Kaspersky labs have this curse of trying to be good guys, while operating from a dictatorship state with all state security services having hands up theirs, firmly holding them and operating them like puppets. It is impossible to be a good neutral guy in a dictatorship.
How quick are we to forget PRISM [1] and the countless other related programs that have been revealed. Any tech company operating in any country is going to be subject to the state interests within that country. Anything beyond that matter of fact is going to be a matter of public relations come propaganda.
You can see this leaking into the public in the US most commonly with China. China is still a geopolitical adversary of the US, but they're also the economic future of the world. So big companies want to appeal to China, but are in a constant balancing act between that and keeping domestic powers happy.
Nobody's "forgetting" anything - it's simply that the US doesn't have any programs that are remotely comparable to those of Russia or China. For instance, show me the US federal law that requires that companies to provide them with constant unencrypted access to all users' data (and forbid E2E), without a warrant, and to provide real-time monitoring and censorship of all communication data.
Comparing metadata collection to legally mandated decryption, storage, monitoring, and censorship of all user data and metadata is insane.
You're confusing section 215 of the "Patriot Act" - later on the "USA FREEDOM Act" (don't you love the names) with PRISM. The two are quite different spying acts. The USA FREEDOM spying is where the whole metadata only debacle came from.
From the Wiki which references the NSA's own slides, PRISM offers: "extensive, in-depth surveillance on LIVE [emphasis mine] communications and stored information" with examples including email, video and voice chat, videos, photos, voice-over-IP chats (such as Skype), file transfers, and social networking details.
One of the leaked documents is a training manual for spying on Skype calls, which are routed right on over to the NSA. It even had a technical support FAQ which includes issues like understanding why messages are being repeated - they're being synched to another device which resends everything, or how to most effectively spy on a user using multiple IDs. It was quite user friendly!
The entire scope of the NSA is really quite absurd. They even had/have spies installed in World of Warcraft [1]. It's all quite dystopic but it often feels like we're stuck closer to Brazil than 1984.
I think it’s rather a concern that too much bending over backwards to please Xi will jeopardize their customers trust.
There is a concerted effort now afoot both in the EU and the USA to bring certain tech fabrication processes to domestic shores for various reasons.
The race to the bottom of costing in pursuit of profit margins brought other issues to the forefront and once the market probed the lower end of costing possibilities consumers noticed things like scissors that bend when cutting paper, and there’s been a large backlash, arguably one of the principle fuels feeding the fires of this fake so-called-populism.
Im not so sure about China being the economic future of the world these days, despite decades hearing this and despite actual economic sizes and pollution footprints, as I’m not sure China and the US or EU markets can decouple effectively so easily. It’s a bit of a double edged sword for all concerned
> Im not so sure about China being the economic future of the world these days, despite decades hearing this and despite actual economic sizes and pollution footprints, as I’m not sure China and the US or EU markets can decouple effectively so easily. It’s a bit of a double edged sword for all concerned
The US/EU for a long time acted like "change through trade" (or in German, "Wandel durch Handel") would be a realistic prospect for dealing with both China and Russia. Obviously that failed, with Russia invading Ukraine and China following the 1933-45 footsteps with the Uyghurs. The behavior of both Russia and China has become so explicitly bad that even the hope for profits cannot make politicians look away longer.
The problem is: China has amassed enormous amounts of money, and they are using that money in a way similar to the Marshall Fund of the past-1945 era to build out immense support and a destination market for their goods in Africa and Asia. For better or worse, China will become a dominant player in geopolitics.
Regardless of how much money they throw around, the list of China’s friends in Asia is much shorter than the list of countries that would literally rather burn to the ground than bend the knee to a Chinese emperor again, and I think that’s a big problem for their aspirations of being a major player in geopolitics.
In a slight oversimplification of geopolitics, any company can be pressured by either Russia, China or the US. From the last two decades we have plenty of reports of all three of them happily abusing this power.
The best you can do to stay up to date on what's happening is listening to all three sides. Kaspersky can't speak out against Russia, but at the same time they are free (and probably encouraged) to expose cybersecurity threats coming from Western governments; which most Western cybersecurity companies seem to be unable or unwilling to talk about.
On the contrary. The US government has a lot less power to control private companies. They do try and even succeed sometimes, but it's nothing even close to the total command and control Russia and China regularly exert.
Yup. As a trivial example, the US neither has a "misinformation control agency" like Roskomnadzor, nor requires companies to implement real-time monitoring+censorship of restricted language into their communication products (a la China [1]).
Comparisons between these tyrannical governments and the US fall somewhere between "ignorant" and "willfully deceitful".
But aside from that, the US government happily pressures companies with unrelated retribution for not following orders. Instead of an agency that has staff, process, records, etc. you get threats directed at particular people e.g. this regulatory judgment at company X that you own will go against you if you don't do this thing that we've press released that we're asking company Y that you own to do. Or your contracts get dropped.
It's like the US justice system in general, where they'll do things like making you plead guilty to something in order to keep your sister's children from being taken away.
Is that preferable? Are you seriously saying that you still want this stuff to be done, but you hate that it's done above board, in public?
Misinformation warriors criticize this stuff in other countries while simultaneously supporting it here. They've also started saying "false equivalence" together over the past year (maybe an influential book or blog?) which for them means that censorship is good in the US because we only censor bad things, but censorship is bad when our enemies do it because they censor good things. You can pair it with "whataboutism" which has also changed in meaning - it used to mean that someone answered your criticism of something (Soviet business freedoms) with a completely unrelated charge against you (that you are an apartheid state.) Now it means that when you criticize Russia for invading another country, when they criticize you for invading another country that's "whataboutism" because they're the bad guys and we're the good guys.
These arguments wouldn't convince children if laid bare rather than being paired with accusations that you're probably a Russian or Chinese spy if you disagree with them, and that eventually they'll come for you and give you what you deserve.
> fall somewhere between "ignorant" and "willfully deceitful".
This comment is a thicket of misdirection and false equivalences.
> We tried to open one mere months ago.
There is no "we" - that was the current administration in a widely criticized and highly unconstitutional move that was eventually reversed (but will doubtless be tried again).
> But aside from that, the US government happily pressures companies with unrelated retribution for not following orders.
Again, completely incomparable. Visible "pressure", using loopholes in laws written for other purposes, as opposed to the very legal structure itself being designed explicitly allow the government to punish companies and citizens for things like "disturbing national unity" to quote the Chinese government.
Things like that can happen in any country, due to corruption - it's categorically different when the government can force companies to decrypt user content because it's written into the laws and working as intended.
The majority of Americans think that what the NSA is doing is unconstitutional, and at least some of them have been asking their representatives to reverse it. In China, they don't have anything equivalent to the Constitution - the government can do whatever they want, and not only have the citizens been conditioned to not complain, but they can't complain because of the pervasive surveillance, no right to free speech, and dystopian "social credit" system that actively punishes individuals for speaking out.
It's pretty blindingly clear that the situations in China and the US are incomparable.
> this regulatory judgment at company X that you own will go against you if you don't do this thing that we've press released that we're asking company Y that you own to do. Or your contracts get dropped.
Again, the situations of a company being threatened with regulatory action and an individual being threatened with disappearance, torture, and death are completely incomparable. The fact that this is the worst you can come up with is a pretty strong indicator that you have no ground for an argument.
> It's like the US justice system in general
What is this absurd, off-topic, unfalsifiable comparison out of nowhere? Citizens in the US have the right to a fair & public trial, and the right to see their accusers and the evidence against them - in China and Russia, those rights do not exist, and the state can just disappear you whenever they want.
> Is that preferable? Are you seriously saying that you still want this stuff to be done, but you hate that it's done above board, in public?
Nowhere in my comment did I say anything remotely resembling that. This is called "fabrication".
> Misinformation warriors criticize this stuff in other countries while simultaneously supporting it here.
"Misinformation" is a dogwhistle for authoritarians. And I can't help but note that you're using another unfalsifiable claim, as well - that some unknown group is pushing some poorly-defined propaganda both in the US and another outside the US.
> They've also started saying "false equivalence" together over the past year
Google Trends proves you wrong[1].
And, finally, you're inventing a complex of vague, poorly-defined, impossible-to-quantify accusations against some unnamed groups ("misinformation warriors") that are completely irrelevant to the issue at hand.
Your tried to misdirect the conversation about the relative power of US vs Chinese governments to a strawman of what some mystical boogieman is doing, because you couldn't actually come up with any instances of the US government exerting levels of control comparable to what the US or Russia does.
> I mean, this is a threat, right?
My statement doesn't remotely resemble a threat. You're trying to play the victim to a fabricated threat. Extremely dishonest.
All incorporated companies exists in similar space where they are implicitly and explicitly beholden to the government governing the nation they are incorporated in, that's just how running a legal business is.
Best we can do is get information from multiple sources and build an independent understanding from the information.
Worst we can do is trusting single entities without any verification from others, no matter where the incorporation is made.
some westerners have this curse of thinking that their government and corporations are always the good guys with best intentions. at least easterners [usually] dont trust either
i dont think voting for someone into leadership is equivalent to thinking they are nice, good, trustworthy, etc. it could be as simple as no better alternative
I think it’s rather that, in a bicameral parliamentary representative democracy one knows that one is ultimately partially responsible for those in office, and one cannot just shrug and blame higher ups.
from my personal experience people in the east (and perhaps south) usually look at their rep dem system much more cynically than people in the west (and north). and this attitude is very much reinforced by american patriotism freedom and democracy myth-making. i find its achievements absolutely amazing. how indigenous people and those that not that long ago were subdued into slavery can now be patriotic to the same flag that brought them so much misery is baffling to me
Well, if you are ultimately responsible for your own government and it’s mess, you realize that it’s a losing proposition to simply be cynical about your government.
Maybe it’s time to fix your government instead of acting disengaged and cynical?
In other news: people in corrupt places have low faith in their systems.
America certainly has its problems and corruption, but if you look at what are considered the least corrupt nations on earth, say Finland, you find higher trust in society and government etc.
So I’ll contend that trauma traumatizes people, aka you are stating a tautology
Also, your observations about “east” fail to account for places like Japan, South Korea, and in terms of trust, I think you find high trust in places like Singapore, but only from a certain set of empowered locals, ditto Dubai…
But your intended generalism is perhaps Eastern Europe?
Believing that they are uncorrupt by the government secret services is naive.
Everything in Russia of any value has eyes of secret govt service on it. If the state men ask you for cooperation, you cannot say no, or your life as a person will be destroyed, and you (as an owner) lose the business too (multiple examples in all areas of technology, science and industry).
I get that, but I am looking for specific examples. Suspicions without proof aren't worth a whole lot to me.
Kaspersky has been in the game for quite some time, and Russian secret services aren't exactly known for their discretion. So there must have been some kind of incident by now.
What does it mean for the backdoor to be "poorly detected"? I would think "poorly implemented [thus easily detected]" makes sense but not "poorly detected." Unless maybe this means that the backdoor is so well hidden that it's not detected by backdoor-detectors?
EDIT: yes this does seem to be the case:
> A distinctive feature of SessionManager is its poor detection rate. First discovered by Kaspersky researchers in early 2022, some of the backdoor samples were still not flagged as malicious in most popular online file scanning services.
I still can't help thinking that the detection capability lies in the detector(s) and it's not a credit to SessionManager as much as it is a fault of the detectors. Is it just too new to be fingerprinted/identified?
> First discovered by Kaspersky researchers in early 2022, some of the backdoor samples were still not flagged as malicious in most popular online file scanning services.
Of course by now majority of AVs detect those files, detections spread rather quickly between AVs.
Sadly, VirusTotal seems to show detection history only to registered users. I can confirm that at least second sample still had 0 detections in April.
Yes, but many of these products are meme products. I'd like to say "No enterprise is running SUPERAntiSpyware on their Microsoft Exchange cluster" but I'm aware of one that is. In general though, half the engines is actually a place where I'd dispute the "poorly detected" description.
This what poor detection looks like after an IR investigation and opening tickets with several vendors two months ago.
I mean, a poorly-detected virus has always been one that doesn't get caught by many detectors. It's normally a call for other vendors to pay more attention to it and implement detection.
This might have been a reasonable rationale before the Ukraine war and before the West and Russia went into a pretty much open cyber war against each other. Right now, it's really not a good idea to use a security product from a Russian company (unless you're living in Russia, North Korea, Syria, or Iran, of course).
open cyber war, huh? sounds scary! any examples of major recent damage from this cyber war front? aside from stupid script kiddie dossing which dies in a couple days.
GP presumably meant the weapons of mass destruction Donald Rumsfeld claimed Saddam Hussein was developing in "seeking the means to strike the United States and our friends and allies",[0] not unusable pre-1991 weapons that were rusting or buried in the desert.
Yeah, it's all about your threat model. If I was a whistleblower against the US government, Kaspersky would be at the top of my list of "most trustworthy antivirus software". But if you're developing missile defense systems for the US, not so much.
Who do you fear most, and who is able to protect you from those people? Sadly there are preciously few neutral parties who'd protect you from everyone, so you have to choose your poison.
This is why I tend to not use an Antivirus at all. Kinda stupid, sorta... but you can't have a man in the middle attack occur of any sort; if you don't have any men in the middle...
Unless I'm _really_ misreading the article or your comment I think you're misinterpreting what's happening here.
IIS a webserver that gets packaged with most versions of Windows.
Once attackers gain access to a system through some exploit or another they're leveraging IIS to create a persistent and alternative entry point into the system (a "backdoor").
SessionManager is the name of one piece of malware that does this but it's emblematic of a recent trend of using IIS once you gain access to a system.
There's nothing to be patched because there's nothing built into IIS and it's not deliberate by Microsoft in the way that "Increase in Android Malware" wouldn't be deliberate by Google.
You can be sure that Microsoft has no deliberate backdoors in it's products. However the 3-letter agencies have enough zero-day's in their pipeline...probably even more for linux then windows nowadays's.
No, it's a case of the world's foremost experts on AV software and malware analysis doing all of us a favor and reporting on yet another malware threat.
Kaspersky's credibility lies in the fact that they are second to none in their industry and has produced an immense amount of research on malware neutralization for over 20 years now.
It's gray because it's a shallow dismissive comment with no substance. Likewise yours will likely also end up the same because complaining about foreign shills is against the guidelines for reasons stated there.
