Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Security United States Politics

About 15 Percent of US Agencies Detected Kaspersky Software on Networks (reuters.com) 81

Dustin Volz, reporting for Reuters: About 15 percent of U.S. federal agencies have reported some trace of Moscow-based Kaspersky Lab software on their systems, a Department of Homeland Security (DHS) official told Congress on Tuesday. Jeanette Manfra, assistant secretary for cyber security at DHS, told a U.S. House of Representatives panel that 94 percent of agencies had responded to a directive ordering them to survey their networks to identify any use of Kaspersky Lab products and to remove them. But Manfra said DHS did "not currently have conclusive evidence" that any networks had been breached due to their use of Kaspersky Lab software. The administration of President Donald Trump ordered civilian U.S. agencies in September to remove Kaspersky Lab from their networks, amid worries the antivirus firm was vulnerable to Kremlin influence and that using its anti-virus software could jeopardize national security.

About 15 Percent of US Agencies Detected Kaspersky Software on Networks

Comments Filter:
  • Kaspersky is offering up the code for review by an independent party. Okay, and I'm sure that the installer is 100% in compliance with the reviewed code.
    • by green1 ( 322787 )

      That part is at least easy to figure out. If you review the code, and then compile it, it should be identical to the application that they supply. If it isn't, than you're not reviewing the same code that is being shipped, or your compiler isn't the same as their compiler.

      • by Anonymous Coward on Tuesday November 14, 2017 @03:39PM (#55549821)

        I can tell you've never tried this using a modern build system...

        Let me fill you in on a nasty little secret, where the code may be exactly the same, the compiled and linked object may differ between builds due to time stamps and other things that may change between build runs. Yea, the compiler *may* actually generate the same object files, sometimes they don't...

        Of course, this is NOT a universal rule, but as a rule of thumb is generally true. One build will not checksum the same as the next...

  • Perform a mass uninstall of Symantec products and see how many remnants are left. It's not uncommon for software to leave behind traces when it's removed. This is based on 20 years of experience...I've seen it countless times.
  • http://www.securityweek.com/wi... [securityweek.com]

    If we did a fair comparison of who has broken more 'trust', I wonder who would come out on top. I dont recall the last time the 'am I secure' landscape looked so uncertain.

  • by mysidia ( 191772 ) on Tuesday November 14, 2017 @02:59PM (#55549517)

    Sorry, but all evidence shown so far seems to indicate Kaspersky software works just fine, Not caused system compromises, AND
    any case where Kaspersky "exposed" or "leaked" secret files were Kaspersky working like it's supposed to --- not Kaspersky violating any privacy expectations; you
    just don't get to run "secret" potentially-malicious programs on desktop computers without the possibility of malware samples of your suspicious code going to the AV vendor for analysis.... I can accept that, and I think most people SHOULD accept that with zero objections.

    • by h4ck7h3p14n37 ( 926070 ) on Tuesday November 14, 2017 @06:00PM (#55550839) Homepage

      From what I've read, this whole thing got started when an NSA contractor downloaded files to a personal computer that also had Kaspersky AV running. Kaspersky did its job and identified the malware the contractor was working on and sent the files away for analysis. There have been allegations that Kaspersky was scanning for files containing certain words, but I haven't seen any evidence of that put forward.

      It might make sense for Federal computers not to run any software that hasn't been vetted, but what about the hardware the software is running on? Why do these agencies that don't trust Kaspersky trust their Chinese made computers and phones?

    • all evidence shown so far seems to indicate ... and I think most people SHOULD accept that with zero objections.

      Idiot detected! See, that's me giving you the benefit of the doubt that you're not acting maliciously!

    • Sorry, but all evidence shown so far seems to indicate Kaspersky software works just fine, Not caused system compromises, AND
      any case where Kaspersky "exposed" or "leaked" secret files were Kaspersky working like it's supposed to --- not Kaspersky violating any privacy expectations; you
      just don't get to run "secret" potentially-malicious programs on desktop computers without the possibility of malware samples of your suspicious code going to the AV vendor for analysis.... I can accept that, and I think most people SHOULD accept that with zero objections.

      Yep all a vast [arstechnica.com] liberal conspiracy with 0 evidence from other parties that Russian intelligence has [bloomberg.com] been using Kaspersky at all because Trump has an R next so any negative news must be by the democrats.

      • Sorry, but all evidence shown so far seems to indicate Kaspersky software works just fine, Not caused system compromises, AND
        any case where Kaspersky "exposed" or "leaked" secret files were Kaspersky working like it's supposed to --- not Kaspersky violating any privacy expectations; you
        just don't get to run "secret" potentially-malicious programs on desktop computers without the possibility of malware samples of your suspicious code going to the AV vendor for analysis.... I can accept that, and I think most people SHOULD accept that with zero objections.

        Yep all a vast [arstechnica.com] liberal conspiracy with 0 evidence from other parties that Russian intelligence has [bloomberg.com] been using Kaspersky at all because Trump has an R next so any negative news must be by the democrats.

        It is not like a foreign independent intelligence agency [nytimes.com] found any proof of this at all.

    • by aumas ( 4894143 )
      Conspiracy theory: Kaspersky won't work with the Russian Government so the Russians lobbied the US Government to kill it.
  • Warning! AV software detected multiple instances of infections with AV software.

    Would you like to:
    a) install additional AV software to help clean AV infection from your PC
    b) quarantine other AV software
    c) (not recommended) do nothing.
  • "About 15 percent of U.S. federal agencies have reported some trace of Moscow-based Kaspersky Lab software on their systems"

    How can they tell they're not detecting forged CIA digital certs [theregister.co.uk]. I figure Kaspersky is the only security company that hasn't been compromised by the US security apparatus.
  • There are far more compelling reasons to replace Krapersky. The biggest one is that it is a total system performance killer. With Krapersky installed it is about the same as not turning the box on. It's a shit product and only gained popularity with corporations and organizations because it bulk licensing it is dirt cheap. In the end folks pay up one way or the other.
  • I'm looking forward to watching how the Russian government uses this US move as a pretext to squeeze foreign IT companies from the Russian market and provide Russian companies with a fantastic home base advantage - which they'll use for attacks on foreign markets. Why has the US spent almost 20 years negotiating with Russia about WTO accession when now it's handed excuse after excuse to impose import embargoes?

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian

Working...