Kaspersky: The Russian Company That Is a Danger to Our Security(mobile.nytimes.com) |
Kaspersky: The Russian Company That Is a Danger to Our Security(mobile.nytimes.com) |
Can I trust Cisco VPNs? Can I trust Windows? Can I trust my router? The NSA opens boxes in shipment to break their security, and they have the resources to do a lot more.
Unfortunately for us in the U.S., the NSA threat is a real one, not a hypothetical.
And a question for the people who know more than me: is there any IT vendor who hasn't been corrupted by the NSA, the Russians or the Chinese?
There is no transparency in Russia. In a system of kleptocracy, bribery and a questionable judicial system, there is no boundary between state actors and any "private" corporation. If the FSB asks Kasperski for help, they can't say no, and they won't tell.
If given the choice, I'd still rather trust American intelligence services. In fact, I do believe American products to be safer in this regard.
The reason why we know so much about what the NSA does is because a few NSA contractors have broken the law (for good or for ill) and leaked classified information about operations. Without leaks, there would be no information about what NSA does or doesn't do.
The only difference between NSA and FSB is that FSB hasn't used as many contractors and hasn't had as many leakers in Snowden-like positions.
What I don't trust is the NSA to not break things. Its core to their mission. Is the anyone who is capable of and willing to make products with an assurance of security and privacy? Is there any webcam that I can trust to never spy on me? Any device that isn't leaving my precise location - even when Wi-Fi is off? Is there any firewall I can trust to keep snoops out? Any software that isn't vulnerable to NSA interference? They're ac advanced persistent threat for a reason and we shouldn't forget that.
Except it's not. It's because of leakers who were aggressively pursued/prosecuted by the US government...
Isn't that _exactly_ how it works in the USA, with National Security Letters?
Apple isn't there yet, but who knows when they'll be compromised.
However it also seems credible that Microsoft, Intel and other critical hardware and software vendors based in the US may have moles and/or agreements in place with CIA/NSA.
No Russian citizen in Russia, especially not anyone with any kind of wealth, can deny the government's requests. Whether the influence on Kasperky is from the top or only starts further down the chain, is more of a stylistic aspect of handling intelligence assets...
Why people here continuously fail to understand the concept of an opinion piece? The NYT even hosted Putin in the op-ed column.
The pragmatic difference is that it's very hard for another country to completely avoid relying on software products created in the sphere of influence of Western spy agencies, whereas it's relatively easy for US to ditch Kaspersky.
Perhaps it is a bad idea for the US government to use Kapersky software, and perhaps it isn't. I wouldn't be able to determine that by reading this opinion, because it contains no facts backing up the author's fears.
https://theintercept.com/2017/06/05/top-secret-nsa-report-de...
I do agree with you that without firm evidence & legal framework, the government should not victimize private business interests.
I would assume that attempts to gather information on and hack into voting machines happen all the time, by both state actors and private individuals. They key is whether or not such attempts are successful.
I'm honestly wondering if the reason they say not to use them is because they detect NSA things.
What she has failed to show is how are Kaspersky's actions worse than those of Cisco, Juniper, Microsoft, Intel, etc.? Can she state, with conviction, that the NSA does not have backdoors in US products? That the NSA is not exploiting holes (which they could get fixed by the vendors, but aren't) ?
BTW: the US has been "hacking" elections one way or the other all across the globe for decades. I find this uproar in the US about being hacked laughable, as we've been doing it for so many years! Sure, we may not use the exact same techniques are the Russians, but we do meddle in other countries' elections all the time.
This isn't what she wrote.
>But a backdoor is not necessary. When a user installs Kaspersky Lab software, the company gets an all-access pass to every corner of a user’s computer network, including all applications, files and emails.
Isn't this true for all antiviruses.
>The Kremlin hacked our presidential election, is waging a cyberwar against our NATO allies and is probing opportunities to use similar tactics against democracies worldwide
Any proof for this?
Just realized that this was written by a Democratic Senator who took a stand against Kaspersky. That explains the lack of balance in the article and the tone.
Also. I would have a problem with any one having my data, be it Symantec and NSA or Kaspersky and KGB.
Stopped reading there.
Can you provide an article, or source for this specific claim? There was definitely illicit accesses to voter registration databases during the 2016 election, but you specifically said voting machines.
That's the first line in the article and is stated as fact, what's the evidence for that? How exactly did Kremlin hack our election?
Are they implying had it not been for their hackers we might have had Hillary as a president. I remember her campaigning in California multiple times and but I guess those sneaky Russian hackers changed her itinerary to never visit Wisconsin. They also forced her to setup that stupid server and send classified information over it. Then held the hands of her staffers as they smashed those blackberries with hammers.
Saw someone else here stopped reading at that line, and can't blame them. This is becoming like the WMD and the Iraq War story. At some point it becomes counterproductive to repeat it because it starts to work in the opposite direction. No doubt there it was a very well thought out PR campaign, but it's time to wrap up and move on.
It always comes down to "it was the Russians, trust us".
As someone said, Kaspersky is danger because it is revealing NSA tools.
(and I can't write short sentences :) sorry)
> the company gets an all-access pass to every corner of a user’s computer network, including all applications, files and emails.
Isn't that a possible definition of a backdoor?
> is waging a cyberwar
Cyberwar is a codeword for "I have no idea what I am talking about".
> I hope to amend it to ban Kaspersky software from all of the federal government.
They should ban all proprietary software instead, that way they will avoid the NSA backdoors as well.
If ex-CIA employees work for Cisco, their work is subject to corporate leadership. Whatever they do, or are allowed to do, is the responsibility of the company as a whole.
Erik Prince editorial on how military contractors are the solution to everything.
This article is just pure unadulterated bullshit. A propaganda piece from the US Government, nothing else.
https://www.nytimes.com/2017/09/01/us/politics/russia-electi...
[0] http://www.slate.com/blogs/the_slatest/2017/09/01/did_russia...
> The New York Times reporters acknowledge that it is uncertain whether the problems were caused by Kremlin-directed hacking or a more innocuous mishap like software malfunctions or human error. Furthermore, an NSA analysis was unable to determine if the Russian hackers were successful in compromising the election vendors or what specific data had been accessed.
I need a little more than that before I get all riled up about the Red Scare.
"Since being freed in September 2013, Nacchio, 65, has repeatedly denied he engaged in insider trading, arguing that he thought Qwest had opportunities to get federal contracts that would have boosted its revenue, but those opportunities were withdrawn after the company's alleged refusal to cooperate with a National Security Agency surveillance program.
Nacchio has suggested repeatedly that the government's prosecution of him was payback for not helping the NSA."[2]
Even if it turns out that Nacchio really is guilty of insider trading and the government did nothing untoward, one can see how easy it would be for the US government to destroy the life of a CEO they find uncooperative.
1. https://en.wikipedia.org/wiki/Joseph_Nacchio
2. https://www.bizjournals.com/denver/news/2015/04/29/joe-nacch...
On the other hand, the NSA is not controlled by the government, at least not to the level of individual prosecutions, investigations or contracts.
Even with the most egregious abuses of these National Security Letters, their scope is still limited and they have to have justification for whatever they demand. There is a record of such letters, which can be examined, for example by politicians in congress or the next administration. Companies can even challenge these letters. And they are still leaked all the time.
I doubt it works that way in Russia.
You mean the FISA Court that Russ Tice once described as a "kangaroo court with a rubber stamp" and that approves over 99% of applications? Is that 1% rejection rate in a closed door court where due process lives?
I mean, I'll grant you that it's _worse_ in Russia; they don't even have that 1%, and the scope of abuse is much broader.
But I do wonder if part of the propaganda value of the aforementioned Red Scare is to drive attention away from domestic abuses.
Still that is a whole lot more "due process" than in Russia. And FISA only applies in relatively few circumstances.
[0] https://www.theregister.co.uk/2015/06/29/wikileaks_docs_show... [1] https://en.wikipedia.org/wiki/Industrial_espionage#Concerns_...
There have been long standing allegations that the US uses ECHELON to spy on foreign business.
Second to that we all don't live in the US, and many of us are from the "good" side also, but that doesn't mean we are immuned to US eaves dropping.
FSB has lots of contractors leak though. They just disappear and are never heard from again. Such as Ruslan Stoyanov.
Of course government agencies don't want to expose their secrets voluntarily. They have to be dragged into the open kicking and screaming. Doesn't mean that they aren't, though.