Confrontation that lead to the Kaspersky and the U.S. government fallout

[MadSprite]

Anonymous Officials talked to Cyberscoop of the confrontations received from Moscow intelligence towards US intelligence companies for poking into Kaspersky capabilities as the tool itself was marketed to be capable as a spy tool to US intelligence agencies.

 

Quote

In the first half of 2015, Kaspersky was making aggressive sales pitches to numerous U.S. intelligence and law enforcement agencies, including the FBI and NSA...

The sales pitch caught officials’ attention inside the FBI’s Counterterrorism Division when Kaspersky representatives boasted they could leverage their product in order to facilitate the capture of targets tied to terrorism in the Middle East. While some were intrigued by the offer, other more technical members of the intelligence community took the pitch to mean that Kaspersky’s anti-virus software could effectively be used as a spying tool

 

This sales pitch caught the FBI's attention and as all things with backdoors can leave information to be open to other intelligence agencies or malicious actors.

 

Quote

The examination of Kaspersky was immediately noticed in Moscow. In the middle of July 2015, a group of CIA officials were called into a Moscow meeting with officials from the FSB, the successor to the KGB. The message, delivered as a diplomatic démarche, was clear: Do not interfere with Kaspersky.

The démarche is not public and has not been previously reported on. A démarche typically comes from a foreign ministry and is addressed to another country’s diplomats in an effort to send a message and often to lodge a protest.

...

“This was a clear signal from the FSB to the U.S. to get off their intelligence asset,” another senior U.S. official told CyberScoop. “If this was from the foreign ministry, that would have been different. It is extremely rare and a different message when an intelligence agency démarches you.”

With the insisting nature of the Moscow Intelligence agency, FSB, US intelligence stance of Kaspersky is clear that the Anti-virus firm may have a one way relationship of being an intelligence asset for the agency without Kaspersky knowing.

This pushed the FBI to urge US industries to cut ties with the firm, being unsuccessful in some, presented it's privately sourced and open intelligence to congress.

 

Quote

There is still no publicly available evidence, technical or otherwise, that Kaspersky operates on behalf of Russian intelligence.

Similar to how Google was operating without knowing that the NSA had been snooping on their internal traffic during the NSA glory days, this does not mean Kaspersky actively allows this to happen.

 

Quote

Kaspersky Lab said it “does not include any undeclared capabilities such as backdoors as that would be illegal and unethical, and regardless of claims by anonymous sources, Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts.”

The result of this unconfirmed news can lead to the fact that large information companies are at the mercy of their own government intelligence agencies.

As an average consumer, this may not affect you to keep using their product, as a corporate entity, you will have to factor in the government agency that has government jurisdiction because of the software's origin.

 

Source: https://www.cyberscoop.com/kaspersky-fbi-cia-fsb-demarche-2015/

[captain_to_fire]

15 minutes ago, MadSprite said:

Similar to how Google was operating without knowing that the NSA had been snooping on their internal traffic during the NSA glory days, this does not mean Kaspersky actively allows this to happen.

https://eugene.kaspersky.com/2017/10/05/we-aggressively-protect-our-users-and-were-proud-of-it/

https://usa.kaspersky.com/about/press-releases/2017_kaspersky-lab-response-to-issuance-of-dhs-binding-operational-directive-17-01

https://usa.kaspersky.com/about/law-enforcement-cooperation

 

But with that said, I'm waiting for the Senate hearing in the 25th to see if the allegations are true as Kaspersky himself offered to have their source code inspected probably by US-CERT or NIST. If anything suspicious was proven beyond doubt, I would switch to another AV and that would be a very big scandal in cybersecurity and could cause mass hysteria among people and start uninstalling or disabling their AVs.

 

But if the concern of the US government is just telemetry in Kaspersky products, they might as well stop using Windows 10 since Windows 10 at the very beginning has quite an aggressive telemetry and they only toned it down with the Creators Update.

Edited October 10, 2017 by hey_yo_

[Bananasplit_00]

its pretty interesting to be honest, i dont personaly think they have any ties with the russian goverment but i dont see it as compleatly impossible either. either way they did good with fixing the huge malware attacks earlier this year

[Ithanul]

1 hour ago, hey_yo_ said:

But if the concern of the US government is just telemetry in Kaspersky products, they might as well stop using Windows 10 since Windows 10 at the very beginning has quite an aggressive telemetry and they only toned it down with the Creators Update.

And you think the W10 is a stock one?

Any OS used on a military system goes through custom configurations and has to go through validation process before use.

[samcool55]

7 minutes ago, Ithanul said:

And you think the W10 is a stock one?

Any OS used on a military system goes through custom configurations and has to go through validation process before use.

U sure?

The only gov/military service i know that has a special custom configured OS is china, they have a special W10 version.

Apart from that i think they don't. It's completely custom from the ground up (or maybe they use the kernel) or they use whatever is available.

 

There are govs out there still running XP machines or even older crap... Regardless what config it has, if it's outdated and known to be vulnerable it's junk.

 

Remember that aircraft carrier (i think that's what it was) that was "brand new" and used XP because it took so long to design?

[PlayStation 2]

Just now, samcool55 said:

U sure?

The only gov/military service i know that has a special custom configured OS is china, they have a special W10 version.

Apart from that i think they don't. It's completely custom from the ground up (or maybe they use the kernel) or they use whatever is available.

 

There are govs out there still running XP machines or even older crap... Regardless what config it has, if it's outdated and known to be vulnerable it's junk.

 

Remember that aircraft carrier (i think that's what it was) that was "brand new" and used XP because it took so long to design?

Government machines generally run customized Windows installations, generally an Enterprise variant.

I know for a fact that's how it goes on military installations.

[FratStar]

1 hour ago, hey_yo_ said:

they might as well stop using Windows 10 since Windows 10 at the very beginning has quite an aggressive telemetry and they only toned it down with the Creators Update.

You can turn off (and i really mean off) telemetry if you have an enterprise license. I for sure know the US military has specialized contracts worked out with MS to ensure that a proper windows installation suitable for their use case is installed.

[Ithanul]

30 minutes ago, samcool55 said:

U sure?

The only gov/military service i know that has a special custom configured OS is china, they have a special W10 version.

Apart from that i think they don't. It's completely custom from the ground up (or maybe they use the kernel) or they use whatever is available.

 

There are govs out there still running XP machines or even older crap... Regardless what config it has, if it's outdated and known to be vulnerable it's junk.

 

Remember that aircraft carrier (i think that's what it was) that was "brand new" and used XP because it took so long to design?

I work in a IT career field within the military.

You want to freak higher IT out real quick on a military computer, forget to install the software that checks the rest of the computer.  The amount of software that watches the computer would make Microsoft jelly.  Hence, the first paragraph that shows on a military computer before logging in stating that it is being monitored and you as the user agreeing to the terms.

 

XP tends to be used on specific hardware that rarely or never hooks to civi side commercial.

 

On the issue of the aircraft carrier, no doubt it initially was designed with XP because, guess what, that probably the latest OS back when the carrier was drafted.  A carrier takes decades to build and finalize.  Military takes a long time get large projects done because of the crazy amounts of red tape, paperwork (military loves paperwork), and budgeting.  Depending on the system and usage, the process for updating software can take a good few years because of validation to go onto the military network.

 

29 minutes ago, Dan Castellaneta said:

Government machines generally run customized Windows installations, generally an Enterprise variant.

I know for a fact that's how it goes on military installations.

Pretty much, I been working on some W10s because of the roll out.  Acts a whole lot different from civi side W10.

[Tech_Dreamer]

USA & Russia acting like 2 kids who got caught red handed steal cookies trying to blame it on the other .

[Guest]

5 hours ago, MadSprite said:

The examination of Kaspersky was immediately noticed in Moscow. In the middle of July 2015, a group of CIA officials were called into a Moscow meeting with officials from the FSB, the successor to the KGB. The message, delivered as a diplomatic démarche, was clear: Do not interfere with Kaspersky.

I'm lacking in political knowledge but this kinda tips me in the direction that the CIA might have been trying to have a backdoor added for some regions, but hey, I'm just speculating /tinfoilhat

[Delicieuxz]

6 hours ago, hey_yo_ said:

https://eugene.kaspersky.com/2017/10/05/we-aggressively-protect-our-users-and-were-proud-of-it/

https://usa.kaspersky.com/about/press-releases/2017_kaspersky-lab-response-to-issuance-of-dhs-binding-operational-directive-17-01

https://usa.kaspersky.com/about/law-enforcement-cooperation

 

But with that said, I'm waiting for the Senate hearing in the 25th to see if the allegations are true as Kaspersky himself offered to have their source code inspected probably by US-CERT or NIST. If anything suspicious was proven beyond doubt, I would switch to another AV and that would be a very big scandal in cybersecurity and could cause mass hysteria among people and start uninstalling or disabling their AVs.

 

But if the concern of the US government is just telemetry in Kaspersky products, they might as well stop using Windows 10 since Windows 10 at the very beginning has quite an aggressive telemetry and they only toned it down with the Creators Update.

It's only confirmed that Microsoft toned down telemetry for France, because French law required them to, isn't it? I haven't yet seen anything to indicate that Microsoft made any changes to Windows 10 telemetry rates outside of France.

 

Before the change, the most basic telemetry setting in Windows 10 Home and Pro collected over 5,000 unique streams of telemetry data, while after the change it was reported that the number of unique telemetry streams was closer to 2,500, which "satisfied" the French government.

 

Microsoft could have just pushed a single unique update to France that disabled certain telemetry streams, while leaving all other countries with the over 5,000 original telemetry streams still in place.

 

 

By the way, here's a petition calling on Microsoft to provide an option to fully disable all telemetry in Windows 10. I recommend people sign it and share it, because the more publicity there is of the matter, the more Microsoft will be put in the position of having to open up about what telemetry they're collecting, why, and all the stuff that they're doing with it. And the more pressure there will be on Microsoft to provide an option to run Windows without the data-theft and security risks that telemetry creates.

 

https://www.change.org/p/jerry-berg-microsoft-needs-to-add-an-off-option-to-telemetry-for-windows-10

[AresKrieger]

People arguing over whether the US government is using an altered windows 10, but that assumes they are using it at all and given how long they used windows xp I'm inclined to say the answer is no.

[captain_to_fire]

31 minutes ago, Delicieuxz said:

It's only confirmed that Microsoft toned down telemetry for France, because French law required them to, isn't it? I haven't yet seen anything to indicate that Microsoft made any changes to Windows outside of France.

Really? I didn’t know that. 

 

7 hours ago, MadSprite said:

As an average consumer, this may not affect you to keep using their product, as a corporate entity, you will have to factor in the government agency that has government jurisdiction because of the software's origin

Unlike so many products, Kaspersky actually allows you to disable telemetry. Granted that it’s not the only one that allows full disabling of telemetry. 

[Jito463]

14 hours ago, huilun02 said:

Backdoors are all the rage these days

There's a joke in there somewhere.......

[System Error Message]

what kaspersky means is that they're spyware rather than backdoor.