So an NSA contractor or employee takes confidential/highly sensitive code and documents home and leaves it on their machine. They then install a pirated version of Office, after disabling their antivirus software which is telling them it is infected with a virus and preventing the installation.
Seems like massive incompetence from this user rather than Kaspersky doing anything malicious, and those files where destined to be leaked somehow the moment they left the NSA.
I'm sure there are some employees there who may report or leak things to the Russian government, but I don't buy the narrative that Kaspersky is some evil Russian cyber hoover. Maybe I'm naive though.
Ok so I know very little about Russia, where would one go to verify that claim? I'm not disputing it at all, just trying to inform myself.
One of the reasons I ask, is related to Telegram. I'm aware of the crypto argument. But it seems (from the outside, so could be a complete cover of course) that Pavel Durov is somewhat taking a stand against their government[1][2][3]. Is that simply because he has enough money to do so? Or is it just a show to give people the idea he's taking a stand?
Right after he lost control of his company (FB clone) when he refused to shut down opposition related groups on it. He openly talked about pressure from FSB etc. Telegram is not run out of Russia and Durov does not live in Russia. So if you don't mind loosing all your russian assets and living in exile you sure can speak out :)
No, you can't, except in some abstract sense that loses all meaning.
In the west, it's routine to find wealthy and powerful members of the establishment pursue goals and policies that are directly opposed to the government with both success and failure. And of course these governments change hands relatively commonly.
In Russia, there are no wealthy or powerful people pursuing anything but Putin's agenda. All those who tried have been removed, via various methods ranging from banal to horrifying.
Now I'm sure there are nuts on the internet who will try to claim that the political divisions of the west are "really" just a front for a kleptrocrat cabal or whatever. But in the real world we have one country arresting its enemies and a bunch that don't, and that distinction matters.
Condorcet's Secret aside, Russia is a Mafia State. This is where the state's military and paramilitary are deeply integrated with state-sponsored organized crime. So you have commandos and police both work systems of extortion, human and drug trafficking, money laundering, racketeering, war, espionage, etc. etc. It's a totally different thing than the garden variety corruption you find in western countries, ok?
Does selling influence in the state department count as "garden variety corruption you find in western countries"?
Does delivering Uranium to The Enemy in exchange for cash donations to a slush fund count as "garden variety corruption you find in western countries"?
Does employing El Salvadorian gangs in your nation's capital to intimidate and assassinate your political enemies count as "garden variety corruption you find in western countries"?
I have to admit, even in a subthread where I was sure we'd see conspiracy nuttery, this is not the conspiracy I would have expected. You realize this is a totally fabricated thing, right? The timing alone should tell you all you need to know about what the intent behind it was.
The claim of a quid-pro-quo is fabricated (seriously: it requires collusion between like five governments and three branches of the USG, of which Clinton had control of only one -- there is zero evidence of any of that). Obviously the conspiracy nuttery exists, so yeah, it's "out there".
"It's out there" is the only bit of content. Anyone who reads that and says "well damn he clearly means watch out Hillary, they know about all your illegal doings. Shred everything!" rather than "fyi the right are spreading that nonsense talking point" is making a bit of a leap IMO.
Amazing that people don't see this still. Kaspersky insists that his company has an exception, and it "doesn't work like that", but it's hard to believe. And if you're part of the US IC, it'd be malpractice to believe him.
The nature of the relationship is unknown. Even if Kaspersky is bought by Putin in some way, it’s not clear what the terms and expectations are. It does seem unlikely that the commercial offering is straight up spyware for putin—why would anyone buy it? So it’s a little silly to talk about the relationship as if its existence is meaningful when the degree of ownership is the real question.
You're treating the question of "is Kaspersky spyware" in the sense of criminal law, requiring proof of guilt before enforcing punishment.
The grandparent was treating it in the sense of security analysis: requiring proof of safety before granting trust.
I know which paradigm I'd pick before installing an trusted piece of software that can literally snoop on the whole system. But, y'know, whatever. You be you.
Basically: almost the whole of the Russian economy has been subverted to serve the needs of Putin's government. What are the chances that Kaspersky alone has not? Seems low enough to maybe look elsewhere for your AV needs.
I am not sure I follow your line of reasoning. It is obvious that Kaspersky does not advertise itself in such a way, and the average consumer probably has no idea the company is even based out of Russia.
Who cares if Putin personally calls the shots to the leaders of the company? There are a thousand shades of grey, for instance: Kaspersky knowledgeably allowing backdoors about which they could later feign ignorance.
I don’t trust US, Chinese, or Russian software. Big companies with access to sensitive data invariably become targets, and are only allowed to exist peacefully with the blessing of their masters.
At the micro level there are certainly events that support your position. However, at the macro level the arc of history doesn't seem to bend in your favor.
And even if there are those who oppose, there are also those who do not - and the do nots often get favors, inside info, etc. The opposers aren't really a concern.
> However, at the macro level the arc of history doesn't seem to bend in your favor.
It doesn't get more macro than what happened to Khodorkovsky, who got his company (Russia's biggest at the time) stolen from him once Putin started consolidating his power (in the early 2000s). That's like the Democrats confiscating the Koch brothers' conglomerate business and putting them in prison, or like the Republicans doing the same thing to some big Hollywood media mogul. It's not going to happen.
> "In Russia, there are no wealthy or powerful people pursuing anything but Putin's agenda. All those who tried have been removed, via various methods ranging from banal to horrifying."
Where the hell do people come up with this? It's not only untrue, it's not even feasible.
Seems true enough to me, though I'm willing to be educated. Where is the Russian equivalent of, say, the Koch brothers or Soros? That is: wealthy, powerful people who use their wealth to drive policy aimed (often) at unseating the established government.
Russia had a few of those in the mid 90's. They're all jailed or exiled, or in more than a few cases murdered. Who are Putin's powerful domestic opponents whose existence you think is unfeasible to deny?
It is absolutely feasible. Much of Russia's wealth is generated by a handful of large state owned businesses, predominantly the oil sector.
And all these positions are staffed with individuals who have intimate contact to Putin himself. Ranging from the husband of his daughter (Kirill Shamalov) who within months after the marriage took over Sibur, one of the largest petro businesses in the country, to old KGB aides of Putin who are now in charge of say, Rostec (Sergey Viktorovich Chemezov ) Russia's largest tech company. He too met Putin during his KGB time in East Germany. The list is too long for one post.
This is called an oligarchy and it's a fairly common historical arrangement. Nothing special about it and can be found in stratified countries where economic and political power is concentrated in the hand of a few families.
For starters, do you not see the huge logical leap going from naming a couple of executives who are close with Putin, to saying that ALL people in Russia with money or power are doing nothing but following Putin's agenda?
What about the minor detail that the oligarchs existed not only before Putin, but before Yeltsin, his predecessor, as well (not that they didn't grow under Yeltsin, but still)?
Most documentation that even passes a smell test of being reasonably plausible also suggests that the relationship was inverted - the oligarchs had more influence over Yeltsin than he did over them. When Putin took power, he was known for getting rid of many of them. The interesting thing about that, is that can be interpreted charitably or uncharitably - reducing the level of corruption and oligarch abuse of the government would be a positive thing, but banishing those who don't get in line (where we are assuming "getting in line" means they are being asked to do bad things, not follow laws) seems to be the default assumption in Russia's case. As far as I've seen, there's really never been anything to substantiate the uncharitable narrative, but so many people who have never been to Russia or spoken to a Russian person have themselves thoroughly convinced that they understand these secret "arrangements".
The whole idea that he could be a mafia boss and the CEO of literally everything is just crazy thinking, yet many of us westerners seem to just eat it up, and anything shady that happens even close to the government is always personally attributed to Putin's orders. It'd be like calling Trump a mafia boss because some random cop took a bribe in some city in the mid west. The idea is laughable, and the fact that we got here warrants a little bit of self-reflection on our part.
>What about the minor detail that the oligarchs existed not only before Putin, but before Yeltsin, his predecessor, as well (not that they didn't grow under Yeltsin, but still)?
Nobody is doubting that. The country wasn't liberal or less oligarchic under Yeltsin, it was just as oligarchic under Soviet rule. Russia never meaningfully deviated from this course.
And this doesn't just come from a 'westerner far removed from Russia'. I have family in the country and lived there and I have experienced the degree of corruption not just under Putin but his predecessors personally.
Not everyone would agree that things are good now, or perhaps not even anyone, but it seems like most agree that they have at least improved dramatically since Yeltsin. You're disagreeing with this and saying it has not meaningfully deviated?
Also, why do you believe that the corruption you experienced was because of the leader, rather than despite the leader's efforts?
I do not think anyone would even try to claim that Russia does not have a corruption problem. Putin himself has discussed it at length, particularly expressing frustration over how it cripples the economy, which is probably his biggest obsession.
Furthermore, and I am assuming here, but unless you're from an extremely important family, it seems unlikely that the flavor of corruption you would experience is even in the same universe as what the oligarchs and president are dealing with. This goes back to the idea of him being the mafia boss CEO of literally everything.
>Also, why do you believe that the corruption you experienced was because of the leader, rather than despite the leader's efforts?
because of the programs he has put in place. Role of state owned entreprises has nearly doubled up to 70% of the economy, he has consciously put these close friends in place, he has cut down on any form of opposition and dissent within the country. It is the official course of his politics. The Russian government is not even hiding this, which makes the constant apologia from people not even affected by it seem only more baffling.
Old news. The Russian government, for all practical purposes is the Russian mafia. Many people have written about this starting several years before Steve Blank, the SV entrepreneur, wrote about it in 2008. In 2010, the US Diplomatic Cables Leak confirmed it, going on from there with Luke Harding's book Mafia State. You can get a pretty good look by reading the wikipedia article on this.
> those files where destined to be leaked somehow the moment they left the NSA
Those files were destined to be leaked somehow the moment they were created.
> Seems like massive incompetence from this user
So when we delete production data, it is a process failure[Gitlab postmortem] but when employees at a three letter agency cause spillage, it is a felony? It is wrong on several counts. One: this is data that we should not be hoarding in the first place. We should be helping vendors fix their stuff so the cachet of information automatically loses its value to people who want to get it. Two: Even if we are an axis of evil and don't want to do the right thing, punishing this individual seems like the thing the higher ups at an oppressive regime would do to prevent the wrath of the dictator on themselves for failing to prevent what is really a system failure.
> So when we delete production data, it is a process failure[Gitlab postmortem] but when employees at a three letter agency cause spillage, it is a felony?
Are you equating an accident that resulted in deleted data with someone intentionally taking confidential materials and putting them on an insecure, personal computer?
The Gitlab production data deletion event occurred unintentionally because the system was not designed to make it impossible. Looking at the Kaspersky situation the same way, the leaking of classified documents to Russia occurred because the system was not designed to make it impossible (i.e. by never creating these materials in the first place). GP isn't equating the facts of the events but instead drawing a contrast between the way we treat them.
The point is punishing a person (often near at the bottom of the totem pole) does not fix the systemic problem. In fact, it creates noise which distracts us from fixing the problem. The first step toward fixing a problem is acknowledging there is a problem and identifying the problem.
I am very saddened by my inability to communicate this in a better way but punishing this person will not solve any problem except someone somewhere can check a box saying they did their job.
> but I don't buy the narrative that Kaspersky is some evil Russian cyber hoover.
I don't think it even needs a narrative about Kaspersky. You could expect that they're infiltrated in some way (worker, infrastructure, hosting, ...) and leak information to FSB. I'm exactly the same way Symantec could leak information to NSA. Without the evil qualifier and narrative for the reasons, both are likely to happen to some extent.
> I don't buy the narrative that Kaspersky is some evil Russian cyber hoover
I don't know about this particular story, but Kaspersky is certainly has strong ties with FSB, FSO and other official structures. I don't mean that it's their main business model — developing anti-virus software pays well enough not to be some cover story — but they're definitely _friendly_ on a deep personal level. Kaspersky himself was educated in KGB school, worked in government structures and has a lot of connections (which he used, for example, with that shady story when his son was kidnapped).
Usually, in Moscow, there is a strong correlation between being a highly educated, well-paid IT professional and having a negative opinion about current Russian regime; but judging from my second-hand stories from friends and colleagues, guys at Kaspersky tend to be very patriotic and pro-government. So, while I don't think that Kaspersky lab was founded deliberately like some sort of cover. But they're the kind of people who would definitely help FSB with whatever they ask — not because of some secret court order, but happily, thinking that they are serving their country and doing a good thing.
> (which he used, for example, with that shady story when his son was kidnapped).
Read the first-person account by Igor Ashmanov who witnessed the whole incident. [1] Kaspersky's son was found not by FSB, he was found by the unit of Moscow police that was specifically created to deal with kidnappings, with cases like that one. If the story with the kidnapping proves anything, it proves the opposite, that he actually had NO any serious FSB connection.
> Usually, in Moscow, there is a strong correlation between being a highly educated, well-paid IT professional and having a negative opinion about current Russian regime
Do you have sources for this? Well-paid professional might not care about politics at all or might be OK with current regime because it doesn't interfere with their life. Furthermore, some of them might be even proud for occupying Crimea.
But I can agree that there is relatively high percent of anti-Putin people in Moscow.
My own experience, mostly. It doesn't include any government-owned enterprises or oil companies, of course — but in IT, the correlation is staggering. From all my peers, I hardly know a single IT professional with a salary over $60k (usually a team lead level or above) that wouldn't be in opposition to the current regime. Of course, about half of such people I knew a couple years back have already moved out of the country.
When it comes to anything IC my rule of thumb is: we'll never know the truth. It's an "industry" that trades in misinformation, mis-misinformation and so on.
In this case, _if_ you buy into the arc of the story then I would say it was it was likely another family member who tried to do the pirated software. But that would be a massive faux pas. So there's likely other nips and tucks, etc.
Incompetence? For all we know that guy was trying to sell the data to China or Saudi Arabia. Why isn't his investigation a bigger story? I thought the NSA hated leakers?
I'm sorry but Kaspersky gets NSA files and deletes them, instead of handing them to FSB? Nope, I don't believe it. You can get away with xx murders in exchange for that
And that's the most generous assumption--that Kaspersky wasn't looking for them
Before this article was published I don't think it was alleged that Kaspersky ever did anything.
All the public knew is that allegedly Israel hacked Kaspersky and noticed the Russian government using Kaspersky's tools to try and dig out secret documents.
I mean who knows, maybe the Russian government had a backdoor that they were abusing, maybe they hacked Kaspersky themselves, or maybe they were just given access.
I would have given Kaspersky plausible deniability before this article.. now I just don't believe them.
At face value their explanation sounds reasonable.
However, the original claim is that the Israelis were watching in real-time as agents searched computers around the world for secret codenames [0]... which is a world away from the explanation given in the submitted article.
"For many months, U.S. intelligence agencies studied the software and even set up controlled experiments to see if they could trigger Kaspersky’s software into believing it had found classified materials on a computer being monitored by U.S. spies, these people said. Those experiments persuaded officials that Kaspersky was being used to detect classified information."
As a spy agency, this is how you put the middle finger up to a a remote spy agency. You report their malware to an antivirus database.
It's basically saying 'ha ha, we caught you, and now the whole world can look at what you were up to'.
Presumably, the NSA will have automated monitoring tools scanning every bit of AV software and AV databases looking for any of their own tools there, so they know right away when someone has publically outed them.
I wouldn't be surprised if these weren't even hooked up to automated self-removal logic so that NSA malware could remove itself in seconds worldwide if an AV database were updated to detect it.
Is there any concrete evidence against Kaspersky doing anything remotely concerning since this whole charade against them started in 2015 or is it still "they're Russian, so they must be doing something bad" scenario?
EDIT: Fuck if I understand why people like
JohnStrange, revelation and ryanlol are downvoted in their replies to this comment. They're on topic.
The simplest argument to make is that, regardless of whether the top people at Kaspersky are gleefully collaborating with the Russian government, they probably are required to give the Russian security service a backdoor to their networks as a condition of existing.
Given what we know about the feds installing black boxes in ISPs' networks here in the US- a country nominally committed to the rule of law- it seems somewhat naive to think that the Russian government doesn't have access to Kaspersky servers.
Does that make Kaspersky uniquely evil? Probably not. Do the feds have an agreement with Microsoft to take a peek at anything they turn up from a foreign intelligence service? I don't know. It wouldn't be too surprising.
I suspect there is a secret background story, like every so often when intelligence agencies are involved. Maybe Kaspersky didn't cooperate with the NSA as much as they'd wished for, or Russian intelligence interfered to prevent this. It looks to me like somebody is holding a very special grudge against this company.
I'm merely speculating, of course. Personally, I never take ordinary public announcements or claims from intelligence agencies at face value, since they have plenty of reasons to lie and disinform. That doesn't entail that their secret reports are bogus, of course, and senate hearings are also reliable. I've followed the senate hearings close enough to be reasonably certain that the US intelligence community is right about the accusations concerning Russian meddling in politics in the US and the EU. But that's a different case, people were testifying under oath in front of senate committees and senators from both parties who went to meetings behind closed doors were also convinced of the (classified) evidence.
As for Kaspersky, the information is unreliable and my personal guess is that whatever happened wasn't their fault. If someone has malware on his machine, it's the job of the antivirus software to detect and analyze it. If at all, the story has increased my overall trust in the technical quality of Kaspersky software.
Another speculation that I find overall credible is that since Snowden's revelations there is some concerted effort to further discredit the NSA in order to weaken their ability to operate. If that's so, then this campaign seems to be quite successful.
Remember last year when Kaspersky accused[1] Microsoft of anti-trust for disabling their antivirus? And Microsoft admitted it was done in the name of compatibility.[2] Something about that seemed fishy to me because none of the other AV venders were complaining. Was Microsoft told to intentionally sabotage Kaspersky?
That sounds like a legit software incompatibility to me.
Kaspersky was probably using some private API they shouldn't have been using, and when Microsoft changed the API or changed the way it worked, they had to disable Kaspersky or computers would no longer boot up.
When companies do that, they nearly always reach out to the affected vendors with advance warning so the vendor can do a rushed fix, but repeat offenders, or issues detected very late in the game before release can end up with no notice.
The best part of all of this is how there is all this media coverage on a fricking antivirus, but nobody seems all too concerned with the NSA losing more secrets.
It's like incident #100, maybe Kaspersky is the KGB, good on them since they are clearly more competent than the NSA. Maybe we can poach them?
Stands to reason that the media coverage is a smoke screen to eat up attention on the issue. Easier to give people a boogeyman so they don't have as much energy to spend on noticing the really important problems.
And our media outlets will happily run with anything that produces those sweet clicks.
Our media outlets will happily run anything the government tells them. Here is the line from that infamous NYT article:
"The current and former government officials who described the episode spoke about it on condition of anonymity because of classification rules."
And now you know why Snowden wouldn't touch the NYT with 10 foot pole. This isn't "current and former government officials" committing a felony and treason to leak information to the NYT, no, they are just telling that reporter the NSA press report with a hushed voice.
It's a security company run mostly by ex-KGB and dependent on the good will of an administration willing to very publicly murder their opponents[0], and not bound by anything resembling rule of law.
So yes, it is possible, maybe even likely, that Kasperky is doing nothing shady and has only the best intentions. It's also somewhat irresponsible to entrust them with any data of value. Those two things are not mutually exclusive.
It’s a witch hunt slash scapegoat. Just as is Russian “collusion” with trump. Absolutely zero evidence at all only unnamed sources and speculation. All the money wasted on this politics garbage sigh.
When someone says something like "Wake up" it's a pretty reliable indicator they're off in conspiracy theory land. The reason they didn't find anything is Hillary deleted thousands of relevant emails from a server she shouldn't have had and the only person who could call her out on the lying took the 5th.
Wake up indeed. Do you really believe what you write?
> When someone says something like "Wake up" it's a pretty reliable indicator they're off in conspiracy theory land.
I'm saying wake up to the real world. By the way, a statement like that has a lot more impact if you don't immediately follow it with a conspiracy theory.
> The reason they didn't find anything is....
So what you're saying is Mueller has found more solid evidence of improprieties between Russia and the Trump campaign in 10 months than 5 years of politically motivated witch hunting. I'm glad we agree on that, and I'm sure you're far more worried about the sitting President of the USA's Russia links than something so thoroughly investigated as Benghazi or debunked as 'that uranium thing', that even if they where real would be somewhat overshadowed.
Did you believe the Trump campaigns 'lock her up' slogan? Can you fathom why he didn't follow through on his campaign promise to launch a full investigation into her? Could it possibly, just possibly, be because there is nothing and he only banged that drum just to excite people like you?
>I'm saying wake up to the real world. By the way, a statement like that has a lot more impact if you don't immediately follow it with a conspiracy theory.
That's all on the record.
>So what you're saying is Mueller has found more solid evidence of improprieties between Russia and the Trump campaign in 10 months than 5 years of politically motivated witch hunting.
Has he? Exactly what has Mueller found?
By the way, let me suggest to you that if the justice department ever asks you for emails relating to an investigation you'll almost certainly end up going to jail if you delete a bunch of them and then claim you were just deleting private email.
I keep wondering if, as in the case of Bill Clinton, 25 years after it matters Democrats will be willing to admit that yes, Hillary broke the law.
Ehh, that's a half truth at best as even a cursory bit of research would tell you.
> Has he? Exactly what has Mueller found?
Enough to get two felony incitements and dozens of sealed ones? I mean, I'd expect you to know this as you care about these investigations based not on party but on their individual merit. So, you must be following this one really closely because that is already far more than the entire Benghazi investigation found and it's just getting started.
> By the way, let me suggest to you that if the justice department ever asks you for emails relating to an investigation you'll almost certainly end up going to jail if you delete a bunch of them and then claim you were just deleting private email.
All in all, cool, but I care a lot more about the current sitting president of the USA's links to Russia than I do about some deleted emails. And if you don't, then I suggest waking up.
>Enough to get two felony incitements and dozens of sealed ones? I mean, I'd expect you to know this as you care about these investigations based not on party but on their individual merit.
So what's in the sealed indictments?
Don't include links to polifact if you want people to take you seriously. Seriously.
just to clarify ? the question itself has merit ? no ? the description of the commander in chief however may not have shown respect, for which I accept your comment and take the downvotes on the chin.
You could write a very similar article about any AV company.
I've personally been automatically scanning data shared by various¹ AV companies for sensitive documents. I only store files not detected as malware by any scanners, and filter out large usually boring files (i.e. videos, audio). I also make an effort to filter out publicly available documents by googling them. So far I've gathered over 20TB of data.
So far I've found:
Entire customer database of a Swedish bank
Thousands of git repositories
Hundreds of passport scans
Tens of gigabytes of sensitive medical documents
Tens of gigabytes of internal government documents
Payroll data for hundreds of thousands of people
Entire email inboxes, both government and corporate.
Hundreds of website dbs in various formats
This is just off the top of my head, I could keep going for a while. I've got a searchable archive of tens of millions of clean pdfs, word docs, excel spreadsheets, powerpoints and so on. All pulled from users computers by their AV software.
¹ Not including Kaspersky, but including many US firms.
It's readily shared among researchers and "researchers". I'm scraping multiple feeds, but virustotal for example is one of the easiest public ones to access.
This is hacker news where we are smart which includes proper grammar. Why did you write out the word "slash", don't you know it's sybolized with a / sign.
What's your source for this? I remember they got a lot of flack for introducing race changing filters (AKA digital blackface). Thinking that was a good idea is pretty sickening.
I didn't downvote you, but you're responding in agreement to an obvious troll and spreading propaganda about a vast left-wing "witch hunt" which only serves to dilute and further degrade what little intellectual value this thread might have possessed.
> Fuck if I understand why people like JohnStrange, revelation and ryanlol are downvoted
The Hacker News community largely gets its non-hacker news from CNN, the NYT, HuffPo, etc. As mainstream US media parrots whatever the FVEY IC tells them to, it's not surprising that most HN voters end up uncritically believing the Russia-Is-Evil narrative from the same IC that conducted MKULTRA and sold us a war predicated on the lie that Saddam was loaded up with WMDs.
Downvoting any and all dissent from CIA psyops is the natural consequence of this. Because, patriotism, or something.
You really don't believe there is a possibility that some others have assessed all available facts and simply disagree with the conclusion that you've evidently come to?
Seems plausible, though regardless of whether Kaspersky cooperates (maybe under some gag order) with Russian agencies or not, it seems prudent for any government in the world to avoid using software that potentially uploads confidential data to foreign servers. Governments anywhere would probably be ill-advised to use anti-virus software from countries like the US or Russia, unless they can be sure that cloud analysis is either disabled or done in local datacenters.
I guess on the bright side at least the anti-virus market has a variety of firms based in many different countries, so you can choose your poison based on how trustworthy you find the respective governments. Doesn't help you when they themselves get hacked though.
As for the story itself, I kinda dislike the reliance on access journalism and "unnamed" sources in many of the reports. Yes, there surely are many legitimate reasons why sources have to remain anonymous, no doubt about that. But in a case that's so highly political it kinda leaves a bad taste if the story is so dependent on unnamed government sources.
>whether Kaspersky cooperates (maybe under some gag order) with Russian agencies or not
no offense, it is just very entertaining(and educational) to observe how people from one culture try to apply their mental frameworks to completely different mentality. There is no "whether", "or not", "gag order" (in the sense as if explicit one was necessary) in the Russian reality in the context of private company cooperating with FSB. Hell, there is no even much of "cooperating". An FSB guy just says what he wants to get, and he gets it pronto. And in cases like Kaspersky it is even more straightforward as Kaspersky and the others there are FSB guys.
I mean it is like a joke among Russians here:
"Did you hear? The NSA thinks about stopping to use Kaspersky on their computers!"
"Wow! How did they discovered (the ploy)? Was it the parachute?"
(the parachute is a reference to a very well known joke about a USSR spy in Nazi Germany from very popular TV movie - the spy was so good and invincible that only the deployed parachute he was dragging behind him in the open daylight on the streets of Berlin was the only possible clue for the Nazis)
Again, it is different reality. In US law protects from and punishes for illegal cooperation, whereis in Russia the system protects for cooperation and punishes for refusal to do so.
> In US law protects from and punishes for illegal cooperation
Then they can insist on legal cooperation. I remember how Pavel Durov (founder of Telegram) wrote that US secret service agents were stalking him in US and tried to bribe one of his developers.
Kasperky's story here seems completely believable. Yet the US government's warnings also seem reasonable even given just the facts everyone agrees on.
I guess the larger lesson may be how Russia's failure to establish rule of law makes it impossible to run a business that depends on trust. The US should take note: if they succeed in breaking Apple et al's attempts to protect their users, pretty soon the only countries you'll want to buy software from are Norway and Canada.
It's interesting to analyze your comment for a minute. Consider that PRISM was revealed in 2013. It is a far reaching surveillance program carried out by the NSA with the assistance of numerous major tech players, including Apple. [1] It's unveiling was certainly an embarassment both for the companies involved as well as the NSA. And here we are in 2017, just 4 years later, with you stating that users can "trust" companies, including Apple by name, to implicitly protect their data from government overreach.
Essentially, that the government is publicly running a campaign to openly access user data does not in any way change the fact that they already have covert access to that data in private. Why are they doing this? One can only speculate, but I'd imagine one reason is that unlawfully obtained information and evidence is not admissible in court leading to all sorts of fun things like parallel construction. [2]
That does not make much sense. US companies have always needed to hand over information when presented with a warrant from LE or the FBI, I don't think that was ever denied by a US company.
In Apple's case, this would be any iCloud data which they can access and is not encrypted (such as contacts or calendar entries). However, the OP was referring to something completely different: Government attempts to force Apple to weaken data-at-rest encryption on everyone's devices.
It is fine if you believe that sealed/secret warrants are problematic, but it seems strange to equate that with the weakening of security for all.
It seems you're conflating a couple of our surveillance programs. PRISM operates in coordination and active cooperation with a relatively small number of US companies, including Apple. There is a rubber stamp warrant, of our secret court approves over 99%. The type and amount of information accessed here is extensive and includes encrypted and personal information - as well as even real time access to user accounts. You can see the NSA slides on PRISM here: https://archive.org/details/NSA-PRISM-Slides As an example of this, the NSA has real-time access to encrypted Skype conversations: http://www.spiegel.de/international/germany/inside-the-nsa-s... The breadth of information being collected was increasing quite rapidly, and everything I'm basing this this one is from 3-4 years ago.
Another surveillance program, that you seem to be conflating with PRISM, is MUSCULAR. That program is not as well known as PRISM. And it does what you're suggesting in directly tapping communication lines grabbing data from everywhere and archiving everything. Naturally anything that was sent on those lines unencrypted (or is otherwise able to be exploited) is then openly available. One significant difference from PRISM is that this is done without even a rubber stamping of warrants. Your post seemed to be describing the less 'cooperative' capacities of MUSCULAR with the token oversight of PRISM.
The problem that I see here is that most people are incredibly poorly informed on our surveillance programs, which include extensive domestic surveillance. And that is a shame, because in order for there to be progressive change people need to understand the current state of the situation. It's like discussing a budget when you think you have a billion dollars in the bank, but in reality you're already in the red - the sense of urgency, which should be there, has been artificially removed.
Two things this article just ZOOMS over but are critical:
1. If Israelis were "burrowed deep" in Kaspersky's network, sure, Russian hackers may have been, too - but so could have anyone else. Also the Israelis are not exactly fans of the Russians, and are our primary (sole?) Middle East ally, so there is bias and uncertainty there.
2. From the article:
"The allegations, all attributed to unnamed officials with no supporting documentation, helped explain why the US Department of Homeland Security in September took the unprecedented step of directing all US agencies to stop using Kaspersky products and services"
So we're not even mentioning how in May the Senate was already taking Kaspersky to task, and there were rumors of them getting the boot even in 2016? The allegations don't explain shit, they are just another facet of a year long political battle between the American legislative branch and intelligence services against Kaspersky.
It is plausible that the U.S. government made these files go through Kaspersky just so they could have leverage over them for a deal they wanted (like spying on their own country), or that a stupid contractor put them on their laptop along with Kaspersky AV, and the NSA got caught with it's pants down, they're using the Israelis to try to cover the embarrassment. This is not out of the ordinary behavior for an intelligence service.
Look at it this way: flip the roles. Would Russia try a play on their contracts with a U.S. company to further their goals?
The article contains a useful recap of the evidence so far regarding this particular Kapersky issue, but the news is Kerpersky's denial. I don't take the latter to mean too much either way; when you get into the world of intelligence, plausible denials are the norm, and corporations practice it pretty commonly too.
Of course the U.S. government had to remove Kapersky from its computers. Russian intelligence has been very aggressive; the U.S. can't assume they'd pass on the opportunity to utilize an opportunity this good: Antivirus is widespread and highly invasive - a confidentiality (and even integrity) violation utility, with access to all data and code on the system, that the user helpfully installs for you, and it comes with built-in remote updates and communication that the user fully approves of.
What I find hilarious about this whole story is that the US government allowed highly intrusive software from a non-allied country on government machines in the first place. It seems fairly reasonable to restrict software on machines that potentially hold confidential information (incl. e.g. patient data, payrolls) to software that is produced in the same country or by companies of close allies, or at least by companies who agree to some auditing.
Yet allowing anything seems fairly common practice, even more so outside the US. I wonder how many government employees of countries other than the US have Gmail accounts and put all their documents on Google docs, etc. Not to mention online backups which tend to be more expensive for servers located outside the US...
I don't know what the particular condition with Kaspersky and the US government was, but I work for a non-US based software company that has multiple special contracts with the US Federal Government; we have a special build of the software which was remade piece by piece on US soil, meets some Federal encryption guidelines, and our support is very strict on who can do what with any Federal Government account.
I'm not sure if this is common place or not, but I was under the impression that if you were from outside the US and wanted to land Federal contracts, you had to be ready to bend over a bit for the US Federal Government. No other government gets the same treatment currently.
> Also, the US Government was recently found to have fake Kaspersky SSL certs.
This is not true. An old commit for a leaked implant included example client certificates, which were invalid and self-signed, used to disguise C2 communications as anti-virus updates to avoid scrutiny. Part of the system involved copying fields from valid certificates into self-signed (invalid ones) so the traffic would not look suspicious.
If they actually had fake/spoofed SSL certificates valid for Kaspersky’s domain, that would be entirely different.
I am also inclined to believe Kaspersky is in the wrong here, especially given the publicizing of personal data from a customer's computer for PR purposes, but I am having trouble understanding how the Espionage Act applies?
"As it is currently written, the Espionage Act of 1917 makes it a crime to hurt the United States or benefit a foreign country by collecting or communicating information that would harm the national defense. It is also a crime to enter an installation or obtain a document connected to the national defense in order to hurt the United States or benefit a foreign country. Knowingly receiving classified information that has been obtained illegally, as well as passing it on, also runs afoul of the Espionage Act."
Interesting. That language gives me the idea that such prosecution could be very tricky, given the many instances of purported-classified information being relayed to press (In fact this would presumably apply to the information relating to Israel accessing Kaspersky systems and allegedly watching Russians exfil interesting data).
As far as I can tell, the only reason US gov banned kaspersky because of some emails and work performed for the FSB led by Igor Chekunov, Kaspersky Lab’s chief legal officer and a former member of the KGB.
Is there any good reason for us gov to mistrust this company or will they need to leak secrets to us before that will happen?
It's very descriptive. They say a 45mb file was stolen. Nice of them to do that instead of painting it like some ancient civilization from some far galactic empire came down and spread pixie dust around nsa headquarters and that's how they hacked us.
So an NSA contractor or employee takes confidential/highly sensitive code and documents home and leaves it on their machine. They then install a pirated version of Office, after disabling their antivirus software which is telling them it is infected with a virus and preventing the installation.
Seems like massive incompetence from this user rather than Kaspersky doing anything malicious, and those files where destined to be leaked somehow the moment they left the NSA.
I'm sure there are some employees there who may report or leak things to the Russian government, but I don't buy the narrative that Kaspersky is some evil Russian cyber hoover. Maybe I'm naive though.
This is the best part:
"...found they contained malicious code from Equation Group..."
"Equation Group" is Kaspersky's label for a malware group believed to be NSA.
Kaspersky's software possibly then detected as malware the very confidential code the NSA contractor/employee illegally took home, ha!
So the hubbub about Kaspersky is really CYA from the NSA?
You are being naive. You can not operate a business the size of Kaspersky in Russia without being a part of the the inner circle.
If you want to do bussiness in Russia you will have to deal with organized crime and or the government which is very often the same people.
Ok so I know very little about Russia, where would one go to verify that claim? I'm not disputing it at all, just trying to inform myself.
One of the reasons I ask, is related to Telegram. I'm aware of the crypto argument. But it seems (from the outside, so could be a complete cover of course) that Pavel Durov is somewhat taking a stand against their government[1][2][3]. Is that simply because he has enough money to do so? Or is it just a show to give people the idea he's taking a stand?
[1] https://www.reuters.com/article/us-russia-telegram-security/...
[2] https://www.neowin.net/news/russian-government-fines-telegra...
[3] https://www.deepdotweb.com/2017/10/30/russian-government-fin...
Right after he lost control of his company (FB clone) when he refused to shut down opposition related groups on it. He openly talked about pressure from FSB etc. Telegram is not run out of Russia and Durov does not live in Russia. So if you don't mind loosing all your russian assets and living in exile you sure can speak out :)
>Telegram is not run out of Russia and Durov does not live in Russia
FWIW this is bullshit, telegram office in St. Petersburg is literally one floor below the VK office and Durov is regularly present there.
The whole exile thing is a charade, they’ve gone as far as assaulting people to try to keep it up https://m.lenta.ru/news/2017/03/20/durov/
You can say the same about every country. That's the nature of networks of power.
Or in other words, when you operate a business of considerable size you start being part of the inner circle.
> You can say the same about every country
No, you can't, except in some abstract sense that loses all meaning.
In the west, it's routine to find wealthy and powerful members of the establishment pursue goals and policies that are directly opposed to the government with both success and failure. And of course these governments change hands relatively commonly.
In Russia, there are no wealthy or powerful people pursuing anything but Putin's agenda. All those who tried have been removed, via various methods ranging from banal to horrifying.
Now I'm sure there are nuts on the internet who will try to claim that the political divisions of the west are "really" just a front for a kleptrocrat cabal or whatever. But in the real world we have one country arresting its enemies and a bunch that don't, and that distinction matters.
Condorcet's Secret aside, Russia is a Mafia State. This is where the state's military and paramilitary are deeply integrated with state-sponsored organized crime. So you have commandos and police both work systems of extortion, human and drug trafficking, money laundering, racketeering, war, espionage, etc. etc. It's a totally different thing than the garden variety corruption you find in western countries, ok?
Does selling influence in the state department count as "garden variety corruption you find in western countries"?
Does delivering Uranium to The Enemy in exchange for cash donations to a slush fund count as "garden variety corruption you find in western countries"?
Does employing El Salvadorian gangs in your nation's capital to intimidate and assassinate your political enemies count as "garden variety corruption you find in western countries"?
> delivering Uranium to The Enemy
I have to admit, even in a subthread where I was sure we'd see conspiracy nuttery, this is not the conspiracy I would have expected. You realize this is a totally fabricated thing, right? The timing alone should tell you all you need to know about what the intent behind it was.
When I engage with conspiracy communities it's usually to debunk extreme claims, so I approach most claims with skepticism, but wouldn't this:
https://wikileaks.org/podesta-emails/emailid/225
Suggest that it's not fabricated?
The claim of a quid-pro-quo is fabricated (seriously: it requires collusion between like five governments and three branches of the USG, of which Clinton had control of only one -- there is zero evidence of any of that). Obviously the conspiracy nuttery exists, so yeah, it's "out there".
https://archive.is/BGDb2
"It's out there" is the only bit of content. Anyone who reads that and says "well damn he clearly means watch out Hillary, they know about all your illegal doings. Shred everything!" rather than "fyi the right are spreading that nonsense talking point" is making a bit of a leap IMO.
> Does delivering Uranium to The Enemy
You're of course referring to that exploratory deal involving no delivery of Uranium anywhere.
Amazing that people don't see this still. Kaspersky insists that his company has an exception, and it "doesn't work like that", but it's hard to believe. And if you're part of the US IC, it'd be malpractice to believe him.
The nature of the relationship is unknown. Even if Kaspersky is bought by Putin in some way, it’s not clear what the terms and expectations are. It does seem unlikely that the commercial offering is straight up spyware for putin—why would anyone buy it? So it’s a little silly to talk about the relationship as if its existence is meaningful when the degree of ownership is the real question.
You're treating the question of "is Kaspersky spyware" in the sense of criminal law, requiring proof of guilt before enforcing punishment.
The grandparent was treating it in the sense of security analysis: requiring proof of safety before granting trust.
I know which paradigm I'd pick before installing an trusted piece of software that can literally snoop on the whole system. But, y'know, whatever. You be you.
Basically: almost the whole of the Russian economy has been subverted to serve the needs of Putin's government. What are the chances that Kaspersky alone has not? Seems low enough to maybe look elsewhere for your AV needs.
I am not sure I follow your line of reasoning. It is obvious that Kaspersky does not advertise itself in such a way, and the average consumer probably has no idea the company is even based out of Russia.
Who cares if Putin personally calls the shots to the leaders of the company? There are a thousand shades of grey, for instance: Kaspersky knowledgeably allowing backdoors about which they could later feign ignorance.
I don’t trust US, Chinese, or Russian software. Big companies with access to sensitive data invariably become targets, and are only allowed to exist peacefully with the blessing of their masters.
At the micro level there are certainly events that support your position. However, at the macro level the arc of history doesn't seem to bend in your favor.
And even if there are those who oppose, there are also those who do not - and the do nots often get favors, inside info, etc. The opposers aren't really a concern.
> However, at the macro level the arc of history doesn't seem to bend in your favor.
It doesn't get more macro than what happened to Khodorkovsky, who got his company (Russia's biggest at the time) stolen from him once Putin started consolidating his power (in the early 2000s). That's like the Democrats confiscating the Koch brothers' conglomerate business and putting them in prison, or like the Republicans doing the same thing to some big Hollywood media mogul. It's not going to happen.
I believe the comment I was commenting on was about corruption and The West. Looks like I should have pulled a quote and spoke to that. Sorry?
> "In Russia, there are no wealthy or powerful people pursuing anything but Putin's agenda. All those who tried have been removed, via various methods ranging from banal to horrifying."
Where the hell do people come up with this? It's not only untrue, it's not even feasible.
Seems true enough to me, though I'm willing to be educated. Where is the Russian equivalent of, say, the Koch brothers or Soros? That is: wealthy, powerful people who use their wealth to drive policy aimed (often) at unseating the established government.
Russia had a few of those in the mid 90's. They're all jailed or exiled, or in more than a few cases murdered. Who are Putin's powerful domestic opponents whose existence you think is unfeasible to deny?
It is absolutely feasible. Much of Russia's wealth is generated by a handful of large state owned businesses, predominantly the oil sector.
And all these positions are staffed with individuals who have intimate contact to Putin himself. Ranging from the husband of his daughter (Kirill Shamalov) who within months after the marriage took over Sibur, one of the largest petro businesses in the country, to old KGB aides of Putin who are now in charge of say, Rostec (Sergey Viktorovich Chemezov ) Russia's largest tech company. He too met Putin during his KGB time in East Germany. The list is too long for one post.
This is called an oligarchy and it's a fairly common historical arrangement. Nothing special about it and can be found in stratified countries where economic and political power is concentrated in the hand of a few families.
For starters, do you not see the huge logical leap going from naming a couple of executives who are close with Putin, to saying that ALL people in Russia with money or power are doing nothing but following Putin's agenda?
What about the minor detail that the oligarchs existed not only before Putin, but before Yeltsin, his predecessor, as well (not that they didn't grow under Yeltsin, but still)?
Most documentation that even passes a smell test of being reasonably plausible also suggests that the relationship was inverted - the oligarchs had more influence over Yeltsin than he did over them. When Putin took power, he was known for getting rid of many of them. The interesting thing about that, is that can be interpreted charitably or uncharitably - reducing the level of corruption and oligarch abuse of the government would be a positive thing, but banishing those who don't get in line (where we are assuming "getting in line" means they are being asked to do bad things, not follow laws) seems to be the default assumption in Russia's case. As far as I've seen, there's really never been anything to substantiate the uncharitable narrative, but so many people who have never been to Russia or spoken to a Russian person have themselves thoroughly convinced that they understand these secret "arrangements".
The whole idea that he could be a mafia boss and the CEO of literally everything is just crazy thinking, yet many of us westerners seem to just eat it up, and anything shady that happens even close to the government is always personally attributed to Putin's orders. It'd be like calling Trump a mafia boss because some random cop took a bribe in some city in the mid west. The idea is laughable, and the fact that we got here warrants a little bit of self-reflection on our part.
>What about the minor detail that the oligarchs existed not only before Putin, but before Yeltsin, his predecessor, as well (not that they didn't grow under Yeltsin, but still)?
Nobody is doubting that. The country wasn't liberal or less oligarchic under Yeltsin, it was just as oligarchic under Soviet rule. Russia never meaningfully deviated from this course.
And this doesn't just come from a 'westerner far removed from Russia'. I have family in the country and lived there and I have experienced the degree of corruption not just under Putin but his predecessors personally.
Not everyone would agree that things are good now, or perhaps not even anyone, but it seems like most agree that they have at least improved dramatically since Yeltsin. You're disagreeing with this and saying it has not meaningfully deviated?
Also, why do you believe that the corruption you experienced was because of the leader, rather than despite the leader's efforts?
I do not think anyone would even try to claim that Russia does not have a corruption problem. Putin himself has discussed it at length, particularly expressing frustration over how it cripples the economy, which is probably his biggest obsession.
Furthermore, and I am assuming here, but unless you're from an extremely important family, it seems unlikely that the flavor of corruption you would experience is even in the same universe as what the oligarchs and president are dealing with. This goes back to the idea of him being the mafia boss CEO of literally everything.
>Also, why do you believe that the corruption you experienced was because of the leader, rather than despite the leader's efforts?
because of the programs he has put in place. Role of state owned entreprises has nearly doubled up to 70% of the economy, he has consciously put these close friends in place, he has cut down on any form of opposition and dissent within the country. It is the official course of his politics. The Russian government is not even hiding this, which makes the constant apologia from people not even affected by it seem only more baffling.
Old news. The Russian government, for all practical purposes is the Russian mafia. Many people have written about this starting several years before Steve Blank, the SV entrepreneur, wrote about it in 2008. In 2010, the US Diplomatic Cables Leak confirmed it, going on from there with Luke Harding's book Mafia State. You can get a pretty good look by reading the wikipedia article on this.
https://en.wikipedia.org/wiki/Mafia_state
seems like you've never set foot in Russia
What's the cutoff size, how was it determined, and by whom?
> those files where destined to be leaked somehow the moment they left the NSA
Those files were destined to be leaked somehow the moment they were created.
> Seems like massive incompetence from this user
So when we delete production data, it is a process failure[Gitlab postmortem] but when employees at a three letter agency cause spillage, it is a felony? It is wrong on several counts. One: this is data that we should not be hoarding in the first place. We should be helping vendors fix their stuff so the cachet of information automatically loses its value to people who want to get it. Two: Even if we are an axis of evil and don't want to do the right thing, punishing this individual seems like the thing the higher ups at an oppressive regime would do to prevent the wrath of the dictator on themselves for failing to prevent what is really a system failure.
[Gitlab postmortem] https://about.gitlab.com/2017/02/10/postmortem-of-database-o...
Edit while I have your attention I would like your support in ending the CFAA https://cfaa.eff.org/
> So when we delete production data, it is a process failure[Gitlab postmortem] but when employees at a three letter agency cause spillage, it is a felony?
Are you equating an accident that resulted in deleted data with someone intentionally taking confidential materials and putting them on an insecure, personal computer?
The Gitlab production data deletion event occurred unintentionally because the system was not designed to make it impossible. Looking at the Kaspersky situation the same way, the leaking of classified documents to Russia occurred because the system was not designed to make it impossible (i.e. by never creating these materials in the first place). GP isn't equating the facts of the events but instead drawing a contrast between the way we treat them.
Drawing that comparison is asinine though.
We treat nude photos differently than photos of a dog.
We treat credit card/user information differently than app logs.
That's why we have concepts such as HIPAA and PCI.
The point is punishing a person (often near at the bottom of the totem pole) does not fix the systemic problem. In fact, it creates noise which distracts us from fixing the problem. The first step toward fixing a problem is acknowledging there is a problem and identifying the problem.
I am very saddened by my inability to communicate this in a better way but punishing this person will not solve any problem except someone somewhere can check a box saying they did their job.
Yes not all data is the same and gets treated differently.
Truly shocking revelation I know.
> Seems like massive incompetence from this user rather than Kaspersky doing anything malicious
Why not both?
> but I don't buy the narrative that Kaspersky is some evil Russian cyber hoover.
I don't think it even needs a narrative about Kaspersky. You could expect that they're infiltrated in some way (worker, infrastructure, hosting, ...) and leak information to FSB. I'm exactly the same way Symantec could leak information to NSA. Without the evil qualifier and narrative for the reasons, both are likely to happen to some extent.
> I don't buy the narrative that Kaspersky is some evil Russian cyber hoover
I don't know about this particular story, but Kaspersky is certainly has strong ties with FSB, FSO and other official structures. I don't mean that it's their main business model — developing anti-virus software pays well enough not to be some cover story — but they're definitely _friendly_ on a deep personal level. Kaspersky himself was educated in KGB school, worked in government structures and has a lot of connections (which he used, for example, with that shady story when his son was kidnapped).
Usually, in Moscow, there is a strong correlation between being a highly educated, well-paid IT professional and having a negative opinion about current Russian regime; but judging from my second-hand stories from friends and colleagues, guys at Kaspersky tend to be very patriotic and pro-government. So, while I don't think that Kaspersky lab was founded deliberately like some sort of cover. But they're the kind of people who would definitely help FSB with whatever they ask — not because of some secret court order, but happily, thinking that they are serving their country and doing a good thing.
> (which he used, for example, with that shady story when his son was kidnapped).
Read the first-person account by Igor Ashmanov who witnessed the whole incident. [1] Kaspersky's son was found not by FSB, he was found by the unit of Moscow police that was specifically created to deal with kidnappings, with cases like that one. If the story with the kidnapping proves anything, it proves the opposite, that he actually had NO any serious FSB connection.
[1] https://roem.ru/18-10-2017/261503/kaspersky-poprosil-dokazat... and following comments
> Igor Ashmanov
Yeah, a really good and unbiased source you got there.
> Usually, in Moscow, there is a strong correlation between being a highly educated, well-paid IT professional and having a negative opinion about current Russian regime
Do you have sources for this? Well-paid professional might not care about politics at all or might be OK with current regime because it doesn't interfere with their life. Furthermore, some of them might be even proud for occupying Crimea.
But I can agree that there is relatively high percent of anti-Putin people in Moscow.
My own experience, mostly. It doesn't include any government-owned enterprises or oil companies, of course — but in IT, the correlation is staggering. From all my peers, I hardly know a single IT professional with a salary over $60k (usually a team lead level or above) that wouldn't be in opposition to the current regime. Of course, about half of such people I knew a couple years back have already moved out of the country.
When it comes to anything IC my rule of thumb is: we'll never know the truth. It's an "industry" that trades in misinformation, mis-misinformation and so on.
In this case, _if_ you buy into the arc of the story then I would say it was it was likely another family member who tried to do the pirated software. But that would be a massive faux pas. So there's likely other nips and tucks, etc.
Incompetence? For all we know that guy was trying to sell the data to China or Saudi Arabia. Why isn't his investigation a bigger story? I thought the NSA hated leakers?
>>rather than Kaspersky doing anything malicious
I'm sorry but Kaspersky gets NSA files and deletes them, instead of handing them to FSB? Nope, I don't believe it. You can get away with xx murders in exchange for that
And that's the most generous assumption--that Kaspersky wasn't looking for them
Before this article was published I don't think it was alleged that Kaspersky ever did anything.
All the public knew is that allegedly Israel hacked Kaspersky and noticed the Russian government using Kaspersky's tools to try and dig out secret documents.
I mean who knows, maybe the Russian government had a backdoor that they were abusing, maybe they hacked Kaspersky themselves, or maybe they were just given access.
I would have given Kaspersky plausible deniability before this article.. now I just don't believe them.
At face value their explanation sounds reasonable.
However, the original claim is that the Israelis were watching in real-time as agents searched computers around the world for secret codenames [0]... which is a world away from the explanation given in the submitted article.
[0] https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-...
Also this part from WSJ article remains:
"For many months, U.S. intelligence agencies studied the software and even set up controlled experiments to see if they could trigger Kaspersky’s software into believing it had found classified materials on a computer being monitored by U.S. spies, these people said. Those experiments persuaded officials that Kaspersky was being used to detect classified information."
https://www.wsj.com/articles/russian-hackers-scanned-network...
As a spy agency, this is how you put the middle finger up to a a remote spy agency. You report their malware to an antivirus database.
It's basically saying 'ha ha, we caught you, and now the whole world can look at what you were up to'.
Presumably, the NSA will have automated monitoring tools scanning every bit of AV software and AV databases looking for any of their own tools there, so they know right away when someone has publically outed them.
I wouldn't be surprised if these weren't even hooked up to automated self-removal logic so that NSA malware could remove itself in seconds worldwide if an AV database were updated to detect it.
"Israelis were watching in real-time as agents searched computers around the world for secret codenames"
is just a highly misleading way of saying
"Kaspersky added strings/.text/.rodata from the analysed malware sample to their virus database"
And no shit, a antivirus will then search computers "around the world" (this qualifier is here.. why?) for that data. That is why you paid for it.
The objectionable part here is "Iraelis were watching" but nobody seems all too concerned any more with economic espionage.
Is Eugene Kaspersky going the way of Julian Assange, or is he just another Deep State 33rd Degree Freemason casualty? Who knows.
Either way the flavor of the comments on this thread are really, really unusual for Hacker News and YCombinator in general.
I have to ask:
Is there any concrete evidence against Kaspersky doing anything remotely concerning since this whole charade against them started in 2015 or is it still "they're Russian, so they must be doing something bad" scenario?
EDIT: Fuck if I understand why people like JohnStrange, revelation and ryanlol are downvoted in their replies to this comment. They're on topic.
The simplest argument to make is that, regardless of whether the top people at Kaspersky are gleefully collaborating with the Russian government, they probably are required to give the Russian security service a backdoor to their networks as a condition of existing.
Given what we know about the feds installing black boxes in ISPs' networks here in the US- a country nominally committed to the rule of law- it seems somewhat naive to think that the Russian government doesn't have access to Kaspersky servers.
Does that make Kaspersky uniquely evil? Probably not. Do the feds have an agreement with Microsoft to take a peek at anything they turn up from a foreign intelligence service? I don't know. It wouldn't be too surprising.
I suspect there is a secret background story, like every so often when intelligence agencies are involved. Maybe Kaspersky didn't cooperate with the NSA as much as they'd wished for, or Russian intelligence interfered to prevent this. It looks to me like somebody is holding a very special grudge against this company.
I'm merely speculating, of course. Personally, I never take ordinary public announcements or claims from intelligence agencies at face value, since they have plenty of reasons to lie and disinform. That doesn't entail that their secret reports are bogus, of course, and senate hearings are also reliable. I've followed the senate hearings close enough to be reasonably certain that the US intelligence community is right about the accusations concerning Russian meddling in politics in the US and the EU. But that's a different case, people were testifying under oath in front of senate committees and senators from both parties who went to meetings behind closed doors were also convinced of the (classified) evidence.
As for Kaspersky, the information is unreliable and my personal guess is that whatever happened wasn't their fault. If someone has malware on his machine, it's the job of the antivirus software to detect and analyze it. If at all, the story has increased my overall trust in the technical quality of Kaspersky software.
Another speculation that I find overall credible is that since Snowden's revelations there is some concerted effort to further discredit the NSA in order to weaken their ability to operate. If that's so, then this campaign seems to be quite successful.
Watching US situation from outside it's seems there's an urgent need for some kind of a bad guy.
Kaspersky is just easy target and apparently three-letter-agencies have means to steer the media to pursue this direction.
Remember last year when Kaspersky accused[1] Microsoft of anti-trust for disabling their antivirus? And Microsoft admitted it was done in the name of compatibility.[2] Something about that seemed fishy to me because none of the other AV venders were complaining. Was Microsoft told to intentionally sabotage Kaspersky?
[1] https://www.computerworld.com/article/3141470/security/kaspe...
[2] https://www.theverge.com/2017/6/20/15836208/microsoft-kasper...
That sounds like a legit software incompatibility to me.
Kaspersky was probably using some private API they shouldn't have been using, and when Microsoft changed the API or changed the way it worked, they had to disable Kaspersky or computers would no longer boot up.
When companies do that, they nearly always reach out to the affected vendors with advance warning so the vendor can do a rushed fix, but repeat offenders, or issues detected very late in the game before release can end up with no notice.
> Watching US situation from outside it's seems there's an urgent need for some kind of a bad guy.
How else would you justify all that Defense budget spending?
https://en.wikipedia.org/wiki/Bomber_gap
https://en.wikipedia.org/wiki/Missile_gap
The best part of all of this is how there is all this media coverage on a fricking antivirus, but nobody seems all too concerned with the NSA losing more secrets.
It's like incident #100, maybe Kaspersky is the KGB, good on them since they are clearly more competent than the NSA. Maybe we can poach them?
Stands to reason that the media coverage is a smoke screen to eat up attention on the issue. Easier to give people a boogeyman so they don't have as much energy to spend on noticing the really important problems.
And our media outlets will happily run with anything that produces those sweet clicks.
Our media outlets will happily run anything the government tells them. Here is the line from that infamous NYT article:
"The current and former government officials who described the episode spoke about it on condition of anonymity because of classification rules."
And now you know why Snowden wouldn't touch the NYT with 10 foot pole. This isn't "current and former government officials" committing a felony and treason to leak information to the NYT, no, they are just telling that reporter the NSA press report with a hushed voice.
It's a security company run mostly by ex-KGB and dependent on the good will of an administration willing to very publicly murder their opponents[0], and not bound by anything resembling rule of law.
So yes, it is possible, maybe even likely, that Kasperky is doing nothing shady and has only the best intentions. It's also somewhat irresponsible to entrust them with any data of value. Those two things are not mutually exclusive.
Perhaps I'm confused, but did you mean to add a footnote/citation ([0])?
Yeah. Just google for Polonium. They murdered someone, and made sure the victim, and the whole world, knew exactly who was behind it.
Usually if you leave a footnote[0], you have to actually include the note in the footer of your comment.
[0] https://en.wikipedia.org/wiki/Note_(typography) Like so.
Probably misspelled, from memory:
Litvienko (Polonium)
Politovskaya (Journalist)
Nemtsov (Politician)
And no, you do not need to leave a note (IMHO) since the fact that Russian government murders its critics is common knowledge.
[0] is just a short form for [citation needed]
It’s a witch hunt slash scapegoat. Just as is Russian “collusion” with trump. Absolutely zero evidence at all only unnamed sources and speculation. All the money wasted on this politics garbage sigh.
We've asked you many times to follow the guidelines. Please re-read them and start posting civilly and substantively or we'll ban the account.
https://news.ycombinator.com/newsguidelines.html
> Just as is Russian “collusion” with trump. Absolutely zero evidence at all only unnamed sources and speculation.
Just out of curiosity, what makes you think there is zero evidence?
How would we know what evidence Mueller's team has uncovered?
How do you reconcile all of the interactions between the trump campaign and the various Russian entities involved?
None of which were illegal. There has been zero evidence uncovered or produced by anyone in 10 months.
This is nothing but a witch hunt to demonize some idiot the left hates.
It’s transparent and disappointing. While the left gets away with Benghazi and uranium one.
There is no justice only the decision of those in power.
> away with Benghazi
Wasn't Benghazi investigated to death by the right for an absurdly long time? Why do you think nothing was found?
I'm not sure if your willfully trolling or actually believe the misinformation you are spreading, and I'm not sure which is worse.
>Wasn't Benghazi investigated to death by the right for an absurdly long time? Why do you think nothing was found?
Didn't all the people except Hillary (who lied to the committee) take the 5th? Do you think that might be a reason?
> Didn't all the people except Hillary (who lied to the committee) take the 5th?
No.
It's pretty simple:
> Benghazi investigated for years
> Longest congressional investigation in history
> Multiple reports find nothing
> Hillary is guilty she escaped justice!! Investigate Benghazi!!
And at the same time:
> Russian collusion investigated for 10 months
> No published reports, investigation not concluded
> several inditements already
> This is a witch hunt of the highest degree to keep you distracted from uranium, emails and Benghazi!!!!
Wake up.
> several inditements already
Several felony indictments at that with some very serious charges filed.
When someone says something like "Wake up" it's a pretty reliable indicator they're off in conspiracy theory land. The reason they didn't find anything is Hillary deleted thousands of relevant emails from a server she shouldn't have had and the only person who could call her out on the lying took the 5th.
Wake up indeed. Do you really believe what you write?
> When someone says something like "Wake up" it's a pretty reliable indicator they're off in conspiracy theory land.
I'm saying wake up to the real world. By the way, a statement like that has a lot more impact if you don't immediately follow it with a conspiracy theory.
> The reason they didn't find anything is....
So what you're saying is Mueller has found more solid evidence of improprieties between Russia and the Trump campaign in 10 months than 5 years of politically motivated witch hunting. I'm glad we agree on that, and I'm sure you're far more worried about the sitting President of the USA's Russia links than something so thoroughly investigated as Benghazi or debunked as 'that uranium thing', that even if they where real would be somewhat overshadowed.
Did you believe the Trump campaigns 'lock her up' slogan? Can you fathom why he didn't follow through on his campaign promise to launch a full investigation into her? Could it possibly, just possibly, be because there is nothing and he only banged that drum just to excite people like you?
Indeed, wake up.
>I'm saying wake up to the real world. By the way, a statement like that has a lot more impact if you don't immediately follow it with a conspiracy theory.
That's all on the record.
>So what you're saying is Mueller has found more solid evidence of improprieties between Russia and the Trump campaign in 10 months than 5 years of politically motivated witch hunting.
Has he? Exactly what has Mueller found?
By the way, let me suggest to you that if the justice department ever asks you for emails relating to an investigation you'll almost certainly end up going to jail if you delete a bunch of them and then claim you were just deleting private email.
I keep wondering if, as in the case of Bill Clinton, 25 years after it matters Democrats will be willing to admit that yes, Hillary broke the law.
> That's all on the record.
Ehh, that's a half truth at best as even a cursory bit of research would tell you.
> Has he? Exactly what has Mueller found?
Enough to get two felony incitements and dozens of sealed ones? I mean, I'd expect you to know this as you care about these investigations based not on party but on their individual merit. So, you must be following this one really closely because that is already far more than the entire Benghazi investigation found and it's just getting started.
> By the way, let me suggest to you that if the justice department ever asks you for emails relating to an investigation you'll almost certainly end up going to jail if you delete a bunch of them and then claim you were just deleting private email.
http://www.politifact.com/truth-o-meter/statements/2016/oct/...
All in all, cool, but I care a lot more about the current sitting president of the USA's links to Russia than I do about some deleted emails. And if you don't, then I suggest waking up.
>Enough to get two felony incitements and dozens of sealed ones? I mean, I'd expect you to know this as you care about these investigations based not on party but on their individual merit.
So what's in the sealed indictments?
Don't include links to polifact if you want people to take you seriously. Seriously.
Don't know, but even a inditement for jaywalking is more substantial than anything the Benghazi investigation found.
Judging by the two unsealed ones though, it's likely more serious than that.
There is no justice only the decision of those in power.
-do you really want that power to be in the tiny hands of an orange clown ? #justcurious
As much as you may dislike him, please don't use this kind of discourse on HN.
just to clarify ? the question itself has merit ? no ? the description of the commander in chief however may not have shown respect, for which I accept your comment and take the downvotes on the chin.
> Just as is Russian “collusion” with trump. Absolutely zero evidence
Well... not quite.
Can you link to any evidence suggesting foul play on Kasperskys part?
edit: This question was far more reasonable before the parent comment was edited.
I mean... it was all over the news?
https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-...
You could write a very similar article about any AV company.
I've personally been automatically scanning data shared by various¹ AV companies for sensitive documents. I only store files not detected as malware by any scanners, and filter out large usually boring files (i.e. videos, audio). I also make an effort to filter out publicly available documents by googling them. So far I've gathered over 20TB of data.
So far I've found:
This is just off the top of my head, I could keep going for a while. I've got a searchable archive of tens of millions of clean pdfs, word docs, excel spreadsheets, powerpoints and so on. All pulled from users computers by their AV software.¹ Not including Kaspersky, but including many US firms.
How do you have access to this data? That sounds quite troubling
It's readily shared among researchers and "researchers". I'm scraping multiple feeds, but virustotal for example is one of the easiest public ones to access.
I was responding to the comment regarding collision between the Trump campaign and Russia
[deleted]
Really only describes standard AV co practices.
This is hacker news where we are smart which includes proper grammar. Why did you write out the word "slash", don't you know it's sybolized with a / sign.
Learn to philosophalize better.
The witch hunt has gone so crazy that even the author of faceapp than removes make up was somehow tied to "Russian troll farms". It's sickening.
What's your source for this? I remember they got a lot of flack for introducing race changing filters (AKA digital blackface). Thinking that was a good idea is pretty sickening.
Why are you downvoting me, people? What is that I said was wrong?!
I didn't downvote you, but you're responding in agreement to an obvious troll and spreading propaganda about a vast left-wing "witch hunt" which only serves to dilute and further degrade what little intellectual value this thread might have possessed.
> Fuck if I understand why people like JohnStrange, revelation and ryanlol are downvoted
The Hacker News community largely gets its non-hacker news from CNN, the NYT, HuffPo, etc. As mainstream US media parrots whatever the FVEY IC tells them to, it's not surprising that most HN voters end up uncritically believing the Russia-Is-Evil narrative from the same IC that conducted MKULTRA and sold us a war predicated on the lie that Saddam was loaded up with WMDs.
Downvoting any and all dissent from CIA psyops is the natural consequence of this. Because, patriotism, or something.
You really don't believe there is a possibility that some others have assessed all available facts and simply disagree with the conclusion that you've evidently come to?
Seems plausible, though regardless of whether Kaspersky cooperates (maybe under some gag order) with Russian agencies or not, it seems prudent for any government in the world to avoid using software that potentially uploads confidential data to foreign servers. Governments anywhere would probably be ill-advised to use anti-virus software from countries like the US or Russia, unless they can be sure that cloud analysis is either disabled or done in local datacenters.
I guess on the bright side at least the anti-virus market has a variety of firms based in many different countries, so you can choose your poison based on how trustworthy you find the respective governments. Doesn't help you when they themselves get hacked though.
As for the story itself, I kinda dislike the reliance on access journalism and "unnamed" sources in many of the reports. Yes, there surely are many legitimate reasons why sources have to remain anonymous, no doubt about that. But in a case that's so highly political it kinda leaves a bad taste if the story is so dependent on unnamed government sources.
>whether Kaspersky cooperates (maybe under some gag order) with Russian agencies or not
no offense, it is just very entertaining(and educational) to observe how people from one culture try to apply their mental frameworks to completely different mentality. There is no "whether", "or not", "gag order" (in the sense as if explicit one was necessary) in the Russian reality in the context of private company cooperating with FSB. Hell, there is no even much of "cooperating". An FSB guy just says what he wants to get, and he gets it pronto. And in cases like Kaspersky it is even more straightforward as Kaspersky and the others there are FSB guys.
I mean it is like a joke among Russians here:
"Did you hear? The NSA thinks about stopping to use Kaspersky on their computers!"
"Wow! How did they discovered (the ploy)? Was it the parachute?"
(the parachute is a reference to a very well known joke about a USSR spy in Nazi Germany from very popular TV movie - the spy was so good and invincible that only the deployed parachute he was dragging behind him in the open daylight on the streets of Berlin was the only possible clue for the Nazis)
Again, it is different reality. In US law protects from and punishes for illegal cooperation, whereis in Russia the system protects for cooperation and punishes for refusal to do so.
> In US law protects from and punishes for illegal cooperation
Then they can insist on legal cooperation. I remember how Pavel Durov (founder of Telegram) wrote that US secret service agents were stalking him in US and tried to bribe one of his developers.
"In US law protects from and punishes for illegal cooperation"
If you believe this I have an AT&T switch closet to show you.
Well you can say that, but they aren't likely to stop using Office...
Kasperky's story here seems completely believable. Yet the US government's warnings also seem reasonable even given just the facts everyone agrees on.
I guess the larger lesson may be how Russia's failure to establish rule of law makes it impossible to run a business that depends on trust. The US should take note: if they succeed in breaking Apple et al's attempts to protect their users, pretty soon the only countries you'll want to buy software from are Norway and Canada.
With secret warrants and other questionable laws trust is also becoming an issue for US companies.
> Yet the US government's warnings also seem reasonable even given just the facts everyone agrees on.
But somehow these warnings only became necessary in the past year or so, when the US has had ongoing conflict with Russia over the past 20 years?
It's interesting to analyze your comment for a minute. Consider that PRISM was revealed in 2013. It is a far reaching surveillance program carried out by the NSA with the assistance of numerous major tech players, including Apple. [1] It's unveiling was certainly an embarassment both for the companies involved as well as the NSA. And here we are in 2017, just 4 years later, with you stating that users can "trust" companies, including Apple by name, to implicitly protect their data from government overreach.
Essentially, that the government is publicly running a campaign to openly access user data does not in any way change the fact that they already have covert access to that data in private. Why are they doing this? One can only speculate, but I'd imagine one reason is that unlawfully obtained information and evidence is not admissible in court leading to all sorts of fun things like parallel construction. [2]
[1] - https://www.theguardian.com/world/2013/jun/06/us-tech-giants...
[2] - https://en.wikipedia.org/wiki/Parallel_construction
That does not make much sense. US companies have always needed to hand over information when presented with a warrant from LE or the FBI, I don't think that was ever denied by a US company.
In Apple's case, this would be any iCloud data which they can access and is not encrypted (such as contacts or calendar entries). However, the OP was referring to something completely different: Government attempts to force Apple to weaken data-at-rest encryption on everyone's devices.
It is fine if you believe that sealed/secret warrants are problematic, but it seems strange to equate that with the weakening of security for all.
It seems you're conflating a couple of our surveillance programs. PRISM operates in coordination and active cooperation with a relatively small number of US companies, including Apple. There is a rubber stamp warrant, of our secret court approves over 99%. The type and amount of information accessed here is extensive and includes encrypted and personal information - as well as even real time access to user accounts. You can see the NSA slides on PRISM here: https://archive.org/details/NSA-PRISM-Slides As an example of this, the NSA has real-time access to encrypted Skype conversations: http://www.spiegel.de/international/germany/inside-the-nsa-s... The breadth of information being collected was increasing quite rapidly, and everything I'm basing this this one is from 3-4 years ago.
Another surveillance program, that you seem to be conflating with PRISM, is MUSCULAR. That program is not as well known as PRISM. And it does what you're suggesting in directly tapping communication lines grabbing data from everywhere and archiving everything. Naturally anything that was sent on those lines unencrypted (or is otherwise able to be exploited) is then openly available. One significant difference from PRISM is that this is done without even a rubber stamping of warrants. Your post seemed to be describing the less 'cooperative' capacities of MUSCULAR with the token oversight of PRISM.
The problem that I see here is that most people are incredibly poorly informed on our surveillance programs, which include extensive domestic surveillance. And that is a shame, because in order for there to be progressive change people need to understand the current state of the situation. It's like discussing a budget when you think you have a billion dollars in the bank, but in reality you're already in the red - the sense of urgency, which should be there, has been artificially removed.
Two things this article just ZOOMS over but are critical:
1. If Israelis were "burrowed deep" in Kaspersky's network, sure, Russian hackers may have been, too - but so could have anyone else. Also the Israelis are not exactly fans of the Russians, and are our primary (sole?) Middle East ally, so there is bias and uncertainty there.
2. From the article:
"The allegations, all attributed to unnamed officials with no supporting documentation, helped explain why the US Department of Homeland Security in September took the unprecedented step of directing all US agencies to stop using Kaspersky products and services"
So we're not even mentioning how in May the Senate was already taking Kaspersky to task, and there were rumors of them getting the boot even in 2016? The allegations don't explain shit, they are just another facet of a year long political battle between the American legislative branch and intelligence services against Kaspersky.
It is plausible that the U.S. government made these files go through Kaspersky just so they could have leverage over them for a deal they wanted (like spying on their own country), or that a stupid contractor put them on their laptop along with Kaspersky AV, and the NSA got caught with it's pants down, they're using the Israelis to try to cover the embarrassment. This is not out of the ordinary behavior for an intelligence service.
Look at it this way: flip the roles. Would Russia try a play on their contracts with a U.S. company to further their goals?
The article contains a useful recap of the evidence so far regarding this particular Kapersky issue, but the news is Kerpersky's denial. I don't take the latter to mean too much either way; when you get into the world of intelligence, plausible denials are the norm, and corporations practice it pretty commonly too.
Of course the U.S. government had to remove Kapersky from its computers. Russian intelligence has been very aggressive; the U.S. can't assume they'd pass on the opportunity to utilize an opportunity this good: Antivirus is widespread and highly invasive - a confidentiality (and even integrity) violation utility, with access to all data and code on the system, that the user helpfully installs for you, and it comes with built-in remote updates and communication that the user fully approves of.
What I find hilarious about this whole story is that the US government allowed highly intrusive software from a non-allied country on government machines in the first place. It seems fairly reasonable to restrict software on machines that potentially hold confidential information (incl. e.g. patient data, payrolls) to software that is produced in the same country or by companies of close allies, or at least by companies who agree to some auditing.
Yet allowing anything seems fairly common practice, even more so outside the US. I wonder how many government employees of countries other than the US have Gmail accounts and put all their documents on Google docs, etc. Not to mention online backups which tend to be more expensive for servers located outside the US...
I don't know what the particular condition with Kaspersky and the US government was, but I work for a non-US based software company that has multiple special contracts with the US Federal Government; we have a special build of the software which was remade piece by piece on US soil, meets some Federal encryption guidelines, and our support is very strict on who can do what with any Federal Government account.
I'm not sure if this is common place or not, but I was under the impression that if you were from outside the US and wanted to land Federal contracts, you had to be ready to bend over a bit for the US Federal Government. No other government gets the same treatment currently.
> the US government allowed highly intrusive software from a non-allied country on government machines in the first place.
This is the key point. Also, the US Government was recently found to have fake Kaspersky SSL certs.
> Also, the US Government was recently found to have fake Kaspersky SSL certs.
This is not true. An old commit for a leaked implant included example client certificates, which were invalid and self-signed, used to disguise C2 communications as anti-virus updates to avoid scrutiny. Part of the system involved copying fields from valid certificates into self-signed (invalid ones) so the traffic would not look suspicious.
If they actually had fake/spoofed SSL certificates valid for Kaspersky’s domain, that would be entirely different.
> "... example client certificates, which were invalid and self-signed ..."
That sounds "fake" to me.
Original source article: https://securelist.com/investigation-report-for-the-septembe...
Ok so you out and out admit an offence under the espionage act - you've just fucked every employee out side of Russia over.
Receiving the goods in this case is just as much an ofence as stealing.
Can you explain this any further?
I am also inclined to believe Kaspersky is in the wrong here, especially given the publicizing of personal data from a customer's computer for PR purposes, but I am having trouble understanding how the Espionage Act applies?
"As it is currently written, the Espionage Act of 1917 makes it a crime to hurt the United States or benefit a foreign country by collecting or communicating information that would harm the national defense. It is also a crime to enter an installation or obtain a document connected to the national defense in order to hurt the United States or benefit a foreign country. Knowingly receiving classified information that has been obtained illegally, as well as passing it on, also runs afoul of the Espionage Act."
https://www.rcfp.org/browse-media-law-resources/news-media-l...
Interesting. That language gives me the idea that such prosecution could be very tricky, given the many instances of purported-classified information being relayed to press (In fact this would presumably apply to the information relating to Israel accessing Kaspersky systems and allegedly watching Russians exfil interesting data).
How is accidentally downloading a document and then deleting it immediately 'knowingly receiving classified information'?
they received it doesn't mater what you did after that an did take "deleted" with a pinch of salt
'knowingly receiving' means you know what you're receiving before you look at it.
As far as I can tell, the only reason US gov banned kaspersky because of some emails and work performed for the FSB led by Igor Chekunov, Kaspersky Lab’s chief legal officer and a former member of the KGB.
Is there any good reason for us gov to mistrust this company or will they need to leak secrets to us before that will happen?
It's very descriptive. They say a 45mb file was stolen. Nice of them to do that instead of painting it like some ancient civilization from some far galactic empire came down and spread pixie dust around nsa headquarters and that's how they hacked us.