
DarkPulsar - MrXOR
https://securelist.com/darkpulsar/88199/
======
JaimeThompson
What is interesting about Kaspersky is how little Russian state malware /
spying tools they find / report on at least in comparison to what they
discussion about such software from other countries.

~~~
jeletonskelly
Interesting, but not all that surprising. At this point it's fair to assume
most security research institutions are co-opted to some degree by
intelligence agencies.

~~~
JaimeThompson
You are correct on most being co-opted but they don't yell from the rooftops
like Kaspersky does that they are fully independent. I have loads of emails
from Kaspersky explaining how they aren't yet their actions don't support
their PR.

~~~
Arnt
I'm curious. Can you be more specific? Describe some of these actions
explicitly?

~~~
JaimeThompson
They, Kaspersky, have sent out lots of emails to partners and resellers saying
how they are independent of Russian government melding which isn't exactly the
most honest read of the situation.

Comments like this, from Kaspersky PR, are interesting don't you think?

"Kaspersky Lab has never helped, nor will help, any government in the world
with its cyberespionage or offensive cyber efforts, and it's disconcerting
that a private company can be treated as guilty merely due to geopolitical
issues."

This tells some of it but I would recommend you do some checking yourself.
[https://www.theregister.co.uk/2018/05/15/kaspersky_labs_anno...](https://www.theregister.co.uk/2018/05/15/kaspersky_labs_announces_move_to_zurich_dutch_government_questions_firm/)

~~~
Arnt
That part is about what Kaspersky says. That part is okay.

The more curious part is the other part: What Kaspersky does, or does not.
You, for example, do not say "here are links to Avast's web site for 2/5/10/20
Russian threats that Avast detects and Kaspersky doesn't". All you do is link
to more innuendo and suspicion.

In this age of databases that suspicion ought eventually to show up in
database records.

------
ataturk
Does no one else find it deeply distressing that all our tech has been so
completely co-opted by outside agents? How can we live this lie that we are
free while every day we see how we are controlled and watched?

~~~
duxup
They could always tap your phone, read your mail, follow you, find out some
secret about you .... no matter what nation / time.

It's not the tools that worry me. Those will advance with technology and just
like non governmental tech, it will progress no matter if we like it or not.

Oversight, rule of law, and etc is where it is at to determine the end result.

Call me old fashioned but the idea that my democratic country has intelligence
agencies making tools like this (or this one...) is not worrisome at face
value to me. I would expect them to do so.

~~~
dsfyu404ed
Agreed. I want them to have the capability. I also want them to use it
properly and only where appropriate and consistent with law. Maintaining
access to potentials adversary's systems is fine and necessary since they're
doing it to us. CPB potentially (I haven't heard any allegations but who knows
what they do with it in the back room) loading malware onto people's phones is
not fine.

~~~
dmichulke
> and consistent with law

Nitpick: consistent with moral, ethics and/or human rights

Most of the stuff that _[A-Z]{3}_ does is lawful (if only legitimized post-
facto) but not nearly half as often does it fulfill the other criteria.

------
ccnafr
"Alleged" NSA Dark Pulsar implant

~~~
sctb
We've reverted the submitted title “NSA DarkPulsar implant” to the original.

------
evenkeel024
_We found around 50 victims located in Russia, Iran and Egypt, typically
infecting Windows 2003 /2008 Server. Targets were related to nuclear energy,
telecommunications, IT, aerospace and R&D._

Great. So because the NSA has crappy security (contractors!) the democratic
West has just weakened itself against autocratic regimes that seek to control
their people.

People that care about self-government and individual freedom have to start to
recognize that the NSA - with its democratic controls and checks and balances
- is far superior to an autocratic or dictatorial spy agency. And we only get
to choose one.

~~~
rtkwe
Except they don't act like a democratically controlled spy agency. They
routinely hide their internal memos stating their perceived legal authority
from Congress who is in charge of oversight and the source of that legal
authority.

~~~
mhneu
NSA disciplines employees who violate their rules on who gets to access data.
[https://www.theatlantic.com/national/archive/2013/09/nsa-
spi...](https://www.theatlantic.com/national/archive/2013/09/nsa-spies-who-
couldnt-resist-snooping-their-loved-ones/310567/)

And senior congressional officials, including people like Feinstein, Grassley,
Burr, Schiff, and Warner, are effectively briefed on all intelligence matters.
Not every member of congress is. America did a decent job after Watergate
implementing supervision of intel.

NSA is probably not perfect, but it's better than the alternative. You know
the old quote "Democracy isn't a great way to govern but it's better than the
alternatives" \-- probably fair to say "Western intelligence agencies aren't
perfect but they are the best way we know to navigate today's surveillance
economy and secure democracies."

~~~
rtkwe
The problem is as much oversight as there is they intentionally dissemble and
use twisted definitions when testifying before the congressional oversight
committies. In 2013 the claimed their PRISM and associated wide scale
surveillance activities didn't 'collect' information about or surveil american
citizens because respectively they didn't task or view the information and
didn't listen in on the actual content of the conversations. It's impossible
to properly oversee an organization that is that circumspect with the people
overseeing them.

