US Homeland Security says hardly any Kaspersky software left on federal networks Only 15 per cent of US federal agencies still have Kaspersky Lab software anywhere on their networks. So said the United States' Department of Homeland Security (DHS) assistant secretary for cyber security, Jeanette Manfra, at a Tuesday hearing of the House Committee on Science, Space, and Technology's oversight subcommittee …
Let's hope all those malware 'conduited' upload feeds from Windows 10 machines (opted in by default, with a catch-all opt-in, i.e. sensitive user files) are secure too then and can't be intercepted either at the point of transmission (on the machine itself), during transmission or during the upload to MS servers via a prism type intercept or that the in-built MS Defender software can't be manipulated to send the slurping results elsewhere.
How's the Microsoft Windows 10 slurping model any different from Kaspersky, other than the final destination?
Mozilla Firefox's new so called, screengrab 'convenient screenshot' technology built directly into the browser sets a dangerous precedent too, baking it directly into the browser. It will end in tears, as it has for Kaspersky.
If you directly bake slurping spyware directly into products, whether it be MS, Mozilla or Kaspersky. Someone will try to enable those API handles for their own benefit, because you have left the tools inside the shed, to help see, extract and remove the items from the shed, as any Garden thief would tell you, carrying everything off in your own free wheeling wheelbarrow.
Firefox's built-in screen-grab tool is just another example of their annoying bloat. It's a browser for goodness' sake, please make it view web-pages as well & as quickly as possible. Nothing else.
"Oh, but our users often need to screen-shot webpages while browsing, so we put this in for their convenience!"
Yeah, you know what else people tend to do while browsing the web? They listen to music. They work on documents. They conduct IM conversations. They do background rendering tasks. But surely, Mozilla, you wouldn't think it reasonable to add a music player, spreadsheet, IM client and Blender to Firefox?
Aw, shoot. I just gave them ideas, didn't I.
"Aw, shoot. I just gave them ideas, didn't I."
Not really, you just reinvented Chrome OS.
<conspiratorial tone> Are you sure that Chrome isn't actually Emacs hiding behind a fancy UI?</conspiratorial tone> ☺
Dr Jacobson's testimony is interesting at ~46min. That and other references to supply chain threats is really where the opposition to Kaspersky comes from. It almost doesn't matter whether there is any specific evidence of actual harm - the key driver is the assessment of risk (to the US) associated with the presence of Kaspersky products on the government systems.
If for example McAfee was in the pocket of the NSA and eagerly shipping everything it found to hidden servers buried deep below Fort Meade, then it doesn't matter in this assessment because McAfee does not get assessed as a risk.
It will be helpful to those who want to elevate the perceived risk of Kaspersky (for whatever reason, relevant or not, political or not) that the NSA malware exposure may have involved Kaspersky, whether incidental, deliberate or otherwise i.e. guilt by association allows an increased perception of risk.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
