POPULAR SECURITY SOFTWARE CAME UNDER RELENTLESS NSA AND GCHQ ATTACKS

GLENN GREENWALD's (Snowden's pal) Firstlook.org The Intercept ^ | June 22 ,2015 | ANDREW FISHMAN AND MORGAN MARQUIS-BOIRE

[rickyrikardo]

The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden.

The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software. One security software maker repeatedly singled out in the documents is Moscow-based Kaspersky Lab, which has a holding registered in the U.K., claims more than 270,000 corporate clients, and says it protects more than 400 million people with its products.

British spies aimed to thwart Kaspersky software in part through a technique known as software reverse engineering, or SRE, according to a top-secret warrant renewal request. The NSA has also studied Kaspersky Lab’s software for weaknesses, obtaining sensitive customer information by monitoring communications between the software and Kaspersky servers, according to a draft top-secret report. The U.S. spy agency also appears to have examined emails inbound to security software companies flagging new viruses and vulnerabilities.

The efforts to compromise security software were of particular importance because such software is relied upon to defend against an array of digital threats and is typically more trusted by the operating system than other applications, running with elevated privileges that allow more vectors for surveillance and attack. Spy agencies seem to be engaged in a digital game of cat and mouse with anti-virus software companies; the U.S. and U.K. have aggressively probed for weaknesses in software deployed by the companies, which have themselves exposed sophisticated state-sponsored malware.

[Swordmaker]

NSA has been targeting commercial anti-virus for their own purposes such as tracking users. There's a good reason why I have been telling all Mac users to NOT user any third party AV, it turns off Apple's own built in protection, which would open you up to such NSA shenanigans!

""Anti-virus software is an ideal target for a would-be attacker, according to Joxean Koret, a researcher with Coseinc, a Singapore-based information security consultancy. “If you write an exploit for an anti-virus product you’re likely going to get the highest privileges (root, system or even kernel) with just one shot,” Koret told The Intercept in an email. “Anti-virus products, with only a few exceptions, are years behind security-conscious client-side applications like browsers or document readers. It means that Acrobat Reader, Microsoft Word or Google Chrome are harder to exploit than 90 percent of the anti-virus products out there.” "

— PING!

Apple and every computer security Ping!

If you want on or off the Mac Ping List, Freepmail me.

[itsahoot]

I do this stuff for a living

Which the adds or the security?

[rarestia]

Been saying this very thing for years. We trust anti-virus software to protect us, but it’s often the most dangerous to the user when turned against the system itself. I’ve seen this happen with older versions of AVG, for instance.

On the other hand, application developers at Adobe, Microsoft, Google, and myriad other development farms have fortified their software to prevent attacks against them. I have an entire lab environment without anti-virus, because I enact strict rules that prevent email and web browsing, the most common vectors for infection and attack.

Malware is a bigger threat nowadays. No one writes viruses except for government entities, because people have grown accustomed to questioning everything. Back doors are so passé!

[rarestia]

gmail for sure does this.

There's part of your problem. If you trust Google in any way: gMail, Google searches, even Android-based phones, you are subject to monitoring. Google is about as evil as they come.

[citizen]

And, just who will watch the Watchers??

[null and void]

trust Russian software more than your own government

I use Avast.

*Sigh*

[null and void]

At no point in history has any government ever wanted its people to be defenseless for any good reason ~ nully's son

The biggest killer of mankind

Nut-job Conspiracy Theory Ping!

To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don't add you to the list...

[DuncanWaring]

Google is about as evil as they come.

That's been evident for at least a decade.

[mad_as_he$$]

Except they fail miserably at reverse monitoring to stop terrorist attacks.

[Darksheare]

Are you seriously trying to excuse spying on American citizens?

http://freerepublic.com/focus/f-news/3302828/posts?page=14#14

Why yes, yes you are.
There is ZERO legitimate use for spying on American Citizens.
And to date their super snoop programs have yielded exactly ZERO hits on actual bad guys.
Do you know why?
Well, for starters, our defensive organizations are prohibited from identifying the enemy, the enemy being *drumroll* MUSLIMS!

So while you go about justifying the NSA being elbow deep in your sphincter, remember that everything YOU are saying is subject to being data mined and collated while actual terrorists are given a free pass simply due to being muslim!

[Old Sarge]

Because AS WE ALL KNOW, the real threat to national security is veterans who post on FreeRepublic...

[Darksheare]

LOL, Sarge.

[hoosierham]

Should NSA be allowed to ignore all the laws against “reverse engineering “and so on” In other words is breaking the laws o.k. of the government does it?

If the government agencies are permitted to ignore the laws shouldn’t the rest of us at least KNOW?

Maybe we could just honestly declare the Constitution was a pretty impressive bunch of words meant to lull the people but meant to be ignored by those in positions of power?!

[musicman]

[Altariel]

State-worshippers gonna worship.

[Darksheare]

True.
Back forty years ago when CoIntelPro was discovered, people freaked out.

[rawcatslyentist]

Well they “the gibermunt” has been at and declared war on cannabis users for over 100 years now. It was just a matter of time till they included everybody.

[Grampa Dave]

Thanks reposting this interesting info.

We have a couple of younger relatives, who had predicted the hacking by all of those wanting to get into our data without
permission.

They are also computer experts. On their suggestions, I went to Chrome as a browser. This year, they advised using Norton’s safe search to log on to Chrome and to check out sites.

That seems to be good advice for our old HP windows 7 desktop.

On their advice, I bought Acer’s new so called portable Chromebook 15 for use in our family room and outside on our
decks because of the security of Chrome.

It is amazing with Norton’s monthly report re the high number of attempts to hack or install malware on our old HP Windows desktop.

[itsahoot]

Google is about as evil as they come.

Yes they are but you don't have to use it. Unfortunately you likely have many friends that do us it and if they write to you the you are using it by proxy. Look on Drudge today to see how effective google's facial recognition is.

[Nifster]

hmmmmm