Home » Posts tagged "antivirus"

以色列黑了 Kaspersky 的系統,然後通報美國機密資料外洩...

前幾天在「俄羅斯政府透過卡巴斯基的漏洞,偷取美國國安局的文件」這邊提到了俄羅斯是透過 Kaspersky 的漏洞取得,後續又有些消息揭露出來了...

這件事情會被抓包,是因為以色列黑進去 Kaspersky 的系統 (???),然後發現美國的機密資料外洩 (??????),於是通報盟友美國後追查出來的 (?????????):「Israel hacked Kaspersky, then tipped the NSA that its tools had been breached」。

這過程是殺小 XDDD

俄羅斯政府透過卡巴斯基的漏洞,偷取美國國安局的文件

這下知道為什麼美國政府要直接禁用 Kaspersky 了:「Russian Hackers Stole NSA Data on U.S. Cyber Defense」。如果看不到 WSJ 的文章,可以看「Russia reportedly stole NSA secrets with help of Kaspersky—what we know now」這邊。

最近的事件被發現與 Kaspersky 的漏洞有關:

The hackers appear to have targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said.

加上 Kaspersky 有濃厚的俄羅斯官方色彩 (關係良好),以及法令上與技術上都有可能性要求 Kaspersky 協助。雖然這次事件是合約工家裡電腦用 Kaspersky 造成的,但已經有足夠的風險讓美國政府決定開鍘下令完全禁用了:

For years, U.S. national security officials have suspected that Kaspersky Lab, founded by a computer scientist who was trained at a KGB-sponsored technical school, is a proxy of the Russian government, which under Russian law can compel the company’s assistance in intercepting communications as they move through Russian computer networks.

關於防毒軟體...

這篇的標題真直接 XDDD:「Disable Your Antivirus Software (Except Microsoft's)」。

其實差不多跟作者提到的一樣,防毒軟體的功用真的很少。真的要執行來路不明的檔案時 (或是確定會有一堆 malware 的中國軟體時 XDDD),應該要丟到其他的 vm 裡面隔離,甚至是另外一台實體機器,而非靠防毒軟體擋下。

實在是有太多防毒軟體來亂了,為了達成目的把本來的安全設計打掉,然後再加上自己有問題的設計...

Avast 買 AVG

AvastAVG,這兩家都不小:「Avast acquires rival AVG for $1.3 billion to create a security software giant」。

文章開頭提到的交易的形式與金額:

Security software giant Avast Software has acquired rival AVG Technologies. Avast will pay $25 cash for each of AVG’s outstanding ordinary shares in a deal amounting to around $1.3 billion.

兩家也都放了新聞稿:

AVG 更新隱私條款,以便能夠蒐集使用者的搜尋紀錄並且賣給其他人

在「AVG can sell your browsing and search history to advertisers」這邊整理的比較清楚:

The updated policy explained that AVG was allowed to collect "non-personal data", which could then be sold to third parties.

或是抓原文:

Do you share my data?

Yes, though when and how we share it depends on whether it is personal data or non-personal data. AVG may share non-personal data with third parties and may publicly display aggregate or anonymous information.

新的條款會在今年 (2015) 的十月十五日生效。

Archives