
FBI pushes private sector to cut ties with Kaspersky - drewchainzz
https://www.cyberscoop.com/fbi-kaspersky-private-sector-briefings-yarovaya-laws/
======
oneplane
I wonder how that is something the FBI should be doing. I always thought the
US had it's somewhat-secret-security agencies divided between foreign and
local, spying and acting, and public and government tasks. (which is why they
have so many of them?)

If this was a problem for the country, wouldn't it be DHS's job? And if there
was an issue to be looked in to, it's FBI's job. And if there is something
about spying to figure out if someone is doing something, there is the CIA and
the NSA depending on where they need to look?

On top of that: wouldn't this be something that should simply be looked at
internally at agencies and if there is an actual problem, resolve it for the
country by issuing a law or directive or bill or whatever name they put to
rules the US-based companies have to follow?

~~~
ajross
Securing domestic computer networks and products from foreign attack surely
fits within the FBI's jurisdiction. Obviously there's some overlap with the
NSA in this mission (but not DHS -- they have very little in the way of
computer crime experts), but this doesn't seem weird to me.

Basically: US law enforcement is telling US companies that Kaspersky products
are likely compromised by Russian intelligence. Surely foreign law enforcement
is issuing similar warnings about Symantec and McAfee products being
compromised by the NSA.

~~~
enkid
NSA is DoD systems, DHS is other governmental systems and some critical
private sector systems, FBI is counterintelligence investigations. They all
overlap and help each other.

~~~
itchyjunk
NSA is under Intelligence Community[0]. I think Defense Intelligence Agency is
DOD's intelligence branch.[1] But my own wiki link is saying both NSA and DIA
don't have parent agencies so idk..

\------------------------------------

[0][http://www.dia.mil/](http://www.dia.mil/)

[1][https://en.wikipedia.org/wiki/United_States_Intelligence_Com...](https://en.wikipedia.org/wiki/United_States_Intelligence_Community)

~~~
bebop
Both the NSA and the DIA are under the DoD. Both are intelligence agencies and
are part of the IC. All of the IC members fall under the Director of National
Intelligence (DNI). The NSA and DIA differ in their missions. The NSA is
primarily focused on Signal Intelligence (SIGINT) whereas the DIA is focused
on Human Intelligence (HUMINT), mostly pertaining to foreign militaries.

~~~
AstralStorm
Those are euphemisms for spying and traitors.

~~~
novaleaf
more like "professional terminology"

------
jameslk
This is essentially the same reasoning why other governments and their
constituents shouldn't trust American tech companies. That's pretty well
established thanks to some notable leaks.

~~~
golergka
Nowhere near to Kaspersky level though.

~~~
UnoriginalGuy
Indeed, significantly worse.

No actual technical mechanism has come out suggesting how Kaspersky is spying,
only that it could. We've seen technical mechanisms which impact US firm's
hardware such as Cisco and how they're embedding that malware into specific
target's endpoints (postal intercepts). We've also seen firmware updates go
out to US company's industrial hardware which MIGHT have needed the companies
help to produce.

I'm yet to see anyone publish an article talking in technical terms about what
Kaspersky is meant to be doing. All people keep repeating is that one of the
top executives has Russian military experience. But technical facts are more
key here than anecdotes or fear mongering. I'd stop using them tomorrow if
someone can show me why, but even the FBI/DHS/NSA hasn't produced a paper on
it or done a presentation at Blackhat.

Let's talk actual facts here. Software or even hardware isn't magic, if you
can show that Kaspersky is evil show it already.

------
mhkool
The true reason why the FBI wants to get rid of Kaspersky: since American
agencies do not have access to data of Kaspersky but do have access to all
data of American antivirus vendors, they want everybody to switch to American
vendors.

~~~
5706906c06c
Define data? Eugene Kaspersky volunteered their source code. It's true that
won't be an on-going effort and that back-doors are hard to detect through the
millions of lines of code, but it's one hell of a sign of confidence.

Edit: Not dismissing the Russian scenario, but this is McCarthyism 2.0 as far
as I'm concerned.

------
lawnchair_larry
Highly skeptical that this isn't new red scare BS. Eugene gets to be the
subject of so many dumb conspiracy theories.

A recent rebuttal by himself:
[https://eugene.kaspersky.com/2015/03/20/a-practical-guide-
to...](https://eugene.kaspersky.com/2015/03/20/a-practical-guide-to-making-up-
a-sensation/)

Edit: and a more recent one: [https://eugene.kaspersky.com/2017/05/12/they-
asked-me-everyt...](https://eugene.kaspersky.com/2017/05/12/they-asked-me-
everything/)

Edit 2: _" FBI officials point to multiple specific accusations of wrongdoing
by Kaspersky, such as a well-known instance of allegedly faking malware."_

Ok, if they are bringing that incident up, this really does mean they have
nothing and are grasping at straws. This is referring to a time when Kaspersky
trolled competitors who were stealing their signatures, and they made some
fake detections. It's the antivirus equivalent of "Trap Streets" used by
mapmakers. It doesn't create any kind of back door or weakness.

------
sheeshkebab
The whole av industry is shady business - never know for sure whether some
stuff is planted on purpose or is a result of a hack. (I used kaspersky stuff
20+ years ago - just don’t have much respect for this industry in the first
place. Also using kaspersky av in us gov settings or any critical business ops
is just plain clueless)

------
nickysielicki
Interesting to look at these links, all 5+ years old:

1\. _Russia’s Top Cyber Sleuth Foils US Spies, Helps Kremlin Pals_

2\. _What Wired Is Not Telling You – a Response to Noah Shachtman’s Article in
Wired Magazine_

3\. HN Discussion on 2

_____________________________

[1]:
[http://www.wired.com/dangerroom/2012/07/ff_kaspersky/all/](http://www.wired.com/dangerroom/2012/07/ff_kaspersky/all/)

[2]: [https://eugene.kaspersky.com/2012/07/25/what-wired-is-not-
te...](https://eugene.kaspersky.com/2012/07/25/what-wired-is-not-telling-you-
a-response-to-noah-shachtmans-article-in-wired-magazine/)

[3]:
[https://news.ycombinator.com/item?id=4340309](https://news.ycombinator.com/item?id=4340309)

~~~
unexistance
man that is one deep hole I've fallen into :D very good reads

NOW I know win7 also phone backs home T_T

~~~
exikyut
Yeah, and you can't turn it off.

[https://twitter.com/m8urnett/status/866353982217699328](https://twitter.com/m8urnett/status/866353982217699328)

[https://news.ycombinator.com/item?id=14389441](https://news.ycombinator.com/item?id=14389441)

------
gregopet
If USA is fussing over an antivirus program, Russia should be absolutely
panicking about Windows, Office and other critical software from the USA.

~~~
jrs95
Well, if they stopped using it altogether, it wouldn't remain critical to them
for very long. It would probably be good for free software, too!

------
rmason
In the Lansing area all the municipalities using Kaspersky are being advised
by the feds to drop it as quickly as possible. It was front page news a few
days back.

[http://www.lansingstatejournal.com/story/news/local/watchdog...](http://www.lansingstatejournal.com/story/news/local/watchdog/2017/08/14/lansing-
eaton-county-use-russian-software-feds-call-unsafe/552160001/)

------
anaptdemise
Presumably, the AV suite would send "telemetry" and related "data" to their
servers for analysis...

"Microsoft Wins Appeal on Overseas Data Searches"
[https://www.nytimes.com/2016/07/15/technology/microsoft-
wins...](https://www.nytimes.com/2016/07/15/technology/microsoft-wins-appeal-
on-overseas-data-searches.html)

[edit][https://www.mcafee.com/us/resources/solution-briefs/sb-
quart...](https://www.mcafee.com/us/resources/solution-briefs/sb-quarterly-
threats-aug-2015-1.pdf)

------
Demiurge
How many are other security enterprises are out there who are as independent
from US intelligence agencies?

~~~
ttul
Maybe nobody. But at least US intelligence agencies are operating in a
jurisdiction where the rule of law is strongly enforced.

~~~
balls187
> Maybe nobody. But at least US intelligence agencies are operating in a
> jurisdiction where the rule of law is strongly enforced.

Except when it's not.

------
neves
It looks like FBI is making great advertisement of Karpersky for security
conscious people that has more than 2 neurons.

~~~
neves
Kaspersky is the only company that discloses NSA and CIA's evil malware. They
are the good guys here.

~~~
willstrafach
That is not true. Other AV vendors, such as FireEye and Symantec, repeatedly
write about TTPs of all state actors they encounter.

~~~
neves
So Karpersky is just more competent to find the ones from the USA Gov.

~~~
willstrafach
That is not the case.

It is actually quite difficult to intentionally ignore nation state malware
from certain regions, because attributing the origin is not something a
private entity can accurately do with confidence.

------
draw_down
Don't use stuff that's pwned by other intelligence agencies, use stuff that's
pwned by us.

------
basicplus2
From this reference in the article...

[http://www.reuters.com/article/us-kaspersky-rivals-
idUSKCN0Q...](http://www.reuters.com/article/us-kaspersky-rivals-
idUSKCN0QJ1CR20150814)

"Microsoft's antimalware research director, Dennis Batchelder, told Reuters in
April that he recalled a time in March 2013 when many customers called to
complain that a printer code had been deemed dangerous by its antivirus
program and placed in "quarantine."

"Over the next few months, Batchelder's team found hundreds, and eventually
thousands, of good files that had been altered to look bad."

"Batchelder told his staff not to try to identify the culprit"

This last part seems incredibly suspicious.. perhaps it was Microsoft trying
to discredit Kaspersky

------
powertower
Aside from all the innuendos and made-up proof, the one true statement you can
make here is that Kaspersky is not, nor ever will be, providing backdoor
services for the FBI.

------
basicplus2
What happens if you use both Russian Anti Virus Software and an American Anti
Virus Software?

Would this catch everything?

~~~
tpush
They'd probably catch each other.

------
LeifCarrotson
I was surprised to hear an ad for Kaspersky on NPR this morning. I know
there's a disproportionate number of ads for Barracuda and other security
services, but I was curious about an entity in the news running ads. The hosts
didn't mention any connections to current events.

------
0xbear
Seems to me like all the Chinese-made equipment everyone (including FBI) is
using is a much more credible threat. This looks like they're just
piggybacking on a witch hunt.

Disclosure: I am Russian-American, but always voted against Putin. Not that it
mattered, of course.

------
blickentwapft
Is Jetbrains also a risk?

What if they build something bad into the Kotlin language?

~~~
severino
You mean like easily allowing null pointer exceptions again?

------
javabean22
Kaspersky can go fuck itself

------
w00bl3ywook
super surprised this thread isn't filled full of hate for our fed Intel teams.
The IC works incredibly hard to keep us safe. Maybe this Presi and his hate
for the IC is changing minds about our IC.

