Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Government Privacy Security United States Politics

Kaspersky Software Banned From US Government Systems Over Concerns About Russia (betanews.com) 91

Mark Wilson writes: The Department of Homeland Security has told US government agencies to remove Kaspersky software from their systems. The directive was issued because of concerns about influence exerted over the company by the Russian government. Government agencies have been given three months to identify and start to remove Kaspersky's security products. Kaspersky has constantly denied connections to the Russian government, but the US is simply not willing to take the risk.

Kaspersky Software Banned From US Government Systems Over Concerns About Russia

Comments Filter:
  • by Anonymous Coward

    jimstone.is [slashdot.org]

    After hackers released all the NSA hackware files, Kaspersky went through them and plugged all the holes. That would explain why American intelligence is telling people to avoid Kaspersky.

    Let me repeat an old story on this site . . . .

    Years ago, (2012 or so) a Norton programmer contacted me and told me that both Norton and McAfee had people permanently stationed at Microsoft, and their only job was to cooperate with Microsoft and make sure their system security products did not close any NSA back

    • by Dan East ( 318230 ) on Wednesday September 13, 2017 @04:33PM (#55190883) Homepage Journal

      This is cold hard irrefutable fact, not internet rumor.

      Got any more hard irrefutable facts I'm supposed to blindly believe? Just checking before I make any important decisions. BTW, I'm on the internet, and I'm seeing this claim made on the internet by a totally anonymous person with no actual attribution or sources backing it up, so that kinda, by definition, makes it an "internet rumor".

      • It's generally pretty hard to get any irrefutable facts on things like this. While people are fond of disclosing secrets like this, they never do so when they expect a permanent record.

        An example: the author of once-dominant anti-virus program in Poland (mks_vir) used to brag about releasing tens of viruses himself. It was illegal even then, but what can you do? If I'd say "this guy said this to my dad, then my dad repeated this to me", is this a proof good enough? (The guy died in 2004, so at least the

        • by Anonymous Coward

          And yet if you search a sentence from his comment, it's taken verbatim from a single comment from a clearly sleezy site debunking HIV, denying the holocaust. And posted here to try to make it believable.

          Copy and paste a sentence from that ACs comment and see only two hits come up. Here and the place it was stolen from. And judge for yourself how credible that source is.

      • by DAldredge ( 2353 )
        Most important fact, you can't trust any thing a slashdot user with a 4 digit UID says.
      • by AHuxley ( 892839 )
        Recall the Magic Lantern (software). https://en.wikipedia.org/wiki/... [wikipedia.org]
        Why do some 5 eye nations have issues?
        https://en.wikipedia.org/wiki/... [wikipedia.org]
        The good work done on Stuxnet, Flame, Equation Group.
        https://en.wikipedia.org/wiki/... [wikipedia.org]
    • by ls671 ( 1122017 )

      Then, Microsoft will report to the NSA that you are running Kaspersky, you will be put on a special list and they will put more effort into accessing your system. They have several ways, some of which an anti-virus can't do anything about.

    • This makes no sense though from a government perspective. The US isn't banning Kaspersky from US consumers, but only from US government computers, for which ostensibly they already have several means of intercepting and tracking data. Those computers are already government property, not the property of the employees who use them.

      • by Shotgun ( 30919 )

        You say that as if the "US government" is a homogenous group with common goals. I'd really like that to be the case, but there is ample evidence that there are many factions that practically carry out a cold war. The controversies over "unmasking" should suffice as an example.

    • by SeaFox ( 739806 ) on Wednesday September 13, 2017 @05:00PM (#55191123)

      jimstone.is [slashdot.org]

      After hackers released all the NSA hackware files, Kaspersky went through them and plugged all the holes. That would explain why American intelligence is telling people to avoid Kaspersky.

      Let me repeat an old story on this site . . . .

      Years ago, (2012 or so) a Norton programmer contacted me and told me that both Norton and McAfee had people permanently stationed at Microsoft, and their only job was to cooperate with Microsoft and make sure their system security products did not close any NSA backdoors that Microsoft put there for the NSA. This is cold hard irrefutable fact, not internet rumor.

      Why would the government need to worry about Kaspersky plugging "NSA backdoors" on systems they personally own and have full physical access to? If they want to see what's on their own systems they can, in a worst-case scenario, just walk in the take them.

      • Another thing that makes these claims rediculous is that if they really where working with Microsoft they wouldn't need and holes at all.
      • The NSA isn't the government. NSA does have its plugs in lots of systems e.g. I know they do in large(r) academia networks but they can only reach the higher ups, sysadmin level people aren't supposed to know about the existence of a black box on their network partially because they aren't vetted and it's too many people with little to lose and loose lips.

        If the NSA directly interfered with government operations, people would have a fit especially on the smaller, local levels. Federal buildings often share

      • The NSA and the security advisors have full access to every computer from the USG? I thought there were other sectors in the government.
        I also thought that Wikileaks just published CIA's ExpressLane project [wikileaks.org], showing the "cyber operations the CIA conducts against liaison services", which includes the NSA, DHS and the FBI, proving that this kind of group does hack into other sectors of the USG too (and not just innocent foreigners in their own homes).
        Even if they could walk in and get the computers, being abl

      • by houghi ( 78078 )

        Why would the government need to worry about Kaspersky plugging "NSA backdoors" on systems they personally own and have full physical access to?

        The NSA put the backdoors in Windows and Norton and McAffee. The NSA does not have access to all the machines, e.g. not the Windows machines that you type on now.

        So the reason they do not want you to use Kapersky is not so much that it would make it possible for the Russians to have access, but because it would make it harder or even impossible for the NSA to access

    • This is about the DHS telling government agencies to avoid Kaspersky. I haven't heard anything from US intelligence agencies. I am completely unaffected by any such request. I'm not a government agency, but rather a private citizen. Personally, I"m not worried about the Russian government spying on me, so I'm fine with Kaspersky.

      Of course, no antivirus vendor whose product didn't detect the Sony rootkit (which is pretty much all of them) can be trusted.

  • Show some proof or this just a ploy to distract. I wonder how much of the company putins pud pulling pals actually own?

  • by billrp ( 1530055 ) on Wednesday September 13, 2017 @04:19PM (#55190753)
    Will they try to use the Kaspersky uninstall tool and expect everything to be removed? Only a full clean reinstall of Windows will remove everything. And is there an independent tool to run to confirm that Kaspersky has actually been removed?
    • by Anonymous Coward
      I tried to uninstall but bash repeatedly reported program not found or something to do with my "path"? What do?
    • by gregfortune ( 313889 ) on Wednesday September 13, 2017 @04:24PM (#55190815)

      Yup, basically what I logged in to say. "Removing" software that already had administrative/root access to your systems after telling the vendor that you're going to do it a couple months down the road for a product that has auto-update capabilities built into it is borderline criminal negligence if you sincerely thought there was a legitimate risk to begin with. Silly.

      In answer to your second question, no, there is not. And there can't be. The system can never be trusted until wiped down to the firmware level (and maybe not even then if you don't trust the hardware manufacturers or physical access was compromised in some way). Any tool you might build can be lied to by the underlying kernel and/or firmware that you must assume is already compromised.

    • Will they try to use the Kaspersky uninstall tool and expect everything to be removed? Only a full clean reinstall of Windows will remove everything. And is there an independent tool to run to confirm that Kaspersky has actually been removed?

      I wouldn't bother with such a tool, as you pointed out earlier, the most efficient tool to confirm that Kaspersky has been uninstalled is the Windows Installer. On the positive side I suppose a bunch of federal IT workers will be getting some fat overtime payments which will stimulate the economy (YAY! Capitalism!).

    • Only a full clean reinstall of Windows will remove everything.

      You mean everything except what is supposed to be there for the benefit of NSA. So now we have officially good backdoors and bad backdoors.

    • [Citation needed]

      As far as I know, Kaspersky doesn't have a reputation for being hard to remove. Or is this 'just in case' thinking?

      • Just-in-case thinking. If Kaspersky is the mostly harmless company it claims to be, the ban is unnecessary. If Kaspersky is spying on the US government, then Kaspersky is doubtless putting additional features in so they can pwn US computers.

        Therefore, it makes very little sense to uninstall Kaspersky in the standard manner. Either it is insufficient, or id didn't need to be done.

  • Interesting that they are discussing the possibility of something like a backdoor on it. Just wondering how the rest of the world should behave when we have several US-made softwares that were already proved to contain NSA backdoors.
    • Re: (Score:3, Interesting)

      by Anonymous Coward

      Just wondering how the rest of the world should behave when we have several US-made softwares that were already proved to contain NSA backdoors.

      The only sane way you can ... distrust the fuck out of everything, measure it for network connections you can't trust, and decide if you really need that software.

      Every state actor these days is doing shit like this. Which means you need to take some ownership of your security and act as if you have no assumption but to assume at least one government is trying to

  • hahah, well, I guess they just got off the hash.
  • Attack vector (Score:4, Interesting)

    by Dan East ( 318230 ) on Wednesday September 13, 2017 @04:41PM (#55190945) Homepage Journal

    Of all possible attack vectors into a system, antivirus software would have to be the most ideal mechanism for taking over or otherwise collecting data. By its very design it must have full reign of the system, read the data of every file accessed by any process, and have the ability to edit and delete any file on the system.

    However, the most concerning part is that antivirus software must receive new functionality and data on a practically daily basis to detect and remove newly created malware. An antivirus program can take down its host system at any time by simply receiving a virus definition that causes it to remove or corrupt critical system files. It can also do the same targeting any specific application.

    Personally I don't trust ANY antivirus company to wield that sort of power over my system.

    • by Shotgun ( 30919 )

      The AV software I've had experience with have mostly done this, bringing the system to its knees every time it ran. I don't trust them to do anything but make my system useless.

    • by Tungbo ( 183321 )
      Do you accept 'security updates' from Microsoft or Apple?   They have the exact same power.
  • In the same way that some US three-letter-acronym could walk up, serve Cisco or any other company with a FISC order and associated national security gag order so they couldn't even talk about it.... Lets face it, in terms of net capability US FISC/FISA orders ~= FSB knock at the door ~= PLA/MSS order ~= UK GCHQ and Home Secretary order China already forces homegrown buys for government. As do many countries for this reason. The only real news here is that it took so long to happen.
  • by j0ebaker ( 304465 ) <joebaker@dcresearch.com> on Wednesday September 13, 2017 @05:03PM (#55191147) Homepage Journal

    It is the US government who makes companies insert spy software into their machines. I run Kaspersky because they aren't under threat from the NSA to look the other way about back doors that The NSA and CIA might be putting on my computers.

  • by Anonymous Coward

    The ultimate irony: the US government worried about other governments compromising security software.

  • I'm not a software expert. I'm just an average consumer. Should we trust Kaspersky? I do not know the answer. I'm hoping more enlightened people would know the answer to this. I have to discount what the government position is as there are sanctions against Russia because of political reasons and their [the us] position might be more retaliation than fact. I have not seen any factual evidence from the us or from Kaspersky either. I have had Kaspersky software products on my computer for years and have not h
    • When I was a Windows user, the fact that they consistently discovered government deployed malware and attacks [wikipedia.org] (including Chinese and Russian but mostly five eyes) was the reason I bought their software. Because I felt that the people capable of detecting and working against state actors were more capable than the rest. Also, I wanted to financially support companies that do that (tackle the big criminals). Lastly, because they used to look good on detection comparisons (I don't know if they still do), it wa

  • ... pun cleverly crafted, is to install the hell out of Kaspersky right now.

  • Yes, remove that bad Russian code from our hardware, all our beautiful Chinese hardware. Made in China.

  • Windows banned from Russia government systems over concerns about USA

We don't know one millionth of one percent about anything.

Working...