<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
So in <a href="http://www.countermeasure2012.com/">Ottawa</a> this
month the first part of my keynote is on "Profiles in Courage" and
one of the people highlighted is Eugene Kaspersky. Of course, you
have to hold Eugene to a higher standard of bravery as none of the
other people in the talk are billionaires <a
href="http://www.wired.com/dangerroom/2012/07/ff_kaspersky/6/">with
Russian military uniforms in their closet</a>. <br>
<br>
A good example is yesterday's announcement on the Kaspersky Labs
website detailing a "miniFlame" and all their research into the
trojan, which they have painted as a sophisticated computer
espionage tool. Compare <a
href="http://www.securelist.com/en/analysis/204792247/miniFlame_aka_SPE_Elvis_and_his_friends">their
long paper</a> to <a
href="http://www.symantec.com/connect/blogs/w32flamerb-additional-module-discovered">Symantec's</a>
tiny blurb on the same subject. And this is of course just one
example <a href="http://www.securelist.com/en/blog?topic=199380362">of
many</a> of Kaspersky being well in the lead of the industry in
attacking that particular team's work products.<br>
<br>
Below is a screenshot that I think illustrates the point (as is
funny to boot).<br>
<div align="center"><img alt=""
src="cid:part6.08070000.09040707@immunityinc.com" height="293"
width="708"><br>
</div>
<br>
Yes, after a seven part documentary on Duqu and Stuxnet, the
Internet Threat Level should be 1. Perhaps it wrapped over? :><br>
<br>
I think the main part of the courage here is that everyone involved
knows just how casually the team who wrote "Duqu" could use the
Kaspersky AV code signing key to sign their next driver (this would
be highly amusing). But Eugene's personal blog, media appearances,
and twitter feed only press the point. Is it possible he took it
personally that some of his customers were infected for 5 years
without him knowing?<br>
<br>
And of course this morning he <a
href="http://eugene.kaspersky.com/2012/10/16/kl-developing-its-own-operating-system-we-confirm-the-rumors-and-end-the-speculation/">announced
on his personal blog </a>that his company is developing a "secure
operating system" for industrial control systems. <br>
<br>
It goes without saying that Kaspersky's industrial control OS is not
going to end up on US critical infrastructure. But it probably will
end up elsewhere in the world (Russia, for example). And what Eugene
is saying is that he thinks he can beat the Stuxnet team at their
own game, and on their own turf. <br>
<br>
That's a truly admirable level of hutzpa. Even for a billionaire.<br>
<br>
-dave<br>
<br>
-- INFILTRATE -- <br>
The world's best offensive information security conference.
<br>
April 2013 in Miami Beach
<br>
<a class="moz-txt-link-abbreviated" href="http://www.infiltratecon.com">www.infiltratecon.com</a>
</body>
</html>