US Government Can't Get Controversial Kaspersky Lab Software Off Its Networks

The law says American agencies must eliminate the use of Kaspersky Lab software by October. But U.S. officials say that's impossible as the security suite is embedded too deep in our infrastructure, The Daily Beast reported Wednesday. From a report: Multiple divisions of the U.S. government are confronting the reality that code written by the Moscow-based security company is embedded deep within American infrastructure, in routers, firewalls, and other hardware -- and nobody is certain how to get rid of it. "It's messy, and it's going to take way longer than a year," said one U.S. official. "Congress didn't give anyone money to replace these devices, and the budget had no wiggle-room to begin with."

At issue is a provision of the National Defense Authorization Act (NDAA) enacted last December that requires the government to fully purge itself of "any hardware, software, or services developed or provided, in whole or in part," by Kaspersky Lab. The law was a dramatic expansion of an earlier DHS directive that only outlawed "Kaspersky-branded" products. Both measures came after months of saber rattling by the U.S., which has grown increasingly anxious about Kaspersky's presence in federal networks in the wake of Russia's 2016 election interference campaign.

Ban All Russians From Contributing to Windows

If you can't trust Russians, how many of them are working for M$?

How many are working for other proprietary applications free or commercial for Windows?

ALLEGED interference campaign

There still has not been any proof or even shady evidence offered that Russia changed a single ballot or tampered with a single voting machine, or had agents at a single polling place to interfere with the election process..

Exercising the right of free speech in order to influence the way people think is called "politics," not "interfering with an election."

Foreign interests have "interfered" with our elections since the birth of the nation. It's nothing new. Get over yourselves.

The question to ask..

[lionchild]

The question to ask, as both a taxpayer and an IT guy is this: What's the "penalty" for failing to make the October deadline?

If this had been an actual emergency

[Sloppy]

The government is lucky this Kaspersky scare is bullshit, then. If this had been an actual emergency (e.g. the software were doing something bad, whether by design or due to some random bug that you can't fix because it's proprietary), sounds like everything would be totally fucked.

Re:If this had been an actual emergency

[Aighearach]

It is a known fact that you don't have the information needed to determine it is "bullshit."

And you never would have it. And the second part of what you said is therefore the whole part that isn't bullshit; it might be an emergency, in which case the network is fucked.

Since knowledge of the evidence for the concern is classified, you don't know about it; and even if you had a security clearance, we know your job doesn't involve knowledge of these particulars because then you wouldn't be allowed to tell us. So by definition, you can't know it is bullshit; you either have reasons to believe it is a problem, because there is public information about what the danger is in losing control of a network, or you don't fucking know.

I'll give you a hint: If your opinions about network security are based on your domestic politics, you're a fucking idiot.

Re:If this had been an actual emergency

Actually, the entire backstory of this whole farse is very widely known in cybersecurity circles, including the so-called "classified" facts (which are widely disseminated outside the US where said "classification" of otherwise widely known information is not relevant).

Here are the crib notes and timeline, without dates:

- Equation group leaks
- Equation Group software widely attributed to NSA in cybersecurity circles
- Kaspersky researchers tie Equation Group to creators of both stuxnet and Flame via forensic analysis (note they DO NOT call out NSA here, but anyone with half a brain can put 2 and 2 together)
- US military and/or NSA (not totally known as it is "classified") become involved in middle east anti-terrorism espionage using malware deployed on public wifi networks
- Kaspersky publishes research on said malware, again without attributing it to anyone, but making it public
- US military and/or NSA (not totally known as it is "classified") have to pull out of their espionage and invoke a burn order since they are exposed

To make it even shorter - Kaspersky did their job. Because their job exposed US government activities, the US government got pissed.

Re:If this had been an actual emergency

It is a known fact that you don't have the information needed to determine it is "bullshit."

Precisely right. Just because the US Government says that Kaspersky Lab Software is a risk validates nothing about there being an actual risk. Of course, that by definition makes the evaluation bullshit.

And you never would have it. And the second part of what you said is therefore the whole part that isn't bullshit; it might be an emergency, in which case the network is fucked.

If it's such an emergency and the whole network is fuck, then the US Government position is bullshit for so loudly declaring a problem that leaves over a year of time to be exploited.

Since knowledge of the evidence for the concern is classified, you don't know about it; and even if you had a security clearance, we know your job doesn't involve knowledge of these particulars because then you wouldn't be allowed to tell us. So by definition, you can't know it is bullshit; you either have reasons to believe it is a problem, because there is public information about what the danger is in losing control of a network, or you don't fucking know.

National Security in this context is bullshit when the cat is already out of the bag. If the problem is really that severe, then the US government should revert to other, secure means and Congress should be paying for the switch over. Since none of this is happening, It's business as usual. Business as usual says the US is doing great which is either (1) bullshit disinformation for politicos, (2) bullshit disinformation to hide the cyber security clusterfuck, or (3) possibly an actual accurate assessment of the situation within their assessment abilities. I imagine it's a combination of the 3, which makes it bullshit.

I'll give you a hint: If your opinions about network security are based on your domestic politics, you're a fucking idiot.

If you listen to Aighearach's arguments on what to believe, are you any better?

Re:If this had been an actual emergency

This. Pretty obvious to anyone even remotely near the security consultancy field.
Combine that with all these accusations without anyone ever pointing out what and how the software is doing anything bad.

Virus or Anti-Virus

[coolmoose25]

If you can't get your Anti-Virus software off of your equipment, is it really anti-virus, or has it just become another virus?

Huh?

[rsilvergun]

bullshit. Do a week of training with one of their competitors, uninstall the old stuff, install the new stuff, call it a day. None of this is difficult. These are software programs designed to take care of security for end users.