999 by Andrew Fernandes of Cryptonym. It could be confirmed and reset by any hacker with a copy of NT. I did cleared mine and most of my tech colleagues did the same

    https://en.wikipedia.org/wiki/...

    Gates was interviews by BBC news and flout out denied its existence.

    https://cryptome.org/nsakey-ms...

  21. Re:No they haven't... by gweihir · · Score: 1

    Indeed. The technique of the "Big Lie" (known a long time, but refined and documented by Goebbels) is to just tell people again and again what you want them to accept as truth. This technique is clearly employed here. The most obvious reason for this attack on Kaspersky is that they refuse to ignore NSA malware and do things that the tame US vendors would never dare to do. It does also not really matter whether Kaspersky gets hacked by Russian intelligence, as all other AV products are pretty likely to suffer exactly the same fate as Kaspersky. That they get singled out and that the proof presented so far is more than flimsy and stinks of having been manufactured fits the picture nicely.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  22. FSB vs FBI/CIA/[.*?] by Anonymous Coward · · Score: 1

    Let's assume for a moment that you're a US citizen. What, exactly, can the FSB (or any other Russian agency) do to you personally that US agencies couldn't do to you with complete (or de-facto) legality (including things that harm you as 'collateral damage', even if they aren't targeting you specifically or accusing you of any wrongdoing)?

    At least the FSB won't break into your back yard & kill your dog for barking at them while they execute a no-knock warrant against your neighbor. Or destabilize your computer (and the computers of 17 million other Americans) & cause it to randomly crash courtesy of their malware in the hope it'll assist them in catching 2 or 3 child molesters?

    As others have noted, the feds are pissed at Kaspersky for getting in the way of their OWN malware. Anybody who thinks US agencies haven't done the same thing with American software is naive. That doesn't make what Russian intelligence agencies did *right*, but arguably, if having Russian malware on your PC means it's protected from American malware, it's debatable whether that's bad for an individual American.

  23. Too easy by technosaurus · · Score: 1

    Back in the paper days, physical access was controlled, so stamping them with an appropriate classification made sense.
    Unfortunately as things went digital, < ENTITIES > used headers/footers embedded in the document to replace these stamps.
    This makes it levels of magnitude easier to separate the wheat from the chaffe... just grep for secret|confidential|noforn|etc...
    Eventually watermarks were used instead, but then you only need to look for those.

    PGP has been around for what? 3 decades now?
    That's plenty of time for even the slowest moving < ENTITIES > to implement a document request system based on need to know.
    It uses proven technology with an adaptation that is obvious to practicing security professionals and would significantly minimize leaks.
    But, hey, its not like many security professionals are volunteering to help so long as there are variations of the (Un-)Patriot Act.

    "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." -Ben Franklin

  24. Kaspersky AV Working as Designed by h4ck7h3p14n37 · · Score: 4, Informative

    Regarding the NSA contractor, it sounds like Kaspersky AV was working as designed. It detected the malware the contractor was working on and sent the file back to Kaspersky Labs for analysis. It sounds to me like the NSA's security policy needs some work if a contractor can download classified files to a non-secure computer.

    Now as far as Kaspersky AV scanning for classified documents, that's certainly plausible but where's the evidence? Not running the software on sensitive computers sounds like good policy, but there's a lot of software that shouldn't be run on those types of systems. That being said, how do we know all foreign made computers themselves haven't been compromised at the factory?

    1. Re:Kaspersky AV Working as Designed by mutantSushi · · Score: 1

      It's just more BS, fed by natsec goons and their IT camp followers who see an opportunity to steal market share from competitor who actually has best AV product. Taking the anonymous story at face value, it still tells a story about how not just Russian FSB but Israeli intelligence hacked Kaspersky. Yet there is no concern over this Israeli hacking, despite long history of such Israeli spying including against Iran nuclear negotiations trying to use that info to feed back to collaborators in US to sabotage process. ANY AV product could potentially be hacked, if FSB wants to it can do that to any AV company not just Kaspersky, just as Israeli intel hacked Kaspersky. That they need to hack Kaspersky to get what they want (again, taking story at face value) suggests Kaspersky is a normal AV company focused on detecting threats because if they were a FSB operation they wouldn't need to be hacked by FSB... Again there is no clear distinction here between claims of FSB hacking Kaspersky and Israeli intelligence hacking them. Yet we are not bombarded with media cries for need to exclude Israeli high tech companies. Kaspersky has great record of actually detecting threats, which is the purpose of using AV software. Yet half of the complaint is them detecting NSA malware. I.e. doing their job. Clearly that, and their history of revealing US, UK, Israeli state intelligence malware which has affected broad sectors of users as well as state users like Iran rubs some people the wrong way, some people being those who prioritize intelligence agency agenda over doing the job that AV products are supposed to do, detect and stop threats. It's utterly clear that companies like MS, Symantec, Google, etc, will prioritize cooperation with NSA intelligence over closing backdoors in their product, that even if they eventually address an NSA hack they might be prone to sitting on it for a while rather than inconvenience NSA. Anybody who just wants an effective AV solution, and doesn't care who wrote the malware it catches, would be well served by Kaspersky. Which is why we see German government saying they see no problem with Kaspersky, Singapore government investing in Kaspersky research, etc. This "regime loyalist media" hype is just that, for those who do what they are told and don't concede any divergence between objective self-interest and loyalty to regime mandate.

  25. Re:do people actually believe this stuff? by AHuxley · · Score: 4, Insightful

    Nation A spies on nation B. Nation A tells nation C about what it "found" deep in nation B.
    Nation A and C then publish what they found from all their spying on nation B in near real time.
    Nation B is then accused of "spying" to cover for what nation A and C really did.
    In the real world nation A and C would have kept that a secret and created all kinds of fake litter for nation B to find and believe in.

    If fantastic details are in the open media its just something fictional to publish and push national cyber talking points.
    Real spy success stories stays secret for decades so a nation B never knew what really happened.

    --
    Domestic spying is now "Benign Information Gathering"
  26. Re:So let's make use of it by AHuxley · · Score: 1

    Thats what any normal gov, mil and spy agency would do.
    They would feed code litter and junk to another nation for years with nobody finding out. No human spies to get a warning back, no network detection. Just a flow of quality networked disinformation for years.
    Many, many decades later they would hint at that cyber success they had in a fictional movie. Archives get opened to the public a few decades later.
    If the cyber story is in the media and random people are commenting about it in near real time.....

    --
    Domestic spying is now "Benign Information Gathering"
  27. Time for a switch to UNIX by B.Stolk · · Score: 1

    Why are there government computers running windows at all?
    Wake up and smell the coffee, people.

    Computers do not need to run virus scanners.

    STEP 1:
    Ban all MS Windows computers from government use
    STEP 2:
    There is no step 2.

    --
    http://www.stolk.org/tlctc
    1. Re:Time for a switch to UNIX by thejynxed · · Score: 1

      You make the rather false presumption that any other OS out there is somehow secure. They aren't. Entire botnets are made up of MacOS(X), Linux, and BSD machines.

      --
      @Mindless Drivel: 100% of Twitter posts ever Tweeted.
  28. Rachel Maddow Show. by Neuronwelder · · Score: 1

    If you were watching that show this info is almost 2 weeks old already. And The White House bought the Anti Virus software big time. So.. There go our secrets!!

  29. Just like the NSA and Cisco routers by ka9dgx · · Score: 1

    Remember years ago when the NSA was intercepting shipments of Cisco routers and adding spy stuff? Color me un-surprised.

  30. Israel motivation by manu0601 · · Score: 1

    I wonder why Israel would reveal that they had the capacity to eavesdrop on russian spies.

    1. Re:Israel motivation by thejynxed · · Score: 1

      To let the Russians know in no uncertain terms that they are not as slick as they'd like to think they are.

      --
      @Mindless Drivel: 100% of Twitter posts ever Tweeted.
  31. This is horrific to me by Kevin+Oldman · · Score: 1

    The Russians now know what kind of messed up porn I'm into! The shame!

  32. Microsoft should sue... by knorthern+knight · · Score: 1

    ...for business method patent violation

    --

    I'm not repeating myself
    I'm an X window user; I'm an ex-Windows user
  33. Suspect all AV by dhaen · · Score: 1

    I suspect all AV as being partisan. Not that they're phoning home, just that they're ignoring particular other malware that IS phoning home.

  34. Subversive Advertising by barbariccow · · Score: 1

    This is all just for the build-up of a yet-unannounced Rocky remake.

  35. Glenn Greenwald is Skeptical by Mr.+Jackson · · Score: 1

    Yet Another Major Russia Story Falls Apart. Is Skepticism Permissible Yet? https://theintercept.com/2017/...

  36. Re:Amazing by DNS-and-BIND · · Score: 2

    This can only be good news. The world is sick of a 'strong America' striding the globe arrogantly, visiting war, mayhem, regime change and murderous interventions with impunity. The legacy, still continuing since WWII has been a global holocaust of peoples who've died, been injured as a result of the US's cult of impunity, acting as a rogue state outside international law. Many have got so used to US global behaviour they accept the rogue state to act as it wants, without constraint or recourse to international law.

    A 'weak America' is good news NOT bad news. We can only hope that its aggressive foreign policy, and murderous military will one day diminish, and the US ceases to run amok, murder and maim, treating the rest of the world as its deadly playground.

    The US is largely a corrupt and regressive backwater these days. Let's hope that the backwardness of US policies, both domestic and foreign, will face some credible opposition from more progressive countries. America is increasingly becoming a particularly ugly example of a corrupt and totalitarian nightmare. One only has to look at who the 'choices' for president were, to realise that the system of government there has long since ceased to function in any moderately representative way, let alone democratic.

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
  37. Bitdefender? by mattr · · Score: 1

    I was deciding between Kaspersky and Bitdefender for Mac AV. Which do you recommend?