The international trade lawyers are already planning how to spend this windfall.
Kaspersky dragged into US govt's trashcan as weaponized blockchain agile devops mulled
President Donald Trump has signed the National Defense Authorization Act for 2018, which includes a ban on products from Kaspersky Lab running in US government agencies. Section 1634 of the law specifies that: No department, agency, organization, or other element of the Federal Government may use, whether directly or through …
COMMENTS
-
-
Wednesday 13th December 2017 04:19 GMT Anonymous Coward
Why just single out kaspersky?
"Why just single out kaspersky?
Because they're not a front for the Israeli security apparatus. Letting agents of a foreign intelligence service bug your computers isn't the best way of securing your cyber infrastructure. The FSB must be laughing itself silly.
-
Wednesday 13th December 2017 13:49 GMT CrazyOldCatMan
Oh look over there, a squirrel and it's red.
Not here in most of England it's not. Thanks to the import of US grey squirrels.. (Scotland is more lucky - it's too cold there for the greys to thrive and so the red squirrels have a chance..)
Just one more lesson fron nature about the dangers of stuff coming from the US :-)
-
-
Wednesday 13th December 2017 17:56 GMT Anonymous Coward
> I think that the UK (and other Europeans) were just as irresponsible when the exported our human population in the 15th century onwards.
We were just grateful to be rid of them as they climbed aboard their prototype B-Ark.
Little did we know that not drilling a hole in the hull would cause so much pain for so many.
-
-
-
Tuesday 12th December 2017 23:33 GMT veti
Isn't it unusual, for a law to single out a specific company by name?
Looks like the sort of thing you'd do if you were building a clientelist government, a la Zimbabwe or Venezuela - in which the executive simply gives money to its political friends, without any pretense of reason or services being involved.
-
-
Wednesday 13th December 2017 10:18 GMT Anonymous Coward
Товарищ Лисенко you never cease to amaze me! A modern person who knows about Attainder: a nasty little law that was extensively used during the Deformation to steal land from people who disagreed with the ruling elite. So your calling of the similarity is striking - as is the observation that the alleged crimes of the company are unprovable religious dogmata.
-
Wednesday 13th December 2017 11:27 GMT Lysenko
A modern person who knows about Attainder: a nasty little law that was extensively used during the Deformation to steal land from people who disagreed with the ruling elite. So your calling of the similarity is striking - as is the observation that the alleged crimes of the company are unprovable religious dogmata.
There's nothing religious or obsolete about attainder where US law is concerned. The "Elizabeth Morgan Act" was struck down on that basis in the early 2000's and the Holman Rule is an example (re)activated only this year.
-
-
-
-
Wednesday 13th December 2017 03:04 GMT Palpy
Sigh... it's geographical as well a geopolitical, innit.
Why single out Kaspersky?
Dost thou recall, gentle commentards, the previously-secret hacking tools pulled from the laptop of one Mr. Pho, ostensibly by an automated Kaspersky scan for malware? Did Kaspersky intentionally send the FSB the data?
“'The more likely scenario is that Russian intelligence has some sort of automated monitoring of the traffic that comes back to Kaspersky,' says James Lewis, Cipher Brief expert and a Senior Vice President and Program Director at the Center for Strategic and International Studies (CSIS)."
What about an FSB spy inside Kaspersky?
"...the authoritarian political environment in Russia means that the FSB would not have to go through the subtle process of recruiting insiders within Kaspersky. Rather, what the Kremlin says goes, according to Steve Hall, a former member of the CIA’s Senior Intelligence Service."
“'The FSB would have no need to have a spy inside of Kaspersky,' says Hall. 'Bottom line is that it’s almost unimportant how they’re doing it – what’s important is that the FSB can do whatever they want because Eugene Kaspersky and that entire company is based in Russia and nobody wants the FSB knocking on grandma’s or mom’s door and saying, ‘your son isn’t being as cooperative as we want him to be.’”
"[Former British signals intelligence chief Robert] Hannigan agrees. 'It’s simply inconceivable that a Russian company would say ‘no’ to an approach by the FSB: it would be reckless to refuse,' says the former GCHQ chief. 'So, this is not so much about cyber but about authoritarian state control and corruption.'”
All this is quoted from The Cipher Brief, but the quotes seem pretty common-sensical to me. In pragmatic terms, nobody is picking on Kaspersky because they are Russian; they are picking on them because the environs in which they operate are technically, legally, and politically controlled by an authoritarian regime which is inimical to many Western interests.
Eugene K. may be a helluva a good fella running an excellent technical security company. But he doesn't control his country, and his country has extraordinarily coercive leverage over anyone or anything in its domain. And probably has extraordinary abilities to monitor internet traffic -- meaning that every datum sent to Kaspersky as part of its security service is probably monitored by the FSB.
Simples.
-
Wednesday 13th December 2017 03:31 GMT Anonymous Coward
Re: Sigh... it's geographical as well a geopolitical, innit.
And we can also reverse the whole argument.
Especially.
'It’s simply inconceivable that a American company would say ‘no’ to an approach by the NSA'
'it would be reckless to refuse,' says the former GCHQ chief. 'So, this is not so much about cyber but about authoritarian state control and corruption.'
But really thats just word play.
What is of greater concern is the simple fact that the US by seeing Kaspersky as a hostile cyber weapons system implies that American products are also to be seen as cyber weapons.
As an Australian, I see the American threat of commercial espionage as more damaging, persistent and likely.
-
Wednesday 13th December 2017 05:25 GMT Palpy
Re: Sigh... and absolutely right, mate.
Yep. You are absolutely arfin' right. The argument cuts on geopolitical boundaries.
Outside the USA, the same rules apply: why would an Aussie trust McAffee not to send info to the NSA? No reason, mate. If you are outside the confines of the geologically static east coast of NA and the geologically active west coast of NA, then no: do not trust US security software, because it may very well be compromised by NSA.
If you are in USA, would you rather the details of your company's strategic mineral rights are in the purview of Russia or China or US intelligence? Well, duh.
Keep your own secrets, my Aussie commentard. Keep them well, and beware NSA. Beware FSB.
I have no beef with that.
-
Wednesday 13th December 2017 12:20 GMT Muscleguy
Re: Sigh... it's geographical as well a geopolitical, innit.
Ditto wrt a British company and GCHQ/MI5/6 etc wielding various 'notices' premised on the Royal Prerogative non democratic powers.
Can you imagine how they will run about trashing and shredding stuff when we vote Yes here in Scotland? Just the prospect of iScotland people crawling al over Faslane and Coulport must give them the willies. So far all the SNP have said is that rUKgov will have only so long as they need to safely remove the nuclear vessels and materials for a lease on those sights post Indy. Scotgov will expect to see a lot of building work in Aldermaston/Devon/Cornwall very soon after the Yes vote. There is also the small matter of the rusting nuclear sub hulks sitting at Rosyth while MoD pretends to figure out how to safely remove and make safe their ancient reactors.
Any English or Welsh ports who want to volunteer to host these? Don't all rush at once now.
If you don't believe me said hulks are clearly visible on Google Earth. The nuclear warhead bunkers on the hillside above Coulport where they take the warheads off the missiles and put them back on again can also be clearly seen. The boats currently under arms control and cost saving measures not sail with their full complement of missiles/warheads so there must be quite a few in those bunkers. Meaning HMgov needs to dig and pour a lot of concrete somewhere quite soon. Can't have us Scots with our mitts on them, can we?
-
-
Wednesday 13th December 2017 12:46 GMT Milton
Re: Sigh... it's geographical as well a geopolitical, innit.
Why is the post by Palpy being downvoted, I wonder? The key point the author makes is this—
"Eugene K. may be a helluva a good fella running an excellent technical security company. But he doesn't control his country, and his country has extraordinarily coercive leverage over anyone or anything in its domain."
—and this is of course true beyond any reasonable argument. Democracy no longer exists in Russia, after a brief post-Gorbachev flowering, the legal system is an entirely corrupted joke, any independent journalist lives in fear and political opposition is a risk to life.
So yes, when the Kremlin "requests" any damn thing it chooses, you'd better say Da.
I wouldn't be surprised if Kaspersky products are entirely clean and perhaps better than most western rivals (and they did offer sight of their source code), but it doesn't matter because where Russia is concerned (and this should be true of China and North Korea too, at least) we are looking at capabilities, not intentions.
Trump is an imbecile, and probably doesn't understand one-hundredth of what he's putting his pawprint on, but in point of fact you should not let your national security depend upon soft- or hardware which may be open to compromise by unfriendly nations.
The US (or the UK govt for that matter) should not be using Kaspersky any more than it should allow electronic components made in China into any of its secure systems. It boils down to common sense, does it not?
-
Wednesday 13th December 2017 19:20 GMT bombastic bob
Re: Sigh... it's geographical as well a geopolitical, innit.
"Why single out Kaspersky?"
it's mostly an 'N.I.H.' thing, related to national security. If _ANY_ national security stuff relies on "outsourced" tech, it's a potential problem. I think Trump just wants to promote U.S. business while simultaneously NOT relying on Russia-tech.
I also point out if they switch to Linux or BSD or some other open source OS for gummint desktop computers, they won't even NEED something like Kaspersky's products...
-
Wednesday 13th December 2017 23:42 GMT Roland6
Re: Sigh... it's geographical as well a geopolitical, innit.
Dost thou recall, gentle commentards, the previously-secret hacking tools pulled from the laptop of one Mr. Pho, ostensibly by an automated Kaspersky scan for malware? Did Kaspersky intentionally send the FSB the data?
Dost thou not recall, Palpy, one Mr. Pho deliberately used Kaspersky to deal with a malware infection on his PC. Do we have any evidence that the malware was 'benign' ie. it didn't cause the upload of files of 'interest' to it's unknown masters systems, located in places unknown and potentially under surveillance by powers unknown.
The rest of your post is simply conjecture verging on conspiracy theory about the relationship between KAspersky and the FSB and the powers (and resources) of the FSB, and thus serving only to spread FUD about Kaspersky.
In pragmatic terms, nobody is picking on Kaspersky because they are Russian; they are picking on them because the environs in which they operate are technically, legally, and politically controlled by an authoritarian regime which is inimical to many Western interests.
If this were the case, the relevant section of the bill would list several other products similar to Kaspersky, all of which are developed in countries who's governments are as likely to spy on friends and foes alike. Also just because the product comes from a US company, doesn't mean that the original development and support etc. is also based in America...
-
Thursday 14th December 2017 03:30 GMT veti
Re: Sigh... it's geographical as well a geopolitical, innit.
In pragmatic terms, nobody is picking on Kaspersky because they are Russian; they are picking on them because the environs in which they operate are technically, legally, and politically controlled by an authoritarian regime which is inimical to many Western interests.
If that's the the case, why single out Kaspersky by name? Surely they should apply a ban to all companies with significant human assets in Russia.
Personally, I suspect Kaspersky's only real crime is "having the temerity to compete with good Murrican companies who are willing, for a price, to say nice things about the Dear Leader".
-
-
Wednesday 13th December 2017 10:14 GMT amanfromMars 1
A Definitely Rad and Probably Also Quite Mad Great Game Play?
Does anyone else imagine the future reality unleashed will be All Virtual Manner of Kaspersky Fans/Subjects and Objects of Interests now increasingly ProACTively remotely attacking and degrading rather than protecting and monitoring U$ Base Systems of SCADA Command/Elite Exclusive Executive Office Operation?
Such when true is surely an epic fail with untold mounting catastrophic consequences in the pipeline for an ignorant fool move?
What/Who on Earth are they using for their Intelligence? The product they're flogging is rotten and well past its best sell by date.
Changing Suppliers delivers Changed Realities. And with AI and IT Command and Control of Media Programming, is it simple and no more difficult that that.
So, who/what be offering such a Creatively Novel and Immersively Disruptive AI and IT Command and Control of Media Programming?
-
Wednesday 13th December 2017 11:58 GMT Paul Smith
Dumb and dumberer
When the US banned the use of Huawei telecoms equipment from federal contracts it was because they claimed (without evidence) that Huawei equipment was phoning US secrets home to China. Snowdon later proved that the NSA had corrupted US company equipment to do exactly that.
If the US is now banning Kaspersky for phoning home to the FSB, then I think it must be safe to assume that US software has already been corrupted to do exactly that. Methinks it is time to find alternate suppliers.
-
This post has been deleted by its author
-
Wednesday 13th December 2017 13:12 GMT Anonymous Coward
The correct action for the REST of the world ..
.. is not to EXPLICITLY install Kaspersky.
By the exact same logic, it is definitely NOT a good idea to install any product of US origin now. Even if you are in the US yourself.
Kaspersky has refused to whitelist government spyware for years, which I see as the real motive to get them out of the door. If they really were so against Russia, Trump would have been ejected months ago.
-
Wednesday 13th December 2017 13:55 GMT keith_w
Many years ago I had the opportunity to install a copy of Kaspersky's AV. It asked for so much personal information including address, and as I recall, date of birth, that I said what the heck (ok, not heck) is this baloney, (ok, not baloney, but another B word) why the heck (again, not heck) do they need this info and cancelled the install.
-
Wednesday 13th December 2017 14:44 GMT Anonymous Coward
Kaspersky is a scam
I have no sympathy for them. Would like it if they were blocked from doing business in the US seeings my wife has been charged 100 dollars for the last 3 years by them for a product she doesn't have. How do you block them from charging your credit card? I don't even know.
-
Wednesday 13th December 2017 18:12 GMT Anonymous Coward
Strange World
Check Point firewalls utilize a Kaspersky A/V engine. Recall they are a Israeli company and there is little love lost between Israel and Russia.
Further, the US Dept of Defense continues to list Check Point devices on their approved product list: https://aplits.disa.mil/processAPList.action
-
Wednesday 13th December 2017 19:41 GMT amanfromMars 1
If IT were Too Simple, Anyone Could Lead Everyone Anywhere and Everywhere
Surely the new modern post era concern and/or areas of more abiding interest for both State and Non-State Intelligence Agencies, is not so much the keeping secret of Top Secrets/Sensitive Compartmented Information, which they may or may not have and be using to ensure definite self advantage, but the greater sharing of such secrets with all and/or a Chosen Few ...... for Beta IntelAIgent Surfing of SMARTR Waves on World Wide Webs which deliver with/for AI, More Perfect Virtually Realised Futures.
A Quantum Communications Leap for Reality into New Virtualisation Fields which Produce and Propagate, Present and Provision for Future Global Picture ProMotions with Remotely Controlled Advanced IntelAIgent Programming of Alien Assets/Novel Goods/Immaculate Source.
Or do you not think, and think the the Future appears all by itself, with paths and words to follow presenting themselves without vast aforethought by SMARTR Wave Riders, to be shared by an Almighty Magic?
That is just too unbelievable to be acceptable as true and an honest reflection of the state of Current Play in Virtualised Reality Fields ...... Live Operational Virtual Environments.
And now the news is El Registered here for your pleasure, what would you like IT and AI to do next for you?
-
Thursday 14th December 2017 08:05 GMT amanfromMars 1
Re: If IT were Too Simple, Anyone Could Lead Everyone Anywhere and Everywhere
And selflessly shared here for enlightened peer to frightened peer review and superbug hunt ...... if you be up for and up to the task.
Pathetic indifference and embedded ignorance are such catastrophic systemic hurdles to overcome for magical progress, are they not? Or be they just simple colossal 0day vulnerabilities to exploit and expose as an AIRoot with route mapping facilities/virtual travel enabling abilities?
-
-
Wednesday 13th December 2017 20:33 GMT Anonymous Coward
If my government says:
If my government says:
you don't need rights on the internet, you need rights on the internet
you need this vaccination, you don't need it
you must buy over priced insurance, you are boned.
you don't need a gun, you will need a gun
we aren't spying on you, they are spying on you
your food is safe, your food isn't safe
it isn't lying to you, it's lying to you
you can't have Kaspersky, you need Kaspersky
It isn't in the middle east for oil companies benefit, you get the picture.
-
Thursday 14th December 2017 15:46 GMT conundrum
cry babies
Everyone seem to be forgetting the most important dynamic here, supplier and customer. The US is Kaspersky’s customer it is not obligated to be a customer for life, which is what some are implying. So the US made it official that Kaspersky will not be used and many of you lose your mind. Guess what, they are pay the bill it is their right to stop using the product. The US does not trust the Russian government and a news flash for you all neither does Kaspersky both pre and post divorce. If you are a Kaspersky partner you pay for your licenses through intermediary banks to a holding company on the Isle of Mann, so yes even Kaspersky knows not to trust the Russian government and make sure all that lovely cabbage is far out of the reach of the government. That way in case they need to run they will still be rich. How do I know this simple I was a Kaspersky business partner and have had drinks with Eugene and Natalia, both of who are very nice people.