×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Kaspersky Source Code In the Wild

Soulskill posted more than 3 years ago | from the somebody-get-attenborough-to-find-it dept.

Security 154

mvar writes "The source code of an older version of 'Kaspersky Internet Security' has been circulated on the internet. The code was created in late 2007 and was probably stolen in early 2008. Names contained in the source indicate that the stolen code was probably a beta version of the 2008 software package – the current release is Kaspersky Internet Security 2011. According to a Russian language report by CNews (Google translation), the code was copied by a disgruntled ex-employee. The thief has reportedly been trying to sell the code on the black market for some time, and Kaspersky says that the code archive already appeared in various private forums last November."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

154 comments

And, in other news... (1)

NewtonsLaw (409638) | more than 3 years ago | (#35061020)

And, in other news, Microsoft has released Windows 95 to rapturous applause.

Is there a difference?

How many people (perhaps apart from malware writers) will really be affected by this disclosure of the source for some 4-year-old software?

Re:And, in other news... (4, Insightful)

nicholas22 (1945330) | more than 3 years ago | (#35061058)

This probably comes as news to you (you're not a developer, are you?) but when you build new software, you basically build upon older code. So yes, even the extreme scenario you talk about, would cause some headaches to Microsoft.

Re:And, in other news... (1)

armanox (826486) | more than 3 years ago | (#35061148)

Not as much as you imply, seeing that the DOS-based platform and Windows 9x were both abandoned in favor of the NT-based platform (which traces back to OS/2).

Re:And, in other news... (1)

joshki (152061) | more than 3 years ago | (#35061260)

NT actually traces its roots to VMS, not OS/2...

Re:And, in other news... (1)

belmolis (702863) | more than 3 years ago | (#35061314)

The designer of NT came from a VMS background but NT was not based on VMS code.

Re:And, in other news... (1)

commodore6502 (1981532) | more than 3 years ago | (#35061456)

>>>The designer of NT came from a VMS background but NT was not based on VMS [or OS/2] code.

FTFY. And Netscape's designers came from their previous creation Mosaic for Amiga, Mac, and PC, but Netscape was not based on Mosaic code. Many moons later the Mozilla Suite spun-off from the never-released Netscape 5, and eventually became Seamonkey, but lo the users were not happy with Seamonkey's bloat, so they split-off the browser half and called it Firefox. And it was good.

Thus spake the book of mozilla. (Meanwhile I continue to believe Internet Explorer never actually existed, despite claims that it was released with Windows 95 Service Pack 1.) (And netscape devolved to a low-end dialup service: http://www.getnetscape.com/ [getnetscape.com] )

Re:And, in other news... (1)

DarkOx (621550) | more than 3 years ago | (#35061810)

Not really, the old Navigator was just called the Mozilla suite until Firefox shipped. The Seamokey project is run by a group that still wanted to continue development of the suite, which by the way is now no bigger than today's bloaty Firefox, used the same engine so displays pages exactly as well but offers more features and is an all around SUPERIOR browser. Firefox was good when it was actually smaller but these days is pretty pointless. What the should do is keep the FF name because its well marketed drop the FF and TB projects and rebrand Seamonkey as Fire Fox.

Re:And, in other news... (0)

Anonymous Coward | more than 3 years ago | (#35061890)

Ironically, before Seamonkey 2.0, it was FASTER than Firefox itself and less buggy. Why they adopted the so called "faster rendering" that's slower and bloated back into Seamonkey for 2.x I have no idea. Probably some placebo of marketing.

Seamonkey 1.x FTW! Plus, it's the most modern browser you can run on Windows 95. 2.x requires 2000/XP because they're a holes.

Re:And, in other news... (1)

joshki (152061) | more than 3 years ago | (#35061888)

There are a whole lot of people who disagree with you. NT was VMS, reimplemented.

Re:And, in other news... (1)

DarkOx (621550) | more than 3 years ago | (#35061786)

That may be so, but its not the bottom in kernel level stuff anyone is interested in the Windows code base leaking for (well some crackers and other criminals might be) there are plenty of FOSS kernels that are every bit as good on NT to choose from. What's good about Windows is the stack of libraries. Lots of those are present in WIndows 9x and the complete source to Windows 95 even today would be of great use to someone who wanted to support win32 subsystems on top of some other platform.

Re:And, in other news... (1)

calzakk (1455889) | more than 3 years ago | (#35061338)

Not necessarily true. I worked for an AV company several years ago. While the legacy product was in maintenance, a completely new version was in development and used very little code from the original product.

Re:And, in other news... (4, Informative)

hairyfeet (841228) | more than 3 years ago | (#35061184)

Actually MSFT releasing the Win9X source would be WONDERFUL news, because if you haven't tried it Win9X can make a great embedded OS [embeddingwindows.com] with better driver support and lower specs than pretty much any embedded OS out there.

And as for why anyone would care about TFA, that's simple: Often you don't "throw the baby out with the bathwater" and significant portions of the code will be reused. This means the black hats pretty much have a roadmap to use to trash Kaspersky AV. Even if they didn't use much of the previous code it most likely will allow them to see how the Kaspersky AV team treats PC resources like memory, giving them a good idea of where the weak spots are. Bad news for Kaspersky users I'd say.

Re:And, in other news... (0)

commodore6502 (1981532) | more than 3 years ago | (#35061628)

Embedded OS? Why not just run DOS and get rid of the Windows shell?

We used VxWorks on our Pentium-based system.

Re:And, in other news... (1)

Samantha Wright (1324923) | more than 3 years ago | (#35061634)

That page you linked to is insane. "Enhanced security"? From Windows 9x and its legendarily bad TCP stack, not likely. "Advanced next generation hardware support"? What about all those WDMI-only drivers from the current generation, guys? Or using more than 256 MB of RAM? Or a hard drive with more than 20 GB capacity? It's schizophrenia at its best!

Re:And, in other news... (1)

Sarten-X (1102295) | more than 3 years ago | (#35062122)

Right... Because the computer I built as a recipe box for my kitchen certainly needs 8 GB of RAM, 3 TB disk space, and a video card that can ray-trace 1080p in real time.

Re:And, in other news... (1)

Samantha Wright (1324923) | more than 3 years ago | (#35062746)

So what are you trying to say? That a Win98 box is "next generation" compared to most embedded systems? 'cause otherwise, the fact stands that the EOS guys are spinning total BS.

Re:And, in other news... (1)

h4rr4r (612664) | more than 3 years ago | (#35062756)

No but it should be running a better OS. No issue at all getting linux into something like that, pretty common in the embedded world already.

Re:And, in other news... (0)

Anonymous Coward | more than 3 years ago | (#35061782)

That page is the most ridiculous thing I've read in a while. "enhanced security"... from Windows 9x... hahah

Re:And, in other news... (1)

davidshewitt (1552163) | more than 3 years ago | (#35061788)

Embedding Win9X does not sound like a good idea security-wise if the device is going to go anywhere near the internet.

Re:And, in other news... (1)

hairyfeet (841228) | more than 3 years ago | (#35062200)

Why is that? We are talking about an embedded OS not some desktop where you could surf with the thing. Most likely you would simply have a VPN connection to the main server to say process CC info for a purchase. And don't forget we are not talking vanilla Win9X but a stripped down version with only enough files/features to run the single app you are using it for.

So I think you and the rest of the guys here are looking at it the wrong way. You can't judge this by running vanilla win9X on the net because the thing would only go to a single address and perform a single function so you would have to physically hack the machine or break into the corporate network from the other side, no different than any other kiosk.

Re:And, in other news... (1)

h4rr4r (612664) | more than 3 years ago | (#35062778)

Still no reason to go adding the risks that come with win9x. Lots of better options available.

Re:And, in other news... (3, Insightful)

Beardo the Bearded (321478) | more than 3 years ago | (#35061246)

Here's the thing.

The people who write malware already have this code. They might not have the C source, but they've got a good handle on the IO flow and undoubtedly have it in assembly. Is this a game-changer for the malware writers? Not even remotely. Even if this was the source code for the latest version from 2011, it wouldn't change anything.

"They" have access to the exact same software that we have. They can download Avast! or AVG or Kaspersky or MSE and write the malware to be untraceable under those security suites. Hell, if they really wanted it they could find disgruntled employees or cleaning crews and get access to the repositories for cash monies.

Well (1)

zoomshorts (137587) | more than 3 years ago | (#35061022)

This may lead to a better version, but I think not. Dr. Kaspersky is much better than most at detecting stuff than most. False positives included.
McLaughee and Norton are douche bags across the board. Tireless self-promoters as it were. Now if Frans Veldman would ressurect ThundetByte.
We can only hope.

Pretty useless now (4, Interesting)

ArchieBunker (132337) | more than 3 years ago | (#35061026)

Code to a 4 year old anti virus app, whats that going to be worth? Kaspersky was great until a few years ago. Then one release made my parents older p4 system near unusable. It went from firefox loading in a few seconds to close to 30 seconds. Forums were filled with the same complaints and no real fixes. I changed to Avast and its been great.

Re:Pretty useless now (1)

nicholas22 (1945330) | more than 3 years ago | (#35061098)

Avira is also good. But Kaspersky is even better. You should use it with more modern hardware. Otherwise stick with Avast and all is good.

Re:Pretty useless now (1)

triffid_98 (899609) | more than 3 years ago | (#35063150)

I used to be a big fan of Kaspersky, but their 2010 update is a real piece of junk. A failed update should not cause a corrupted database that it can't rollback from. It also should not give up and force you to manually download updates from their support website.

And yet this exact thing kept happening every few months like clockwork until I gave up and dumped it. When it worked, it worked very well, but dang.

Re:Pretty useless now (2)

giorgist (1208992) | more than 3 years ago | (#35061178)

Simply it would be interesting to see if they have an GPL code or any questionable code in there.
Open source using companies can be procecuted if the wrong thing slips in.
Closed source companies can't be ...

See Oracle Vs Google.

G

Re:Pretty useless now (1)

h4rr4r (612664) | more than 3 years ago | (#35062802)

Sure they can. Quite common to run strings against binaries to see what you get. The busybox folks have sued more than one closed source vendor.

I just stopped using anti-virus (1)

blahbooboo (839709) | more than 3 years ago | (#35061196)

I changed from XP to Windows 7 and skipped anti-virus on my computer. Gmail screens all my documents I receive for viruses, chrome browser has pretty good security, applications I download are from legitimate sources, good backup and archiving, and the occasional malwarebytes scan (yet to find anything in 18 months). Why did I go this route? Well I found I had malware despite having a fully updated Mcafee AV on my XP computer. I realized safe computing and a modern OS would likely be enough for an educated user -- thus far it has been.

Re:I just stopped using anti-virus (3, Informative)

Opportunist (166417) | more than 3 years ago | (#35061346)

It's a very good start. Brain 1.0 is still the best virus scanner out there.

Still, there are threats that can't be defeated that way. Scenario: Exploit in a major flash application that affects all possible plugins (since they are essentially the same with different interfaces to the browser), an iframe hidden in a webpage on a, say, hotel homepage you happen to visit because you are planning your vacation, infection complete. If you happen to dislike plugins, browsers themselves can have their loopholes (IIRC the MHTML hole already made it to /. today), not to mention that browsers do also rely on APIs in the end, which are the same, no matter what browser you use.

I'm not saying get a AV tool. All I say is that there are still vectors you cannot defeat just by being careful. A system's security is the minimum of the user's and the system's ability. Not the average.

Re:I just stopped using anti-virus (1)

blahbooboo (839709) | more than 3 years ago | (#35061544)

It's a very good start. Brain 1.0 is still the best virus scanner out there.

Still, there are threats that can't be defeated that way. Scenario: Exploit in a major flash application that affects all possible plugins (since they are essentially the same with different interfaces to the browser), an iframe hidden in a webpage on a, say, hotel homepage you happen to visit because you are planning your vacation, infection complete. If you happen to dislike plugins, browsers themselves can have their loopholes (IIRC the MHTML hole already made it to /. today), not to mention that browsers do also rely on APIs in the end, which are the same, no matter what browser you use.

I'm not saying get a AV tool. All I say is that there are still vectors you cannot defeat just by being careful. A system's security is the minimum of the user's and the system's ability. Not the average.

I also use Flash Block :)

You do make a very good point about flash as is your point that nothing is ever full proof. I felt after having done the "right thing" and getting malware, coupled with Mcafee not even allowing me to uninstall it completely, I was sick of the game and decided to try Brain 1.0.

Re:I just stopped using anti-virus (0)

Anonymous Coward | more than 3 years ago | (#35061820)

I almost googled "Brain 1.0". Almost.

Re:I just stopped using anti-virus (1)

calzakk (1455889) | more than 3 years ago | (#35061378)

Consider this: the legitimate source's website is hacked, and all its downloads are infected with new malware not yet seen in the wild. This remains unnoticed for several days, during which time the malware has been downloaded by hundreds or even thousands of users. By the time the AV companies get a sample, it's too late for all those downloaders...

Re:I just stopped using anti-virus (1)

blahbooboo (839709) | more than 3 years ago | (#35061514)

Consider this: the legitimate source's website is hacked, and all its downloads are infected with new malware not yet seen in the wild. This remains unnoticed for several days, during which time the malware has been downloaded by hundreds or even thousands of users. By the time the AV companies get a sample, it's too late for all those downloaders...

Sure these things can happen. But they are very rare. Risk am willing to take over the slow down AV software packages add to my nice clean system

Re:I just stopped using anti-virus (4, Insightful)

steelfood (895457) | more than 3 years ago | (#35061724)

But that's not what an AV is for, despite the industry trying to market it as such. Antivirus software is reactionary. The company has to receive an unknown virus and analyze it before they can put the virus in the next definition file update. And any heuristics module included is typically useless against all but the most basic attacks.

AV is at best a catch-all for uncontrolled or uncontrollable situations. Office computers, shared family home machines, etc. that are subject to illogical users' whims would benefit from AV. But AV cannot stop zero-day exploits, cannot prevent malicious JS, and is completely useless against a determined attacker with physical access to a machine.

Proper computer security addresses each attack vector separately. A properly-configured software firewall will take care of most of the threats though the network. In fact, hiding behind a NAT will take care of 99% of the zero-day threats; whitelisting outbound traffic is just good security practice. Noscript and safe surfing habits will guard against anything coming in through the browser. Obviously, preventing unauthorized physical access to the system requires physical security.

All AV will do is maybe stop that infected autorun from your kid's buddy's flash drive, or delete that exe file you accidentially downloaded from a questionable site you were surfing. But that's what's it's really there for:all the cases you don't really know or expect to have to guard against.

Re:I just stopped using anti-virus (1)

Haedrian (1676506) | more than 3 years ago | (#35062074)

Not recommended.

A bunch of malware nowadays appears on:

1. Hacked Websites
2. Advertising

Yeah, if you disable JavaScript and Flash you might have a 'safe experience'. But then if your favourite news website gets hacked, you'll catch a virus.

Its not worth it , truly. Or, your flash drive might get infected from someone (there was a printing bureau which actually had this sort of worm on their pcs - infected tons of people).

Re:Pretty useless now (0)

Anonymous Coward | more than 3 years ago | (#35061226)

Yeah man, anything that doesn't run well on a pentium4 with 512ram, alongside every piece of software/game (malware/spyware) that your parents archived to their computer over the last 6 years must be junk software. I mean why should your parents have to upgrade their computer just because everyone else does? You should have them go back to the version of Kaspersky that this topic references. I'm sure it will be a much better match for the performance characteristics of their hardware.

Re:Pretty useless now (1)

Patch86 (1465427) | more than 3 years ago | (#35062004)

I know it's never likely to be popular on these message boards, but I've actually been having a good experience with Microsoft Security Essentials on the one machine I've tried it on. I've got other machines with AVG Free and avast! on, and MSE has come across relatively simple and light-weight. I'm told it has reviewed pretty well in AV testing too.

Not that I have any complaints from any of the main free AV programmes I've used, but it's nice to see another decent option in the line up.

Pay developers more! (4, Funny)

nicholas22 (1945330) | more than 3 years ago | (#35061036)

Another disgruntled employee. I wonder why he is disgruntled...

Stolen?? (5, Funny)

Jaxoreth (208176) | more than 3 years ago | (#35061042)

I wish them luck recovering it so they don't have to rewrite it from scratch.

(Copyright infringement is not theft.)

Re:Stolen?? (1)

nicholas22 (1945330) | more than 3 years ago | (#35061082)

Bhahahaha, what are you smoking man? What on earth makes you think they would rewrite everything?? This is the real world.

Re:Stolen?? (2)

amiga3D (567632) | more than 3 years ago | (#35061342)

Why.....if their source code was stolen then they don't have it anymore. If their source code is gone they will have to rewrite it. Unless they recover it somehow.

Get it yet?

Re:Stolen?? (0)

Anonymous Coward | more than 3 years ago | (#35061354)

Bhahahaha, what are you smoking man? What on earth makes you think they would rewrite everything?? This is the real world.

You're a reactionary fucktard who can't be bothered to understand something before he responds to it.

See how fucked up of a nation the USA is? Yeah, that's because most of its population has become just like you.

Re:Stolen?? (1)

onkelonkel (560274) | more than 3 years ago | (#35061640)

"You keep using that word. I do not think it means what you think it means."

Reactionary - extreme conservatism or rightism in politics; opposing political or social change.

Re:Stolen?? (0)

Anonymous Coward | more than 3 years ago | (#35061842)

"You keep using that word. I do not think it means what you think it means." Reactionary - extreme conservatism or rightism in politics; opposing political or social change.

First rule of Slashdot: never, ever miss a chance to "score an easy victory" by nitpicking something while missing the actual point being made. Got to look superior to someone to feel better about yourself, after all. That's easier than uplifting yourself, isn't it?

Here's something I think you will appreciate: you used a hyphen ("-") when the grammatically correct punctuation for that usage is a dash ("--"). You keep using that English language. I do not think you have mastered it enough to worry about what other people are writing.

If I were like you I'd enjoy some kind of smug satisfaction from having found fault.

Re:Stolen?? (0)

Anonymous Coward | more than 3 years ago | (#35061582)

He tried to make a point, copying intellectual property is not theft. I'm guessing you are new here...

Re:Stolen?? (0)

Anonymous Coward | more than 3 years ago | (#35061104)

An awesome comment. I wish I had mod points. Or an account for that matter.

Re:Stolen?? (1)

Opportunist (166417) | more than 3 years ago | (#35061364)

I bet now they wish that software could be multiplied easily. If that was only possible, I'd have this great idea where you could create a copy of your software, then store it somewhere safe in case some thief gets in, empties out your servers and makes it away with that big bag with that huge $$ sign on it.

I'll be rich when this finally becomes possible!

Dammit, I should have patented it before posting here...

Re:Stolen?? (3, Insightful)

gilbert644 (1515625) | more than 3 years ago | (#35061736)

Here's another one: Identity theft. Language evolves. Deal with it.

Re:Stolen?? (1)

Jaxoreth (208176) | more than 3 years ago | (#35061930)

Here's another one: Identity theft. Language evolves. Deal with it.

Calling copyright infringement theft is a deliberate attempt to equate infringers with criminals (or the result of having been influenced by same) -- not an accidental evolution of language -- whereas identity theft is, in fact, a crime.

Furthermore, if someone copies your code then at worst you've "lost sales" but at least your program still works. If someone steals your identity, then your identity itself is compromised (in its function as a unique identifier) and your ability to use your identity is reduced. So yes, you have lost something, and 'theft' is not an inappropriate term.

Re:Stolen?? (1)

DittoBox (978894) | more than 3 years ago | (#35062392)

The legal and economic definitions of theft indicate the loss of a physical item. If I steal something from a store, that item needs to be replaced. If I infringe your copyright by downloading your music, you've at worst lost a sale. The economic impact is a lot less because you're not actually losing real goods that already have work invested into them.

Is it wrong? Yes.
Does it suck? Yes.
Is it a theft. No.

Re:Stolen?? (0)

Anonymous Coward | more than 3 years ago | (#35063270)

> Here's another one: Identity theft. Language evolves. Deal with it.

Identity theft is where they impersonate you in order to steal from someone or to frame you for something. You lose the use of your good name (not to mention any cash they happen to steal).

But I do understand your broader point. That's why I came up with the term "imaginary property" to better convey my thoughts on the matter.

The bad news is (1)

cyberfin (1454265) | more than 3 years ago | (#35061044)

Kaspersky users might need to think about ditching their antivirus. The good news is Ubuntu will welcome them with open arms.

Re:The bad news is (0)

Anonymous Coward | more than 3 years ago | (#35061074)

Until they need help and get trolled on forums for not RTFM N000B LOL

Re:The bad news is (1)

MonsterTrimble (1205334) | more than 3 years ago | (#35061228)

What? Actually, the Ubuntu Forums are very clean and helpful. I have never seen anyone badmouth somebody.

Oh wait, you wanted to be fed.. My bad.

Re:The bad news is (1)

Opportunist (166417) | more than 3 years ago | (#35061392)

You don't spend much time on Ubuntu boards, do you?

I've seen questions that make me cringe (after years and years of support, you usually can stomach even questions that eventually lead up to "Are you really, really sure it is plugged in?"), but the people there answer even the tenth identical question with the same stoic patience as the first time.

I can't remember seeing a RTFM or LMGTFY on a Ubuntu board.

Re:The bad news is (0)

Anonymous Coward | more than 3 years ago | (#35061158)

why do you guys keep insisting unix/linux is the answer?????

SECURITY IS JUST A STATE OF MIND

Re:The bad news is (1, Insightful)

Beardo the Bearded (321478) | more than 3 years ago | (#35061316)

You know what?

Ubuntu can get viruses just as easily as other OSes. The Apache servers that control botnets aren't running IIS. Wine is a weak point, and Flash is a cross-platform single-point-of-failure. How many times have you blindly added a repository based on what some random untrusted person on the Internet tells you to do? I know I have.

The only reason that it's not as 0wn3d as Windows is that Windows was easy pickings and has huge market share. Now the bad guys are going to focus on smartphones because that's where the easy targets are. (A computer that's always on, is usually glitchy, and you can't look around in it because the telcos lock it down from you? Awesome!)

Selling Ubuntu as a secure OS is simply incorrect. It's more secure by virtue of both user capabilities and user-only access, but anything that is connected to the Internet is always subject to OMGPWNIES.

If you are going to use Windows, apparently the best AV is MSE.

Re:The bad news is (1)

Anonymous Coward | more than 3 years ago | (#35061398)

Certain people keep saying the only reason there's no such thing as Linux malware is market share.
The fact that applications running on Linux can't alter system files has absolutely nothing to do with it.
Prove it. Release your exploit already.

BTW, Wine is notoriously bad at running malware.

Re:The bad news is (2)

sqlrob (173498) | more than 3 years ago | (#35061478)

Drop an executable in ~, change ~/.profile and ~/.bashrc to put those directories first, pwned.

Easy to clean, true, but if you're not looking for it, it's not there. Also defeatable by mounting home noexec but how many user installs do that?

Re:The bad news is (0)

Anonymous Coward | more than 3 years ago | (#35061426)

Humor. It's free and it's good for you. If mine was a bad joke, criticize accordingly.

Re:The bad news is (0)

commodore6502 (1981532) | more than 3 years ago | (#35061500)

>>>Ubuntu can get viruses just as easily as other OSes

Hey!

Linux fans - Can I use Ubuntu Live CD to virus-check my Windows XP partition? It goes to desktop and then freezes almost immediately. Or - can I get a Virus program to run off a floppy?

Re:The bad news is (1)

Anonymous Coward | more than 3 years ago | (#35061706)

You seem to be confused about how botnets are currently being controlled.

Hint: It's not through Apache.

Re:The bad news is (0)

Anonymous Coward | more than 3 years ago | (#35062178)

'Beardo The Bearded' learn how to think, so you will will stop believing all the BS.
first if you use window, dont surf the web as administrator. if you using {basic, home, or premium} you cant configure your system to keep out the corporate maffia from installing microsoft sanctioned spyware. If your going to use windows you have to use ultimate so you can at least try to close all the open doors in the OS, yet you'll only discover that all your efforts were futile because of some 3 year old exploit. Also i dont think you know what ativirus software is so i'll try to briefly explain;#1 scan all software on intire system, #2 send this information back to the developer. #3 developer knows all about your porn and iligal software. #4 developer sells this information to law inforcment, record industry, etc.. #5 frighten the user to keep the A.V. software. #6 tell the user a virus was found..
why did Intel buy McFee? because with av software you have a real-time look at all the software on millions of peoples computer. with this informations any piece of software can be located or stop from being distributed accross the network. All the file signiture from millions of peoples computers are stored, and only what is tolorated will be allow over the network. welcome to the new world order, you are infected?

Re:The bad news is (0)

Anonymous Coward | more than 3 years ago | (#35062958)

Ubuntu can get viruses just as easily as other OSes. The Apache servers that control botnets aren't running IIS. Wine is a weak point, and Flash is a cross-platform single-point-of-failure. How many times have you blindly added a repository based on what some random untrusted person on the Internet tells you to do? I know I have."

Ubuntu getting viruses? Yeah, maybe, if you're really (un)lucky. But just as easily as other OSes? Eh... no, if only partially because you'll be a smaller target, and if you do get something... it will only have user-level privileges. It will not be able to infect other users' files, which aren't permissible to access by the infected user. To make it more difficult to even get infected in the first place, the file must be given executable permissions, or be extracted from an archive retaining all of its read/execute bits, before being executed. So no, it is *not* "just as easy" to get infected.

Want to be safe? Avoid using Wine, and if you must use it, ONLY USE KNOWN-SAFE WINDOWS PROGRAMS. Do a Web search to see if a program is safe, or use an anti-virus program (there are some free virus scanning services online, and check appdb.winehq.org for Wine compatibility). Avoid Flash as much as possible; only install it if absolutely 100% required, and use NoScript to eliminate the chances of some unknown and/or untrusted site from fucking with your system. Only allow those sites you trust to use scripting, and only if required to use the site's full functionality.

As for "blindly adding a repository based on what some random untrusted person on the Internet tells you to do"... no, sorry, I don't recall ever doing that. Aside from the distro's official repos, I might add its community-supported and non-free repositories, maybe the official nVidia/Opera/Chrome ones, and for multimedia either Debian Multimedia or MediBuntu. You're fucking nuts and deserve to get fucking owned if you do what I paraphrased you saying above (and yet you said... and I'm quoting you again... "I know I did."). ALWAYS stick to OFFICIAL and/or TRUSTED repositories. *ALWAYS*. Otherwise, really, you might as well just go back to using Windows. The security "problems" are the user in this situation, simple as that. NOT the OS.

The only reason that it's not as 0wn3d as Windows is that Windows was easy pickings and has huge market share. Now the bad guys are going to focus on smartphones because that's where the easy targets are. (A computer that's always on, is usually glitchy, and you can't look around in it because the telcos lock it down from you? Awesome!)

Windows also has a long and recent history of being extremely poorly coded in terms of security, from its single-user origins as DOS to strong design preferences towards automation and ease of use. Add to that Win32 with all of its vulnerabilities, patches over patches, hacks, and other garbage, which prevents even the NT series from completely escaping its disgusting roots of DOS/Win9x.

So this leaves post-XP Windows (Vista, 7), which you will probably bring up, with their supposedly more secure design including UAC. And originally, if asked maybe a year ago, I would say that these two successors are a major step up over XP. But in reality, I've found that they can just as easily be fucked up, and just as much, as their notoriously-insecure predecessor. I've seen some Vista and 7 machines every bit as fucked up as I've seen XP and previous releases in the Win9x line.

Re:The bad news is (0)

Anonymous Coward | more than 3 years ago | (#35062684)

Are you kidding?? I tried to install ubuntu 10.10 today. It crashed twice during install and once after install...

3 hours later it asked for 241 updates!! It's only a 3 month old build and it wants 241 updates??!

Already deleted it again. I'll take Windows 7 over that homebrew crap any day.

Copied, not stolen... (1)

Anonymous Coward | more than 3 years ago | (#35061156)

"The source code of an older version of 'Kaspersky Internet Security' has been circulated on the internet. The code was created in late 2007 and was probably copied in early 2008. Names contained in the source indicate that the copied code was probably a beta version of the 2008 software package - the current release is Kaspersky Internet Security 2011. According to a Russian language report by CNews (Google translation), the code was copied by a disgruntled ex-employee. The copier has reportedly been trying to sell the code on the black market for some time, and Kaspersky says that the code archive already appeared in various private forums last November."

Now, isn't that better?

Re:Copied, not stolen... (0)

halivar (535827) | more than 3 years ago | (#35061330)

Everybody here understands exactly what happened. Nobody cares about the semantics. You have contributed nothing.

Re:Copied, not stolen... (0)

Anonymous Coward | more than 3 years ago | (#35061462)

You've contributed far less.
Regardless of who cares about the semantics, they are still important.

Re:Copied, not stolen... (0)

Anonymous Coward | more than 3 years ago | (#35061416)

Not really, he copied it without the owners permission which is stealing.

steal - take (another person's property) without permission or legal right and without intending to return it.

Seems like he did indeed steal it.

If I take an apple from your apple tree is that stealing? It's just a copy of the original apple that the tree grew from (you have the tree still), but the fact is it was made from your resources.

Likewise a copy of source code can only be made using the owners resources, so if someone makes a copy they are in fact taking resources from the owner without their consent - which is called stealing. The fact that the original source code is still there does not detract from the undeniable fact that it is impossible to make a copy without using electricity, CPU cycles and probably the employees time... all of which are the property of the original owner.

Re:Copied, not stolen... (0)

Anonymous Coward | more than 3 years ago | (#35061494)

If I take an apple from your apple tree is that stealing?

If I copy your apple tree entirely using a replicator then take an apple, is that stealing? What have you lost?

Re:Copied, not stolen... (0)

Anonymous Coward | more than 3 years ago | (#35061730)

if someone makes a copy of your car without your permission you still have your car.

Re:Copied, not stolen... (0)

Anonymous Coward | more than 3 years ago | (#35061424)

I feel your pain. However this is where the bread analogy fumbles.

When closed-source source code has an unauthorized release, it's no longer closed-source. That bread is gone, and a new loaf has to be made to market. The string of ones and zeros is no longer what it was -- their value has been stolen.

Re:Copied, not stolen... (1)

exomondo (1725132) | more than 3 years ago | (#35062272)

We all know what 'stolen' means in the context of data, it means 'copied without permission of the owner', im sorry you fail to understand that.

or (0)

Anonymous Coward | more than 3 years ago | (#35061278)

everyone change to a real operating system and forget about viruses altogether.

Re:or (2)

Opportunist (166417) | more than 3 years ago | (#35061506)

Linux is not inherently more secure. Why would it be?

You might notice now and then that an exploit gets discovered in a Linux program. BIND and sendmail have for some time been the poster child for "yet another Linux security hole". Even BIND 9 has its issues. Now, why BIND and sendmail? Are they so horribly insecure compared to the rest of the system?

No. But compromising them is profitable. Simple as that.

Likewise, finding security holes in Windows is profitable. The average Windows user is less clued than the average Linux user. And that's not up for discussion. Not because Linux would need more knowledge, simply because to use Linux you'd first of all have to know it exists, something the average Joe Randombrowser doesn't even know, or he mistakes Linux for some sort of odd interface that runs on top of Windows.

Porting all those Joes to Linux now does not solve the problem. Because the problem stays the same: As long as users allow everything, disable all security and hand over root credentials to any program in exchange for Dancing Pigs [wikipedia.org], the system is powerless to defend against this.

And THIS is the core problem of security today. Not a hole in the technical security, it's a hole in the user's ability and awareness of security.

If you now move all those Joes to Linux, all that will change is that the same kind of malware crap we see today for Windows will start to pop up for Linux. The only reason why there is not more malware for Linux is simply that the market is too small. It's a bit like the game market. Why is there not more games for Linux? Simple: More money in making games for Windows. Simply because it's a bigger market.

Like Netscape.... (1)

mr_lizard13 (882373) | more than 3 years ago | (#35061712)

Like Netscape, who released their source code so a bloated, unwieldy application could be improved upon and re-released as something that's actually functional, it seems Kaspersky are following suit. Good on them.

Someone... (1)

Windwraith (932426) | more than 3 years ago | (#35061874)

Someone check this out to see the quality of this closed code!
Code quality is often a excuse for commercial software to sell VS OSS, and I am interested on how "higher" the quality of this stuff is.

Great Scot! (0)

Anonymous Coward | more than 3 years ago | (#35062468)

I'd be curious as to how many backdoors it may contain.

here is the source code: (5, Funny)

rent (66355) | more than 3 years ago | (#35062898)

I visited some of these forums today, and fair enough.. the source code is there. Here is what I found:

#include <stdio.h>
#include <kaspersky.h>

char make_prog_look_big[1600000];

main()
{
   if (detect_cache())
      disable_cache();

   if (fast_cpu())
      set_wait_states(lots);

   set_mouse(speed, very_slow);
   set_mouse(action, jumpy);
   set_mouse(reaction, sometimes);

   printf("Please wait, Kaspersky is scanning your computah)\n");

   if (system_ok())
      crash(to_dos_prompt);
   else
      system_memory = open("a:\swp0001.swp", O_CREATE);

   while(1) {
      sleep(5);
      scan_a_single_file();
      sleep(5);
      update_progress_bar();
      sleep(5);
      if (rand() < 0.9)
         crash(complete_system);
      }
      return(unrecoverable_system);
   }

}
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...