Slashdot Mirror
Dodging Russian Spies, Customers Are Ripping Out Kaspersky (thedailybeast.com)
From a report: Multiple U.S. security consultants and other industry sources tell The Daily Beast customers are dropping their use of Kaspersky software all together, particularly in the financial sector, likely concerned that Russian spies can rummage through their files. Some security companies are being told to only provide U.S. products. And former Kaspersky employees describe the firm as reeling, with department closures and anticipation that researchers will jump ship soon. "We are under great pressure to only use American products no matter the technical or performance consequences," said a source in a cybersecurity firm which uses Kaspersky's anti-virus engine in its own services. The Daily Beast granted anonymity to some of the industry sources to discuss internal deliberations, as well as the former Kaspersky employees to talk candidly about recent events.
All of them simultaneously and at the same place?
Circumcision is child abuse.
Unintended consequences of the "wrong" candidate winning. The media's bitterness is not because the wrong candidate won, but because they were shown via the election results that they had less power than they thought they did.
I'm a minority race. Save your vitriol for white people.
That greasy autocratic bankruptcy made flesh needs some time in the cooler.
more usa government paranoia and fud - how boring
They can't accept blame for their own problems, it's the always the russians, not them
When it turns out that US AV companies do exaaactly the same shit, because all AV vendors do it.
At least Kaspersky actually made decent detection products.
Enjoy the farce that is Norton & McAfee
I'd like to hear more technical information about the issue and whether there are steps that can be taken to reduce the risk of installing *any* antivirus software. Given that any such package is going to be targeted, perhaps we need to be able to run them in a kind of sandbox that would prevent dialing home and logging. More transparency about how it is being updated, and possibly providing a scanning api to allow the operating system or an open source application to take over document loading might be welcome regardless of the vendor. Currently it is my impression (have not researched it) that human readable update files are not provided, and at least in the past, Kaspersky apparently used your CPU to help crack difficult threats. I don't think anybody really believes they can trust antivirus software or any other software for that matter.
Have to wonder if Norton and McAfee have had anything to do with pushing this propaganda?
Anyways you know the only reason the fed govt is scared of what Kaspersky might be doing is because they are likely doing the exact same thing with the homegrown Norton and McAfee products.
Not to mention god knows what other countries like India have put into those products. I can guarantee some of that shit coding is outsourced to India.
Normal tech story, company ABC does this, what ever this is, cancels contract, changes suppier, what ever. US main stream media tell a story, sources say unknown companies are doing this. One true, past evidence clearly establishes the second version as a lie. Meh, more main stream media crap. Name the companies ripping out Kaspersky software, otherwise you are lying. Why would any company not say they were dropping software, why the fuck would the keep it secret. Why the fuckity fucking fuck would insider sources need to report this, what utter fucking bullshit. The whole premise is stupid, company XYZ stops using a particular brand of software, that is regular news and reported regularly with full detail regardless of the brand of type of software, stories appear all of the time. Now we get inside sources because the details need to be keep secret. Oh my US main stream media has jumped on the FUD https://en.wikipedia.org/wiki/... bandwagon, drop Kaspersky because everyone else is, exactly who is that, we wont say because it has to be kept a secret otherwise Stalin and undead KGB agents will attack them.
Chaos - everything, everywhere, everywhen
all of a sudden. What happened to "I've got nothing to hide."?
Only US Government approved software is allowed now, containing only US Government approved backdoors.
Who would have thought that the third red scare started in IT..
Open source AV. Not beholden to any government.
My well informed sources tell me that Kaspersky is the best, and unless I think I am of interest to the Russian government, I have nothing to worry about. However, if I am of interest to any suitably equipped government, then I am doomed.... Anyone who has been following the NSA leaks for the last few years, and efforts like intercepting networking equipment before it is delivered, must realize that as an intelligence target you have to assume you are compromised.
invisible-disappears, not once, but not ever.
Security consultants found out all other anti-virus do the same time.
-Scan for virus
-Upload samples
- Delete virus
15 hours later
Security consultants now recommend PC without anti-virus.
The word is "altogether", but then, the summary was written by an AMERICAN, wasn't it...
It's been well known for years that Kaspersky=FSB.
Some security companies are being told to only provide U.S. products.
If there is one thing I would trust less than a Russian security product it is a U.S. security product. The U.S. have a far worse record in this regard.
In order to trust the anti-virus software you first have to trust the foundation it is built on.
Do you Trust Intel/AMD/ARM and their signed bootloaders, management engines, networked remote management systems, and hardware/software TPM implementations?
Do you trust Microsoft Windows/Google Android not to either send sensitive telemetry off your device or send remote commands to your device which may be detrimental to your device's security?
Only if the answer to both of the above is 'yes' is it time to be more concerned with Kaspersky's breach and its full threat profile. If not then it is just ANOTHER vector for exploitation, but may still mitigate the ANNOYING malware/viruses you recieve. Whereas unless it is a targetted hit against your systems, you can be assured that Russia/USA/China are not going to intentionally cause negative impact to your system's operation until and unless they have something to gain from it, or they bodge the parameters for target destruction (as happened with StuxNet.)
Captcha was 'prepare', as in prepare to be pwn3d if you aren't already. Because you can be guaranteed your hardware already is.
Given Putin kills, imprisons, arrests people and businesses who oppose him, and given Russia's cyber attacks on the USA, you have to consider that Kaspersky may not have a choice in the matter. With so many KGB people involved there, it's probably better to be safe than sorry here and remove their software. There is actual evidence (see link below citing an Israeli hack into Kaspersky).
I wonder how many of those voting machines in the USA have Kaspersky anti virus installed on them, how many computers dealing with election rolls, and absentee ballots and vote counting. Can you really risk Russian software on voting systems when you know Russia has attacked the elections?
https://www.theguardian.com/technology/2017/oct/11/israel-hack-uncovered-russian-spies-use-kaspersky-lab-2015-report-us-software-federal-government
"While the Israeli spies were inside Kaspersky’s systems, they observed Russian spies in turn using the company’s tools to spy on American spies, the New York Times reports. That information, handed to the US, led to the decision in September to end the use of the company’s software across the federal government by December."
"But it still leaves many further questions unanswered. Crucially for Kaspersky, the Israeli hack apparently failed to provide enough information to determine whether it was a willing, or even knowing, participant in the Russian espionage."
"The Russian government exercises tight control over domestic and foreign high-tech industries operating within its borders. In June 2017, it began demanding the source code for certain software imported, ostensibly to search for “backdoors” inserted by foreign intelligence agencies. In practice, it’s widely believed that the Russian security agency scans the source code for undisclosed vulnerabilities it can use to improve its own hacking prowess."
So does it pay well this shit? I'm guessing not. Mustn't do much for self-esteem. Sad.
"Dodging Russian Spies..." not only sounds like "Dodgy Russian Spies", but it also presents a reason before an actual fact on a news/article/post header. This is a perfect example of psychologically loaded news, more even so than clickbait but it actually also is clickbait as they go for the "cold-warish" juicy part of the topic first.
Now seriously, stop doing titles like this, and don't enable them by allowing such stuff verbatim on slashdot from the original biased, flawed source.
The problem isn't so much in the horse and pony show, but in the fact that you install software on your devices which you bought from an external party and allow it to read all your data. I mean, if that is not a leap of faith, I don't know what qualifies as one.
Proper compartmentalisation would solve this issue. Let the virus scanner manage only incoming data, have defined communication channels for pattern updates, don't let it phone home. Keep your data in trusted DMS. Use non-rich data formats (why people use MS Word to write a letter is beyond me). Stop putting convenience above security.
And think three steps. "Only US companies" - seriously? Because it would be so incredibly difficult for some Russians to start a US company, right? Because your US company doesn't get half its hardware from China, right? And because it absolutely didn't outsource its software development to India.
Assorted stuff I do sometimes: Lemuria.org
So, everyone who opposes your viewpoint is a paid Russian shill? Christ, you are a fucking simpleton just like our President.
The problem is that the current open source implementation,
CalmAV,
was bought by and is currently developed by... Cisco.
Okay, it's opensource, so at least independent researcher can go and check whether it contains any underhanded code.
But still, it's not an international cooperation of several vendors.
Also, currently it's not the top performing of the pack.
On the other hand, that doesn't prevent me from using it.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Assume the Russians have access and everything is true. So what are they replacing it with? Most likely something that the NSA has access to. If they have access to it, you can bet that the Russians have as well. So you are not excluding the Russians, you are including the rest.
Because since when is the NSA actually concerned about our data, besides for when they want access to it?
Don't fight for your country, if your country does not fight for you.
[...] only provide U.S. products. " What an amazing coincidence!
I think one of the reasons behind the "Russian this and Russian that" campaign is that some people collected a lot of money before the elections. Because it is not possible to run an elections campaign without printing materials, broadcasting political ads, etc. It all costs money. Bedsides they were sure of winning.
And now a good reason is needed to explain why this money was lost. I think it is millions if not billions. And it is surely a difficult situation.
As for an antivirus program, we know from E.Snowden that behind any computer program or an electronic gadget stand agencies of at least 3 - 4 countries.
ya after all t was the only one that showed the sony root kit after all...and oh ya if Americans hate it perhaps the canadian govt will recommend it if they keep up there idiot ideals at nafta talks
- remove MS WIndows.
There is no indication that these people are dodging Russian spies. There is no proof Kaspersky was in fact used as a vector by Russian spies, just an accusation. It was accused by a foreign spy agency that it (kaspersky) was related to the spying of someone that should be spied on.
Contrary to US and UK intelligence, we don't know for a fact that Russia spies on every area and call everything "national security" (remember Petrobras, the oil company?). There is no indication that these companies that are changing AVs were being spied on to start with, and even less that this AV was being used. Besides that, since there is no indication that the AV is being used as a vector for spies, IF they are being spied by Russians, they probably will continue to be, there is no dodging at all.
This headline to say they are dodging Russian spies is to validate their unfounded fears, making them feel good in believing the FUD.
A decent person would headline this as "After US spread FUD, customers are leaving Kaspersky".
Slashdot was fine when I started here, as an AC a few years back, but I'm gonna leave for a while. Reading this kind of BS is stupid and irritating.
Regardless of whether it's true that the FSB has some kind of backdoor access to Kaspersky products, the company is likely doomed. They might manage to eek out an existence primarily in Russia, but as a shell of the company in its glory days.
While US spy agencies don't do themselves any favors by publicly saying they want to have a backdoor to any and all encryption methods, the US and Russia are very different places. Get on Putin's bad side and you could find yourself being thrown in jail for (no pun intended) trumped up charges, your company nationalized, and all of your assets seized by the government. When is the last time that happened in the US?
So are they all installing Norton now?
Just like a national socialist democrat party member.
Corporatism != Free Market
I've taken a look and so far, I cannot find any non-US sources (or at least none that aren't VERY US-friendly, to put it mildly) that even talk about it.
It this like Creationism? Yet another thing the US goes apeshit over that nobody else with half a brain takes seriously?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
When is the last time that happened in the US?
Not sure. You might want to ask Kim Dotcom if he could answer that for you. Or some old lady in West Trumplandia who ran afoul of the RIAA when her granddaughter downloaded a Disney movie improperly.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
Given the government's open rejection of this company's products and the scuttlebutt about how they are a front for Russian spying, how's this a surprise?
Call it mass hysteria if you must, but who would want to leave this product in charge of you computers?
But what to pick to replace it? Yea, now that's a good question for a windows shop.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Those fuckin' Russkies want to play hardball, find our government trojans and report them to the users and don't let us install backdoors in their software!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Kaspersky is popular because it wins at independent tests run by experts.
You forgot the air quotes around "experts"
Always assume all anonymous posts are Russian shills, CIA operatives, AND corporate marketing folks. âoeNever trust anything if you donâ(TM)t know where it keeps its brain.â â" my favorite Harry Potter quote.
(Posted anonymously for max irony.)
I am American and I know that CIA / NSA deep state are MUCH worse than anything simple Russia ever did! Just look at all the wars USA started and people killed with Obama drone strikes! And now mainstream liberal press only wants talk about fake news Russia "spies" like there is even such a thing. How sad.
It's FUD; or propaganda created by the US govt. No one has yet to substantiate their claims.
Citation needed.
http://time.com/4783932/inside-russia-social-media-war-america/
https://www.nytimes.com/2017/09/07/us/politics/russia-facebook-twitter-election.html
https://www.newyorker.com/magazine/2017/03/06/trump-putin-and-the-new-cold-war
https://www.newsmax.com/Politics/james-clapper-absolutely-russia-interfered/2017/05/30/id/793102/
http://www.nationalreview.com/article/448931/vladimir-putin-russian-election-interference-american-incompetence-weakness-helped-it
I'd lay off the magic mushrooms.
Yeah, I know-- don't bother saying it: you're not going to read any of these because "that's all fake news because the mainstream media lies". Yeah. When you dismiss everything that confronts your entrenched position, yes of course you will never change your mind.
Your virus software has to have root level access to every file on your system. If you want to access all the files on a computer clandestinely, providing AV software is a fine way to do it. Your AV software provider better be a friend.
This is exactly why I'm dubious of any third party AV product. I might not like Microsoft but at least their interests somewhat align with my own as malware is nothing but a cost to them. I have no reason to trust any third party AV vendor. They have no fundamental incentive to actually solve the problem because if there is no malware then they have no product to sell. In my experience all of them have a long track record of making products that cost a lot of money and don't work very well even under the best circumstances.
To my way of thinking the OS vendor should be the primary party responsible for protecting their own product if they sell it for money. I think that OS vendors also should be liable for security failures in their products that they are able to control with appropriate safe harbor provisions for OS vendors that make good faith efforts to do the Right Thing.
Using software from your main adversary is profoundly bad security. The same is true when Russia uses US software.
Antivirus software is second only to the operating system in terms of privilege and therefore makes an ideal attack vector. I bet most AV software is more than capable of maliciously stealing files, keystrokes, or planting a trojan if they were so directed.
I don't consider Russia an adversary;
Then you are stupid.
I don't mind people being stupid-- people are stupid sometimes; it happens. I do mind people being deliberately stupid because being stupid is the only way that they can defend their ideology.
If your idiotic ideology telling you "Washington is our enemy" and that means Russia is fine, you might consider changing your ideology to one that allows you to actually see the real world.
CIA, described as: “a colossal pain in the posterior.” “It literally catches everything until you tell it not to, including standard windows services (say what?!?),” the documents state.
Calvin:Do you believe in the devil? Hobbes:I'm not sure man needs the help.
SELinux by the NSA no less has already shown what can be done, but people aren't using it.
I work for a major financial firm. We are actually not just ripping out Kaspersky, but we're also re-imaging all desktop PCs with a new image that never had it installed, just in case. Also, at the network level, the "old" PCs won't be allowed to talk to the "new" PCs on the network. They've assumed Kaspersky is itself a malware infection and are taking measures to prevent infected PCs doing anything, even though it has already been uninstalled across the entire company.
Russians don't take a dump, son, without a plan. Everything they do is methodically thought out with a specific pro-State purpose. That's just the nationalistic communism talking, and it is alive and well. Kaspersky software was not created out of benevolence and a desire to rid computers of malware. It was created out of a desire to gain access to technology assets, just like Norton, McAfee, and every other "malware" scanner that has been demonstrated over and over again to be completely ineffective and preventing infection.
...except these same paranoid people cheerfully carry around 24/7 a portable high-resolution audio and video recording device that we've all known can be activated remotely, have all their most personal and intimate data on it, as well as a GPS tracker AND PAY FOR THE BANDWIDTH THEMSELVES. /people
-Styopa
Slashdot is really starting to show its age - copying and pasting stories and links from other sites instead of doing research and conducting interviews.
Vlad Putin spit on my shoes while I was walking at the shopping mall. Unprovoked! That bastard!!
If your anti-spyware software contains spyware, do you really think uninstalling ("ripping out Kaspersky") will remove the spyware? Any machine suspected of compromise must be reformatted from scratch. And even that doesn't provide 100% coverage since some spyware can hide in motherboard-resident flash memory and other pockets of non-volatile memory strewn about modern systems.
- The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse
with kaspersky, you're protected against american backdoors and US government obviously doesn't like it so it's conveniently recommending everyone to uninstall it, lol.
sorry, billy-bob. i'm not uninstalling it, as much as you want me to. go put some more backdoors in cisco's hardware.
Simple truth...
I agree, except at the point where you are willing to trust Microsoft... Windows 10 shows us that Microsoft does not hold our privacy sacrosanct in the least.
No I don't trust Microsoft either but there is an important difference. You have to deal with Microsoft if you are running Windows. Any privacy or security issues with them are going to exist whether or not you involve a third party AV vendor. AV vendors are as much a threat vector as they are a security blanket in my opinion even if you ignore the performance hit you take from using their (usually shit) products.
At the very least, use Linux.
Not really an option in many cases. Nothing against linux but many users have to use Windows for one reason or another. Once you are on the platform you have to deal with Microsoft but I'd be reluctant to involve additional security vendors if I don't absolutely have to.
.. if you don't understand the relationship between the above, the media, and the current foreign policy stupidity, ...
...is that Russia has compromised one of the OTHER A/V products, and are trying to get people to switch of of Kaspersky so it's more likely they'll use the compromised one. :P
Problem solved years ago... i use linux! :D
Higuita
1. Remove your computer's the hard drive, motherboard, and video card, and place them in a ceramic bowl.
2. Fill the ceramic bowl with thermite, and place the bowl in a fire pit.
3. Ignite the thermite.
Congratulations! Kaspersky is now uninstalled. Buy a new hard drive, motherboard and video card, and then do a fresh-install with the OS of your choice.
It just astonishes me... boogeymen are everywhere!
Under your bed, under your couch!
Clearly, we need more fear of red.
Bullshit.
The other funny thing? You note that this is from the Daily Beast?
So, basically, this story came from Chelsea Clinton.
It makes me want to check to see if she has any "Diane Reynolds" bylines.
more than I trust Symantec. With Kaspersky at least the Russian spies won't find my computer bogged down.
“Common sense is not so common.” — Voltaire
The NSA hates accessing a machine with Symantec because it's so damn slow.
We are under great pressure to only use American products no matter the technical or performance consequences
Sounds like we'll start seeing more jobs opening in the tech sector.
At least somebody is doing something about creating jobs for Americans.
Thanks, Putin!! Don't let Trump try to take the credit from you (and you damn well know he'll try)
The German Federal Office for Information Security (BSI) told Reuters in an emailed statement that it had found no ground to âoewarn against the use of Kaspersky products, since the BSI has no evidence for misconduct by the company or weaknesses in its software.â
Because we all know U.S. products *never, ever, ever* contain backdoors.
This is lame. I don't care if it's software made in Russia, or the U.S., or Germany, or China. If the source is closed and locked away, I don't trust it by default.
It is pitch black. You are likely to be eaten by a grue.
I read all four of those articles. The only things they provide that are remotely verifiable are a fake Facebook account from one Melvin Redick of Harrisburg that talked about DCLeaks--real, actual, emails showing various bits of dirty dealing. There is no mention of anything to connect that account to Russia. If we're going to play "consider the source" then I'd like to point out that Chelsea Clinton is at the Daily Beast, which is the source of this particular Slashdot story.
I'd also like to point out that Correct the Record / ShareBlue employed thousands of "nerd virgins" (their own words) to create exactly this sort of fake account. And that seems especially funny given that Russia has been accused of stirring up dissent by supporting BLM and similar Democratic causes.
It's also funny that you talk about everything being "fake news" but we know the emails were real via DKIM headers I personally have showed everyone how to verify on Slashdot. And those same emails show how CNN colluded with the DNC to rig the debates as well as how the DNC went behind its own lawyer's backs to hold that secret fundraiser with the Washington Post. Things that anyone could legitimately be upset about independently of who (allegedly) revealed them to us.
Frankly, if this is what foreign "collusion" looks like--exposing American political corruption that our own media won't touch--I have trouble seeing why that's a bad thing. We should root out all political corruption, regardless of party. Of course, it helps if you have actual verifiable facts. Paying $100k for foreign spies to dig up ridiculous and unverifiable fanfics (AKA "raw intelligence") is just a little bit pathetic.
This is what happens when your news source is bought out by a front for mainstream media and majority of the (fraction of the former readership) is left-leaning.
Seriously, every popular forum on the internet has been hostilely taken over and gutted as a safe space for leftists. Ever notice those "today on slashdot"s that have a thousand replies? No one comes here anymore.
Now there is particular censorship with the submissions and with the moderation system which feels compromised and unfair with gangs of idiots bombing down comments against the agenda.
Or is there some other reason that I have missed for the site losing like 75% of its users? What competing forums are there? Reddit? And why would anyone leave here for there unless the substance has changed in the way that I say? Because they want their forum dumbed down even more?
No, there is a concentrated effort to destroy free discourse, endlessly dividing the usersbases of forums, persecuting viewpoints opposed to the status quo of liberal insanity.
Exactly. Given the choice, I'd rather be spied on by a government that has no power over me than by the government-friendly US based companies.
It's sad that threat modeling has to be done with something as mundane as AV software, but it's rather true. If you're someone with unpopular opinions, the last thing you want is your own government seeing what you're up to
What makes you think being spied on by a foreign government will make you safer from your own government? They horse-trade information you know, even governments hostile to each other sometimes swap info. You are only secure until the various governments decide to trade their Pokemon cards with each other, for something they want.
Anyways, if you need someone or their services to satisfy a specific need (in this case, your data safety and computer health), then you are vulnerable to those who have the capacity to satisfy those needs. That is life. Ikarus, McCafee, KIS and Malwarebytes are the most reliable and best suites for me.
OK, they're ALL out to get you. If you didn't pay for it, you're the product. I fear my local government more than a far-away one. I'm a minnow, no some plankton living in the social/financial sea. It's only metadata. If you've got nothing to hide, you've got nothing to fear. Ever uploaded something to VirusTotal/Google/MS/Amazon? If it's unencrypted in the cloud, it's probably now on someone's ELSE's cloud too. If encrypted, it's still fair game. KAV have good reviews. So I'll just leave this here and get my coat,
OVERVIEW
https://www.pcworld.com/articl...
https://www.av-test.org/en/ant...
http://chart.av-comparatives.o...
Free
https://usa.kaspersky.com/free...
https://www.bitdefender.com/su...
https://www.malwarebytes.com/m...
https://www.avira.com/en/free-...
https://home.sophos.com/
https://www.pandasecurity.com/...
Just PICK one just as long as it's not the default MS Defender. They couldn't stop it from getting in to start with, what makes you think their AV is going to do better?
If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
Yet they "Window 10 users" have no problems with the massive amounts of data/everything you do and being tattooed with an adverting number is ok..
Jack of all trades,master of none
Hilarious what MacCarthyite propaganda can do. Even more hilarious is that these firms would distrust Kaspersky but not equally distrust running their systems on Windows.
Switch to Linux. Ubuntu has fantastic commercial support for corporations. Problem solved.
Sorry but my default position is always 'Prove It' and I can see bias in most reporting these days on both sides of the aisle. Usually it is anonymously sourced 3rd party hearsay or some party hack giving an opinion. This latest crop of stories about Russia do not show clear support for one side or the other and with laughable amounts of funding. Hillary and Donald spent more on any given day of the campaign and yet we are supposed to believe that this turned the election.
Can you imagine the conversation over in Russia...
Putin: Ok, we gonna swing ewection for buddy comrade Trumpski. How much you need to do it?
Troll leader: $50,000 dolars, comrade leader.
Putin: Ok, $50,000 a day. Just let me call banker and..
Troll leader: No, no, just $50,000, we swing ewection very cheap, whole thing 50 gwand, piece of pie.
Ridiculous!
China (biggest cyber-spy on the planet, giving NSA serious run for its money and making Nork look like 2 year olds) had LanDesk source code for better than a year.
Whatever Kaspersky enabled, LanDESK enabled, and is continuing to enable, more.
SELinux suffers from a complexity flaw. Setting up a tight policy for a production system is not an easy task. I was evangelizing SELinux for many years (my name is in their contributors list). The complexity issue was clear from the start, I was always hoping it would be solved one day, but it still isn't.
So today you have SELinux in all the major distributions, but it's not really much used. Even if it is run in enforcing mode, the policy is very generous. That puts it on the level of a firewall - another layer of security, but it still lets a lot of stuff through.
A tightly configured SELinux is a very hard target. I went to hacker conferences a few times, put up my SELinux notebook and wrote IP address and root password on a piece of paper posted right above it. The real root password, with SSH root login enabled. One time a guy managed to put a file into the root home directory, because I had forgotten one policy rule. That's it. SELinux can be configured very tightly, but at that time, there were maybe two dozen people in the world who could do it. That's not acceptable for commercial purposes. Who wants a system where if you lose your one guy who can handle it, it might be impossible to find a replacement?
Assorted stuff I do sometimes: Lemuria.org
Mr Kaspersky has wasted his money on all the extra hours you guys have putin, I'm still going to uninstall it.