Reuters has run a story claiming that Eugene Kaspersky directed developers at Kaspersky Lab to modify shared anti-virus definitions in order make other antivirus programs flag benign system files as malicious.
Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.
The attacks allegedly targeted rivals Microsoft, AVG, and AVAST who Kaspersky felt were stealing.
Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said. "Eugene considered this stealing," said one of the former employees.
Microsoft, AVG and Avast indicated that they had found attempts to introduce false positives as detailed in a 2013 presentation by Dennis Batchelder from Microsoft.
Kaspersky denies the allegations and tweeted this as the story broke.
I don't usually read @reuters. But when I do, I see false positives. For the record: this story is a complete BS...
Read the full story here: http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814
(Score: 2) by SuperCharlie on Saturday August 15 2015, @01:34PM
I have completely lost faith in mainstream news and media. I look at every news article from the angle of who will benefit and what govt agency is pushing it and it all just smells like a big propoganda turd any more.. so ya..sure Reuters..whatever..
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @01:42PM
So ya, sure Kaspersky, whatever.
(Score: 5, Interesting) by zocalo on Saturday August 15 2015, @01:43PM
Besides, even if this kind of thing was going on in the AV industry (and if it is, then I doubt Kaspersky would be alone in doing so) then the larger part of the responsibility for any false positives still lies with the AV package vendor responsible for not properly testing their signatures and/or creating a whitelist of known good system file checksums. It would be rather petty behaviour, sure, but I don't think I'll be switching AV packages over it.
UNIX? They're not even circumcised! Savages!
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @01:55PM
Coming so soon after it being detailed in a 2013 presentation? Do we need to wait five or ten years for it then?
So you're not going to believe it because he's your guy. Hey, he sounds pretty cool. He says bad things about the NSA. Gets money from the Russians? Hey, we all gotta eat! Maybe he should get some support from the NSA too. He didn't do this, but if he did, hey, EVERYONE was doing it so we can't fault him. Besides, even if he was doing it, it's really the fault of everyone else anyway.
(Score: 4, Informative) by zocalo on Saturday August 15 2015, @02:48PM
When it comes to security in the modern panopticon big-data/metadata era we seem to be in, I actually think that the default position that an end user ought to be taking is that it's probably been backdoored by whichever government(s) would hold sway over the company concerned. If that's not actually the case, then so much the better, but if it is, then the question you need to be considering is which government do I not really care if they see my data? Would you trust an American AV company that is sharing its data with the NSA, not to also have that data end up trickling through various levels of law enforcement and end up in the hands of local law enforcement over some minor misdemeanor you may have commited or tour torrent habits (perfectly legit or otherwise) ending up being passed to the RIAA/MPAA, for instance?
UNIX? They're not even circumcised! Savages!
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @04:08PM
Coming so soon after Kaspersky was singled out as being the security packages that the NSA and GCHQ were having the most difficulty in compromising as well
Oh, please. That garbage, like pretty much all AVs, is proprietary software. Anyone looking for security isn't going to use non-free proprietary user-subjugating software in the first place.