
can't blame them
OTOH, that thing that they can download documents in a person's computer, AND identify the individual... creepy!
Embattled Russian security software maker Kaspersky Lab has taken the American government to a US federal court to overturn Uncle Sam's ban on its antivirus tools. The Moscow-based developer claimed the US Department of Homeland Security acted illegally when, back in September, the department publicly told federal agencies …
And what you think about "submit sample files" and "cloud protection" in Windows Defender? I'm surprised that Kaspersky has not built their defense around defaults foisted by MS onto majority of Windows users (all the while Cortana rummages through files to better "assist you"). It's hard to tell how easily identifiable was the source, maybe it's just the guid for the system the file originated from but - as recent reports seem to imply - data anonymization does not work anyway. And while I understand the reason it's done, I don't condone these practices (sample submission), but pointing finger at K appears politically motivated distraction that inflicted serious financial damage (likely put them out of business anywhere within US sphere of influence) and no business outside umbrella of US bully agencies can survive this type of attack. Unlikely even WTO would help (guess what side it's likely to take).
And it's not just antivirus software on the client computers that does this. Many organizations (businesses, schools, etc.) use firewalls (such as Palo Alto, etc.) that filter out any downloads/uploads that they can't identify and upload them for analysis to determine whether they're harmful or not.
"I think I need to start sleeping on the floor, so that there's no risk of finding reds under my bed."
From what I remember of the novels of the period highly confidential classified documents, the preferred modus operandi of the KGB involved a Red in your bed. And cameras and microphones.
Well, erm ...
US-only wouldn't have done the job. It wouldn't have seeded serious FUD, it wouldn't have led to actions outside the US like Barclays.
It may be that Kaspersky was the only AV vendor who declined to cooperate with the NSA by incorporating their backdoor to snoop, when the spooks made them an offer it was hard to refuse.
Or if there was another, their turn is yet to come, under some different pretext. I expect it would've looked too suspicious to lump more than one vendor together in the same FUD action.
Alternatively, they could have entered into dialogue with Kaspersky who have already mooted the idea of servers on US soil as a way forward. But they didn't, they just shut the door.
There's no reason why US samples could not be analysed in the US and only the developed signatures sent out globally.
When I look at the number of nation state malware examples Kaspersky has exposed or helped expose they look like the good guys to me. Can I entertain the notion that the US spooks are pissed at their work being exposed and are trying to weaken Kaspersky as a response? Yes I can.
"...When I look at the number of nation state malware examples Kaspersky has exposed or helped expose they look like the good guys to me. Can I entertain the notion that the US spooks are pissed at their work being exposed and are trying to weaken Kaspersky as a response? Yes I can..."
I said pretty much the same thing when this first occurred.
It was Kaspersky who unveiled the work of the so-called Equation Group, for example, with some of their nefarious tricks such as compromised HDD firmware since around 2003 (I seem to recall).
Yeah...hard not to agree here that Kaspersky are the better side.
"to call out one specific company was just asking to be sued"
maybe, but to call it "unconstitutional" is completely ridiculous.
Any corporation or government has the authority to decide what products it wants to use. Otherwise, they'd be using public money to appease EVERY WHINER OUT THERE just because the gummint didn't purchase THEIR products. Like some form of 'political correctness' I guess...
DHS essentially issues a form of "...National Security..." edict and someone thinks they'll win out in the courts. Sorry buddy, but I don't think that will work for you. Not sure in this sort of situation they need to conclusively prove you operate at the behest of a foreign spy agency, or potentially provide any proof at all. "National Security" provisions normally operate within the "better safe than sorry" realm.
"Not sure in this sort of situation they need to conclusively prove you operate at the behest of a foreign spy agency, or potentially provide any proof at all."
What they should have done was depersonalise it - just say US suppliers only. It's calling out a specific supplier that can cause them problems.
At a produce stand, a long time customer examines an Apple. He puts it back.
The owner says “why you no buy my Apple?”
Customer reply’s “I think it’s a bad Apple.”
Owner reply’s “you bad mouth my Apple. I sew you!”
———-
Is Microsoft going to sew me if I don’t buy their Surface laptop?
Sometimes I hate this world...
If that's the case, then every company out there can sue you if you don't buy their product or service. I think that this lawsuit will get tossed out because, after all, Kaspersky is a Russian company. The US is not exactly on friendly terms with Russia...
And there's that national security thing too...
Suspect someone has retained an undisclosed USB stick.
However, Kaspersky has only said that they have deleted the files - not a word about the metadata.
I would hope that in the current round of AV updates, Kaspersky includes the relevant signatures, labelled accordingly:
Pup.NSA
Trojan.NSA
Keylogger.NSA
etc.
Obviously, to remove these, would require the download and installation of a paid version of Kaspersky from Kaspersky.Ru ...
If the US government successfully defends this, an ugly precedent will be made: that specific companies and individuals can be banned from doing business upon a whim. So, for example if you had a very corrupt politician who might have a family foundation which can accept donations, a prerequisite to doing business might be making significant contributions to the foundation, and to the income of various family members and political cronies. Otherwise you will be banned from doing business.
So before cheering the dragon for striking down one's opponents, just think that the dragon may turn on you.
"If the US government successfully defends this, an ugly precedent will be made:"
you mean a precedent like NOT having to bow to every WHINER out there who BITCHES that the gummint isn't buying THEIR products, for "whatever reason" ?
don't tell me that YOUR boss (or I.T. department) doesn't say you can't use "certain software" on work computers... that would be VERY rare, from what I've seen.
So Kaspersky's theory is that the US Government is somehow required to have Kaspersky AV software installed on their computers? They can't uninstall it? Ever?
What about the private sector? Let's say XYZ, Inc. issues an internal memo directing their IT staff to remove Kaspersky AV from all their Windows machines, because they don't trust it. And then XYZ, Inc. makes their decision public.
Is XYZ liable under US law? Are they violating the US Constitution? Are they under any obligation whatsoever to continue using Kaspersky AV? If that were true, anyone in the US would be liable just because they uninstalled some software and replaced it with something else. One could be sued for erasing Windows from their laptop or PC and installing Linux instead.
Kaspersky is very confused. We are not the Soviet Union. Or Putinistan.
I'm guessing that, in Russia, once you've installed Kaspersky AV on your laptop, you aren't allowed to uninstall it, under penalty of law? Constitutional offense?
Here in the US, we are allowed to uninstall software from our computers. Just because we feel like it, and for no other reason. Or because we suspect said software is spyware. Or because we're bored with it. Whatever.
Good luck with the bullshit PR lawsuit. It will be fun to watch.
It is not the revenue due to gov agencies not renewing it is the damage done by the same agencies upon the company's repretation.
US Gov Agencies banning it so publicly and without any evidence of wrong doing send the message that there is a reason for concern, other unthinking citizens follow suit and the agencies have created unfair competition against them.
Add in that trolling, slander and liable are no longer seen as victimless crimes, one law for everyone or no law at all.
Now my counter would be to make all vulerabilities included for the benefit of same agency, public knowledge. The US Gov thinks they have a right to access everyone data on the premise that an unproven tiny percentage of people using their contries IP may be spying or working against the US best interests. That the US has used these backdoors to provide financial benefit for US companies over their allies in the past means that they clearly see everyone as a threat.
Oh maybe it's interesting but I'm leaning more toward "brain dead" one. Just what part of the Constitution does Kaspersky's legal team believe this software ban is violating? What section covers software installations and removals? Do they think that using the word "unconstitutional" is some sort of secret sauce that will convince a judge to award damages?
> NSA made AV vendors an offer they couldn't refuse. Kaspersky refused.
Really? Where does it say that?
From the TFA:
The Moscow-based developer claimed the US Department of Homeland Security acted illegally when, back in September, the department publicly told federal agencies they could no longer use any Kaspersky products on their machines.
Kaspersky argued that the order, known as binding operational directive 17-01, is unconstitutional, and relied on "subjective, non-technical public sources" that amounted to little more than rumors.
"Furthermore, DHS [the Department of Homeland Security] has failed to provide the company adequate due process to rebut the unsubstantiated allegations underlying the directive, and has not provided any evidence of wrongdoing by the company," Kaspersky Lab said in announcing its appeal against the order on Monday.
I see no mention of NSA in Kaspersky's complaint, or about NSA making Kaspersky an offer they can't refuse. It's not even NSA that's being sued by Kaspersky, it's DHS.
Kaspersky claims that DHS's order is unconstitutional.
Which Article or Amendment of the US Constitution grants protection against removal to software?
Did you even read Kaspersky's complaint?
Installing and/or running Kaspersky AV on any US Government computer is now illegal under the 2018 National Defense Authorization Act.
Care to explain how DHS's order of removal is illegal, when in fact it's statutory?
Constitutional clauses regarding due process and equal protection under the law. The counter argument may be that securing Executive Branch computers is entirely the province of The Executive Branch, but, in support, there is a non-binding Congressional resolution.
"So Kaspersky's theory is that the US Government is somehow required to have Kaspersky AV software installed on their computers?"
Where does it say that? The complaint is about not even being allowed to sell in competition with other suppliers.
Competition. The great American principle of free trade. Remember that this is the country that goes after its corporations' foreign competitors on any suspicion of state aid. This one stinks of state aid (OK, anti-aid but it amounts to the same thing).
The big box store: "BestBuy" pulled Kaspersky products off their shelves as well.
Yet BestBuy has no problem pushing the garbage "Webroot" antivirus on to it's customers en masse.
I have personally repaired the computers of 2 friends of mine as well as a computer for a small local business that had failed to boot because of that software.
I hope he goes after them too.
I believe what you say:
"I switched our AV from Kaspersky to Webroot around May time, never had a single problem and it's detected a crap load more than K ever did."
Seeing as how it falsely flags legitimate Windows programs as malicious...
http://www.zdnet.com/article/webroot-antivirus-mistakenly-flags-windows-system-files-as-malware/
I would suspect it would "detect a crap load more than K ever did" as well.
Seeing as how it falsely flags legitimate Windows programs as malicious...
Funny thing, I don't recall a single story of Kaspersky ever bricking computers. Yet I've witnessed Norton, McAfee and a few others doing that on mass scales.
Personally, I'll keep using K. It actually seems to work.
You seem to be either closed minded or too lazy to do a simple web search.
Kaspersky has had plenty of times where it's been responsible for system problems.
Here is just one of the latest patches released by Kaspersky:
https://forum.kaspersky.com/index.php?/topic/356039-patch-%E2%80%9Cb%E2%80%9D-for-kav-kis-kts-kfa-2017-kfp-60-ksos-50-ksec-10/&tab=comments#comment-2625138
If you understand how IDS and AV applications work, you'll begin to understand they will ALL have occasional problems with the underlying OS and detection.
I got a directive from UK.gov:
The National Cyber Security Centre (NCSC) has issued a statement that they are investigating the usage of Russian anti-virus (AV) products within the government.
NCSC are conducting this work as their analysis of the Russian state indicates they intend to target UK national security interests.
"Organisations with a responsibility for critical national infrastructure should carry out a risk assessment on their chosen anti-virus software. If an organisation has concerns about their specific AV provider, they must contact the NCSC for further guidance."
Anyone know of any popular Russian AV vendors ....
The US and UK government repeatedly demand that all encryption be backdoored. This is one of the reasons it has so far always failed - no other country is going to use software that the US/UK can break but they can't. And if you tell other governments the backdoor they will be able to read US/UK messages.
So.. we can't trust programs that run with elevated privs to check files such as (shock) network access, (horror) upload data, and (gasp) receive OTA updates. Based on this reasoning, and the current rash of Govt.s worldwide giving themselves super-dooper-snooper data-demanding capabilities, do all nations now need their own brand of AV?
Or is it finally the year of the VT100 desktop(TM) ?
Meanwhile, over on the Beeb I see the US is blaming the Norks for Wannacry. http://www.bbc.co.uk/news/world-us-canada-42407488
Here's a quote from them: "The tool kits of totalitarian regimes are too threatening to ignore." Just how much brass neck does the US have?
Ace reporting from the Beeb: as far as I can see there's no mention of the basic toolkit having come from the NSA.
This post has been deleted by its author
This post has been deleted by its author
This suit perfectly shows how Russia doesn't understand the concept of freedom of speech and choice. In the USA, you don't need a reason to boycott any product. Even if this hurts your business or reputation. This is one of the most powerful outcomes of a free economy. Good products tend to do well, and crappy or harmful products die out quickly because people do boycott them.
The US Government as a whole is beginning to follow the same software guidelines the DoD has been using for years. DoD has never allowed Kaspersky products on their systems. Don't feel shunned though, many applications from allied nations aren't approved for use either.
If you remember, Kaspersky themselves were hacked...late 2015 or 2016...can't remember...but the hack was state sponsored. That state, when they were done with the analysis, alerted the US Government about a backdoor that was found in K software that the Russians was using to steal data off people's computers.
It doesn't matter what Kaspersky says in court. This is a matter of US National Security and once that is invoked, case dismissed, permanently. Appeals will not be heard either.
There's more, but that's all I am going to say about it.