U.S. bans use of Kaspersky software in federal agencies amid concerns of Russian espionage

[nlinecomputers]

U.S. bans use of Kaspersky software in federal agencies amid concerns of Russian espionage


https://www.washingtonpost.com/worl...b717d0-989e-11e7-82e4-f1076f6d6152_story.html

 

[mraikes]

There's been so much fud over Kaspersky, I find a lot of people think our computers are already open books to Putin. And Kaspersky has already been proven guilty of some crime.

Joe (no one cares) Shmo is now losing his sh!t over Kaspersky being installed on his Vista computer and the possibility of Russkies looking through his porn stash. So now he wants an "American" antivirus without stopping to think how many times the US Govt has already been proven to have backdoors and backdoor deals all over the place. I'm not a tinfoil hat type, but if someone's going to be sniffing through my drives, I might prefer it to be the Russians than my own govt.

And now that we're protecting ourselves from the Kaspersky threat, maybe we should also block

Ahnlab (those Koreans all look alike!),
Avast (I spent cold winter nights with tanks on the Czech border - how can I trust them now?!),
Avira (Once a Nazi always a Nazi),
Bitdefender (Russian judges are suspiciously soft on Romania's gymnasts),
ClamWin (I've heard about the scary bugs in Australia - If they can't keep them out of their OWN computers . . .),
ESET (Slovakia? Who are they kidding - same tanks, same border),
Qihoo (China?! Yeah, right.),
Sophos (Red Coats! - wait - I guess we're friends now),
Trend Micro (Just waiting for Japan to electronically Pearl Harbor us!).

It's getting harder and harder to find safe alternatives to just unplugging the ethernet cable.

 

[GTP]

Just use Emsisoft from that "outer suburb" of Australia!

 

[ComputerRepairTech]

And now that we're protecting ourselves from the Kaspersky threat, maybe we should also block


ClamWin (I've heard about the scary bugs in Australia - If they can't keep them out of their OWN computers . . .),
Trend Micro (Just waiting for Japan to electronically Pearl Harbor us!).

I mean technically isn't that kind of true of these 2? Clamwin can't protect a machine by itself, i mean not effectively unless something has changed dramatically over the years. Trend Micro has kind of dropped some bombs (edit: well not technically but metaphorically) in the past hehe.

 

[cypress]

Just use Emsisoft from that "outer suburb" of Australia!

lmao I was waiting for this.

 

[YeOldeStonecat]

The more difficult part...a lot of firewalls/UTMs use Kaspersky.
While people can easily go switch desktop OS's...it's not so easy to do the same with firewalls.

 

[GTP]

Truthfully, I think any IT "Pro" who uses Kaspersky products will continue to do so.
As stated, UTM's/firewalls etc as well as many businesses already on Kaspersky subscriptions won't change despite the FUD being spread.
Notwithstanding the costs involved in finding/deploying replacements and also what the authorities say Kaspersky still garners a lot of trust in the industry.
It may affect a small amount of (patriotic) home users (in the US) but I don't think it will be too big a deal for Kaspersky.
I have about 30 SMB/Home/SoHo/Business clients that have Kaspersky (for MAC) and a couple of Kaspersky (Windows) installed. So far have not heard a peep from any of them apart from subscription updates for some of them this month.
My .02

 

[Encrypted Existence]

I wonder when the rest of the world will follow up and ban Windoze because of all the hacking tools the NSA/CIA have, use, and are continuing to develop. At this point, I'd trust an email from a Nigerian Prince before I trust my own government or their reasoning for things like this. Epitome of hypocrisy.

 

[TechPJC]

And now that we're protecting ourselves from the Kaspersky threat,
maybe we should also block:
-Ahnlab (those Koreans all look alike!),
-Avast (I spent cold winter nights with tanks on the Czech border - how can I trust them now?!),
-Avira (Once a Nazi always a Nazi),
-Bitdefender (Russian judges are suspiciously soft on Romania's gymnasts),
-ClamWin (I've heard about the scary bugs in Australia - If they can't keep them out of their OWN computers . . .),
-ESET (Slovakia? Who are they kidding - same tanks, same border),
-Qihoo (China?! Yeah, right.),
-Sophos (Red Coats! - wait - I guess we're friends now),
-Trend Micro (Just waiting for Japan to electronically Pearl Harbor us!).

I guess, uncle Sam would be delighted...

 

[Markverhyden]

So, just read an article on the Wall Street Journal which claims that the Russkies stole secret recipes, again, from an NSA contractor who had the stuff on his home computer but that Kaspersky played a part. Though it's not defined. Apparently this breach was discovered over a year ago. Here's a link to an arstechnica blurb which quotes the WSJ as well. So there may be some flames behind this smoke.

https://arstechnica.com/information...ms-kaspersky-helped-steal-secret-nsa-secrets/

 

[GTP]

"The report is based on unnamed people the publication says had knowledge of the matter, and it provides no evidence to support its claim."

So, do we just believe it without question?

"appear to have targeted the contractor after identifying the files through the contractor's use" of the Kaspersky AV."

So, Kaspersky was doing it's job on a computer controlled by "Hackers" that happened to check the Quarantine after they got an alert of an infection?

"the FBI quietly briefed private-sector companies on the threat it believed Kaspersky products and services posed."

This reeks of tit-for-tat! Kaspersky caught them out, hackers happened to get lucky, can't blame hackers so get some political mileage by blaming Kaspersky because they were "Russian"

"The counter argument to what Aitel and plenty of people in security and national security circles are saying is that the extraordinary allegations are based solely on anonymous sources and aren't backed up with any hard evidence. What's more, the anonymous sources never say that anyone from Kaspersky Lab aided or cooperated with the hackers. The latter point leaves open the possibility that the hole left open by Kaspersky AV was unintentional by its developers and was exploited by Russian hackers without any help from the company."

"In September 2015, Google Project Zero researcher Tavis Ormandy said his cursory examination of Kaspersky AV exposed multiple vulnerabilities that made it possible for attackers to remotely execute malicious code........Over the years, Ormandy has discovered equally severe code-execution vulnerabilities in AV software from a host of Kaspersky competitors."

But they weren't Russian, so we won't accuse them?

"the names and fingerprints of the sensitive files were indexed in a scan performed by the Kaspersky software and then uploaded to the company's cloud environment so they can be compared against a master list of known malware."

Really? It's called "cloud scanning" as a second opinion on (possibly) infected files and as far as I know 7 out of 10 AV's do it....
But then again, they're not Russian...

To me, this whole thing stinks like dead fish!

Just to be clear, I'm not a "Kaspersky fan boy" but I do use their product.

Kaspersky caught the NSA "red handed" so now it's nothing more than a "let's beat up that Russian boy, Kaspersky" schoolboy scrap!

 

[Brunski Tech]

What it Kaspersky or one of the other anti-virus companies that posted legit windows files was viruses to prove a point that everyone basically copies each other regarding virus detection?

 

[ComputerRepairTech]

What it Kaspersky or one of the other anti-virus companies that posted legit windows files was viruses to prove a point that everyone basically copies each other regarding virus detection?

They don't copy each other in regards to virus detection...er...correction most of the major av companies don't copy each other in regards to virus detection.

 

[TAPtech]

I made the switch to Pulseway not too long ago, coming from GFI/LogicWhatever as I just got tired of them being bought and sold every other week. I'm not sure if I really buy into this whole "Kaspersky is the devil" thing. Fortunately none of my clients have asked me about it! The one thing I don't understand though... The Kaspersky icon is a sort of stylized "K" in the taskbar. It's a big red letter "V" with a black arrow stick leg coming out that makes it a "K". Alright, so... K for Kaspersky. OK, I get that part. What's the big red V stand for? Virus? There's a big red Virus logo on my taskbar?

Somewhere in some dimly lit underground Siberian bunker there are Cold War era Russians laughing over how none of us noticed the obvious symbolism on our task bars. The storm is coming....

 

[Markverhyden]

Conspiracies, theories and otherwise, have been around since before recorded time. Personally I doubt there is anything blatantly wrong with their products. They've been around too long and have way too many people checking their stuff out for anything wide spread to be going on.

But the theory they put forth is interesting. Kaspersky scans ID code that has malware potential and they send back the details. That would be common and is probably in the license blurb. So no surprise at this point. But then what happened? I'm sure people in the industry share things, including with their respective governments. Maybe they already had some info related to the fingerprint that pointed to NSA, it's not like this is the first breach they have ever had. Maybe other stuff, like his name and IP address, was a "fall off the truck" thing afterwards.

 

[GTP]

The Kaspersky icon is a sort of stylized "K" in the taskbar. It's a big red letter "V" with a black arrow stick leg coming out that makes it a "K". Alright, so... K for Kaspersky. OK, I get that part. What's the big red V stand for? Virus? There's a big red Virus logo on my taskbar?

You are right about the "V". It's (sort of) explained by the icons creator here.

The other icons/logos here.

 

[TAPtech]

You are right about the "V". It's (sort of) explained by the icons creator here.

The other icons/logos here.

Whoa! Good find!

 

[JoeTech]

I don't know what is worse. Getting hacked by russians through Kaspersky or having to take my pc to best buy and have them ruin my pc by trying to install a free 1 yr license of mcafee. Then wanting to upsell me a bunch of stuff I don't need.

https://www.bleepingcomputer.com/ne...est-buy-pull-kaspersky-products-from-shelves/

 

[GTP]

Getting hacked by russians through Kaspersky

 

[Markverhyden]

And the plot thickens even more. Just saw an article in the NY Times that the Israeli's are involved as well. I'm wondering when the Nigerian Prince's come into play. LOL!!!!

What gave the Russian hacking, detected more than two years ago,

The Israeli officials who had hacked into Kaspersky’s own network alerted the United States to the broad Russian intrusion, which has not been previously reported, leading to a decision just last month to order Kaspersky software removed from government computers.

The N.S.A. bans its analysts from using Kaspersky antivirus at the agency, in large part because the agency has exploited antivirus software for its own foreign hacking operations and knows the same technique is used by its adversaries.

Seriously though, the US Fed's have known, have to say allegedly of course, about the Russkie's activities for more than 2 years and did nothing to alert the public. Which brings me to one of my favorite cartoons from xkcd.com.