FBI warns to not use Kaspersky software due to Russian backdoor

FBI

FBI

The FBI is now issuing a waring the US business should not use any products from Russia based Kaspersky Lab, after having already banned their products from government use. Kaspersky Lab is well known in the computer industry for its anti-virus software, and if you roll back the clock then you’ll remember that I warned against using any Russia based anti-virus software because

because anti-virus software always phones home to get updates. It has been obvious to me since day one that Kaspersky Lab is either a front for the Russian government or tied heavily to their spy agency.

“The FBI has admitted that it is actively discouraging businesses to not use security products from Kaspersky Lab,” Anthony Spadafora reports for BetaNews. “Rob Joyce, the US government’s Cyber Security Coordinator, said that the agency has been actively trying to convince companies in the private sector to no longer use products from the Russian security firm following a number of recent concerns.”

No Conspiracies

I’m not a conspiracy theorist, never have been and yet I’m sure many of you thought that I was losing my mind years ago when I warned against Kaspersky Lab, based on very little evidence. Its my decades of experience that allowed me to detect that something was very wrong with Kaspersky Lab, they seem to catch viruses that no one heard of, and they did to so authoritatively and convincingly that the only conclusion was that they created the virus or were part of the organization that did so. It seemed a bit less likely that they were simply stealing user information yet that is exactly what the FBI is alleging is happening with their software.

“The FBI previously raised issues over Kaspersky Lab’s ties with the Kremlin, as it believes that data collected by the company’s popular antivirus program is being sent directly to the Russian government,” Spadafora reports. “During a recent interview, Joyce once again highlighted the fact that the Russia-based security company can no longer be trusted by businesses and even by consumers, saying: ‘I don’t use Kaspersky Lab products. I worry that as a nation state Russia really hasn’t done the right things for this country and they have a lot of control and latitude over the information that goes to companies in Russia. So I worry about that.’”

Anti-Virus for Windows

The odd thing is that if you are a Windows user, which by now you shouldn’t be if you care about your own safety and security, then you likely feel compelled to use anti-virus software because Microsoft’s Windows operating system has been indisputably documented as being the very worst at personal security. The problem is that independent tests of anti-virus software on the Windows platform has shown consistently that most viruses (all malware in general) gets right past the detection capabilities of all major anti-virus vendors, none of them catch all malware and even if you used all of them at the same time then there would still be 40% of malware that would get through to you undetected.

Worse yet is the fact that anti-virus software on Windows have been shows to create their own security vulnerabilities in your machine, so the net effect is that anti-virus software actually makes Windows users more vulnerable than not using any anti-virus software at all.

Apple’s Solution

macOS™ (Macintosh™), iOS™ (iPhone™, iPod Touch™, iPad™), tvOS™ (Apple TV™) and watchOS™ (Apple Watch™) users are all very safe in comparison to Windows, (and all other operating systems including Linux) because Apple Inc. expends a huge amount of effort on protecting your personal privacy. All of Apple’s operating systems are actually the same exact basic operating system commonly called “Mac” but in reality Apple calls it Darwin (because thats where all life came from, according to Apple). Each variation of Darwin gives the user a different experience, i.e. on a desktop personal computer Darwin becomes macOS because Apple’s famous ground breaking user interface known as Macintosh is used. On an iPhone, or iPad, Apple takes Darwin and applies the iPhone user interface and this results in an operating system known as iOS. The point being that all Apple products are actually based on Darwin, which Apple continuously polishes and improves upon.

Darwin is a pure UNIX, and is certified as such by the official UNIX governing body (The Open Group) which results in greater stability of the operating system because its required to be extraordinarily compatible with other official UNIX operating systems. This gives a side benefit of being more robust and more secure because the true UNIX community is continuously working on improving security and stability.

If this sounds like the promise made by the Linux community, that is because it is the same, however Linux community members have no driving force behind them to actually make sure that their systems actually work because its software is written by volunteers who only contribute effort when their personal needs require them to create or correct a piece of software. The problem with that approach is that no one is responsible nor committed to create or update software so it only happens randomly, if at all.

Darwin makes us safe

Darwin has thousands of Apple engineers employees to continuously improve it, they are committed and responsible for maintenance and upkeep of Darwin so in reality, Darwin is always up to date with features and security protections. Apple usually adopts its pure UNIX components from FreeBSD (which is not related to Linux) however they adopt sensitive security components from OpenBSD which offers state of the art security (because its continuously and constantly audited for integrity, which Linux (and Windows) are not). Occasionally some Linux features do not appear I Darwin, because of a lack of security auditing or insufficient functionality, so you can see a lot of activity in Linux forums with little actual progress that benefits end users in any significant way. OpenBSD could be considered by Apple to become the basis for Darwin except that changes to core features take a long time to implement because so much effort is expended in ensuring that the system is secure. FreeBSD is not as secure as OpenBSD but it has state of the art features, so Apple’s brilliance is to use all the latest features from FreeBSD so it always stays current except for critical security components which come from OpenBSD.

Darwin itself is a renamed NextStep, which Apple purchased in whole from Steve Jobs, NextStep was derived from the original BSD (4.4BSD-Lite2 –Berkley System Distribution) so Apple’s Darwin pedigree is pure BSD no matter how you look at it (i.e. its not cobbled together from hobbyist code in Linux). Apple has over the years replaced some BSD components with its own improved components (which Apple has then donated back to the open source community so you are free to use them at no cost). This is why Apple is unaffected by virus and other malware outbreaks. Outbreaks in the Linux and UNIX communities are extremely unlikely to affect Apple products because they are either caught and repaired in a timely manner or Apple has already replaced that component with its own, more secure, components. Examples include OpenSSL which was replaced with an Apple component so although its still installed by default, the OS doesn’t actually use it (its there for users to perform basic crypto functions such as verifying MD5 checksums and other has functions; launchD which replaced cron; kernel was replaced with Mach microkernel then subsequently replaced with the XNU kernel, X Server-X11 replaced with Cocoa (the Mac user interface), etc. Other unique Terminal commands in Darwin ca be found here.

Apple Anti-Virus

A more direct way that Apple protects its users in a far better way than Windows or Linux are the  Gatekeeper and X-Protect progress, neither of which is visible to the user. X-Protect behaves very similarly to a commercial anti-virus program but is completely invisible to the user because it is baked directly into the operating system. It is updated regularly by Apple (as long as the device has a connection to the Internet) and has effectively stopped 100% of all malware that is targeted against Mac users. No Windows anti-virus program has ever come anywhere near this level of effectiveness (Windows anti-virus programs probably have an over all 40% success rate). Gatekeeper stops programs from running on the Mac unless it has been cryptographically signed with a digital key that is registered with Apple. Since malware is not registered, it simply will not run on a Mac. Programs available from Apple’s Mac App Store are all digitally signed, which makes that store the only safe haven in the world for downloading software.

Mac users do have the ability to completely control their computers so its possible to set Gatekeeper at a less intrusive level or even to turn Gatekeeper off completely. Advanced users can even allow a single program to run without disabling Gatekeeper, if they know the correct way to launch it. This allows powers users to install one the of the few useful programs that is not on the Mac App Store, since they already know by other means that the program is completely safe.

There was one incident, years ago, where a handful of Tibetan Mac users were infected by spyware via a compelling email download that they installed themselves. This was an expensive and sophisticated State Sponsored attack against them, allegedly by the Chinese government, which is not what a typical personal computer users is faced with. Apple subsequently deployed Gatekeeper and X-Protect, which has prevented any outbreaks fro occurring since then.

Bad Software

Handbrake and Transmission software were both infected by malware that did infect a small handful of Mac users. Neither one of these software apps are digitally signed and neither is available from the Mac Apps store. Users that downloaded either one of those two programs had to purposefully disable Gatekeeper or use the advanced bypass sequence in order to get the apps to run at all, so these users knew that they were taking risks of infection by disabling the built-in Mac security. The folks at Handbrake quickly took down the infected download and replaced it with a clean one, however at this point they still have not digitally signed their software nor have they put it on the Mac App Store, citing erroneous reasons as to why they can’t offer their software on the Mac App Store. Its true that software developers pay a microscopic fee for posting their apps on the Mac App Store, a fee so tiny that it could be paid for with pocket change. I suspect the Handbrake folks are mostly Windows developers that still derive pleasure at slighting Mac users, either consciously or subconsciously. The folks at Transmission, actively posted the Gatekeeper bypass instructions on their website, thus enable non-power users to deactivate their Mac’s security protection. This is not acceptable and they should never have done that. Since power users already know how to work the system safely, there is no need to put normal users at risk like that.

Normal Mac users will not deactivate their own system’s security so they are safe from everyday malware attacks. Any person who is involved with State Governments are at high risk from spies and military attacks, regardless of which computer system they are using. These are extreme situations, like the attack on Tibetan Mac users, that require professional security personnel to secure, and even then if a spy or military personnel want to compromise that computer then its just going to happen one way or another. Barring a State or Military attack, Macs continue to be the safest personal computers by a massively wide margin, on the planet.

Top Notch Security

iOS (iPhone and iPad) users get an even more secure version of Darwin because they can only download apps from Apple’s App Store, preventing users from installing malware on their own devices. Direct attacks on iPhones and iPads are completely unheard of, the only possibility to compromise them is if the user has an old device that does not have the thumbprint scanner and the attacker gets their hands on it physically. For newer iPhones and iPads that do have the thumbprint scanner, its considered to be impossible to break into the device. Even the FBI is unable to break into modern iPhones, as witnessed by FBI Director Comey’s inability to get the US Government to force Apple to install a backdoor to allow government access into every ones devices. Congress denied the FBI their motion and sided with Apple’s stand to protect your privacy.

Microsoft and Google are already known to have backdoors that allow the US Government easy access into Windows and Droid systems, at will. This is on top of the inherent insecurity of Windows and Droid, which is extremely well documented by security professionals all over the world.

Be Safe!

Kaspersky Labs is now persona non grata and obviously for the few remaining Windows users that are reading this, you should immediately disconnect from the Internet, remove Kaspersky products, reinstall your OS, get a friend to download all the latest security patches onto a flash drive then install them before reconnecting to the Internet, or a much easier way is to simply get an iPad (99.9% of Windows users don’t need anything more than an iPad to fulfill all their computing needs) and abandon the Windows machine.

Source

Darwin

Unix Commands Unique to Mac OS X / Darwin

Kaspersky software fronts KGB access to computers

Transmission BitTorrent software tries to attack Macs once again

FBI loses, Apple wins! Justice Department about to retract demand against Apple

Court denies FBI permission to compel anyone to give thumbprint to unlock phone

Apple fires back a stealthy blow at the FBI: private encryption keys for iCloud

 

Hashtags

#WeStandWithApple

#SecurityForAll

#ThinkDifferent

Blackstone’s Formulation

“It is better that ten guilty persons escape than that one innocent suffer” William Blackstone

Favorite me on AppleNews now, to stay up to date with deep insight and helpful tips.

Get more free cloud storage space now, directly from: Drop Box

Thank you for your support, Please don’t forget to visit the sponsor of my site, Amazon, it really helps me out and does not cost you a single penny extra.

Dr Bob

Dr Bob Tech Blog Privacy Policy

Leave a Reply