Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
Businesses Government The Almighty Buck Politics

Israeli Spies 'Watched Russian Agents Breach Kaspersky Software' (bbc.com) 24

Posted by msmash from the security-woes dept.
Israeli spies looked on as Russian hackers breached Kaspersky cyber-security software two years ago, according to reports. From a report: The Russians were allegedly attempting to gather data on US intelligence programs, according to the New York Times and Washington Post. Israeli agents made the discovery after breaching the software themselves. Kaspersky has said it was neither involved in nor aware of the situation and denies collusion with authorities. Last month, the US government decided to stop using the Russian firm's software on its computers. The Israelis are said to have notified the US, which led to the ban on Kaspersky programs. The New York Times said that the situation had been described by "multiple people who have been briefed on the matter."

Israeli Spies 'Watched Russian Agents Breach Kaspersky Software' More | Reply

Israeli Spies 'Watched Russian Agents Breach Kaspersky Software'

Comments Filter:

  • I don't know who's spying who (Score:1)

    by Anonymous Coward

    So Israel was spying on the US and saw that Russia was spying on the US.
    Great. Wish they'd both die in a fire.

  • If Kaspersky did not know. Its not like Russia has a free press to investigate those things. Oh crap.

  • Any AV vendor (Score:4, Insightful)

    by xxxJonBoyxxx ( 565205 ) on Wednesday October 11, 2017 @10:24AM (#55349367)
    Part of the reason I've always felt nervous installing AV or anything else that wanted to run at or near kernel is exactly this: at least one third party is "in" my system...and if that third party goes sideways then the rest of my defenses aren't worth much. (e.g. is your IDS really going to flag a 10% traffic increase to your AV vendor from your AV software?)

    • Once you realize you install it on Windows 10, you start to relax again. It's like having a ticking bomb in a plane that lost its tail and is plummeting towards the ground with a few 100 mph. Does it matter that there's a ticking bomb next to you?

      • Re: (Score:2)

        by houghi ( 78078 )

        The chances of there being two ticketing bombs on a plane are astronomical small, so I always take one with me, so we are all more secure.

  • Here's an old story [wired.com] you might find apolitically interesting. We knew way before the election that Kaspersky was KGB trained and a Putin loyalist. You can read my comment history of you're an actual skeptic rather than a Russian botnik. But I also recommend anyone who doubts Putin's viciousness to hear the story of how he murdered his way into office from this PBS Documentary [youtu.be].

    As a sidenote, I'm a slashdot reader from more than a decade ago, and I've been really disappointed to see the amount of denialism pre

    • Re: (Score:1)

      by Anonymous Coward
      Brace yourself for the hysterics, e tu quoque, and false equivalences. Get ready for more demands of absolute proof, and probably some ad hom attacks while they're at it.

  • Seriously, if something like this came up in a cheesy 80s action show I'd switch channel.

  • Occam's Razor (Score:3)

    by chill ( 34294 ) on Wednesday October 11, 2017 @10:39AM (#55349461) Journal

    Kaspersky's AV solutions scan files, and transmit data back to their servers if found to be malware. If nothing else, they can send back lists of files on machines that are scanned, etc.

    The transmission is done thru TLS-encrypted channels.

    The Russian Government, like most major governments, do their best to monitor all of the traffic they can. See the recent Wikileaks documents on "Peter-Service" for some details.

    If the Russian gov't has obtained, one way or another, copies of Kaspersky's TLS keys, then they really don't need cooperation to see everything that's coming down the pipe. They can also probably MITM the connection and take control of the AV application, without Kaspersky's knowledge.

    It is called "plausible deniability" for Kaspersky and fairly trivial in a country where the use of strong encryption requires a license from the gov't.

    There are numerous current news articles about our (American) Justice Department is salivating over the possibility of that being possible in the U.S.

  • Well, then... (Score:3)

    by lhowaf ( 3348065 ) on Wednesday October 11, 2017 @10:40AM (#55349473)
    I trust(ed) Kaspersky more than the Senators bad-mouthing them. They look pretty bad in this light, though. Not because of collusion with the KGB but because their software can't, apparently, protect their own systems. So who can we trust, then? Symantec? McAfee? Windows Defender? Please. It looks like we either have to swallow the fact we're going to be entertaining uninvited guests or we'll have to try to live without our security blankets. It isn't so bad for /. readers but what about those friends and family who are more-and-more at risk? What a stinkhole we've made of the Internet.

  • No silver lining for Kaspersky (Score:3)

    by lbmouse ( 473316 ) on Wednesday October 11, 2017 @10:54AM (#55349545) Homepage
    No matter how you spin this there is no way for Kapersky to come out of this whole mess OK.

Slashdot Top Deals

A CONS is an object which cares. -- Bernie Greenberg.

Close