Installing antivirus requires a lot of trust. It necessarily means that you are installing kernel drivers, an auto updater, hooking, etc 6/n
-
-
Replying to @MalwareJake
In addition to the signatures that the user sees, AV companies also deploy silent signatures to collect telemetry on installed machines 7/n
1 reply 0 retweets 5 likes -
Replying to @MalwareJake
If Kaspersky (KAV) can be controlled by Russian gov, they could be tasked to evaluate the security of DoD computers and report back. 8/n
1 reply 0 retweets 2 likes -
Replying to @MalwareJake
Another possibility would be KAV turning a blind eye to Russian malware, specifically on DoD machines (researchers wouldn't notice) 9/n
1 reply 0 retweets 2 likes -
Replying to @MalwareJake
In a worse scenario, KAV could be forced to use auto-update features to deploy malware for RU .gov and turn a blind eye as it injects 10/n
1 reply 0 retweets 2 likes -
Replying to @MalwareJake
In a nightmare scenario, KAV could be forced cripple DoD machines on which it is installed. This could be covert or overt. 11/n
2 replies 1 retweet 4 likes -
Replying to @MalwareJake
Isn't the same true of Cisco? Or Microsoft? Is this just retaliation against RU prohibiting some US tech cos (eg Linked In)?
1 reply 0 retweets 1 like -
Replying to @emptywheel
See later in thread where I point out any AV company can do this. It's not just KAV.
1 reply 0 retweets 1 like -
Replying to @MalwareJake
Yup. I wonder whether 1) This is real worry 2) We're in tit for tat v tech cos 3) This is abt blinding co that will find NSA toys
2 replies 0 retweets 0 likes -
Replying to @emptywheel @MalwareJake
Whatever else one thinks abt WannaNyetPetra, they demonstrate the need to have AV visibility in all areas of the globe.
1 reply 0 retweets 0 likes
And, frankly, bc NSA can't keep its shit safe, especially AVs that recognize NSA toys in the wild.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.