TR Forums

http://www.nbcnews.com/news/us-news/fbi-interviews-employees-russia-linked-cyber-security-firm-kasperky-lab-n777571

Hmm...

Not surprising IMO.

If I'm not mistaken, isn't Kaspersky Labs one of the best(or were) anti-virus vendors out there?

Yes. But given all that has been going on, it makes sense that our govt does not trust them.

whm1974 wrote:

If I'm not mistaken, isn't Kaspersky Labs one of the best(or were) anti-virus vendors out there?

That's the rub. They are rated very well, and work very hard- but their potential associations, which are vehemently denied by their founder (CEO?) who shares the company name, aren't positively separable from their enterprise.

It's like Cisco and the NSA: you knew that the NSA could do whatever they wanted with Cisco products, and you knew that you'd probably never actually know- absent leaks, you wouldn't. You can't even assume that Cisco really 'knew'. Assume the FSB (and federal counterparts) are similarly effective, and Mr. Kaspersky can deny associations all he wants and have a legitimately market-leading product, but he'll never erase suspicion.

Which I find unfortunate; I'd hoped that our global fortunes were going in the opposite direction. However, [politics, heads up JBI] given the gap in hard power/military prowess, expect global US adversaries to invest in soft power and cyber power as they can to counter.

They can't jump ahead in stealth composites, radars, or jet engines, for example, but they can surely bribe/blackmail/threaten (if even necessary in say China's case) software developers.

just brew it! wrote:

Yes. But given all that has been going on, it makes sense that our govt does not trust them.

Yeah that does makes really good sense, I wouldn't trust them either.

I run Kaspersky Internet Security on my PCs. In my experience, it is a much better product than anything from Symantec/Norton or McAfee.

Kaspersky is simply the best antivirus for finding malware written by the NSA, like Equation Group or Stuxnet, although no antivirus can find them once they get embedded into firmware or hidden disk service areas. Snowden's list of NSA hacking targets was notable for leaving out American anti-virus firms Microsoft, Symantec/Norton and Intel/McAfee, as presumably they were cooperative in allowing backdoors so the NSA didn't need to expend resources to find any. It's too bad they were so careless with their tools and Vault 7 documents. Oh well, it was only taxpayer dollars and there's an endless supply of those.

In the news is Microsoft admitting that they uninstall and disable Kaspersky in some situations. Kaspersky of course complained about this last year.

I can understand the Pentagon not wanting to needlessly risk using Russian software, but with all computers having firmware that goes through China and even a whole 2nd computer, it seems like worrying about closing the barn doors after all the horses have already bolted.

I've never used Kaspersky myself. However from the opinions I've seen given by people who should know what they're talking about, it may well be a very good program. Maybe that's why the alphabet crowd (FBI,CIA,NSA,DOJ,etc.) doesn't like it. Just because it's based in Russia doesn't necessarily mean it's compromised, but considering how much the US gov. is doing to try to control all of technology, it's not unreasonable to think the Russians are doing the same thing. One also has to consider that Kaspersky makes no secret of not wanting to play nice with any Government. So, as was said, not surprising and who knows?... Maybe the fact that our "fine upstanding politicos" don't want it means one of two things, either Kaspersky is legit and won't kiss butt, or Kaspersky is kissing Putin's butt and the alphabets are afraid they'll be outwitted..........

<puts on tin foil hat>
I've always asked friends when choosing Antivirus... who do you want to have a back do to your systems.
Only naming major vendors
USA (Norton and McAfee)
Russian (Kaspersky)
Panda (Spain)
Qihoo (China)
I'm sure more can be added here..
<takes off tin foil hat>

Arvald wrote:

<puts on tin foil hat>
I've always asked friends when choosing Antivirus... who do you want to have a back do to your systems.
Only naming major vendors
USA (Norton and McAfee)
Russian (Kaspersky)
Panda (Spain)
Qihoo (China)
I'm sure more can be added here..
<takes off tin foil hat>

"a bunch of random hackers on the internet" (Linux)

Since MalwareBytes has an "About Us" page with pictures of the entire management team AND Board of Directors, I tend to think they're not hiding things.

USA (Norton and McAfee)

That may explain a few things.

What about TrendMicro?

BTW, what is "Nyet for Pent."? It looked like some PUI text to me, or may be I'm stupid or something. "Not yet for Pentagon"?

BTW, what is "Nyet for Pent."? It looked like some PUI text to me, or may be I'm stupid or something. "Not yet for Pentagon"?


Nyet is one way of saying no in Russian.

Well, the trailing period behind Pent doesn't help, but for those of us who grew up during the Cold War the intent of this topic title was instantly obvious.

Captain Ned wrote:

Well, the trailing period behind Pent doesn't help, but for those of us who grew up during the Cold War the intent of this topic title was instantly obvious.

Yes, using those trailing periods is a bad habit of mine that I'm trying to fix. Apparently I need to try harder.

Captain Ned wrote:

Since MalwareBytes has an "About Us" page with pictures of the entire management team AND Board of Directors, I tend to think they're not hiding things.

There is a thing as too open. I mean until a few months ago, they were downloading updates/virus definitions without encryption... Sorry once you see behind the curtain...

Though i moved to MS only AV around Vista.

Knew there was a thread for this somewhere. Some extra details have emerged. Apparently Israeli spies hacked into Kaspersky's own network and were watching Russian hackers/spies actively exploiting Kaspersky to search US consumer systems looking for improperly stored documents and software on US agency toolkits. The theft of NSA documents on US cyber-defense measure that was stolen was just one of the things they found.

Even more interesting is apparently Israeli hackers used Kaspersky for their own purposes including against US and UN targets, to glean information on meetings, locations, and documents on discussions that Israel was excluded from. Typically, this began in 2014 and yet the DHS waited until Sept 13th to give a 90 day deadline on removing Kaspersky on all US systems...

https://www.nytimes.com/2017/10/10/tech ... cking.html

Heard that on Morning Joe. Apparently Kaspersky makes a list of all the files in the system. The hackers can just check the list to see if there are any files worth going after.

Mr Bill wrote:

Heard that on Morning Joe. Apparently Kaspersky makes a list of all the files in the system. The hackers can just check the list to see if there are any files worth going after.

In that case then the NY Times saying google-searching US consumer systems for pertinent files is quite literally accurate. Is that how Kaspersky tries to lesson the system overhead by fast searching the list, or was that functionality due to the added code the Israeli and Russian hacker groups were adding?

It's hard to say without knowing more of the implementation details. A list of filenames on the system wouldn't necessarily tell you anything about the content of the files, and some kind of signature or metadata derived from the process of scanning files might be useful only to the scanner its self. If they were given access to the source code, or if there's some exploit which allows them to hijack the scanning process, then they could just inject their own search criteria while in the process of scanning the files on disk, or maybe add additional indexing routines completely separate from the "normal" operation of the software.

it's not unreasonable to think the Russians are doing the same thing. The others make same things too. I vote for Kaspersky again. Not just A.V. programs, OS systems make same things too.