from the so-that's-why-the-antivirus-programs-run-so-slowly dept.
The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden, according to a story at Glen Greenwald's Intercept. The document, a GCHQ warrant renewal request written in 2008 and provided under Section 5 of the U.K.'s 1994 Intelligence Services Act, must be renewed by a government minister every six months and seeks authorization for GCHQ activities that "involve modifying commercially available software to enable interception, decryption and other related tasks, or 'reverse engineering' software."
Of note is that while Kaspersky Labs is particularly singled out, Bitdefender, ESET, Avast, AVG, and F-Secure are also mentioned as specific targets, while the US/UK based McAfee, Symantec and Sophos are all notable by their absence raising questions over whether they have might colluded with the NSA and GCHQ, or whether the other vendors mentioned might have colluded with their own national security services. Should that be the case then the debate over the merits of whether or not compromising encryption tools is a good idea given the potential for the backdoor to be found and exploited by foreign governments and criminals perhaps ought to apply to more general security software as well.
Original Submission
(Score: 4, Insightful) by bradley13 on Wednesday June 24 2015, @09:24AM
Or, even better, prosecute them as the international crime rings that they are? While NSA can't be prosecuted in the USA, nor GCHQ in the UK, their actions are certainly illegal in other national jurisdictions. Sure would be nice to see charges filed, and extradition requests processed.
Everyone is somebody else's weirdo.
(Score: 4, Insightful) by c0lo on Wednesday June 24 2015, @09:35AM
Huh... may be something in this proposal of yours... they can be condemned, jailed and then take one the other's place and continue do it as convicts. Lower budget, I imagine.
https://www.youtube.com/watch?v=aoFiw2jMy-0
(Score: 0) by Anonymous Coward on Wednesday June 24 2015, @09:36AM
but.. they do not prosecute american profiteers or war criminals. Ever. Why would now be a good time?
(Score: 1, Insightful) by Anonymous Coward on Wednesday June 24 2015, @09:43AM
Got to start sometime. Now is better than never.
(Score: 1, Insightful) by Anonymous Coward on Wednesday June 24 2015, @09:46AM
You can try, but you're vastly outnumbered by patriotic idiots who support the authorities no matter what, because they're the authorities, you treasonous criminal subversive anarchist.
(Score: 2, Insightful) by Anonymous Coward on Wednesday June 24 2015, @03:07PM
Patriotism is about wanting what is best for your country. These people want to subvert our fundamental liberties and our constitution, so they are anything but patriots. I'd call them traitors to the ideals this country is supposed to stand for.
(Score: 1, Touché) by Anonymous Coward on Wednesday June 24 2015, @05:18PM
Careful there, lots of morons think killing niggers and mooslims are patriotic acts because the best thing for the country would be to be populated exclusively by white christians.
(Score: 1, Touché) by Anonymous Coward on Thursday June 25 2015, @08:42PM
When they agree with me, they are patriots. When they disagree with me, they are traitors to the (my) ideals of this country.
You're no better, you know.
(Score: 3, Interesting) by zocalo on Wednesday June 24 2015, @11:03AM
For me, the best possible result of the post mortem into the OPM breach would be that it were to be determined that the suspects (Chinese, Russians, whoever) managed to compromise the OPM systems through a backdoor deliberately placed in software at the behest of the NSA or GCHQ to make it easier to hack other governments. Perhaps a wake up call of that nature might finally make them realise the insanity of the path they are on and take a more responsible attitude before things move beyond PI data leaks and into the realms of hacking critical infrastructure placed onto the IoT - not that they'd ever admit to being wrong, of course.
UNIX? They're not even circumcised! Savages!
(Score: 3, Insightful) by Anal Pumpernickel on Wednesday June 24 2015, @03:10PM
The problem with that idea is that from the position of an observer in another country they are just doing their (somewhat necessary) jobs, and exactly the same job as the equivalent organization in the country in question should be doing - and most likely is.
You do realize that the "just doing my job" excuse is completely invalid, right? If your job is immoral and requires that you violate the fundamental liberties of countless people, and violate the highest law of the land, then you should refuse to do your job. Failing to do so means you deserve zero sympathy, regardless of how many other countries do the same thing; that's not even close to a justification.
(Score: 2) by zocalo on Wednesday June 24 2015, @06:09PM
UNIX? They're not even circumcised! Savages!
(Score: 3, Insightful) by Anal Pumpernickel on Wednesday June 24 2015, @07:12PM
While I agree with the sentiment (hence the "somewhat necessary"), unfortunately we don't live in that utopia (not even the Swiss).
Not accepting a job where you're required to do evil things does not mean you live in a utopia. If so many countries are committing these heinous acts, then all that means is they must all be stopped.
it's viewed as something of a necessary evil
Then they're unprincipled scumbags.
(Score: 2) by zocalo on Wednesday June 24 2015, @08:15PM
True, but that's not the utopia I'm talking referring to.
However, achieving that goal, laudable as it might be, *is* the utopia I'm referring to. There are only two ways I can see that happening - actually achieving world peace or the extinction of the human race, and my money would be on the latter.
UNIX? They're not even circumcised! Savages!
(Score: 2) by Anal Pumpernickel on Thursday June 25 2015, @12:02AM
A world without mass surveillance or out-of-control spying isn't a utopia, either; it would still have numerous other issues.
We'll likely never get rid of all corruption, but we can most likely reduce the amount of corruption to a great extent.
(Score: 2) by kadal on Wednesday June 24 2015, @06:46PM
They will probably install non-backdoored versions on government systems. However, if a whole bunch of Congressmen were to have their laptops hacked, that might change things. Though, in that case, Congress would probably force the NSA to install backdoored version on their laptops and have everyone else stay as fucked as before.
(Score: 2) by kadal on Wednesday June 24 2015, @06:47PM
Ugh, i mean Congress will have NSA install the "secure" version on their laptops and let the rest of us get fucked as usual.
(Score: 0) by Anonymous Coward on Wednesday June 24 2015, @09:44AM
Security through obscurity! It really works!
(Score: 3, Insightful) by Anonymous Coward on Wednesday June 24 2015, @11:00AM
its more like, that's why you don't use software from companies in america, because they already have backdoors and cannot admit to being raped by the patriot act.
(Score: 5, Interesting) by kaszz on Wednesday June 24 2015, @11:12AM
The absence of McAfee, Symantec and Sophos is probable simple, they got NSL'd or got physical access op'd. As for the rest. They are perhaps harder to get into with gray papers and without exposure:
Bitdefender - Romania (NATO since 2004, EU since 2007)
ESET - Slovakia (NATO since 2004, EU since 2004)
Avast - Czech Republic (NATO since 1999, EU since 2004)
AVG Technologies - Netherlands (founding NATO 1949, EU 1957)
F-Secure - Finland (EU since 1995)
Kaspersky Labs - Russia
Ie, don't trust any security from 5-6 eyes or any other big power. And don't forget that the operating system used by these software packages is notorious for sloppy coding and being headquartered in the land of NSL'd.
Using the anti-virus software is kind of neat because you defeat the defense system, have access to all files even when encrypted and have a phone-home-line that can be co-opted to send data back. Perfect..
(Score: 0) by Anonymous Coward on Friday July 03 2015, @02:27AM
IMO bitdefender free sucks
try their free rescue (LiveCD)
(Score: 0) by Anonymous Coward on Wednesday June 24 2015, @12:32PM
Hmmm... "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues"
(Score: 2) by kaszz on Wednesday June 24 2015, @01:02PM
Well, "No backdoors found in TrueCrypt [soylentnews.org]" according to the Open Crypto Audit Project, so where did you get that warning?
You did start with a reasonable secure operating system? (don't build a castle on mud)
(Score: 0) by Anonymous Coward on Wednesday June 24 2015, @02:09PM
Anyone looking at GPG?
(Score: 0) by Anonymous Coward on Thursday June 25 2015, @05:48AM
literally means you will always be behind the curve...