Slashdot Mirror
Dodging Russian Spies, Customers Are Ripping Out Kaspersky (thedailybeast.com)
From a report: Multiple U.S. security consultants and other industry sources tell The Daily Beast customers are dropping their use of Kaspersky software all together, particularly in the financial sector, likely concerned that Russian spies can rummage through their files. Some security companies are being told to only provide U.S. products. And former Kaspersky employees describe the firm as reeling, with department closures and anticipation that researchers will jump ship soon. "We are under great pressure to only use American products no matter the technical or performance consequences," said a source in a cybersecurity firm which uses Kaspersky's anti-virus engine in its own services. The Daily Beast granted anonymity to some of the industry sources to discuss internal deliberations, as well as the former Kaspersky employees to talk candidly about recent events.
All of them simultaneously and at the same place?
Circumcision is child abuse.
Unintended consequences of the "wrong" candidate winning. The media's bitterness is not because the wrong candidate won, but because they were shown via the election results that they had less power than they thought they did.
I'm a minority race. Save your vitriol for white people.
When it turns out that US AV companies do exaaactly the same shit, because all AV vendors do it.
At least Kaspersky actually made decent detection products.
Enjoy the farce that is Norton & McAfee
You simply can not. Not Possible.
AV software needs to have full kernel level access to be able to protect you. As soon as you make a "safe space" for yourself, it's another place where malware can and will hide. Either you give full access to the hardware, not just the OS, or there is no way to actually protect the system. That's what makes things like the Intel management engine which has full control of your hardware, but no oversight by the OS or the user is so dangerous. It's why the NSA made intel to implement switches so they can disable Intel ME on NSA computers.
AV software need to phone home: to get virus definition updates and nowadays more importantly react fast to new networked threats by uploading possibly dangerous files. They have honeypots which do this all over the internet for years of course. However crowdsourcing new threats is much much more effective, since the really dangerous Malware, e.g. Stuxnet which was found by kaspersky, is targeted, not just spammed anymore.
The actually new and "best" high end products from Silicon Valley make the uploading of files from customers their main selling point: they claim only this way they can protect their enterprise clients. Kaspersky comparatively is low end consumer AV for the unwashed masses. The most expensive products like carbon black simply don't work if you're not uploading all your private files to a US company which is in deep with the US government agencies. All of the other AV companies in the US are too: google Project CAMBERDADA which shows what AV companies need to be attacked to subvert by the NSA. All the US/UK AV companies are suspiciously absent since they don't need to be reverse engineered: like any other US/UK based company they are working hand in hand with the intelligence services.
As a normal user in the West, I far more fear my own government's agencies, be it FBI, CIA, NSA, GCHQ, DGSE, BND, whatever, than a foreign agency far away: the domestic agency can actually directly harm me, fine me, incarcerate me, etc. than some agency in a country on another continent. And they have actually far more reason to do all that to me.
The end result:
AV software is a fundamentally flawed product due to all of this and simply shouldn't be used on any computer where you want to have a marginal expectation of privacy since you cannot protect yourself and use such a software.
all of a sudden. What happened to "I've got nothing to hide."?
Given Putin kills, imprisons, arrests people and businesses who oppose him, and given Russia's cyber attacks on the USA, you have to consider that Kaspersky may not have a choice in the matter. With so many KGB people involved there, it's probably better to be safe than sorry here and remove their software. There is actual evidence (see link below citing an Israeli hack into Kaspersky).
I wonder how many of those voting machines in the USA have Kaspersky anti virus installed on them, how many computers dealing with election rolls, and absentee ballots and vote counting. Can you really risk Russian software on voting systems when you know Russia has attacked the elections?
https://www.theguardian.com/technology/2017/oct/11/israel-hack-uncovered-russian-spies-use-kaspersky-lab-2015-report-us-software-federal-government
"While the Israeli spies were inside Kaspersky’s systems, they observed Russian spies in turn using the company’s tools to spy on American spies, the New York Times reports. That information, handed to the US, led to the decision in September to end the use of the company’s software across the federal government by December."
"But it still leaves many further questions unanswered. Crucially for Kaspersky, the Israeli hack apparently failed to provide enough information to determine whether it was a willing, or even knowing, participant in the Russian espionage."
"The Russian government exercises tight control over domestic and foreign high-tech industries operating within its borders. In June 2017, it began demanding the source code for certain software imported, ostensibly to search for “backdoors” inserted by foreign intelligence agencies. In practice, it’s widely believed that the Russian security agency scans the source code for undisclosed vulnerabilities it can use to improve its own hacking prowess."
"Dodging Russian Spies..." not only sounds like "Dodgy Russian Spies", but it also presents a reason before an actual fact on a news/article/post header. This is a perfect example of psychologically loaded news, more even so than clickbait but it actually also is clickbait as they go for the "cold-warish" juicy part of the topic first.
Now seriously, stop doing titles like this, and don't enable them by allowing such stuff verbatim on slashdot from the original biased, flawed source.
The problem is that the current open source implementation,
CalmAV,
was bought by and is currently developed by... Cisco.
Okay, it's opensource, so at least independent researcher can go and check whether it contains any underhanded code.
But still, it's not an international cooperation of several vendors.
Also, currently it's not the top performing of the pack.
On the other hand, that doesn't prevent me from using it.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Perhaps anti-virus wouldn't be even necessary if there were less users infected with anti-intelligence.
So tired of this bullshit argument.
I've been working in infosec for 20 years.
For about half of that time, I also said that "lusers" are the main problem.
Then one day I grew up and realized that they are just being humans and that's a bullshit excuse for not doing my job properly by complaining that water is wet and gravity sucks.
Guess what? We're paid good money for solving exactly these problems. If you can't bring a rocket to the moon because of gravity, you don't belong into rocket science. If you can't build a ship that floats because water is so difficult to work with, you don't belong into shipbuilding. And if you can't deal with people being people, you don't fucking belong into information security.
Assorted stuff I do sometimes: Lemuria.org
AV software is a fundamentally flawed product
Actually, it's our OS fundamentals that are flawed. In a properly designed system, the AV would not need full access to everything. Of course I'm talking 1970s "properly designed" here, not 2000s "ship half-ready to customer, then patch" philosophy. Sorry, I think they re-branded it "Agile Development".
AV is a workaround, a hack, for serious weaknesses in our fundamental systems design. That your e-mail system can access business secret documents when you open the wrong mail - that is the actual problem that needs solving. We have AV for the same reason we have condoms - there's a lot of STDs and for most of them we don't have good vaccinations.
In that sense, AV is not fundamentally flawed, because in a fundamentally non-flawed world, we wouldn't even have it. It's an at-least-this-works-most-of-the-time solution because we can't be arsed to tackle the real issues.
Assorted stuff I do sometimes: Lemuria.org
2017, and the masses still haven't learned. I swear they'll click on anything. Yes, of course that Windows pop-up for a Kardashian baby-watch app was totally legit. I mean, why wouldn't Microsoft want you to know...
Yes, why wouldn't Microsoft? It preloaded their home computer with a dozen application it deemed useful (ok, was paid for including, but users don't know that) and it serves them personally relevant information (sorry, paid-for ads, but that's not marked anywhere) wherever it can, say on Bing or whatever their current attempt at social networking is. It also made several attempts to put important announcements (advertisement) directly on the desktop of their computers.
From a non-IT user, the scenario does not look all that much unbelievable. Maybe a bit unusual, but your facepalm is coming from a certain arrogance and insider frame. Some of those dumb users will laugh at you how you put that silly oil into your car, everyone knows it's synthetic shit and you should really use that bottle over there which isn't so heavily advertised. Or what you eat or how you do sports or whatever. You know more about IT than they do, which makes some things seem obvious to you. But you are just as oblivious about "basic facts that everyone knows" in many other areas of life.
Assorted stuff I do sometimes: Lemuria.org
Regardless of whether it's true that the FSB has some kind of backdoor access to Kaspersky products, the company is likely doomed. They might manage to eek out an existence primarily in Russia, but as a shell of the company in its glory days.
While US spy agencies don't do themselves any favors by publicly saying they want to have a backdoor to any and all encryption methods, the US and Russia are very different places. Get on Putin's bad side and you could find yourself being thrown in jail for (no pun intended) trumped up charges, your company nationalized, and all of your assets seized by the government. When is the last time that happened in the US?
The problem is that this level of sandboxing is incredibly anti-user and anti-developer. Basically any OS should do what the user wants and by extension the easiest way for malware to access the machine is to simply ask the dumb meathead sitting in the chair.
Citation needed.
http://time.com/4783932/inside-russia-social-media-war-america/
https://www.nytimes.com/2017/09/07/us/politics/russia-facebook-twitter-election.html
https://www.newyorker.com/magazine/2017/03/06/trump-putin-and-the-new-cold-war
https://www.newsmax.com/Politics/james-clapper-absolutely-russia-interfered/2017/05/30/id/793102/
http://www.nationalreview.com/article/448931/vladimir-putin-russian-election-interference-american-incompetence-weakness-helped-it
I'd lay off the magic mushrooms.
Yeah, I know-- don't bother saying it: you're not going to read any of these because "that's all fake news because the mainstream media lies". Yeah. When you dismiss everything that confronts your entrenched position, yes of course you will never change your mind.
Using software from your main adversary is profoundly bad security. The same is true when Russia uses US software.
Antivirus software is second only to the operating system in terms of privilege and therefore makes an ideal attack vector. I bet most AV software is more than capable of maliciously stealing files, keystrokes, or planting a trojan if they were so directed.
I don't consider Russia an adversary;
Then you are stupid.
I don't mind people being stupid-- people are stupid sometimes; it happens. I do mind people being deliberately stupid because being stupid is the only way that they can defend their ideology.
If your idiotic ideology telling you "Washington is our enemy" and that means Russia is fine, you might consider changing your ideology to one that allows you to actually see the real world.
I agree, except at the point where you are willing to trust Microsoft... Windows 10 shows us that Microsoft does not hold our privacy sacrosanct in the least. The leaked NSA tools further prove that relying on Microsoft is not going to protect you from being spied upon, by our gov't AND foreign entities. Even this whole Kaspersky fiasco shows that further NSA tools are likely being stolen, AS THEY ARE BEING WRITTEN!
At the very least, use Linux. Linux may have backdoors too, but at least it's open source, so you and others can at least attempt to identify and close those security holes. Closed source Microsoft products, forget about it. You're never going to be safe there.