Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Saturday August 15 2015, @12:05PM   Printer-friendly
from the true-false-positive dept.

Reuters has run a story claiming that Eugene Kaspersky directed developers at Kaspersky Lab to modify shared anti-virus definitions in order make other antivirus programs flag benign system files as malicious.

Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.

The attacks allegedly targeted rivals Microsoft, AVG, and AVAST who Kaspersky felt were stealing.

Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said. "Eugene considered this stealing," said one of the former employees.

Microsoft, AVG and Avast indicated that they had found attempts to introduce false positives as detailed in a 2013 presentation by Dennis Batchelder from Microsoft.

Kaspersky denies the allegations and tweeted this as the story broke.

I don't usually read @reuters. But when I do, I see false positives. For the record: this story is a complete BS...

Read the full story here: http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by zocalo on Saturday August 15 2015, @01:43PM

    by zocalo (302) on Saturday August 15 2015, @01:43PM (#223259)
    Coming so soon after Kaspersky was singled out as being the security packages that the NSA and GCHQ were having the most difficulty in compromising as well... I think I'll wait for some more supporting evidence, in either direction, before jumping to conclusions - some of the supposed bogus files uploaded to VirusTotal being subjected to third party analysis would be a good place to start.

    Besides, even if this kind of thing was going on in the AV industry (and if it is, then I doubt Kaspersky would be alone in doing so) then the larger part of the responsibility for any false positives still lies with the AV package vendor responsible for not properly testing their signatures and/or creating a whitelist of known good system file checksums. It would be rather petty behaviour, sure, but I don't think I'll be switching AV packages over it.
    --
    UNIX? They're not even circumcised! Savages!
    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Interesting=2, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 0) by Anonymous Coward on Saturday August 15 2015, @01:55PM

    by Anonymous Coward on Saturday August 15 2015, @01:55PM (#223264)

    Coming so soon after it being detailed in a 2013 presentation? Do we need to wait five or ten years for it then?

    So you're not going to believe it because he's your guy. Hey, he sounds pretty cool. He says bad things about the NSA. Gets money from the Russians? Hey, we all gotta eat! Maybe he should get some support from the NSA too. He didn't do this, but if he did, hey, EVERYONE was doing it so we can't fault him. Besides, even if he was doing it, it's really the fault of everyone else anyway.

    • (Score: 4, Informative) by zocalo on Saturday August 15 2015, @02:48PM

      by zocalo (302) on Saturday August 15 2015, @02:48PM (#223276)
      Not sure what presentation you are referring to from 2013 (got link?), but I meant this story [firstlook.org] from June 2015 in reference to OP's comment about cynicism and mainstream media being in the pocket of government agencies. I also didn't say I wasn't going to believe it, I said I'd like to see some actual proof first - something that seems to be entirely lacking since all AV parties involved appear to be either denying anything happened or declining to comment - but no, I don't see this as being shady enough behaviour to warrant a product switch over unless there's much more to it than the Reuters story is making out.

      When it comes to security in the modern panopticon big-data/metadata era we seem to be in, I actually think that the default position that an end user ought to be taking is that it's probably been backdoored by whichever government(s) would hold sway over the company concerned. If that's not actually the case, then so much the better, but if it is, then the question you need to be considering is which government do I not really care if they see my data? Would you trust an American AV company that is sharing its data with the NSA, not to also have that data end up trickling through various levels of law enforcement and end up in the hands of local law enforcement over some minor misdemeanor you may have commited or tour torrent habits (perfectly legit or otherwise) ending up being passed to the RIAA/MPAA, for instance?
      --
      UNIX? They're not even circumcised! Savages!
  • (Score: 0) by Anonymous Coward on Saturday August 15 2015, @04:08PM

    by Anonymous Coward on Saturday August 15 2015, @04:08PM (#223291)

    Coming so soon after Kaspersky was singled out as being the security packages that the NSA and GCHQ were having the most difficulty in compromising as well

    Oh, please. That garbage, like pretty much all AVs, is proprietary software. Anyone looking for security isn't going to use non-free proprietary user-subjugating software in the first place.