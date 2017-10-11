Moscow Has Turned Kaspersky Antivirus Software Into a Global Spy Tool, Using It To Scan Computers For Secret US Data (wsj.com) 80
WSJ has a major scoop today. From a report: The Russian government used a popular antivirus software to secretly scan computers around the world for classified U.S. government documents and top-secret information, modifying the program to turn it into an espionage tool (could be paywalled), according to current and former U.S. officials with knowledge of the matter. The software, made by the Moscow-based company Kaspersky Lab, routinely scans files of computers on which it is installed looking for viruses and other malicious software. But in an adjustment to its normal operations that the officials say could only have been made with the company's knowledge, the program searched for terms as broad as "top secret," which may be written on classified government documents, as well as the classified code names of U.S. government programs, these people said. The Wall Street Journal reported last week that Russian hackers used Kaspersky's software in 2015 to target a contractor working for the National Security Agency, who had removed classified materials from his workplace and put them on his home computer, which was running the program. The hackers stole highly classified information on how the NSA conducts espionage and protects against incursions by other countries, said people familiar with the matter. But the use of the Kaspersky program to spy on the U.S. is broader and more pervasive than the operation against that one individual, whose name hasn't been publicly released, current and former officials said. This link should get you around WSJ's paywall. Also read: Israeli Spies 'Watched Russian Agents Breach Kaspersky Software'
Re: (Score:2)
Ergo, on Slashdot, "Could be" means "is".
Re: (Score:2)
I wouldn't be surprised if AV made in the USA does the same, just sending copies to a different three letter agency.
Windows 10 Defender absolutely does this. The description however promises that if the file is a "personal document" it asks for your permission first.. Upon asked what count as personal document microsoft has anwsered it means a file created with "default windows 10 apps".
Re: (Score:2)
Which just goes to show, being paranoid doesn't mean someone isn't really out to get you.
Re: (Score:2)
I always browse at -1 with all comments loaded. And I put more stock in AC posts than others.
This is why I use Windows Defender (Score:2)
Re: (Score:1)
Re: (Score:2)
Right, because if someone is spying on me, I want it to be 'muricans, dammit!
Re: (Score:2)
Re: (Score:2)
What the hell? Did you just casually lob a jewelry joke into the political discussion?
Re: (Score:2)
The argument can be made that Slashdot's editors are Russian spies sent here on a mission to discredit Democrats.
Re: (Score:3)
It's the mouthpiece of reality that you really object to.
I'm sorry that you are loyal to Russia instead of America, and that you want Americans to continue running Russian government spyware.
If you were a loyal American instead of a traitor you would understand that it's important to warn you fellow Americans of a hostile foreign adversary's attack on your country and your computers.
Supporting Russia or Russians isn't treason. We are not at war with Russia. In fact, they're our allies.
Treason includes giving aid or comfort the the nation's enemies (foreign or domestic).
That's an act of war, right? (Score:2, Interesting)
It's the weaponization of something considered a base necessity to the functioning of computers. It's the equivalent of poisoning a city's primary water supply. Yes there are others but this one is well known and been used for so long that many are dependent on it for what it provides.
Re:That's an act of war, right? (Score:4, Insightful)
It's the weaponization of something considered a base necessity to the functioning of computers. It's the equivalent of poisoning a city's primary water supply. Yes there are others but this one is well known and been used for so long that many are dependent on it for what it provides.
If running an antivirus is a base necessity, you've chosen your operating system poorly.
Re: (Score:2)
Act of war? Spy services spy. That's why they exist and every country has spy services. How this is a shock to anyone is beyond me. Do you think that the NSA hasn't exploited every single A/V provider, hell, every single online anything?
Re: (Score:2)
AV is not necessary to the base functioning of a computer. It is poorly designed OS architectures and architectures brought forward from antediluvian hardware which made AV a need in the first place. In reality, you are far better off with a signed executable mechanism, an ad blocker, and your web browser in a VM or container than you ever will be with AV software. Mainly because AV doesn't catch the latest stuff.
Yes, AV sells, but it is more of a legal checkbox than something useful for an active defens
You mad cuz Kaspersky cracked Intel M.E. (Score:1, Interesting)
The globalists have been pissed that Kaspersky figured out how to disable Intel's Management Engine so they turn all their shill propaganda rags against it. It's over for you guys.
Same song and dance. (Score:3, Insightful)
WSJ has a major scoop today.
From a report
according to current and former U.S. officials
How many times are we going to let this go? Every week there is something else.
Shocking news to grab your attention by a series of reputable outlets that have changed ownership or management in the last few years. From a report, sounds so official. With vague anonymous sources that are official in some way.
I am not saying this is entirely "fake news". That rarely exists whole-cloth, but just look into it a little closer when it looks like a duck and quacks like a duck.
The US government, and by extension the media sources that make their money by having cooperative contacts within it, got pissed off at Kaspersky for exposing their dirty Stuxnet secrets. Double points for Kaspersy being Russian at a time when anything remotely critical of Trump is made of ad impression gold.
So now they set the hounds against Kaspersky and we have to put up with a media blitz. Story after story with no real proof other than "trust us, we are the media and government" when we should be doing the opposite for the same reason.
Re: (Score:2)
The Wall Street Journal (WSJ) has been owned by Murdoch since the 90's if I recall correctly. That's near on 30 years. Apparently you and I have a different opinion of what recent means. But I know, downplay it, for all anyone knows you could be one of the Russians paid to spread propaganda on the internet.
do people actually believe this stuff? (Score:1)
I'm shocked. (Score:4, Interesting)
Shocked, I tell you.
I said, oh, 3 or 5 years ago, or maybe it was 10?
...that an obvious vector was the antivirus product itself. Because trust has to start somewhere, and people tend to trust their antivirus software, because otherwise, what do you do? Throw out your computer and go back to books? (Now that I write that, it doesn't sound like a half bad idea.)
And this was even before the useless nagware McAfee Security Scan started being bundled in everything to hell and gone.
So, in a way, I'm glad this happened, because it might cause people (well, some people... well, a few people) to look a little more critically at their antivirus software.
So everyone should convert to Windows Defender. Just kidding.
Re: (Score:2)
Since AV software requires kernel level access, or as close to it as possible, having AV software be a Trojan or a spying tool isn't surprising.
I just wonder why we even have AV in the first place. Scanning for signatures is a pointless task. The two biggest entry points for infection are Trojans (that invoice that was E-mailed with the CEO's name, even though the return header is from a Lower Elbonian site), and malvertising/weaknesses in the Web browser.
The browser issues are addressed by virtual machin
How do we know that the US Government... (Score:1)
Re: (Score:2)
This isn't a zero sum game, it doesn't matter to this particular story what the US government did. Maybe other things are similarly compromised, maybe not. It would be useful to expose each one that is without trying to distract by talking about unrelated products.
I'm sure that it won't be long before they will have the ability to listen to every home with a Amazon echo in it.
It's cute that you think they don't have that ability now. If we've learned one thing from commercial software (which goes for cell phones, "smart" TVs, etc), it's that security is often an afterthought. Hell, even the military decided to just
Did the editor even read the article? (Score:5, Informative)
...WSJ has a major scoop today.:...
From the WSJ article itself:
...Israel’s spying on Kaspersky, which U.S. officials said provided crucial evidence that Kaspersky Lab was working with the Russian government, and the use of Kaspersky to scan for classified keywords was first reported Tuesday by the New York Times.
...
[my emphasis] The NYTimes may not be my favorite newspaper, but credit where credit isude, eh?
This is not a drill! (Score:1)
ALERT ALERT ALERT LAUNCH ALL RUSSIA SHILLS!!!
Claim it is US corporate interests against Russia company; failure imminent. Redirect rhetoric to: If this were Germany or UK or Israel it would be no big deal, so why for friend Russia?
Re: (Score:2)
Except that it was scanning for particular names and phrases, not just virus signatures.
Re: (Score:2)
Shill disinformation vector 3: doubt fork of FUD activated!
No they haven't... (Score:1)
what they want is to throw out foreign AV from American's computers, because it keeps NSA etc. out and they can't control it. American vendors can't say no to the government even if they wanted to, so it's easier to break.
AV is so centric when it comes to spying and security, that America will do whatever it takes to throw out AV that does its job too good. Today it's Kaspersky, and tomorrow it will be F-secure, Avast, and other foreign AV's.
I have a different theory. (Score:4, Informative)
Anti-virus software detects various forms of malware.
The surveillance software used by the NSA and other government agencies is effectively malware. To serve the purpose intended by the NSA this malware needs to go undetected and unreported by anti-virus software. Kaspersky wouldn't play along with this whitelisting, then they found themselves the target of blacklisting.
Who is watching the watcher? (Score:2)
This reminds me of a sci-fi story where the NSA somehow created a code module sometime in the past that has made its way into every anti-virus software (lot of hand waving here). The idea being that most computers have anti-virus software running and the anti-virus software won't be looking at itself (who is watching the watchers?) This allows the NSA to make every computer a part of a giant botnet, basically a global super-computer using the free CPU cycles of billions of computers. They aren't using the c
Problem with WSJ article (Score:1)
A decent piece by Hacker News (https://thehackernews.com/2017/10/kaspersky-nsa-russian-hackers.html) correctly points out that there is no evidence, just anonymous sources and nation state he said she said. Even if Russian ops did gain access through Kaspersky, Kaspersky might not have allowed access and are victims themselves. US intelligence does this all the time, ask Cisco about the backdoor added to their hardware mid route (thanks Edward Snowden for the revelation).
Blaming a company without any substa