Officials Fear Russia Could Try To Target United States Through Kaspersky AV (go.com) 173
Russia's growing aggression toward the United States has deepened concerns among U.S. officials that Russian spies might try to exploit one of the world's most respected cybersecurity firms to snoop on Americans or sabotage key U.S. systems, according to an ABC News investigation. From the report: Products from the company, Kaspersky Lab, based in Moscow, are widely used in homes, businesses and government agencies throughout the United States, including the Bureau of Prisons. Kaspersky Lab's products are stocked on the shelves of Target and Best Buy, which also sells laptops loaded by manufacturers with the firm's anti-virus software. But in a secret memorandum sent last month to Director of National Intelligence Dan Coats and Attorney General Jeff Sessions, the Senate Intelligence Committee raised possible red flags about Kaspersky Lab and urged the intelligence community to address potential risks posed by the company's powerful market position. "This [is an] important national security issue," declared the bipartisan memorandum, described to ABC News by congressional sources.
Re: Russia's growing aggression toward the US? (Score:2)
Re:Kapersky? Most respected cybersecurity firms? (Score:5, Insightful)
Re: (Score:1)
of course *they're* going to root-out all the nsa ones. it's the RUSSIAN ones they may ignore... the same can be said the other way around, too: an american-based company may be quick to expose (certain) foreign government efforts, but may be compelled by secret order to ignore a u.s. one.
for that reason, it may be better for us regular folks to trust kaspersky over the likes of symantec or mcafee (or microsoft, even) because our greatest threats exist within our own borders, not outside of them.
The bath salts MUST FLOW (Score:5, Funny)
But NOOOOO... you all said he's too erratic, and temperamentally unsuited to be President.
Re: (Score:2)
If I had mod points today you'd get one. ROTFL!
Re: (Score:2)
Yes Ted, that was the joke...
Re: (Score:3)
Tinfoil is damned expensive these daysl. You have to order it from scientific or industrial supply houses. All the consumer level stuff is aluminum now.
The meme needs an update.
Re: (Score:1)
This is precisely why I DO use Kaspersky ... I live in Australia and so don't want my own government (which is in bed with the US & UK) having access to my personal data.
But the Russian government? I don't care ... I don't plan to go there any time soon.
Re: (Score:3)
Why risk a US antivirus vendor cooperation https://en.wikipedia.org/wiki/... [wikipedia.org] in any US product or OS?
The PRISM https://en.wikipedia.org/wiki/... [wikipedia.org] list showed what US brands and OS makers would do or "allow" to happen.
What makes you think they aren't already doing it? (Score:5, Interesting)
LOL,wait, there are people who think Kasperesky isn't compromised? ROFL. Using a respected and renowned cybersecurity first to as a cover seems like a no-brainer to me. I've assumed they were compromised years ago, quite frankly.
Re:What makes you think they aren't already doing (Score:5, Insightful)
Also, are there people who think Microsoft isn't compromised? ROFL. Using an operating system with the highest market share as a cover seems like a no-brainer to me. I've assumed they were compromised years ago, quite frankly.
Re: (Score:3)
Also, are there people who think Microsoft isn't compromised?
Probably somewhere, but there have been indications that Microsoft has been working with the NSA for a looooong time. Also, I know it sounds ridiculous, but there is a back door in Intel chips that allows you to access them, even when the OS is not installed. I know that sounds crazy, I thought so too, at first.
Also, Google secretly hands your emails over to the NSA without telling you.
Lights Out management. (Score:5, Informative)
Also, I know it sounds ridiculous, but there is a back door in Intel chips that allows you to access them, even when the OS is not installed
Technically:
1 - it's not in the Intel *CPU*, it's in the Intel *Server Motherboard Chipsets*.
By design, Intel ME (Management Engine) is a useful tool so sys-admin can remotely access and checks servers (or enterprise workstation) whose OS won't even respond anymore. (e.g.: to diagnose early boot process steps, oversee a firmware update, etc.)
It' basically a small embed CPU core running a micro embed Linux and featuring a web server for the interface and a sort of VNC server and port forwarder/remote device mapper.
In practice, this service is done very sloppily and bugs are constantly found that enable exploit and un authorized acces.
2 - Intel ME has equivalent in other manufacturer called IPMI. e.g.: most of the AMD server motherboard features that one.
Again, like with Intel ME, cirtical exploitable bug are regularily found in IPMI, meaning it similarly easy to circumvent access control.
A big chunk of these exploitable bugs in both Intel ME and IPMI are very probably due to sloppy programming for product rushed to the marker.
But given how many bugs are discovered, and how juicy light-out-management is as a target, there bound to be a few "not so honest mistakes" among these bugs.
But these not-quite-accidental bugs aren't only to be blamed on US agencies.
Re: (Score:1)
Yeah, people who A: rely on evidence, B: know what they're talking about, C: Don't guess and D: Don't say "ROFL" about the situation, you dipshit.
" there are people who think Kasperesky isn't compromised? ROFL "
Re: (Score:1)
Re: (Score:1)
[Citation Needed].
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
"It's malware we paid for with our taxes! By golly it must be good!"
Who is the enemy? (Score:2)
Of course! Even if we stipulate, that NSA/CIA routinely access our computers, I'd certainly prefer that, however unpleasant, to a foreign power doing the same. And not just any foreign power, but Russia...
But, hey, do I understand you right, that you voted for Trump because he was beholden to Russia, rather than for Clinton, who was beholden to NSA/CIA?
Re: (Score:2)
I hope, you don't insist on it being done by drones, which Russia does not really have — and what it does have, it uses for intelligence-gathering and artillery-coordination only. But, here, I'll list a few:
Only buy American products (Score:1)
They are secure because the USA has TLAgencies that help protecting the American people.
Re: (Score:2)
Excellent use of irony.
"Russia's growing aggression toward the USA..." (Score:5, Insightful)
https://socioecohistory.files.... [wordpress.com]
Re: (Score:2, Insightful)
That's cute, but have you heard about Russian propaganda about the US? One of the ways Putin maintains power is by rousing hatred against the US. Fortunately (for now), another way he stays in power is by painting himself as a peace-broken. (Remember, he controls the Russian media.) So there is quite a lot of aggressive sentiment toward the US, but that won't necessarily translate into war.
Re: (Score:3, Interesting)
And your media is all squeaky clean and above board?
I would hold Russia Today in higher regard than ANY of the USA propaganda... I mean media outlets, thank your very much.
That being said I think they are all tools of their respective governments, and they ALL lie!
The days of honest reporting are long gone.
Re: (Score:2)
That's cute, but have you heard about Russian propaganda about the US?
No, I haven't. What I have seen is a good deal of truthful facts and opinion about the US government and its policies. Some of it comes from Russia, some from Europe, some from the UK, Australia and Canada - and quite a lot of it comes from the USA itself.
Read the following (or as much of it as you can absorb) and see if what you learn is a little different from what the mainstream media are telling their audiences day after day.
http://russia-insider.com/en/o... [russia-insider.com]
http://russia-insider.com/en/p... [russia-insider.com]
http://www.st [strategic-culture.org]
Re: (Score:2)
Oh I forgot this:
https://cluborlov.blogspot.co.... [blogspot.co.uk]
and this:
https://www.youtube.com/watch?... [youtube.com]
Re: (Score:2)
And this:
http://www.strategic-culture.o... [strategic-culture.org]
Re: (Score:3)
That's cute, but have you heard about Russian propaganda about the US?
Could you supply any specific examples? Preferably with URLs.
Re: (Score:2)
So it's bad that NATO leaves a one country buffer zone between Europe and Russia, but not bad that Russia installs military bases right on Europe's doorstep such as Kaliningrad, Moldova, and now parts of Ukraine that it's outright annexed?
For a start, Russia is a European nation and always has been. So it's not surprising that it has bases in Europe. On the other hand, the USA is NOT a European nation, yet Europe is teeming with American bases, soldiers and weapon systems - including thermonuclear weapons. Russia did "annexe" Crimea, which had been part of Russia since before the USA existed, after the illegal regime in Kiev began determined efforts to exterminate Russian-speaking citizens.
Kaliningrad - Koenigsberg as was - "became part of t
It's already too late (Score:2)
We're all just one automatic upgrade away from infection. ...which now that I think of it, is true for any AV product.
Re: (Score:1)
I thought all the AV companies actually also created the need for AV programs!
Isn't that where most malware comes from?!
Re: (Score:2)
Ummm. Duh! Yeah!
I thought all the AV companies actually also created the need for AV programs!
Isn't that where most malware comes from?!
I'd like to think not, but I guess it's a possibility. Sometimes the constant nagging by my antivirus product to buy more expensive coverage (which is impossible to turn off) feels like malware. Especially when I'm doing work (like editing photos) that takes up the entire screen, and the AV ad pops up over the control sliders. It's enough to make one consider keeping the AV turned off and the network cable unplugged while doing serious work.
Then there was the hilarious but almost certainly untrue rumor t
They're really pushing the Russia narrative HARD. (Score:3)
Russia this, Russia that - seems like the left really fears them for something despite being Soviet themselves.
Re: (Score:2)
Anything to deflect from their own transgressions, like stealing an election from Bernie Sanders.
Re: (Score:1)
It's better for their image that they were 'hacked' and thus victims, rather than have it be that one of their own turned whistleblower and exposed them to Wikileaks. A lot of clues point that leaker as being Seth Rich, and sadly, he isn't talking.
Re: (Score:2)
The same people accusing Russia of being the culprit are the same ones responsible for his Soviet-like disappearance.
Re: (Score:2)
ah yes, Jeff Sessions, the notorious "leftist".
Re: (Score:2)
"Russia did it" is about all that can be attempted to cover up for the total lack of domestic crypto and staff vetting over decades.
Re: (Score:2)
Russia this, Russia that - seems like the left really fears them for something despite being Soviet themselves.
They are the world's most powerful dictatorship. Putin has been fairly successful in pretending not to be a dictator, but the more of his critics and opponents he kills, the more obvious the charade becomes. If that's not enough cause for concern, Russian-language propaganda against the US is. (Russia's media is controlled by the state.) If that's not a cause for concern, Russia's annexation of other countries (and the world's failure to respond) is.
Does this mean that the US has compromised US AV? (Score:2)
I remember when much the same concerns were raised about Chinese networking equipment. (If memory serves, being supplied into a large project in Australia).
This was before the Snowden revelations.
So, we now know that really what they were doing was preserving the supply of US networking equipment that could be pwned.
Thus, one wonders if the same thing is happening here?
McCarthy AV (Score:5, Funny)
Are you now or have you ever been a member of Kapersky Lab?
Re: (Score:2)
Either Kapersky labs is trustable or it is not. Is Russia a trusted player or we should assume all 'apps'/ programs of Russian origin are to be considered malware. So which is it?
If the world is not black and white, care to tell me why you want to treat this problem that way?
A single company being corrupt within a country isn't exactly some shit we've never heard of.
Re: McCarthy AV (Score:3)
Most of Kaspersky labs work out if the U.K. Anyway. But OMGZ DA RUSSIANS
Re: (Score:2)
Most of Kaspersky labs work out if the U.K. Anyway.
And 99% of Apple's business is apparently in Ireland, and manufactures out of China. Anyway.
But OMGZ DA RUSSIANS
Yes, perhaps you're right. I mean, why would we ever think the country that was one half of the Cold War for almost half a century would ever be capable of doing such a thing? (again) Sheesh, we're acting like Russian businesses are controlled and manipulated by some kind of communist dictator who uses murder as a form of manipulation. We should lighten up. I'm sure there's nothing to see here...
Re: (Score:2)
Is Russia a trusted player or we should assume all 'apps'/ programs of Russian origin are to be considered malware.
If I were a Russian government official, I wouldn't trust any American closed-source software. QED...
In Soviet Russia (Score:1)
In capitalist America, US President downloads software.
In soviet Russia, software uploads choose US President.
American companies in Russia? (Score:5, Insightful)
And what about Microsoft, Apple, Google? Should Russia fear all these companies as well and ban them?
Re: (Score:2)
And what about Microsoft, Apple, Google? Should Russia fear all these companies
Yeah, probably.
Re: (Score:2)
No open computer networks with plain text files, no foreigners or illegal migrants getting security related jobs, no new contractors.
Just real staff working hard all day who are vetted and trusted.
Russia trust paper files and its own gov/mil. The USA always trusts the new team of contractors.
The democrats are really out of control (Score:1)
...with this red scare stuff. Hillary lost because she was an inferior candidate.
Re: (Score:1)
It was a choice between a turd sandwich and a giant douche
I guess the American people wanted a douche instead of a turd.
hard to say (Score:1)
Re: (Score:2)
I have a lot of respect for Kaspersky.
Why, you don't remember the time when AVP was good? Because it was. But now it's the bloatiest of AV. Why would you respect it today?
Being so close to the Kremlin doesn't made me feel warm and fuzzy, but they have always spoken out against state actors.
Talk is cheap.
Re: (Score:1)
Officials fear *everything* (Score:1)
Never heard of them... (Score:2)
Re: (Score:3, Informative)
I haven't used anti-virus software in years. I only have Windows Defender and Malwarebytes installed on my Windows PCs.
Read the first sentence you wrote. Then read the second one. You now have my permission to feel stupid.
Re: (Score:1)
https://www.microsoft.com/en-u... [microsoft.com]
Windows Defender is the No. 1 antivirus on Windows 10, protecting more computers against viruses, malware, spyware, and other threats than any other solution.
Re: (Score:2)
Windows Defender is the No. 1 antivirus on Windows 10, protecting more computers against viruses, malware, spyware, and other threats than any other solution.
Microsoft did something right. I'm impressed.
Re: (Score:2)
Windows Defender is the No. 1 antivirus on Windows 10, protecting more computers against viruses, malware, spyware, and other threats than any other solution.
Microsoft did something right. I'm impressed.
Nope.
As usual, if Microsoft appears to have done something right, they bought the software from someone else. It's never developed in-house.
Re: (Score:2)
As usual, if Microsoft appears to have done something right, they bought the software from someone else. It's never developed in-house.
Good point. I just got finish reading "Chaos Monkeys: Obscene Fortune and Random Failure in Silicon Valley" [amzn.to] by Antonio Garcia Martinez, about Facebook advertising. Microsoft bought this company for $6.1B, wrote down $6B in goodwill, and sold the advertising group for $0.1B to Facebook.
Re: (Score:1)
Moron
Re: (Score:2)
Moron
So my mother tells me. ;)
Re: (Score:2)
Proof that a low ID doesn't save you from being an idiot.
How many times have Apple demonstrated that "first mover advantage" is a fallacy by showing up late to the party, introducing a new product that's not radically different from earlier products, and raking in buckets of cash?
It's okay (Score:1)
It's okay. Obama told me the Russians weren't a threat.
Re: (Score:1)
Re: (Score:2)
It's okay. Obama told me the Russians weren't a threat.
Actually, that was Trump
Relax. Trump will build a firewall around the US, and make Russia pay for it.
Or not.
Re: It's okay (Score:4)
No it was Obama when running against Romney and you all laughed when Romney said they were a threat. Now that Hitlery lost you're all freaking out about Russians. It's fucking hilarious
Denial-of-Resources attack (Score:2)
They might make it aggressively scan everything repeatedly so that your PC is slug-city. ...Oh wait, that's McAfee.
Re: (Score:2)
I find that quite helpful.
I put my coffee next to the fan vent on my laptop and it keeps it warm.
Officials Fear USA Could Try To Target Russia Thro (Score:2)
Because they would need that.. (Score:2)
Not saying they aren't (probably are, everyone else is), but let's put it this way: "All those who believe they have an uncrackable product / network / service, take one step forward."
You'll notice the smarter / older people taking a step back when they hear that.
Isn't this the NSA's job? (Score:5, Insightful)
Re:Isn't this the NSA's job? (Score:5, Informative)
Along those lines: I'm far more worried about being targeted by our own Government than by the Russians. The U.S. Federal government has shown itself time and again to be, at best, no better than the Russians where our rights and freedoms are concerned:
1) Continual erosion of the Constitution.
2) Ignoring the Constitution when following the law becomes inconvenient.
3) Spying on American citizens.
4) Systematic molestation by Federal officials at airports.
5) Lying to the American public as a matter of standard policy (though that is implied in the other four).
The Russians are WAY down on the list of things we Americans have to worry about at home.
Re: (Score:2)
For that to work the world has to accept junk US crypto, low security OS and US brands helping the clandestine services.
The UK and GCHQ had a much better way. Work with the UK mil and other clandestine services to get things done in secret.
The NSA needs to tell the public about its role, get funding, tell congress to give more funding, support all its contractors, allow contractors to offer ever more staff and services.
Then report back on eve
How? (Score:2)
Why would any "key U.S system" have Russian AV software installed? A key function of AV software is to be able to intercept pretty much anything that happens.
Simple solution (Score:2)
1980s called (Score:2)
They want their cold war back.
Aww come on! (Score:4, Insightful)
Why don't the Democrats have done with it and just re-convene the House Un-American Activities Committee? Given today's political alignment, this could even include restarting the old John Birch Society campaign against dental fluoride. What was old is new again.
Re: (Score:2)
Who says they won't? Well ,maybe they won't. The general rule in these things is ' Any Resemblance to Actual Previous Events is Entirely Coincidental. Because We Changed the Names.'
I have nothing to hide from the FSB (Score:2)
If the NSA, CIA, FBI and Five eyes all can see my Pr0n browsing history, why can't the FSB joint the fun too?
US software (Score:4, Insightful)
McCarthy (Score:3)
McCarthy called, we wants his paranoia back.
Funny how nobody noticed how very suddenly everything from elections not going the favorite way to bad weather is Putins fault. Let's conveniently ignore that he's been running Russia one way or the other for twenty years.
Assuming that much of this stuff is either fabricated or wasn't important some years ago and is dragged up now - the question is why? For what purpose is the public fed the old "Russia is evil" meme again? What are we being prepared for?
Re: (Score:2)
Why are you even surprised? America has been at (almost) constant war since the American civil war.
America is building tanks it doesn't need (or want) just so that they can keep the factory running in case they need to ramp up production
http://www.military.com/daily-... [military.com]
Why would any country do that unless the intention was to go to war in the future.
We have to defend against Russian aggression I can only see American
Re: (Score:1)
That's not what Eisenhower meant. Re-read his farewell address.
Re: (Score:2)
It's the Democrat's birther joke. The joke's on them. No evidence at all... yet they keep saying there was Russian involvement, etc. Even Dianne Feinstein said recently there is no evidence. So if you see someone saying the russins are coming.. they're a really good mark. They're really gullible.
Yet it works well! (Score:1)
The absolute best I have yet used is in fact Kaspersky (Total Security and the Small Office Suite).
There has never been an instance over the past 3 years of having Kaspersky fail to fully protect all the PCs under my guard (~22 at last count).
Other AV programs have ALL allowed an infection through at one time or another: AVast, Eset, AVG, McAfee, Norton, TrendMicro,
Re: (Score:2)
The joke's on us -- the chips come from China.
Re:Like our Cisco network equipment (Score:4, Informative)
Chips?
Most of the Catalyst switches are made in China. The 2960 series, 3560 series, 3600 series, 3750 series, and 3800 series are all made in China. The 4500 series are made in Mexico. You'd be hard-pressed to find a conventional L3 switch not manufactured outside of the United States, and I would be amazed if any L2 switches are made in the US.
Re: (Score:2)
https://arstechnica.com/tech-p... [arstechnica.com]
Re: (Score:2)
The two are not mutually exclusive you know.
Re: (Score:2, Interesting)
The Snowden leaks* already showed that malware signatures are submitted to AV companies so that they purposefully do not flag the files.
Frankly, kaspersky, eset, and a handful of others are part of the handful of AVs I trust because they are NOT headquartered in 5 eyes countries.
The Canadian CSES have a slide with a box clearly labeled with EXACTLY this:
"
Commercial/Industry/Relationships
Influence Technology
(provide signature to AV)
"
Re: (Score:2)
Re: (Score:2)
"In Soviet Russia, big prop reset button threatens you!"
Re: (Score:2)
Re: (Score:2)
So are the Russians.