Is Kaspersky a "Red" Herring ?

Discussion in 'privacy general' started by wtsinnc, Mar 19, 2015.

  1. Rainwalker

    Rainwalker Registered Member

    Joined:
    May 18, 2003
    Posts:
    2,243
    Location:
    USA
    Does Kaspersky still offer free Anti-Virus? If so a link would be helpful. None of the links I have looked at work.
    TIA
     
  2. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    3,210
    Location:
    DC Metro Area
  3. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    I get an untrusted cert error at that usa.kaspersky.com site
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,565
    Location:
    Slovenia
    http://in.reuters.com/article/cyber...ive-files-in-pursuit-of-hackers-idINKBN1D5066
     
  5. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    3,210
    Location:
    DC Metro Area
    "Kaspersky: NSA Computer Was Infested With Malware

    Kaspersky Lab is again challenging allegations that it stole classified files from an NSA employee's computer, pointing to new analysis that says the computer in question may have been infested with malware.

    The computer had 121 pieces of malware on the system, including backdoors, exploits, and Trojans, according to Kaspersky. "It is possible that the user could have leaked information to many hands," the security firm said..."

    https://www.pcmag.com/news/357428/kaspersky-nsa-computer-was-infested-with-malware
     
  6. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,565
    Location:
    Slovenia
    http://www.securityweek.com/trust-y...verything-you-do-says-f-secure-research-chief
     
  7. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    3,210
    Location:
    DC Metro Area
    "Former N.S.A. Employee Pleads Guilty to Taking Classified Information

    BALTIMORE — A former National Security Agency employee admitted on Friday that he had illegally taken from the agency classified documents believed to have subsequently been stolen from his home computer by hackers working for Russian intelligence...

    ...in court documents, prosecutors did disclose that he worked from 2006 to 2016 for the N.S.A.’s “Tailored Access Operations.”

    https://www.nytimes.com/2017/12/01/...column-region&region=top-news&WT.nav=top-news
     
  8. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    Hmmmm another piece to the puzzle of the who and why there have been so many millions of virus created and released over the years.
     
  9. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    839
    I have zero doubt that "Antivirus is the ultimate back door". What is puzzling is that people who know far more than I'll ever know about computers don't twig. No way do I want anything to have consistent, reliable and remote access. It's tantamount to giving them the keys to the front door.
     
  10. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    I think it is just a modern example of the age old exploitation of a human condition called trust.
     
  11. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    246
    For years I have been sitting on a fence. Using both Linux and Windows equally.
    Now I decided that it's time to say goodbye for broken window (been using it since windows for workgroups 3.11 and dos long before that)

    Writing this from my own Linux distro (and I mean own, built everything from source).

    I don't have to trust Microsoft, my ex-Antivirus company or even any of the Linux vendors anymore.
     
  12. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    That's impressive Stefan, really. I have looked into Linux from scratch and said damn at the amount of stuff to learn. How long did it take to get it up and running?
     
  13. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,565
    Location:
    Slovenia
    http://www.mirror.co.uk/tech/uk-warning-against-using-anti-11624657
     
  14. fmon

    fmon Registered Member

    Joined:
    May 5, 2013
    Posts:
    1,163
    I'm still waiting for the Russian warning regarding Norton and McAfee ... :D
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,890
    Location:
    The Netherlands
    At the moment, I don't have enough trust in none of these AV companies. I would like to have an AV that doesn't rely on signatures and the cloud, and can spot malware via AI/ML. In other words, an AV that does not need access to the network. Only then I will install an AV again.
     
  16. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    839
    I think they (governments and companies like AVs) have been in each others pockets since the day dot. Collusion is the name of the game and not only for the mighty dollar. Unless you can see and understand everything they do, you cannot trust them. It's that simple.
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,565
    Location:
    Slovenia
    http://www.ibtimes.co.uk/barclays-s...rus-products-online-banking-customers-1649908
     
  18. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,376
    Location:
    UK
    @Minimalist - it's a bit rich Barclays - and other banks - hand-wringing about recommended products that are essentially security theatre in comparison with the overall scene of using online banking from weak clients and smartphones.

    Whereas their progress on stronger solutions has been glacial. For instance, they could "easily" have offered a hardened kiosk type solution which booted off a usb stick to their customers. Or they could have got a U2F solution active. Have they? No.
     
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,565
    Location:
    Slovenia
    Yes, they probably are insured against their client's loses from online banking and similar. So secure online banking is probably not their top priority. Also their service must be user friendly and simple and shouldn't bother users to much.
     
  20. Socio

    Socio Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    240
    I have zero doubt that AV's are not the only software with back doors. What we need is some kind of AI over watch program that can monitor all apps even trusted ones, that has the ability to learn the normal behavior of applications, and reports abnormal behavior, and or shuts down the application.

    This would render software companies ability to secretly install back doors a high risk to their bottom line because once found out their sales would stop and their reputations would be forever tainted.
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,565
    Location:
    Slovenia
    I would be much more worried about such "AI over watch program" than I'm about AV software and similar.
     
  22. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    They don't tend to install secret back doors, they install "features" like automatic updates, cloud services, product telemetry that "helps to improve" the product etc.
    Any of which gives them that internet connection to your computer.
    MS Windows is designed to facilitate this kind of thing hence why Windows Firewall does not have what became a standard firewall feature decades ago, outbound attempted connection alerts.
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,890
    Location:
    The Netherlands
    I'm not even worried that much about their ties with governments, but it's a fact that most AV's monitor website usage and perhaps sell it to other companies. That's one of the reasons why they offer free AV's.

    You can already monitor network connections from AV's, but they need network access to download updates and to scan software via the cloud. That's all normal behavior, so even AI wouldn't help. Plus they can probably bypass firewalls and network monitors via sneaky tricks. And AV's have access to all files on the system, so there is no way to know what exactly is being uploaded.
     
  24. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    839
    And they haven't because they don't want to. They don't want to because they don't want people to have strong security and privacy.
    Right, but why jump from the fry pan into the fire. Unless you have total transparency you can't trust it. Where there's someone/something else controlling things you're at risk.
    I agree.
    Very well said.
    An AV that has "ties" with anyone is a concern, be it govt agencies or whoever. If it's a fact that they monitor website usage then that gives me all the more reason to despise them, even though I have more than enough reason now. One of the scariest things is giving them free access to your all your files. That alone makes me want to stay FAR FAR away.
     
  25. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    246
    Well, in the "old days" (around 2005 - 2006) when I first tried Linux fom scratch it took long just to get basic system up. I had used linux before (started around 1998 with Red Hat 4 I think...not sure...so long time ago) so the learning curve was not steep anymore but because I had such an slow computer at that time, the compiling took easily one day :eek: to get from zero to minimal window environment (fluxbox).

    That was then. Now, with 2.5 GHz and 8 cores I think it took maybe around 1 hour to get the same minimal fluxbox environment and maybe another 1 - 2 hours to compile such an massive beasts like firefox, thunderbird and libreoffice. So I would say maybe 2 - 3 hours in all.

    Linux from scratch is really wonderfull project :)

    EDIT: I would also like to add that here's how I feel the heaviness of the various
    windows & desktop environments I am familiar with.

    Fluxbox: Light, fast and no BS cluttering your desktop view.
    LXDE: Still Light and the first complete (aka Desktop environment). My other preferred choice.
    Xfce: Not too bad in terms of performance but starts to feel lil sluggish
    Gnome: Uh....No. Too much dependencies
    KDE: Why is this still loading? :D
     
    Last edited: Dec 3, 2017