SoylentNews is people
SoylentNews
Reuters has run a story claiming that Eugene Kaspersky directed developers at Kaspersky Lab to modify shared anti-virus definitions in order make other antivirus programs flag benign system files as malicious.
Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.
The attacks allegedly targeted rivals Microsoft, AVG, and AVAST who Kaspersky felt were stealing.
Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said. "Eugene considered this stealing," said one of the former employees.
Microsoft, AVG and Avast indicated that they had found attempts to introduce false positives as detailed in a 2013 presentation by Dennis Batchelder from Microsoft.
Kaspersky denies the allegations and tweeted this as the story broke.
I don't usually read @reuters. But when I do, I see false positives. For the record: this story is a complete BS...
Read the full story here: http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @12:49PM
... It would be a shame if something happened to it...
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @02:32PM
Exactly, AV is a protectionist racket. Nobody asked for them... they just showed up.
(Score: 0, Interesting) by Anonymous Coward on Saturday August 15 2015, @07:07PM
The niche for that industry wouldn't even exist if wasn't for MICROS~1's bug-riddled, insecure-by-design products.
Even in spite that, if, after being notified of the holes in their stuff, Redmond actually PATCHED their stuff QUICKLY, again, there would be no need for 3rd-party band-aids.
The problem there is that MICROS~1 makes their stuff unnecessarily complicated--in contrast to the Unix philosophy. [wikipedia.org]
...and, apparently, it requires months and months to construct a patch for their stuff and test that for a reasonable number of the possible error modes. [google.com]
-- gewg_
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @08:36PM
Color me thoroughly shocked.
-- gewg_
(Score: 2) by SuperCharlie on Saturday August 15 2015, @01:34PM
I have completely lost faith in mainstream news and media. I look at every news article from the angle of who will benefit and what govt agency is pushing it and it all just smells like a big propoganda turd any more.. so ya..sure Reuters..whatever..
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @01:42PM
So ya, sure Kaspersky, whatever.
(Score: 5, Interesting) by zocalo on Saturday August 15 2015, @01:43PM
Besides, even if this kind of thing was going on in the AV industry (and if it is, then I doubt Kaspersky would be alone in doing so) then the larger part of the responsibility for any false positives still lies with the AV package vendor responsible for not properly testing their signatures and/or creating a whitelist of known good system file checksums. It would be rather petty behaviour, sure, but I don't think I'll be switching AV packages over it.
UNIX? They're not even circumcised! Savages!
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @01:55PM
Coming so soon after it being detailed in a 2013 presentation? Do we need to wait five or ten years for it then?
So you're not going to believe it because he's your guy. Hey, he sounds pretty cool. He says bad things about the NSA. Gets money from the Russians? Hey, we all gotta eat! Maybe he should get some support from the NSA too. He didn't do this, but if he did, hey, EVERYONE was doing it so we can't fault him. Besides, even if he was doing it, it's really the fault of everyone else anyway.
(Score: 4, Informative) by zocalo on Saturday August 15 2015, @02:48PM
When it comes to security in the modern panopticon big-data/metadata era we seem to be in, I actually think that the default position that an end user ought to be taking is that it's probably been backdoored by whichever government(s) would hold sway over the company concerned. If that's not actually the case, then so much the better, but if it is, then the question you need to be considering is which government do I not really care if they see my data? Would you trust an American AV company that is sharing its data with the NSA, not to also have that data end up trickling through various levels of law enforcement and end up in the hands of local law enforcement over some minor misdemeanor you may have commited or tour torrent habits (perfectly legit or otherwise) ending up being passed to the RIAA/MPAA, for instance?
UNIX? They're not even circumcised! Savages!
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @04:08PM
Coming so soon after Kaspersky was singled out as being the security packages that the NSA and GCHQ were having the most difficulty in compromising as well
Oh, please. That garbage, like pretty much all AVs, is proprietary software. Anyone looking for security isn't going to use non-free proprietary user-subjugating software in the first place.
(Score: 2) by Runaway1956 on Saturday August 15 2015, @02:11PM
AV companies have been tricking most of the people in the world. Nearly everyone installs one resource-hungry AV or another. Mehhhh . . .
“Take me to the Brig. I want to see the “real Marines”. – Major General Chesty Puller, USMC
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @07:08PM
If you know what you're doing AV is more likely to cause problems for your system than protect it.
From false positives:
https://en.wikipedia.org/wiki/Antivirus_software#Problems_caused_by_false_positives [wikipedia.org]
http://news.thewindowsclub.com/panda-antivirus-update-likely-brick-windows-systems-restart-74490/ [thewindowsclub.com]
http://www.theregister.co.uk/2015/05/07/avast_false_positive_snafu/ [theregister.co.uk]
http://www.zdnet.com/article/avira-antivirus-update-cripples-millions-of-windows-pcs/ [zdnet.com]
To creating an exploitable vulnerability in your system:
http://joxeankoret.com/download/breaking_av_software_44con.pdf [joxeankoret.com]
But if you don't know what you're doing and get pwned more than once a year by obvious malware, then yes please do install AV.
(Score: -1, Troll) by Anonymous Coward on Saturday August 15 2015, @08:23PM
Heh. You're funny.
What about MICROS~1's notorious fonts that are rendered in Ring 0? [google.com]
What about images that are processed in Ring 0 under Windoze? [google.com]
What about macros that are executed with unnecessarily elevated privileges? [google.com]
...and before MICROS~1 started building software, there weren't such things as email viruses. [google.com]
.
The problem is that MICROS~1's junk is made of swiss cheese and eggshells.
It's Insecure by Design(tm) and is easily exploited.
If you run Windoze, and you don't run multiple layers of defense, and you have not been pwned yet, you have simply had good luck so far.
Pretending that you know where all the holes are in MICROS~1's junk are and that you will be ready to handle the next new exploit (later today) simply reveals you to be an overconfident fool.
The proper approach to security is the Unix/FOSS way:
1) Do start your design with a proper security model.
(DON'T try to paste one on later.)
2) Don't make your stuff unnecessarily complicated.
3) Do QUICKLY create patches for your holes when those are become known to you and do make those patches available QUICKLY.
Again: Thinking that your 1337 skillz can compensate for something that is Insecure by Design(tm) is just naive.
-- gewg_
(Score: 3, Insightful) by captain normal on Sunday August 16 2015, @04:48AM
I don't think this is the real gewg. This sounds like some Apple shill, not the reasonable gewg we've all known and loved.
The Musk/Trump interview appears to have been hacked, but not a DDOS hack...more like A Distributed Denial of Reality.
(Score: 2) by zugedneb on Sunday August 16 2015, @01:40PM
But this gewg is not _wrong_, as such...
Up till W7, windows did everything to make the user feel "served", and other to give service.
Selfstarting exe on disc media, various scripts that run in the browser, Office and other programs running strange scripts and having not sane privileges, user being system administrator, arbitrary programs installing with root privilege and modifying registry and files as it wants...
It actually is insecure by design.
old saying: "a troll is a window into the soul of humanity" + also: https://en.wikipedia.org/wiki/Operation_Ajax
(Score: -1, Troll) by Anonymous Coward on Sunday August 16 2015, @07:40PM
Selfstarting exe
...and on top of that, depending on file extensions to determine executability--then hiding those by default.
The Klein flask of MICROS~1's logic is just ridiculous.
not sane privileges [...] arbitrary programs installing with root privilege
Those are the giant ones.
It's clear that salesmen are in charge in Redmond.
**How can we make make things render as quickly as possible?**
Oh, we'll just give kernel privileges to this non-trustworthy user-supplied data.
We will lose any semblance of security, but boy, the performance will be impressive--right up to the point where your system gets pwned and your actual tasks grind to a halt because the system is very busy servicing 243 rogue processes.
...and only Windoze people would think that constantly running anti-this and anti-that apps which chew up CPU cycles, RAM, and disk space (as well as bandwidth, continually downloading updates) is somehow an improvement on running rogue apps.
...and don't forget how it chews up your time sorting out false positives as well as figuring out how to deal with the problems from actual badness that your "security" apps missed because the rogue stuff hit your box before that was included in an update for your whiz-bang "security" app.
...and only Windoze people think that running anti-this and anti-that is a logical security method.
The way it is done properly is for the software devs to PATCH the flaws in their code and do that QUICKLY (rather than paste 3rd-party band-aids over those flaws).
If the devs audit their code and make sure they don't ship the flaws in the first place, that is even better.
Ridiculously complicated code makes this more difficult.
It actually is insecure by design
Windoze is the least-secure ecosystem in common use today.
It's as clear as the nose on your face, but fanboys will continue to deny it--as they watch the giant list of exploits scroll by while their anti-whatever app works to "secure" their systems.
-- gewg_
(Score: 2) by captain normal on Sunday August 16 2015, @10:44PM
I don't know about that. I had absolute control over what went on in my computers with 98SE, XP and Vista. Now Win 7 keeps throwing weird stuff at me near every update Tue. I looked at 8 and thought no way. Now it seems as though Win10 (or should I say WinAndroid) is more of same piled higher. Maybe I'll go back to Linux.
The Musk/Trump interview appears to have been hacked, but not a DDOS hack...more like A Distributed Denial of Reality.
(Score: -1, Troll) by Anonymous Coward on Monday August 17 2015, @12:23AM
I had absolute control over [...] 98SE
9x had not the faintest hint of a permissions paradigm.
You were ALWAYS running as root.
Anyone who sat down at that 9x system ALWAYS had root privileges.
Under 9x, anything that your browser encountered ALWAYS had root privileges.
You grossly overestimate what control you as the owner/sysadmin of a 9x box had over that system.
Win 7 keeps throwing weird stuff at me
...and that stuff exists to bolster|extend M$'s business model--not to improve your UX.
If MICROS~1 actually was interested in improving the user experience, they would need to start
over from scratch and begin with a proper permissions paradigm--but that would eliminate their ability to exert their corporate power over their captive audience.
UAC (User Account Control) aka Blame The User While Annoying The User was a feint by MSFT to convince the gullible that they now had an equivalent of sudo.
It was a fraudulent move to attempt to assure M$'s prisoners that they possessed some freedom.
Most users realized that it is a scam and just disabled it.
Maybe I'll go back to Linux.
Every time I open htop [ibm.com] and see **all** of my running processes, I'm reminded of how much MICROS~1 *hides* from you and how Windoze does *not* ship with Process Explorer.
N.B. When it's been more than 100 days since you last restarted the OS, htop adds an exclamation point in the Uptime slot.
I don't ever remember having a Windoze box that didn't require a restart before that.
Running Linux, I'm constantly reminded of how aggravating the M$ way was.
-- gewg_
(Score: 5, Informative) by takyon on Saturday August 15 2015, @02:45PM
I submitted the Reuters story after miljo did. When I checked on the story later, I found some skepticism. From the Reuters story itself:
http://www.theregister.co.uk/2015/08/15/kaspersky_comment/ [theregister.co.uk]
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by captain normal on Sunday August 16 2015, @04:55AM
I don't mistrust the folk at Kaspersky Lab. But they are now under the thumb of Putin, and I put him in about the same league as the Koch brothers. People the world would be a lot better off without.
The Musk/Trump interview appears to have been hacked, but not a DDOS hack...more like A Distributed Denial of Reality.
(Score: 1) by miljo on Monday August 17 2015, @12:59PM
I agree that the story had a certain odor to it. That's why I tried to keep a skeptical tone. I saw the register article after my submission and was hoping to add something later. Thanks for saving me the time, takyon.
One should strive to achieve, not sit in bitter regret.
(Score: 0) by Anonymous Coward on Saturday August 15 2015, @02:46PM
You'd be surprised how much data you share with these companies and their proprietary software.
Even though both ClamAV/ClamWin kinda suck in detections, missing A LOT of malware, they've caught
Trojans where some of the big boys did not.
For example -- when I read Dr. Web's CureIt! program's privacy/use agreement, and all the shit they collect, I threw up in my mouth a little.