SoylentNews is people
SoylentNews
Reuters has run a story claiming that Eugene Kaspersky directed developers at Kaspersky Lab to modify shared anti-virus definitions in order make other antivirus programs flag benign system files as malicious.
Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.
The attacks allegedly targeted rivals Microsoft, AVG, and AVAST who Kaspersky felt were stealing.
Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said. "Eugene considered this stealing," said one of the former employees.
Microsoft, AVG and Avast indicated that they had found attempts to introduce false positives as detailed in a 2013 presentation by Dennis Batchelder from Microsoft.
Kaspersky denies the allegations and tweeted this as the story broke.
I don't usually read @reuters. But when I do, I see false positives. For the record: this story is a complete BS...
Read the full story here: http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @07:08PM
If you know what you're doing AV is more likely to cause problems for your system than protect it.
From false positives:
https://en.wikipedia.org/wiki/Antivirus_software#Problems_caused_by_false_positives [wikipedia.org]
http://news.thewindowsclub.com/panda-antivirus-update-likely-brick-windows-systems-restart-74490/ [thewindowsclub.com]
http://www.theregister.co.uk/2015/05/07/avast_false_positive_snafu/ [theregister.co.uk]
http://www.zdnet.com/article/avira-antivirus-update-cripples-millions-of-windows-pcs/ [zdnet.com]
To creating an exploitable vulnerability in your system:
http://joxeankoret.com/download/breaking_av_software_44con.pdf [joxeankoret.com]
But if you don't know what you're doing and get pwned more than once a year by obvious malware, then yes please do install AV.
(Score: -1, Troll) by Anonymous Coward on Saturday August 15 2015, @08:23PM
Heh. You're funny.
What about MICROS~1's notorious fonts that are rendered in Ring 0? [google.com]
What about images that are processed in Ring 0 under Windoze? [google.com]
What about macros that are executed with unnecessarily elevated privileges? [google.com]
...and before MICROS~1 started building software, there weren't such things as email viruses. [google.com]
.
The problem is that MICROS~1's junk is made of swiss cheese and eggshells.
It's Insecure by Design(tm) and is easily exploited.
If you run Windoze, and you don't run multiple layers of defense, and you have not been pwned yet, you have simply had good luck so far.
Pretending that you know where all the holes are in MICROS~1's junk are and that you will be ready to handle the next new exploit (later today) simply reveals you to be an overconfident fool.
The proper approach to security is the Unix/FOSS way:
1) Do start your design with a proper security model.
(DON'T try to paste one on later.)
2) Don't make your stuff unnecessarily complicated.
3) Do QUICKLY create patches for your holes when those are become known to you and do make those patches available QUICKLY.
Again: Thinking that your 1337 skillz can compensate for something that is Insecure by Design(tm) is just naive.
-- gewg_
(Score: 3, Insightful) by captain normal on Sunday August 16 2015, @04:48AM
I don't think this is the real gewg. This sounds like some Apple shill, not the reasonable gewg we've all known and loved.
When life isn't going right, go left.
(Score: 2) by zugedneb on Sunday August 16 2015, @01:40PM
But this gewg is not _wrong_, as such...
Up till W7, windows did everything to make the user feel "served", and other to give service.
Selfstarting exe on disc media, various scripts that run in the browser, Office and other programs running strange scripts and having not sane privileges, user being system administrator, arbitrary programs installing with root privilege and modifying registry and files as it wants...
It actually is insecure by design.
old saying: "a troll is a window into the soul of humanity" + also: https://en.wikipedia.org/wiki/Operation_Ajax
(Score: -1, Troll) by Anonymous Coward on Sunday August 16 2015, @07:40PM
Selfstarting exe
...and on top of that, depending on file extensions to determine executability--then hiding those by default.
The Klein flask of MICROS~1's logic is just ridiculous.
not sane privileges [...] arbitrary programs installing with root privilege
Those are the giant ones.
It's clear that salesmen are in charge in Redmond.
**How can we make make things render as quickly as possible?**
Oh, we'll just give kernel privileges to this non-trustworthy user-supplied data.
We will lose any semblance of security, but boy, the performance will be impressive--right up to the point where your system gets pwned and your actual tasks grind to a halt because the system is very busy servicing 243 rogue processes.
...and only Windoze people would think that constantly running anti-this and anti-that apps which chew up CPU cycles, RAM, and disk space (as well as bandwidth, continually downloading updates) is somehow an improvement on running rogue apps.
...and don't forget how it chews up your time sorting out false positives as well as figuring out how to deal with the problems from actual badness that your "security" apps missed because the rogue stuff hit your box before that was included in an update for your whiz-bang "security" app.
...and only Windoze people think that running anti-this and anti-that is a logical security method.
The way it is done properly is for the software devs to PATCH the flaws in their code and do that QUICKLY (rather than paste 3rd-party band-aids over those flaws).
If the devs audit their code and make sure they don't ship the flaws in the first place, that is even better.
Ridiculously complicated code makes this more difficult.
It actually is insecure by design
Windoze is the least-secure ecosystem in common use today.
It's as clear as the nose on your face, but fanboys will continue to deny it--as they watch the giant list of exploits scroll by while their anti-whatever app works to "secure" their systems.
-- gewg_
(Score: 2) by captain normal on Sunday August 16 2015, @10:44PM
I don't know about that. I had absolute control over what went on in my computers with 98SE, XP and Vista. Now Win 7 keeps throwing weird stuff at me near every update Tue. I looked at 8 and thought no way. Now it seems as though Win10 (or should I say WinAndroid) is more of same piled higher. Maybe I'll go back to Linux.
When life isn't going right, go left.
(Score: -1, Troll) by Anonymous Coward on Monday August 17 2015, @12:23AM
I had absolute control over [...] 98SE
9x had not the faintest hint of a permissions paradigm.
You were ALWAYS running as root.
Anyone who sat down at that 9x system ALWAYS had root privileges.
Under 9x, anything that your browser encountered ALWAYS had root privileges.
You grossly overestimate what control you as the owner/sysadmin of a 9x box had over that system.
Win 7 keeps throwing weird stuff at me
...and that stuff exists to bolster|extend M$'s business model--not to improve your UX.
If MICROS~1 actually was interested in improving the user experience, they would need to start
over from scratch and begin with a proper permissions paradigm--but that would eliminate their ability to exert their corporate power over their captive audience.
UAC (User Account Control) aka Blame The User While Annoying The User was a feint by MSFT to convince the gullible that they now had an equivalent of sudo.
It was a fraudulent move to attempt to assure M$'s prisoners that they possessed some freedom.
Most users realized that it is a scam and just disabled it.
Maybe I'll go back to Linux.
Every time I open htop [ibm.com] and see **all** of my running processes, I'm reminded of how much MICROS~1 *hides* from you and how Windoze does *not* ship with Process Explorer.
N.B. When it's been more than 100 days since you last restarted the OS, htop adds an exclamation point in the Uptime slot.
I don't ever remember having a Windoze box that didn't require a restart before that.
Running Linux, I'm constantly reminded of how aggravating the M$ way was.
-- gewg_