# Prove your innocence



## Phishfry (Jul 2, 2017)

I am really amazed at the strong arm tactics here:
http://gizmodo.com/in-worrisome-move-kaspersky-agrees-to-turn-over-source-1796587120

I would strip out all the comments just to be a jerk.


----------



## drhowarddrfine (Jul 3, 2017)

In order to do business with the government armed forces, Kaspersky, a Russian company, has to show they have no malicious code. What's the problem with that? I would expect it.



> Russia has been making the same requests of private companies recently.
> 
> Russia has been accused of numerous cyberattacks lately


----------



## fernandel (Jul 3, 2017)

drhowarddrfine said:


> In order to do business with the government armed forces, Kaspersky, a Russian company, has to show they have no malicious code. What's the problem with that? I would expect it.


If you have a time you should find still about hacking Mr. Macron email during presidential elections in France(now is president of France)... Search in foreign newspapers


----------



## Phishfry (Jul 3, 2017)

I guess its tit for tat.
http://www.reuters.com/article/us-usa-russia-tech-idUSKBN19E0XB

What's ironic is that our security services hoard zero day exploits and now they want to see the code of a security scanner.


----------



## sidetone (Jul 3, 2017)

I don't trust anything hosted out of Russia for the time being. I suspect someone will ask me, why am I here? because sourcecode can come from anywhere. I know that a lot of companies and people in Russia are innocent, however, the Kremlin will infect software within their borders quickly, without countermeasures.

In the last 5, or even 20 years, the Russian government has done more to hack and destabilize many governments, to try to impose the most ruthless authority figures.


----------



## Phishfry (Jul 3, 2017)

Does anyone really think the Security Apparatus would keep mum if they thought Kaspersky was slipping stuff by..
This is just a cold war shakedown. Like expelling the diplomats.


----------



## ANOKNUSA (Jul 3, 2017)

Phishfry said:


> What's ironic is that our security services hoard zero day exploits and now they want to see the code of a security scanner.



That's not really ironic, nor is it hypocritical. The rationale for hoarding the exploits was to use them in situations where national security might be maintained by doing so. The concern was that (a) they may not limit themselves to using the exploits against foreign powers that seek to do harm to the U.S. government, and use them against civilians as well; and (b) that by keeping the exploits secret they keep open the window of opportunity for malicious hackers to find the exploits and use them themselves.

This instance is a separate issue: if you're a state actor, and you already know that actors of a foreign state possibly intend harm to your own state, then vetting software coming from within that state's jurisdiction is just the smart thing to do from your own perspective. And if your actual, clearly defined role as a state actor is to ensure that foreign powers don't cause your state any harm, then vetting that software is basically your entire job.

It's perfectly clear why the Russian and U.S. governments should not be expected to trust each other. It's a shame that private enterprises have gotten (and will continue to get) caught up in this, but the only way not to get caught up in it is for both American and Russian business interests to avoid doing business with each other or each other's governing states until each state is satisfied that the Russian and American private sectors aren't being exploited by their respective states for nefarious purposes. What that will take and how long is an open question, and if the incentive for a company to do business with a foreign government is greater than the incentive to keep governments from interfering in how the business is run, it might not happen at all.


----------



## ronaldlees (Jul 3, 2017)

ANOKNUSA said:


> ...
> 
> This instance is a separate issue: if you're a state actor, and you already know that actors of a foreign state possibly intend harm to your own state, then vetting software coming from within that state's jurisdiction is just the smart thing to do from your own perspective. And if your actual, clearly defined role as a state actor is to ensure that foreign powers don't cause your state any harm, then vetting that software is basically your entire job.



No doubt.  But ... was the military using this software (maybe for a long time) BEFORE this vetting request?  Scary if true.

Such a request by a military would not be any kind of slight against the maker of the software.  It would just be expected SOP IMO.   While external influence is not asserted in these cases, the context of the military simply demands zero tolerance on code.  Or so I would expect.  Someone mentioned (I don't see the post now) - that this was done with the same software in 2006.  Staying with the software is actually praise and acclaim for the maker, not a slight.  But there is (well, should be) zero tolerance in that context.


----------



## Deleted member 30996 (Jul 17, 2017)

July 16, 2017

US government bans use of Kaspersky Antivirus software 

https://www.techworm.net/2017/07/us-government-bans-use-kaspersky-antivirus-software.html


----------



## Deleted member 9563 (Jul 18, 2017)

drhowarddrfine said:


> In order to do business with the government armed forces, Kaspersky, a Russian company, has to show they have no malicious code. What's the problem with that? I would expect it.


Indeed, and the same goes for US software like MS-Windows. I see no reason not to block such usage for Government use until this is done. However, I think the problem is that there is no real intent to accept actual evidence one way or the other. /2¢


----------



## Deleted member 30996 (Jul 18, 2017)

I collect Soviet Era Russian watches and most of my collection comes directly from people in Russia through ebay. I got to know one guy particularly well as I did most of my business through him and would consider him a friend of sorts. He always did me right on all our transactions. His father was a watchmaker of over 30 years and always inspected my watches free of charge before they were shipped.

My interest carried over to researching the history of Russian watches and got to learn a lot about their history and culture in the process. That led to a interest in Russian Cinema and I own multiple titles. 

I got to know a lot of Russian people through the process and just as in any other population there are people of every kind. Overall. IMO, they are a tough resilient people as a group.

Politics and religion, for me, are two topics I've learned best not talked about online so I won't comment further. Only to say I hope we never go to war with them because we would have a real fight on our hands that nobody would be the better for in the end.


----------



## Deleted member 9563 (Jul 18, 2017)

Trihexagonal said:


> I collect Soviet Era Russian watches


Totally off topic, but _that_ gets an upvote from me.


----------



## Deleted member 9563 (Jul 19, 2017)

azathoth said:


> It seems mass produced housing didn't make russian a lot fo nice big house owning guys......


Soviet Era watches is one thing, but this is sounding a bit bizarre to me.  Care to explain why this should be posted here?


----------



## ronaldlees (Aug 12, 2017)

I guess Kaspersky is Russian, and he owns a Russian watch?

Funnily, just read an article about Putin - and his personal preferences.  He wears a Swiss watch that is about as expensive as my house.  You should mail him some of that Russian watch history, so he can get with the buy local campaign.

Edit:  new search tells me only his _cheapest _watch could be bought for the value of my hut. _Which_ country do you want to be president of, relative to the perks?


----------



## Deleted member 30996 (Aug 12, 2017)

ronaldlees said:


> I guess Kaspersky is Russian, and he owns a Russian watch?


 
90 Russian watches to be exact, 10 of them pocket watches. Not to mention 10 G-Shocks and a Seiko Orange Monster.

I'd post pix but I'm already off-topic.


----------



## Phishfry (Aug 18, 2017)

Well we went from 'prove your innocence' to 'guilty without a trial'.

Whats next, we send Eugene to GITMO?

https://www.cyberscoop.com/fbi-kaspersky-private-sector-briefings-yarovaya-laws/

"In the briefings,FBI officials also raise the issue of Russia's increasingly expansive surveillance laws"

Pot meet kettle.


----------



## Deleted member 30996 (Aug 18, 2017)

A little paranoia can be a good thing but you have to know when to reel yourself in. I think that is a bit much and this closer to the mark:



> ...Jake Williams, an ex-NSA employee who has called the U.S. government’s efforts against Kaspersky “purely political.”



Now Kaspersky has a free version:

KL AV for Free. Secure the Whole World Will Be.

My W520 came with Win10Pro and I tried out the free version before resigning that HDD to a box. It worked as well as any other AV I tried in that short period and if they backdoored me I missed it.

Vault7 docs are more disconcerting IMO.

Edit: From the article you linked to:



> The firms the FBI have briefed include those that deal with nuclear power, a predictable target given the way the electric grid is increasingly at the center of catastrophic cybersecurity concern.



If they are that concerned with cybersecurity why are they using Windows to begin with? Might I suggest an OS we're all familiar with that doesn't require an AV program?


----------



## Phishfry (Oct 21, 2017)

I really think this article sums up my opinion well. I don't trust the leakers.
https://finance.yahoo.com/news/hard-trust-u-s-russias-alleged-kaspersky-espionage-134308101.html


----------



## azathoth (Oct 23, 2017)

I heard soviets have superior rocket engine technology.   Nginx seems to work nicely too thats russia yeah?    They don't seem to have a chip like china loongson no?    I wonder when an economy will simply mass produce concrete real esate apartments until they are by far no1 in world?   I mean making huge apartments plentiful  would make standard of living no1 in short time.....I mean huge aparmetnwith jaczzi tub n nice big kitchen retec..   The whole forced scarcity bs pisses me off........finance buggers........


----------



## rigoletto@ (Oct 24, 2017)

These days, for the "normal" people, it is more like a decision of for who you will give your information.

Simplifying at maximum: Google (USA) or Yandex (Russia) or Baidu (China)?

Well, as I have absolute ZERO relations in Russia, I would go with Yandex then.


----------



## CoTones (Oct 24, 2017)

Trihexagonal said:


> I collect Soviet Era Russian watches ...



Yah heavy drinkers are known wizards of watchmaking. Jamaican watches must be very good too.
BTW where are forum users from Russia? they know real deal... and even may have balls...


----------



## ronaldlees (Oct 25, 2017)

azathoth said:


> I heard soviets have* superior rocket* *engine* technology.   Nginx seems to work nicely too thats russia yeah?    They don't seem to have a chip like china loongson no?    I wonder when an economy will simply mass produce concrete real esate apartments until they are by far no1 in world?   I mean making huge apartments plentiful  would make standard of living no1 in short time.....I mean huge aparmetnwith jaczzi tub n nice big kitchen retec..   The whole forced scarcity bs pisses me off........finance buggers........



Apparently Elon thinks so too.  He (apparently, according to random internet lore) bought a Russian ICBM (sans nukes) some time ago, to study it.  I guess some of that could have made it into space-x.


----------



## Datapanic (Oct 25, 2017)

The US (NASA) has been using the Russian RD-180 rocket engines for the Atlas V for years.


----------



## CoTones (Oct 25, 2017)

Seven years ago...

https://www.reuters.com/article/us-poll-education-odd-idUSTRE71A4OI20110211
"In a survey released this week, 32 percent of Russians believed the Earth was the center of the Solar system; 55 percent that all radioactivity is man-made; and 29 percent that the first humans lived when dinosaurs still roamed the Earth. "

For High Tech you need smart and well educated people.


----------



## fernandel (Oct 25, 2017)

CoTones said:


> Seven years ago...
> 
> https://www.reuters.com/article/us-poll-education-odd-idUSTRE71A4OI20110211
> "In a survey released this week, 32 percent of Russians believed the Earth was the center of the Solar system; 55 percent that all radioactivity is man-made; and 29 percent that the first humans lived when dinosaurs still roamed the Earth. "
> ...


Watch and enjoy:
https://en.wikipedia.org/wiki/Borat


----------



## Deleted member 48958 (Oct 25, 2017)

fernandel said:


> Watch and enjoy:
> https://en.wikipedia.org/wiki/Borat


Watch and enjoy https://en.wikipedia.org/wiki/The_Simpsons 
It is no the best idea to draw an analogy between real people and comedian films about them.
Also, in that movie,  Borat is Kazakh, and not Russian, and it is a very big difference.
Russians are more like Europeans in their appearance mostly, you won't notice very big difference
if you'll be traveling around Russia-Ukraine-Poland-Germany-France... Except roads 
Roads are much better in EU.

P.S. I'm not Russian


----------



## Deleted member 30996 (Oct 25, 2017)

CoTones said:


> Seven years ago...
> 
> https://www.reuters.com/article/us-poll-education-odd-idUSTRE71A4OI20110211
> "In a survey released this week, 32 percent of Russians believed the Earth was the center of the Solar system; 55 percent that all radioactivity is man-made; and 29 percent that the first humans lived when dinosaurs still roamed the Earth. "
> ...



Three years ago...

1 in 4 Americans Apparently Unaware the Earth Orbits the Sun

I don't know how many Russian people you know personally, but I have already expressed my opinion of them as a people in length.

P.S. I'm not one of the four.


----------



## Datapanic (Oct 25, 2017)

I guess some folks don't care how offensive they are online.  I know a lot of Russians and speak russian because I'm married to one.  Grow up folks!  Your faults are showing.


----------



## Deleted member 48958 (Oct 25, 2017)

Datapanic said:


> I know a lot of Russians and speak russian because I'm married to one.


Добрый вечер! 

This topic should be renamed into "Prove that you are not Russian" 

BTW, comrades, as far as I know, FreeBSD is popular among Russian sysadmins.


----------



## fernandel (Oct 26, 2017)

ILUXA said:


> Watch and enjoy https://en.wikipedia.org/wiki/The_Simpsons
> It is no the best idea to draw an analogy between real people and comedian films about them.
> Also, in that movie,  Borat is Kazakh, and not Russian, and it is a very big difference.
> Russians are more like Europeans in their appearance mostly, you won't notice very big difference
> ...



I am not Russian too but...
I know about Borat but...  it was not story about Kazakh but about Americans.


----------



## Phishfry (Oct 26, 2017)

Lets get this back on topic.
I am dismayed that a company is being treated this way without the benefit of due rights.

The US Government was not forced to buy this product. They chose to buy it.

Has McAfee ever had its offices raided or its researchers questioned outside the workplace.

If all this is true then why is there not criminal charges?


----------



## j7j3 (Oct 26, 2017)

Team America World Police!


----------



## ronaldlees (Oct 26, 2017)

Phishfry said:


> Lets get this back on topic.
> I am dismayed that a company is being treated this way without the benefit of due rights.
> 
> The US Government was not forced to buy this product. They chose to buy it. Has McAfee ever had its offices raided or its researchers questioned outside the workplace. If all this is true then why is there not criminal charges?



I read that Kaspersky made a transmission to congress prior to the congressional hearing. They defended themselves by describing their own post-incident analysis, based on what their servers had collected.  They wrote that the individual's machine had been used to download a cracked copy of MS Office, along with a key-gen utility (to provide a usable key) - and that the key-gen util had a trojan. I'm not saying this is true, but it was in the transmittal and/or blog post on Kaspersky's site.

Subsequently (according to the transmittal) - the AV software alerted the user of the malware, and the individual started a full scan.  The scan found the malware and removed it, but also found the "other stuff" involved in the case, because it presented as suspicious.  So, that's their story, basically that the AV was doing what it was supposed to do, and that the uploading of suspicious code is part of any AV software's procedure. 

That's scary to me, since it's tough for me to feel comfortable about any sort of upload.  I guess that's why I run FreeBSD and no AV LOL.

Kaspersky's response is based on this blog post from their site: https://www.kaspersky.com/blog/internal-investigation-preliminary-results/19894/


----------



## Deleted member 30996 (Oct 26, 2017)

ronaldlees said:


> So, that's their story, basically that the AV was doing what it was supposed to do, and that the uploading of suspicious code is part of any AV software's procedure.
> 
> That's scary to me, since it's tough for me to feel comfortable about any sort of upload.



That appears to be opt-in:



> The incident where the new Equation samples were detected used our line of products for home users, with KSN enabled and automatic sample submission of new and unknown malware turned on.



Personally, in the short time I tried out Windows10 and the free version of Kaspersky, I was more troubled with the possibility of Windows parsing files than Kaspersky.

From the last article:



> Skeptics demand pure evidence, which the U.S. government cannot provide without revealing highly valuable details about how the information was obtained.
> 
> “There’s no good way to do it is the problem,” Aitel said. “It’s not like there’s been a magical way where you can both show the evidence and protect sources and methods.
> 
> https://finance.yahoo.com/news/hard-trust-u-s-russias-alleged-kaspersky-espionage-134308101.html



This is the part that gets me. If they're claiming it's parsing for keywords like “top secret” and “classified”, how difficult would it be to just show the code they're using to do it?


----------



## ronaldlees (Oct 26, 2017)

I see that most recent articles about this are attributing the individual described in the Kaspersky explanation as "a U.S. national" - rather than an "agent" - so, the exact source is apparently unclear, and may not (necessarily) be any U.S. gov agent.


----------



## ralphbsz (Oct 26, 2017)

fernandel said:


> I know about Borat but...  it was not story about Kazakh but about Americans.


I thought it was a movie about spandex mankini and other scantily clad people.  I guess I have a dirty mind.


----------



## ronaldlees (Oct 26, 2017)

Trihexagonal said:


> That appears to be opt-in:
> 
> Personally, in the short time I tried out Windows10 and the free version of Kaspersky, I was more troubled with the possibility of Windows parsing files than Kaspersky.



That reminds me of a forum converation I had with a Chinese national.  He was having trouble getting internet access using Linux, because all of the Chinese ISP operators assume Windows, and the official (read "monitoring" function here) software for government compliance was made to work only with Windows.  I can't believe that Chinese authorities would allow the use of Windows without the source code, yet am a little surprised there are heretofore no "revelations".

I could imagine that Linux users in CN land have to be under the radar.


----------



## tankist02 (Oct 26, 2017)

We all know the extent of spying on everybody by NSA. Why Russian special services would be different? Disclaimer: I was born and raised in the good old Soviet Union.


----------



## Deleted member 48958 (Oct 26, 2017)

tankist02 said:


> I was born and raised in the good old Soviet Union.


----------



## tankist02 (Oct 26, 2017)

More like that:


----------



## Deleted member 48958 (Oct 27, 2017)

Мне больше нравится Агата Кристи


----------



## ronaldlees (Oct 27, 2017)

I'll admit there's an amount of Russo-phobia building in the U.S.  That's for the participants of the State's games, but maybe it could should be left out of the forum?


----------



## Phishfry (Oct 27, 2017)

I don't seriously believe that any US Airgapped or Tempest systems had Kaspersky Anti Virus running.
I do wonder if the sloppy contractor was from Booz Allen Hamilton as well. I would think at some point they would pull their contracts.
Can you imagine a third person walking out with some serious goods in such a short span.
The guards at my workplace do a better job at finding outgoing contraband then the government.
How do they keep allowing USB drives? We must leave our cellphones and personal gear in lockers at the gate.

I got to tell you I read the Kaspersky explanation and it makes me even more weary.
So a virus scanner sends back bad snippets for further review. Understood. But I thought that would be anonymous.
Suddenly the Kaspersky virus scanning people know who (a un-named contractor) turned off their home PC scanner to run a Windows Office keygen.
The explanation makes me realize that what we are reading is fiction. Not even close to fact.


----------



## Deleted member 30996 (Oct 27, 2017)

Phishfry said:


> I got to tell you I read the Kaspersky explanation and it makes me even more weary.
> So a virus scanner sends back bad snippets for further review. Understood. But I thought that would be anonymous.
> Suddenly the Kaspersky virus scanning people know who (a un-named contractor) turned off their home PC scanner to run a Windows Office keygen.
> The explanation makes me realize that what we are reading is fiction. Not even close to fact.



Their explanation did seem unbelievably detailed...


----------



## Phishfry (Nov 23, 2017)

Just when I thought I had heard it all it turns out the CIA was using fake kaspersky certs.
http://www.securityweek.com/wikileaks-says-cia-impersonated-kaspersky-lab

So US government says Kaspersky is evil but at the same time is faking certs from them.

Now I wonder if the CIA was using fake certs to steal the NSA's tools.
That sounds plausible. I am sure they don't share tools seeing how data greedy they are.


----------



## CoTones (Nov 23, 2017)




----------



## sidetone (Nov 23, 2017)

This thread is so stupid.


----------



## aht0 (Nov 23, 2017)

ILUXA said:


> Russians are more like Europeans in their appearance mostly, you won't notice very big difference
> if you'll be traveling around Russia-Ukraine-Poland-Germany-France... Except roads
> Roads are much better in EU.
> P.S. I'm not Russian



Mentality is wayyyyy different though. Inferiority and superiority complexes deep down all mixed up with "their version of history" which present day Russian media re-inforces, cause whole lot of "taboo-topics" for conversations. Better be careful or there'd be blood on the walls, literally.
My wife and her relatives are Russian.


----------



## Deleted member 48958 (Nov 23, 2017)

aht0 said:


> Inferiority and superiority complexes deep down all mixed up with "their version of history" which present day Russian media re-inforces, cause whole lot of "taboo-topics" for conversations. Better be careful or there'd be blood on the walls, literally.


It's not "Russians", it's Putin fanatics and "TV fans".
There are a lot of Russians that are quite liberal in their points of view.


----------



## CoTones (Nov 23, 2017)

Nice try... sadly  not all westerners are "fat and stupid".


----------



## Deleted member 30996 (Nov 23, 2017)

So you’ve learned you’ve got a “pitifully” low IQ. How worried should you be?


----------



## sidetone (Nov 23, 2017)

This thread is using the subject of technology as an excuse to push political views. I don't know why anyone would take a remark about the content of a thread personally. Let's make more excuses for tyrannical governments at the expense of a democracy that is not perfect. This is paranoia and misplaced concern. Why is this a political discussion? That's why it's stupid, and so is making veiled insults defending it.



CoTones said:


> Nice try... sadly  not all westerners are "fat and stupid".





Trihexagonal said:


> So you’ve learned you’ve got a “pitifully” low IQ. How worried should you be?


----------



## Deleted member 30996 (Nov 23, 2017)

sidetone said:


> This thread is using the subject of technology as an excuse to push political views. I don't know why anyone would take a remark about the content of a thread personally. Let's make more excuses for tyrannical governments at the expense of a democracy that is not perfect. This is paranoia and misplaced concern. Why is this a political discussion? That's why it's stupid, and so is making veiled insults defending it.



I'm not pushing any political viewpoint and don't think it has a place here. Discussions about politics and religion inevitably result in discord.

And if you think I intended to defend it you are mistaken.


----------



## aht0 (Nov 23, 2017)

ILUXA said:


> It's not "Russians", it's Putin fanatics and "TV fans".
> There are a lot of Russians that are quite liberal in their points of view.



It runs deeper than that. There are so many deep internal conflicts, it's not even funny.

Some examples:
They DO LOVE Motherland. Especially do so ethnic Russians abroad. At the same time, very few of the latter actually would want to return. Because, frankly, they do know, they are doing better in countries of their residence.

They do get the idea of being liberators, defeaters of nazism, winners of WW2 with their mother's milk. Russian media is reinforcing that mental image daily.
At the same time, general Russian outlook to the world is utterly Byzantine. You are master or slave. You cannot really be an equal. Their attitudes about other countries and nationalities are pervaded by attitude of "are we mightier than "country/nation x" or not?". Militarily. Which logically should run opposite the attitude of a liberator but somehow controversy really fails to register on them.

Wasn't that far back when Russian media tried to figure out how many nuclear-tipped missiles would it take to destroy Western-Europe's capitals. Russian man you are drinking with, could brag about Russian conquests and military might for hours and then get pissed when you suggest that it does not seem to make them any better than nazis. You don't even have to bring in the historical tidbit of pre-WW2 USSR being ally of IIIrd Reich and co-starter of a Great Patriotic War (invasion of Poland). THAT would get you a fistfight right there. Because it was and still is excluded from official histories of USSR and present-day RF. So it has to be a lie.

I could go on here couple A4's worth but I doubt anyone would care to read through that much ramblings..


----------

