Israeli spies looked on as Russian hackers breached Kaspersky cyber-security software two years ago, according to reports. From a report: The Russians were allegedly attempting to gather data on US intelligence programs, according to the New York Times and Washington Post. Israeli agents made the discovery after breaching the software themselves. Kaspersky has said it was neither involved in nor aware of the situation and denies collusion with authorities. Last month, the US government decided to stop using the Russian firm's software on its computers. The Israelis are said to have notified the US, which led to the ban on Kaspersky programs. The New York Times said that the situation had been described by "multiple people who have been briefed on the matter."
NPR does admit that Kapersky is an underwriter in their stories... They were also early to bring up the connection between them and the Russian government. It seems NPR is respectable enough to not let Kapersky money get in the way of good reporting.
So Israel was spying on the US and saw that Russia was spying on the US.
Great. Wish they'd both die in a fire.
It's kind of like that time that particularly famous traitor aired our own dirty laundry and it turned out that we spy on all of our allies.
If Kaspersky did not know. Its not like Russia has a free press to investigate those things. Oh crap.
Once you realize you install it on Windows 10, you start to relax again. It's like having a ticking bomb in a plane that lost its tail and is plummeting towards the ground with a few 100 mph. Does it matter that there's a ticking bomb next to you?
The chances of there being two ticketing bombs on a plane are astronomical small, so I always take one with me, so we are all more secure.
Given the seemingly substantial increase in the risk that computer users cannot trust software that they have acquired regardless of source, what needs to change about the architecture and/or operation of computer systems (hardware and/or software) to reduce this risk? The risk has always been present, but the threat appears to have increased significantly (by which I mean that there is a greater probability that someone is trying to attack through this attack vector), which increases the risk accordingly.
FoxNews tells me that is not true.
What does one have to do with the other? We all know Putin is vicious, but no worse than the Clintons and Bushes that did the exact same thing. But that has nothing to do with Kaspersky.
They may have found a hole in the Kaspersky software and not shared it with them but I highly doubt they willingly put it in there. If that is the case, then make the same objective analysis for Microsoft and Cisco.
Seriously, if something like this came up in a cheesy 80s action show I'd switch channel.
Kaspersky's AV solutions scan files, and transmit data back to their servers if found to be malware. If nothing else, they can send back lists of files on machines that are scanned, etc.
The transmission is done thru TLS-encrypted channels.
The Russian Government, like most major governments, do their best to monitor all of the traffic they can. See the recent Wikileaks documents on "Peter-Service" for some details.
If the Russian gov't has obtained, one way or another, copies of Kaspersky's TLS keys, then they really don't need cooperation to see everything that's coming down the pipe. They can also probably MITM the connection and take control of the AV application, without Kaspersky's knowledge.
It is called "plausible deniability" for Kaspersky and fairly trivial in a country where the use of strong encryption requires a license from the gov't.
There are numerous current news articles about our (American) Justice Department is salivating over the possibility of that being possible in the U.S.
Kaspersky? Sounds kinda Russian to me!
They're probably part of RINNT - the Russia Israel Neo Nazi Trump conspiracy!
This comment is just bizarre and completely backwards. The only people who care about this stuff are people on places like Slashdot. Friends and family who don't work in IT are not losing any sleep over this at all. I can give you my complete guarantee on that. The people who actually do care are few in number.
If it is breached, that means that they are not working together with them. It means it NEEDS to be breached to be available to them.
Why are they not caught breaching the others? My guess is because they found the loophole the NSA put in there. and everybody is using that already.
It also shows that the Israelis where looking to breach it (most likely while working with/for the NSA) and that means they where not yet able to breach it either.
