Do you have Russian anti-virus software?

[Asterix, the former Gaul.]

Kaspersky Labs: Warning over Russian anti-virus software

The National Cyber Security Centre is to write to all government departments warning against using the products for systems related to national security.
The UK cyber-security agency will say the software could be exploited by the Russian government.

..
Kaspersky Labs is widely used by consumers and businesses across the globe, as well as by some parts of the UK government.
..

In the new government guidance, Ian Levy, NCSC's technical director, said: "Given we assess the Russians do cyber-attacks against the UK for reasons of state, we believe some UK government and critical national systems are at increased risk."

You can't trust any one these days but it might be asked why we haven't the means to discover if the software is malicious.

The NCSC is understood to have been in dialogue with Kaspersky Labs and says it will explore ways of mitigating the risks to see if a system can be developed to independently verify the security of its products.

It's like the way our leaders once used to visit Russia using Russian hospitality and completely ignoring that their quarters were bugged.  (Teheran, Yalta 1945)

[frankly frankie]

I had Kaspersky AV installed for a while, several years ago, but soon decided it was far too intrusive on my PC, and got rid.  Or tried to - it seemed impossible to completely uninstall it and I eventually formatted and re-installed a clean OS.

So I wouldn't go near it with a bargepole, simply because it hooks itself in too much.  Malicious?  Set a thief to catch a thief innit.
I must admit it never occurred to me that it was Russian, not that it would have bothered me anyway.
Funnily enough though I do use a Russian email client. The Bat

[T42]

AVG here, which is Czech or summat.  More Ostblock.

TBH I don't trust any of them.

[Mr Larrington]

AVG are now owned by Avast.  Both Czech.

[T42]

I suppose they're still honest...

[nicknack]

Linux YKIMS.

[Chris S]

Windows Defender, and a itchy trigger finger; anything I'm even slightly suspicious about and I'll take off and nuke the device from orbit.

[Asterix, the former Gaul.]

Windows defender is what I use now.  Was AVG and tried Avira but never Kapersky.

[Cudzoziemiec]

Wasn't there advice a while back recently that it's best not to use any of the proprietary AVs because of... some technical stuff in how they all work?

[Greenbank]

Wasn't there advice a while back recently that it's best not to use any of the proprietary AVs because of... some technical stuff in how they all work?

The danger is twofold:-

a) The AV stuff has its own vulnerabilities, and people are now writing things to target these vulnerabilities (this was way less common before).

So running a particular AV software may make you more liable to be hacked/ransomed/etc.

b) The AV stuff contains backdoors that are put in there by Governments or naughty employees.

These are then abused or access to them sold.

[Kim]

c) The AV stuff actively defeats security features in your software in order to work in the first place

[Asterix, the former Gaul.]

Why I switched to Defender:

Trojan warning. Avira failure.

[Cudzoziemiec]

It was c) that people were talking about, but a) is obviously closely linked. Surely b) is built into the OS?

[Asterix, the former Gaul.]

Kaspersky files lawsuit over anti-virus software ban

In September, the Department of Homeland Security (DHS) told US government agencies to remove Kaspersky Lab from their computer networks within 90 days.

The order came amid mounting concern in the US that Kaspersky software could assist Russian espionage and threaten national security.

The ban was written into law last week when President Donald Trump signed legislation banning Kaspersky Lab from being used across civilian and military agencies.

The Trump ban means they're probably 'clean'. 

[frankly frankie]

Hallo, have I wandered into POBI ?

[Greenbank]

Not everything even remotely political needs to be discussed in P&OBI.

If this turns 'nasty' then I'm sure it'll be moved.

[Cudzoziemiec]

Wasn't there advice a while back recently that it's best not to use any of the proprietary AVs because of... some technical stuff in how they all work?

The danger is twofold:-

a) The AV stuff has its own vulnerabilities, and people are now writing things to target these vulnerabilities (this was way less common before).

So running a particular AV software may make you more liable to be hacked/ransomed/etc.

b) The AV stuff contains backdoors that are put in there by Governments or naughty employees.

These are then abused or access to them sold.

Gosh! I've just discovered that the McAfee account I thought I had, actually expired "and I've been without protection for 2092 days". So the McAfee thing on my paltop is just the free thing. Hmm, but I'm sure it gave me a pop-up a couple of days ago that my subscription was about to expire? Guess I might as well get rid of the whole thing then!

[Somnolent]

Several years back I accepted the recommendation of my local computer place to install Kaspersky - they told me it didn't slow things up as much Norton or MacAfee (and there wasn't a great deal of choice back then).

No problems with it so far - and it certainly did its stuff when my netbook (apparently) came under atack in a slightly dodgy hotel in the PRC, and it's remarkably effective at dealing with malware attachments attached to emails that get through my other defences.

Do I trust it 100% ? No.
Would I trust a USAnian product to a greater degree?  Also no.
And that's not intended as a political comment...

[Kim]

Hallo, have I wandered into POBI ?

It's been The Future for almost 17 years now.  Computers are (and in reality always have been) a political issue.

You could reasonably argue that a political discussion belongs in P&OBI, but there's an equally strong argument that one about malware belongs in Ctrl-Alt-Del.  Personally, I think Ctrl-Alt-Del makes slightly more sense, simply because it's where I'd expect to find such a thread.

The same applies to many threads in On The Road.  Yes, they're political, but they're more specifically about cycle campaigning or road safety.

[Greenbank]

Do I trust it 100% ? No.
Would I trust a USAnian product to a greater degree?  Also no.
And that's not intended as a political comment...

Trust is a very odd concept in computing as there is, essentially, very little (or even none).

Do you trust a piece of software like Internet Explorer not to siphon off your usernames/passwords to a third party? You can't see the source...

Do you trust a piece of software like Firefox because it's open source?
* There are plenty of examples of open source software that has had vulnerabilities in it for years despite having thousands of eyes looking at it and reviewing it (OpenSSL is one big can of worms in this respect).

Just because the source is considered safe by many people, how do you know the binary you've downloaded was compiled from that source? (Reproducible builds are gaining popularity but...)

If you compile the source yourself how do you know the compiler isn't tainted in order to inject the malicious code into things being build? (This applies to the compiler source itself.)

Apply all of the above to the Operating System too (it might not be executing the actual binary you've told it to, it might be using its own version with the malware embedded in it)...

After all of this, you've then got to consider the fact that the hardware you're using might be complicit:-
* internal management engines such as Intel ME
* CPUs, keyboards, USB hubs, network cards, etc that will siphon off important data or keystrokes

And then you've got to think about all of the networking equipment in-between you and the destination. There are so many possibilities...

[De Sisti]

Wasn't there advice a while back recently that it's best not to use any of the proprietary AVs because of... some technical stuff in how they all work?

The danger is twofold:-

a) The AV stuff has its own vulnerabilities, and people are now writing things to target these vulnerabilities (this was way less common before).

So running a particular AV software may make you more liable to be hacked/ransomed/etc.

b) The AV stuff contains backdoors that are put in there by Governments or naughty employees.

These are then abused or access to them sold.

Gosh! I've just discovered that the McAfee account I thought I had, actually expired "and I've been without protection for 2092 days". So the McAfee thing on my paltop is just the free thing. Hmm, but I'm sure it gave me a pop-up a couple of days ago that my subscription was about to expire? Guess I might as well get rid of the whole thing then!

When I bought my laptop in Oct 2016 it had Mcafee install on it, free for one month. After the initial period I installed 360 Total Security* (also on desktop). Since then I have been receiving reminders and invitations to sign up to McAfee antivirus.


* Currently looking at Bitdefender and Avast free versions.