https://www.neowin.net/news/new-apple...

I am sick of Russia connections. How about Google and their ties to the Clinton camp during the election, after Hillary said she would go after people? We know what russia is, always has been, nothing new here. Seems like we should worry about China, who controls the whole Internet via the UN now, thanks to Obama. Maybe we should worry about Iran or North Korea hacking also. I lived through the Cuban Missle years, and JFK had a handle on how to deal with Russia, the Dems use them them to get money vilify them. I worry more about liberals.

OMG! Have used nothing but a MAC for years and
now am beginning to sweat! Terrif info on this
hacking stuff but scary!

Thank you for this information. I was unaware of LUGs, but now that I know... there are several in my area (St. Louis)

I have been a bit behind the times on my own snecurity I think. Not sure what a public key block IS. I do find it very stupid to blame Russians for exposing the truthful but hidden info on Hillary. It’s the responsibility of the hackee to safeguard their info from hackers. Anyway no one is suggesting that the information that was released prior to the election was in any way inaccurate. It was what Hillary and the DNC tried to hide from the voters. I thank whoever released it actually

Sweet click-baity headline you got there.

You are absolutely correct. Linux is no more impervious to malware than any other system It just hasn't been that attractive a target. It may be that most LINUX users are more computer geeky than Windows and even MAC users so they are more alert to threats and how to avoid them. I am a member of several LINUX User Groups or LUG's and malware is a frequent topic of discussion. One of the most interesting and potentially dangerous defenses against hack attacks is the "booby trap". Several of our members have placed particularly pernicious code inside attractive looking folders.but opening them will immediately infect the hackers system with viruses and trojans that make STUXNET look like a sniffle.

Naw, mails have been robbed ever since there were mails. In the 18th century England, mail coaches had armed guards. Think of the Wild West... Even without bad guys, in 18th century America, merchants sent three copies of payment drafts via three different ships just because crossing the Atlantic was chancy. You have to adapt to the times, that's all. Ratchet up your own security.

Do you use a public key bloc for your emails?

"They" do attack Linux and everything else. As Alan pointed out, though, it is a matter of least resistance. Phishing in Windows gets more results. However, it is also true that amateurs attack systems and professionals attack people. If you think that "hackers" (whoever they are) have not figured out Linux, you are in for a rude awakening.

I am a mere technical writer. But I give talks at computer security conferences here in Austin. As a member of OWASP, I have been in peer study groups and presented on Wireshark. I am not a hacker, but I hang out with them, and I assure you, nothing is beyond them collectively.

Last night at an OWASP happy hour, we were laughing at our colleagues in the office who do not even try to decipher a challenge. Hackers love challenges. Think of Turing in "Imitation Game."

No, I didn't mean you - I mean the original article. Just seemed "reach"-y. Like maybe the author had so many words to fill in.

I guess the part of it that did make me think twice was that security software could be kind of like the fox guarding the hen house, if it's in the wrong hands.

I have used Kaspersky for 10-12 years now, mainly because they have the best performance of a mainstream product. By the logic of the article, I would not use Mcaffe because it is a US based product, no doubt with ties to the CIA and NSA (which may be true but I have no facts). Goes back to honesty, trust, and basic business morals. Since none of that is present in government today, and not a lot in business, why would it be a surprise if there was some connection. But, maybe the Russian government wants a good, quality product, and Kaspersky has built a huge reputation as an analyzer of malware, and probably has a lot of the skills the NSA has. They need to maintain a reputation of disinterested provider, although you cannot rule out the "backdoor" stuff, which I believe, Microsoft has also been said to provide to the NSA, along with Android and Ios on iPhone's. So, what to do? Use Linux, as some say...

Not just that, but it is volume, MS software has a huge chunk of the market compared to apple, so if you are throwing something out to get people, and it has to be tailored to that framework, go the the biggest market.

The Russians are known to play chess. :) Soviets had a 5-Year plan.

no, I saw this and knew people here would be interested in web security potential vulnerabilities, particularly Kaspersky.

actually it has to do with OS architecture..Mac's don't share a common registry (rather using individual preference files), making each relatively unique and that much harder for hackers/virus authors to work their mischief broadly.

That said, Mac do get hacked and can get viruses, it just takes more effort. Hackers and Virus authors, just like anyone else, prefer wide distribution and doing less work.

Thanks for sharing this! I've heard the advertisements for Kaspersky Labs' Antivirus product and always had it in the back of my mind that this is a Russian product. Antivirus and Antispyware has access to your trusted information, and I simply couldn't rationalize that risk.

Despite the opinion of others, I would still fear the possibility of "back doors" such as those that exist in telephony switchgear.

Macs are probably not as susceptible because there are fewer Macs, making them less of a target. But "no bloatware"? You haven't developed for the Mac or you'd know better.

Amazing, isn't it?

The Wright Brothers were novices, and the Titanic was built by experts.

There are exactly 2 kinds of companies. Those who have been breeched, and those who don't know it yet. Which are you?

We're not exactly novices..
www.enformion.com

I've done penetration testing and owned a whole company by exploiting a 2. Those stupid scores make people think wrong... An open garage door might be a 10, and an unlocked upstairs window a 2, but either way, once I'm in, it doesn't matter that I had to bring my own ladder, I'm still in.

But of course big your machine is special, and you are willing to sign the releases, I'd be more than happy to accept your challenge.

Pretty old stuff... not seeing anything on current OS X version. If you dissect it... Old OSX, WatchOS vulnerabilities, custom-crafted Thunderbolt cable to bypass the security, etc. Short answer is.. of course.

Would I pick a generic clean-install Windows 7 or Windows 10 versus Mac OS X out of the box? No way. You do need some AV software on a Mac, it's not nearly as intrusive.

Of all of those vulnerabilities.. nothing over a 2 (on a scale of 0-9).

Mike is correct. Kaspersky anti-virus is in many American homes, businesses and even some government offices. Has been for a long time. The founder and CEO, Eugene Kaspersky, indeed has ties to the KGB and works closely with the Russian government. That’s why this rumor percolates to the top of water cooler talk every few years. The software ‘calls out’ for updates, like every other anti-virus. It’s easy to catch other, nefarious behavior by such a product, but the accusation has never been proven. It would be easy for Kaspersky to direct the software to pull personal information from user’s computers. But it would easily be caught by security researchers and that would end the company’s business in the U.S..

I'm a cybersecurity engineer, and let me tell ya, being on a mac is not protection. Macs are just as vulnerable, and no, users don't notice right away.

https://www.cvedetails.com/vulnerabil...