Kaspersky Software Banned From US Government Systems Over Concerns About Russia (betanews.com) 91
Mark Wilson writes: The Department of Homeland Security has told US government agencies to remove Kaspersky software from their systems. The directive was issued because of concerns about influence exerted over the company by the Russian government. Government agencies have been given three months to identify and start to remove Kaspersky's security products. Kaspersky has constantly denied connections to the Russian government, but the US is simply not willing to take the risk.
pah. all these outfits share data with governments (Score:2)
the only thing going between the really really white right in the US government is this is the only Russian connection they can sever and look like heroes.
Banned because Kaspersky patched NSA/CIA backdoors (Score:1, Informative)
jimstone.is [slashdot.org]
After hackers released all the NSA hackware files, Kaspersky went through them and plugged all the holes. That would explain why American intelligence is telling people to avoid Kaspersky.
Let me repeat an old story on this site . . . .
Years ago, (2012 or so) a Norton programmer contacted me and told me that both Norton and McAfee had people permanently stationed at Microsoft, and their only job was to cooperate with Microsoft and make sure their system security products did not close any NSA back
Re:Banned because Kaspersky patched NSA/CIA backdo (Score:5, Insightful)
This is cold hard irrefutable fact, not internet rumor.
Got any more hard irrefutable facts I'm supposed to blindly believe? Just checking before I make any important decisions. BTW, I'm on the internet, and I'm seeing this claim made on the internet by a totally anonymous person with no actual attribution or sources backing it up, so that kinda, by definition, makes it an "internet rumor".
Re: (Score:2)
It's generally pretty hard to get any irrefutable facts on things like this. While people are fond of disclosing secrets like this, they never do so when they expect a permanent record.
An example: the author of once-dominant anti-virus program in Poland (mks_vir) used to brag about releasing tens of viruses himself. It was illegal even then, but what can you do? If I'd say "this guy said this to my dad, then my dad repeated this to me", is this a proof good enough? (The guy died in 2004, so at least the
Re: (Score:1)
And yet if you search a sentence from his comment, it's taken verbatim from a single comment from a clearly sleezy site debunking HIV, denying the holocaust. And posted here to try to make it believable.
Copy and paste a sentence from that ACs comment and see only two hits come up. Here and the place it was stolen from. And judge for yourself how credible that source is.
Re: (Score:2)
webcrawler
Re: (Score:2, Informative)
You don't seriously believe that everything someone writes anonymously on the Internet counts as inside information, do you? To provide inside information anonymously, you deliver original documents and/or reveal other knowledge that only insiders should have. The receiver then tries to validate these documents or claims by comparing it with other evidence, expert testimony, and further sources.
Re: (Score:2)
Re: (Score:3)
Most important fact, you can't trust any thing a slashdot user with a 4 digit UID says.
Liar! What you just said is a cold hard irrefutable fact!
Re: (Score:2)
Hey! I resemble that remark!
Re: (Score:2)
Why do some 5 eye nations have issues?
https://en.wikipedia.org/wiki/... [wikipedia.org]
The good work done on Stuxnet, Flame, Equation Group.
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:3)
Then, Microsoft will report to the NSA that you are running Kaspersky, you will be put on a special list and they will put more effort into accessing your system. They have several ways, some of which an anti-virus can't do anything about.
Re: (Score:2)
But none that The Shadow Brokers hasn't released.
Re: Banned because Kaspersky patched NSA/CIA backd (Score:2)
I honestly can't tell if that's intentional satire.
Re: (Score:2)
both
Re: (Score:3)
This makes no sense though from a government perspective. The US isn't banning Kaspersky from US consumers, but only from US government computers, for which ostensibly they already have several means of intercepting and tracking data. Those computers are already government property, not the property of the employees who use them.
Re: (Score:3)
You say that as if the "US government" is a homogenous group with common goals. I'd really like that to be the case, but there is ample evidence that there are many factions that practically carry out a cold war. The controversies over "unmasking" should suffice as an example.
Re:Banned because Kaspersky patched NSA/CIA backdo (Score:5, Insightful)
jimstone.is [slashdot.org]
After hackers released all the NSA hackware files, Kaspersky went through them and plugged all the holes. That would explain why American intelligence is telling people to avoid Kaspersky.
Let me repeat an old story on this site . . . .
Years ago, (2012 or so) a Norton programmer contacted me and told me that both Norton and McAfee had people permanently stationed at Microsoft, and their only job was to cooperate with Microsoft and make sure their system security products did not close any NSA backdoors that Microsoft put there for the NSA. This is cold hard irrefutable fact, not internet rumor.
Why would the government need to worry about Kaspersky plugging "NSA backdoors" on systems they personally own and have full physical access to? If they want to see what's on their own systems they can, in a worst-case scenario, just walk in the take them.
Re: Banned because Kaspersky patched NSA/CIA backd (Score:2)
Re: Banned because Kaspersky patched NSA/CIA backd (Score:2)
The NSA isn't the government. NSA does have its plugs in lots of systems e.g. I know they do in large(r) academia networks but they can only reach the higher ups, sysadmin level people aren't supposed to know about the existence of a black box on their network partially because they aren't vetted and it's too many people with little to lose and loose lips.
If the NSA directly interfered with government operations, people would have a fit especially on the smaller, local levels. Federal buildings often share
Re: (Score:2)
The NSA and the security advisors have full access to every computer from the USG? I thought there were other sectors in the government.
I also thought that Wikileaks just published CIA's ExpressLane project [wikileaks.org], showing the "cyber operations the CIA conducts against liaison services", which includes the NSA, DHS and the FBI, proving that this kind of group does hack into other sectors of the USG too (and not just innocent foreigners in their own homes).
Even if they could walk in and get the computers, being abl
Re: (Score:2)
Re: (Score:2)
This is about the DHS telling government agencies to avoid Kaspersky. I haven't heard anything from US intelligence agencies. I am completely unaffected by any such request. I'm not a government agency, but rather a private citizen. Personally, I"m not worried about the Russian government spying on me, so I'm fine with Kaspersky.
Of course, no antivirus vendor whose product didn't detect the Sony rootkit (which is pretty much all of them) can be trusted.
More meaningless FUD (Score:1)
Show some proof or this just a ploy to distract. I wonder how much of the company putins pud pulling pals actually own?
So they think it's so easy to uninstall Kaspersky (Score:5, Interesting)
Re: (Score:1)
Re: (Score:3)
You fool! You are going to delete the /proc directory!
On the other hand, that command is perfectly safe and the recommended way to remove Kaspersky on Linux:
rm -rf --one-file-system /
Re:So they think it's so easy to uninstall Kaspers (Score:5, Insightful)
Yup, basically what I logged in to say. "Removing" software that already had administrative/root access to your systems after telling the vendor that you're going to do it a couple months down the road for a product that has auto-update capabilities built into it is borderline criminal negligence if you sincerely thought there was a legitimate risk to begin with. Silly.
In answer to your second question, no, there is not. And there can't be. The system can never be trusted until wiped down to the firmware level (and maybe not even then if you don't trust the hardware manufacturers or physical access was compromised in some way). Any tool you might build can be lied to by the underlying kernel and/or firmware that you must assume is already compromised.
Re: (Score:2)
Will they try to use the Kaspersky uninstall tool and expect everything to be removed? Only a full clean reinstall of Windows will remove everything. And is there an independent tool to run to confirm that Kaspersky has actually been removed?
I wouldn't bother with such a tool, as you pointed out earlier, the most efficient tool to confirm that Kaspersky has been uninstalled is the Windows Installer. On the positive side I suppose a bunch of federal IT workers will be getting some fat overtime payments which will stimulate the economy (YAY! Capitalism!).
Re: (Score:2)
Only a full clean reinstall of Windows will remove everything.
You mean everything except what is supposed to be there for the benefit of NSA. So now we have officially good backdoors and bad backdoors.
Re: (Score:2)
[Citation needed]
As far as I know, Kaspersky doesn't have a reputation for being hard to remove. Or is this 'just in case' thinking?
Re: (Score:2)
Just-in-case thinking. If Kaspersky is the mostly harmless company it claims to be, the ban is unnecessary. If Kaspersky is spying on the US government, then Kaspersky is doubtless putting additional features in so they can pwn US computers.
Therefore, it makes very little sense to uninstall Kaspersky in the standard manner. Either it is insufficient, or id didn't need to be done.
Re: (Score:2)
Unfortunately, it is not so easy. Can you imagine government officials using some Linux desktop instead of Windows and some opensource office suite instead of Microsoft Word?
And it is only practical way to avoid use of proprietary software from US-based corporations in Russian government. We are trying, but it is hard way to go.
Interesting... (Score:1)
Re: (Score:3, Interesting)
The only sane way you can ... distrust the fuck out of everything, measure it for network connections you can't trust, and decide if you really need that software.
Every state actor these days is doing shit like this. Which means you need to take some ownership of your security and act as if you have no assumption but to assume at least one government is trying to
Gee, ya think? (Score:1)
Attack vector (Score:4, Interesting)
Of all possible attack vectors into a system, antivirus software would have to be the most ideal mechanism for taking over or otherwise collecting data. By its very design it must have full reign of the system, read the data of every file accessed by any process, and have the ability to edit and delete any file on the system.
However, the most concerning part is that antivirus software must receive new functionality and data on a practically daily basis to detect and remove newly created malware. An antivirus program can take down its host system at any time by simply receiving a virus definition that causes it to remove or corrupt critical system files. It can also do the same targeting any specific application.
Personally I don't trust ANY antivirus company to wield that sort of power over my system.
Re: (Score:2)
The AV software I've had experience with have mostly done this, bringing the system to its knees every time it ran. I don't trust them to do anything but make my system useless.
Re: (Score:2)
No Difference (Score:2)
Re:Russia please uninstall US antivirus software (Score:4, Insightful)
...all Russian government should not use US Windows software because it does contain CIA backdoor to get in!
Why You Should Run Kaspersky (Score:5, Insightful)
It is the US government who makes companies insert spy software into their machines. I run Kaspersky because they aren't under threat from the NSA to look the other way about back doors that The NSA and CIA might be putting on my computers.
Re: (Score:3)
The ability to help find the next Equation Group https://en.wikipedia.org/wiki/... [wikipedia.org] is the issue.
Ultimate irony (Score:1)
The ultimate irony: the US government worried about other governments compromising security software.
Do you trust Kaspersky? (Score:1)
Re: (Score:2)
When I was a Windows user, the fact that they consistently discovered government deployed malware and attacks [wikipedia.org] (including Chinese and Russian but mostly five eyes) was the reason I bought their software. Because I felt that the people capable of detecting and working against state actors were more capable than the rest. Also, I wanted to financially support companies that do that (tackle the big criminals). Lastly, because they used to look good on detection comparisons (I don't know if they still do), it wa
Job security, ... (Score:2)
... pun cleverly crafted, is to install the hell out of Kaspersky right now.
Get it off our hardware.... (Score:1)
Yes, remove that bad Russian code from our hardware, all our beautiful Chinese hardware. Made in China.
Tomorrow news... (Score:2)
Windows banned from Russia government systems over concerns about USA