Is Kaspersky a "Red" Herring ?

Discussion in 'privacy general' started by wtsinnc, Mar 19, 2015.

  1. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    Ridiculous.


    Exactly.

    If the KGB could be interested in you, don't use Kaspersky. If other intelligence collection dudes could be interested in you...

    For the VAST majority, use the best product for you and your system and don't worry about that other stuff. Yes, it's a little unsettling to think of Big Brothers rummaging around to see if you have interest to them... but just let it go. Find the best product and don't worry about the cloak & dagger stuff.


    Your Pal and Geopolitical Advisor,

    -Frank
     
  2. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Frank, I think it prudent to worry less about product matrix, then to worry about securing data you should be securing which is independent of any product/os/company. Data you care about should be heavily encrypted, regardless, that way you don't need to spend nearly as much time worrying about things. Assuming your OS is compromised, so? If your personal data is encrypted properly it won't matter too much. Toss crucial data on an external drive, encrypt the drive, and only plug it in when you need it, and only unencrypt that which you need. In my experience, state actors are most annoyed, and most worried about smaller scale encryption over much else. Even mediocre endpoint level encryption greatly complicates the intelligence gathering task. I'm actually surprised they aren't trying to outlaw encryption. LOL

    My personal opinion is, anything to hasten Kaspersky's move into obscurity is a positive thing. I'm just glad we don't need to worry about running into his products in the enterprise world anymore.

    PS: If I were some of you guys, I'd be more concerned with securing my gateway/wan then anything else. Your networks can be walked into, and walked over with very little effort. Until the gateway is secured, much else is theater.
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,414
    Location:
    Slovenia
    Hehe, good one :) ... and also a lot of truth in this statement ...
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    That about sums it up, doesn't it?

    But you can take Windows out of the mix. And you can probably avoid hardware backdoors.

    If you consider the entire thing to be compromised, you're left encrypting on paper with one-time pads :) But then you need to generate, share and secure the one-time pads. Rather old school, that ;)
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,624
    Location:
    The Netherlands
    I'm just glad that I have enough knowledge to be able to run without any AV, it's hard to fully trust these apps nowadays. I rely mostly on HIPS and sandboxing. Of course there's always Windows itself that can still "spy" on me. But I like to think that this can be mostly stopped by controlling outbound connections and by disabling certain Windows services.
     
  6. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,166
    Location:
    Slovakia
    Do not forget to disable MS scheduled tasks, there are about 20-30 customer experience related, they include file history, registry hive upload and such, go figure.
    I delete ~50 of them before I consider my Window usable. Unfortunately I can not disable Network store service, since MS linked it (DHCP) to Windows Updates.
    Without this service, Windows thinks, there is no internet, so it does not bother uploading anything, even some other software like HitmanPro does not work.
     
  7. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
  8. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    175
    Location:
    io
    People still feel windows is unsafe ? I see many moved to linux distros a while back, am still happy and content with windows and you kinda need it when you got PC games !

    As for kaspersky gave up on it years ago had some strange scanning bug, plenty free AVs about which are good like panda anti-virus way more lighter and faster on the system also.
     
  9. focus

    focus Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    479
    Location:
    USA
    What about Kaspersky as the Zyxel USG UTM AV solution? Are you not recommending this product now?
     
  10. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I actually really like their GW products, solid stuff. But almost no penetration into the business market. I was referring more about their endpoint solutions. Untangle dropped Kaspersky, not sure what ZyXEL's status is. Kaspersky GW is highly focused on emerging threats, and is very speedy, but is pretty lousy with less than ITW detections. The speed seems to be maintained by creating a limited focus.
     
  11. 142395

    142395 Guest

    It all depends on one's threat model. Obviously, caring about FSB spying while allowing common malware to break your privacy is nonsense. I suspect many ppl don't have clear threat model. If so, this page is a good start. I like default-deny security and it definitely gives better protection, but it's Achilles's heal is it all depends on user decision. I like playing with malware and have some experience in malware removal, but never completely trust my decision as I'm not expert (and even expert made mistake). So I never solely rely on user-dependent approach either on Windows or on Linux. Basically, AV tend to be disregarded in this forum. I wonder when Opera was hacked, well cofigured HIPS could prevented malicious Opera. I hope so, but theoretically it is possible (if the attacker was not greedy) malicous Opera doesn't cause any alert as browser already have enough privilege to perform some nasty.

    Currently, if I have hidden rootkit on my PC and it monitors all my activity, it's still not the doom's day for me (camera is sealed) tho I don't say it's no problem. But if I put much more data on PC, and spent much more time and privacy on online activity, I will consider not to use AV and probably use separate PC for that with bootable Linux or OpenBSD with regular rollback (Qubes may be another option).
    Yup, only reason I need to use Windows is I have to use Windows-only software both on work and on private. They don't work with wine.
     
  12. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    800
  13. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,994
    Location:
    California
    I agree -- I use the term, "Risk Assessment."
    I wonder if the following scenario would have alerted: When I install a new version of Opera, I launch it before setting a Firewall rule for that version. This catches the auto-call outs to Opera's site so I can see what is going on.

    If a downloaded version of Opera were booby trapped with malware, wouldn't that malware have to connect out to do anything? If so, wouldn't the Firewall catch it?

    To illustrate, I open a new window, uncheck my Opera firewall rule, and attempt to connect to dslreports.com

    opera_connect-Kerio2.jpg


    ----
    rich
     
  14. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    Microsoft has never been about the individual's security and privacy. If they were, Windows would be a very different operating system.
     
  15. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    175
    Location:
    io
    But I wonder which os then is ?

    If someone tweaked and fine tuned windows 7-8 with privacy/security in mind ie added encryptions, cleaning tools like privazer and firefox with security/privacy addons, would that not be just as good.
     
  16. 142395

    142395 Guest

    That will be good as long as mal-Opera is not sophisticated and immediately connected to C&C or any unusual server. I know most malware are not sophisticated, but if I was author I make my mal-Opera act as almost legitimate Opera, as browser require quite massive permission including access to almost all http and https server, it will suffice to do some nasty.
    But actually, I just inherit rules (some HIPS/FW have problem on inheritance but most support it) as it's inconvenient making rules from scratch every time program update itself (consider, Fx and Chrome adopt rapid release). So I rely more on "anomaly" detection, both behavior and network.
     
  17. 142395

    142395 Guest

    As long as your threat are common malware, scam, industrial spy, etc. AND you have enough skills to crank up its security where most ppl not. If your enemy is state actor or such advanced attacker, who knows...

    Most Linux distro are free as you know, as well as FreeBSD, OpenBSD,...
     
  18. 142395

    142395 Guest

    I think original article's question that Kaspersky didn't reveal Russian espionage which turned out to be false is pointless.
    If I was such cooperator, I'll reveal some Russian operations which are e.g. not by FSB but by other criminal groop, FSB's but no more meaningfull campaign, etc. to avoid suspicion. Not to mention playing their own work.

    Also I doubt how reliable those assessment by security experts that attribute each cyberattack operation to certain country. Just as an example, as to Crouching Yeti mentioned in the article Kaspersky have doubt about claim made by Crowd Strike that this is by Russian.

    It is well known that highly skilled attacker make their operation looks like done by others, like false flag operation mentioned here.
     
  19. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,994
    Location:
    California
    Since this has veered off topic from Kaspersky, I will continue via PM.

    ----
    rich
     
    Last edited: Mar 25, 2015
  20. SnowFlakes

    SnowFlakes Registered Member

    Joined:
    Jun 29, 2011
    Posts:
    194
    Of course Kaspersky has good tie with the russian goverment and the russian mob.
    When i've said it few years ago then nobody belived me.

    I never ever belive in anything that has with Russia to do.

    This topic is about Kaspersky and not about Microsoft !!!
     
  21. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    IMO, unless you're a Russian citizen or a legitimate target for foreign espionage, it's a non-issue. Russia doesn't care what some average foreign citizen thinks or says. For the average citizen of any country, the surveillance you need to be concerned with is that of your own government or LEA, especially if you're critical of their activities.

    The last thing we need is another "Red Scare" or McCarthyism all over again. This serves no ones interest except those who profit from conflicts.
     
  22. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    5,621
    Location:
    DC Metro Area
    FWIW: (BuzzFeed Sourced)

    "US Officials Are Warning About [Kaspersky's] US Government Ties

    Kaspersky has denied links to the Russian government, but US officials are raising doubts...

    US intelligence officials are expressing concern over a [Kaspersky's] access to US government systems and pushing the General Services Administration for answers on how long it has been approved for use by US agencies...

    Three US intelligence officials ... were concerned by what they categorized as a close relationship between the company, Kaspersky, and the Russian government, and what giving the company access to US government systems could mean...

    Kaspersky began getting US government contracts to protect online systems at the National Institute of Health in 2008, and by 2014, the company’s products were being used by the Department of Justice, the Treasury Department and several offices within the State Department, including some US embassies...

    The Kaspersky issue has come up several times in recent closed meetings to the Senate Intelligence Committee, several officials said. In one instance, according to one official present at a recent classified briefing, Senate Intelligence Committee members were floored that Kaspersky products were approved for government use...

    On March 30, the committee discussed Kaspersky during a hearing on Russia’s cyber operations. Senator Marco Rubio asked cybersecurity and national security experts testifying before the committee if they would put Kaspersky products onto any of their devices. General Keith Alexander, former director of the NSA, said, 'I wouldn't, you shouldn't either...'

    Officials are now left trying to figure out how Kaspersky’s cybersecurity products were ever cleared for use by the US government — and how to get them out."

    https://www.buzzfeed.com/alimwatkin...-cybersecurity?utm_term=.ygEREpAny#.ffveoK1NR
     
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,414
    Location:
    Slovenia
    Slowly it seems that countries will start banning software from other countries being installed on government systems. US banning Kaspersky, China and Russia banning Windows 10...
     
  24. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,166
    Location:
    Slovakia
    Considering everything, every country should buy its products first, at least that is, what they are telling to people, they should lead by example and Norton is well rated product.
     
  25. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,362
    Location:
    Milan and Seoul
    McCarthyism, pure and undiluted...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.