Is Kaspersky a "Red" Herring ?

Discussion in 'privacy general' started by wtsinnc, Mar 19, 2015.

  1. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,790
    @Stefan Froberg I want to give it a try which compiler did you use and what do you think about systemd?
    I like lightweight desktops too, I haven't tried fluxbox, so up to now my favorite has been xfce. The only thing I want on a desktop is a customizable apps menu.
     
  2. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    420
    I used gcc version 5.3.0 when compiling all the stuff. Personally, I don't use systemd (don't see need for it) but just plain old boring init scripts (that I sometimes tweak little bit) and with busybox /sbin/init doing the actual job of starting the system.

    My current system is actually built with little bit of mix of both linux from scratch project and buildroot (https://buildroot.org) witch is especially targeted to small, embedded systems like ARM (but it can build for X86 and X86_64 too).

    Buildroot is also nice in that regard that it has nice, simple menu (command make menuconfig) where you can choose what you want to build and once you start it (command make) it is fully automated. It fetched the choosen packages, unpacks them, apply any needed patches, configures,compiles and installs them to output/target directory. That directory will not be your new system final resting place but instead the file images (that you can choose under Filesystem images) which will be stored into output/images. So for example, if you choose tar the root filesystem under Filesystem images menu then the final system will be in rootfs.tar under output/images and which you can then extract, say, to another hard drive and try it (of course you still need to install bootloader, like grub on x86 and x86_64 system).

    Unfortunately, because it's target devices are rather small it does not have xfce (fluxbox it does have and also openbox,matchbox,metacity and ratpoison).

    So if you want Xfce you have to do it buy hand from Beyond Linux from scratch pages
    http://www.linuxfromscratch.org/blfs/view/svn/xfce/xfce-core.html

    So basically there is two ways to handle this: either start from basic Linux from scratch and then continue with Beyond Linux from scratch
    or alternatively start with buildroot to make small basic system very quickly, make sure it works, and then add all the needed software that were not included with buildroot afterwards with Beyond Linux from scratch.

    Main buildroot screen

    upload_2017-12-7_0-27-0.png

    Target options, here I have selected some options for Raspberry Pi 3 CPU for my router

    upload_2017-12-7_0-28-50.png

    Toolchain options, like what C-library you want to use (glibc, uclibc-ng or musl), linux kernel headers version, binutils and gcc version and so on.
    This is also the place you can feed any target specific optimizations like -Wl,--hash-style=gnu or -Wl,--as-needed (might break some package compilations)

    upload_2017-12-7_0-30-57.png
     
  3. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,790
    @Stefan Froberg
    Wow thanks for the info Stefan I'll let you know how I get on with it.
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,191
    Location:
    Slovenia
    https://wccftech.com/kaspersky-closing-washington-office/
     
  5. Mover

    Mover Registered Member

    Joined:
    Oct 1, 2005
    Posts:
    170
    Kaspersky is being banned by the US because its software is doing what it supposed to do (detecting malware)

    If I was working for the US government cyber security, I would do the same thing they did; ban Kaspersky from government computers for the US's protection. When Kaspersky detects something (malware ie. government spying tools), it sends them over the KSN to Kaspersky Labs. Bingo ! Government super secret spy tools just went out of door to a private company (Kaspersky)

    What all this tells me is that the product works extremely well and that the US government is afraid of that.... so.... they pull the plug on it.

    As a private consumer, this is the product to get.
     
  6. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    5,834
    Location:
    Among the gum trees
    Kaspersky files lawsuit over anti-virus software ban
     
  7. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,790
    The US Government behavior regarding Kaspersky was very unprofessional.
    There ought to be an investigation because there are a lot of unanswered questions.
    • Why were the unproven allegations made publically?
    • Was Kaspersky contacted privately first?
    • Why would sensitive government information be held on computers that are connected to the internet in the first place?
    • Was any attempt made to request Kaspersky to develop a version for the US Government that met their security standards?
    • What are the security standards for software on US Government computers?
    • If Kaspersky AV did not meet US Government security standards why was it even on their computers to begin with?
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,191
    Location:
    Slovenia
    https://securityaffairs.co/wordpress/67016/intelligence/lithuania-bans-kaspersky.html
     
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,191
    Location:
    Slovenia
    https://securityaffairs.co/wordpress/67344/breaking-news/kaspersky-lab-antivirus-hack.html
     
  10. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    3,667
    Location:
    DC Metro Area
    Kaspersky Lab files for injunction in U.S. Federal District Court, seeking to counter US Government ban

    'Kaspersky Lab filed a [motion for a preliminary] injunction in a court on Wednesday in an attempt to block the ... [US Government's] order that bans its products from being used on federal systems, after the government deemed that Kaspersky antivirus software posed a “security risk.

    The company, which has repeatedly maintained that it operates independently of the Kremlin, argued that it did not receive proper notice about the order or a chance to contest the underlying evidence used to reach the ban decision..."

    http://thehill.com/policy/cybersecu...ion-seeking-to-challenge-governments-software
     
    Last edited: Jan 18, 2018
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,191
    Location:
    Slovenia
    http://beta.latimes.com/business/technology/la-fi-tn-kaspersky-russia-20171213-story.html
     
  12. razorboy

    razorboy Registered Member

    Joined:
    Dec 26, 2010
    Posts:
    175
    Location:
    North
  13. Circuit

    Circuit Registered Member

    Joined:
    Oct 7, 2014
    Posts:
    622
    Location:
    Land o fruits and nuts.
  14. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    9,191
    Location:
    Slovenia
    https://uk.reuters.com/article/usa-...om-anti-virus-choices-for-users-idUKL2N1PK2AL
     
  15. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    I have to say ... following this since last Summer from all angles is a HOOT! Interested in Security AND Conspiracy - this whole episode is worth 5 TinFoilHats!

    This is TOO Rich! "Facebook said it no longer provided Kasperky Lab as an antivirus option but that it was “unable to easily reconstruct how many Facebook users downloaded Kaspersky software.” " I am assuming this is poorly written and means Facebook employees - NOT "Users".
     
  16. razorboy

    razorboy Registered Member

    Joined:
    Dec 26, 2010
    Posts:
    175
    Location:
    North

    A blanket condemnation of the writers is not quite as good as disagreeing with any part of the story, in my opinion.
     
  17. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,348
    Location:
    Paris
    Your questions are way beyond superb and you'll never get a definitive answer to any of them. First off, please note that Kaspersky is a tremendous security application and will provide top notch protection for the Home user (who should not at all be concerned with anything else).

    However those in the Governmental and Critical Infrastructure areas have different concerns. Trust me (or not) there have been things that have been known for a number of years that for numerable reasons will never be made public. This information made it clear for those with the Eyes to See that K may present a Clear and Present Danger in times of turmoil to the Security of the US and Allies.

    These warnings were made clear to the former administration and were blown off either through ignorance or incompetence (I saw it as treason). Things have now changed and there are people in power now that actually understand and have taken steps to plug as many breach holes in critical systems as they can.

    But the most pathetic things that has come out of this was when K "allowed" the Government access to their source code. This was perhaps the most insulting thing ever and demonstrated what Fools they considered us. Well, Comrade Evgeny, We Be Fools No More.
     
  18. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,790
    @cruelsister thankyou, I'm glad you liked my questions but I am sure you are right and we will never get the answers to them.
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    10,507
    Location:
    The Netherlands
    Very interesting info! What do you think about this, fake news or what?

    https://securityaffairs.co/wordpress/68241/intelligence/aivd-hacked-cozy-bear.html
     
  20. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,348
    Location:
    Paris
    Oh God, Rasheed- I saw this article and it was like a punch in the stomach. It's not fake news at all, but just stuff already known and was presented years ago by us to an Administration that didn't give a flying xxxx about it. So many left in despair only to go into the Private Sector and make oodles of money. So sad...

    We not only knew where things came from but who it was done by (and where that person worked) due to the "accent" in coding. I respect the Dutch (especially Chantal Acda who has the voice of an angel), but tell them we were already on it...
     
  21. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,790
    Yes coding can be as unique to an individual developer as writing is to an author,
    BUT.
    Do not let the false flag merchants fool you. They are experts at this, you know who they are.
    Take a Russian software distro, a Russian compiler, samples of code from the Russian group you want to be blamed. Copy the coding style, maybe copy paste a function directly from their code. Figure out what variable naming convention they use, if any and use similar variable names.
    Cyber attacks are just terryism in a different guise and the use of that in a false flag capacity has been prevalent during the past 70 years. You will see the same pattern of, get the big guy to hit your enemy for you by falsly incriminating him, except by using cyber attacks as the means to get him blamed instead of the conventional type of attacks used in the past. I am sure this is already being done and conversely, attack your enemy yourself, while making it look like your other enemy did it or even worse, as has clearly been the case in the recent past, attack your own people while making it look like your enemy did it, to gain the leverage for false retaliation.
     
    Last edited: Jan 28, 2018
  22. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,348
    Location:
    Paris
    Rock- Trust me, we had them cold.
     
  23. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,790
    I do trust your judgement and I know how analytical you are, I was talking generally, not so much regarding this specific case.
     
  24. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,348
    Location:
    Paris
    The Treasury Dept has just unclassified a list of Russians with close ties to V Putin upon whom sanctions could be implemented. This list links various people who have “significant business with people linked to Russia’s defense and intelligence agencies".

    The list can be found here: http://prod-upp-image-read.ft.com/40911a30-057c-11e8-9650-9c0ad2d7c5b5

    Please note the Number 37 name in Appendix B: List of Oligarchs.
     
  25. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    Wow CS - you are in the loop in terms of being timely :)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.