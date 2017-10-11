Israeli Spies 'Watched Russian Agents Breach Kaspersky Software' (bbc.com) 24
Israeli spies looked on as Russian hackers breached Kaspersky cyber-security software two years ago, according to reports. From a report: The Russians were allegedly attempting to gather data on US intelligence programs, according to the New York Times and Washington Post. Israeli agents made the discovery after breaching the software themselves. Kaspersky has said it was neither involved in nor aware of the situation and denies collusion with authorities. Last month, the US government decided to stop using the Russian firm's software on its computers. The Israelis are said to have notified the US, which led to the ban on Kaspersky programs. The New York Times said that the situation had been described by "multiple people who have been briefed on the matter."
It's kind of like that time that particularly famous traitor aired our own dirty laundry and it turned out that we spy on all of our allies.
If Kaspersky did not know. Its not like Russia has a free press to investigate those things. Oh crap.
Once you realize you install it on Windows 10, you start to relax again. It's like having a ticking bomb in a plane that lost its tail and is plummeting towards the ground with a few 100 mph. Does it matter that there's a ticking bomb next to you?
The chances of there being two ticketing bombs on a plane are astronomical small, so I always take one with me, so we are all more secure.
Here's an old story [wired.com] you might find apolitically interesting. We knew way before the election that Kaspersky was KGB trained and a Putin loyalist. You can read my comment history of you're an actual skeptic rather than a Russian botnik. But I also recommend anyone who doubts Putin's viciousness to hear the story of how he murdered his way into office from this PBS Documentary [youtu.be].
As a sidenote, I'm a slashdot reader from more than a decade ago, and I've been really disappointed to see the amount of denialism pre
Kaspersky's AV solutions scan files, and transmit data back to their servers if found to be malware. If nothing else, they can send back lists of files on machines that are scanned, etc.
The transmission is done thru TLS-encrypted channels.
The Russian Government, like most major governments, do their best to monitor all of the traffic they can. See the recent Wikileaks documents on "Peter-Service" for some details.
If the Russian gov't has obtained, one way or another, copies of Kaspersky's TLS keys, then they really don't need cooperation to see everything that's coming down the pipe. They can also probably MITM the connection and take control of the AV application, without Kaspersky's knowledge.
It is called "plausible deniability" for Kaspersky and fairly trivial in a country where the use of strong encryption requires a license from the gov't.
There are numerous current news articles about our (American) Justice Department is salivating over the possibility of that being possible in the U.S.
