<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
So in <a href="http://www.countermeasure2012.com/program.html">my
talk in Ottawa</a> this month, the first section is "Profiles in
Courage". One of the people profiled is Eugene Kaspersky. To put it
simply, Eugene likes to poke big cats in the eyeball. That takes
balls, even for a billionaire <a
href="http://www.wired.com/dangerroom/2012/07/ff_kaspersky/6/">with
a Russian military uniform in his closet</a>.<br>
<br>
As a sample illustration, let's take a quick look at yesterday, when
Kaspersky came out with a big press effort announcing they had found
a "miniFlame" (compare their <a
href="http://www.securelist.com/en/blog/763/miniFlame_aka_SPE_Elvis_and_his_friends">lengthy
paper</a> to Symantec's <a
href="http://www.symantec.com/connect/blogs/w32flamerb-additional-module-discovered">slight
blurb</a>). Of course, this is just one example - it's been
obvious from his twitter feed that Kaspersky has taken the "nation
state" threat <i>personally</i> in some ways. True, Kaspersky
Antivirus protects many of those customers in the Middle East who
have been infected by Flame.<br>
<br>
But there's "Being annoyed because my commercial interests are at
stake" and there's "taking it personally" and if I had to guess
which one Eugene was doing, it would be the latter. Because knowing,
as he does in great detail, how casually the authors of Stuxnet
could "deny/degrade/distrupt/destroy" Kaspersky (say, by using the
Kaspersky AV code signing key for the next version of Flame, which
would be hugely amusing), he still appears to make quite a point of
calling them out whenever possible.<br>
<br>
But this brings us to today, when Eugene announced <a
href="http://eugene.kaspersky.com/2012/10/16/kl-developing-its-own-operating-system-we-confirm-the-rumors-and-end-the-speculation/">on
his personal blog</a> that Kaspersky was creating a system to run
industrial control systems (ICS) - but run them securely! Frankly, I
think the whole ICS security excitement is slightly overblown (there
are many gateways to creating "interesting effects" from cyberspace
and ICS is just one of them - and not, in my personal opinion, the
best one) but building a whole new OS is definitely an interesting
path to take. <br>
<br>
It goes without saying that there won't be any Kaspersky-OS installs
on critical infrastructure in the United States (or her allies), but
the courage of creating such a thing, and installing it on important
Russian critical infrastructure, is to say that Eugene thinks that
his company is capable of defeating the team that built Stuxnet -
and defeat them on their own turf. <br>
<br>
It's that kind of extreme (and frankly admirable) hutzpa that wins
Eugene a spot in the talk. :><br>
<br>
-dave<br>
<br>
<br>
<br>
<pre class="moz-signature" cols="72">--
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
<a class="moz-txt-link-abbreviated" href="http://www.infiltratecon.com">www.infiltratecon.com</a>
</pre>
</body>
</html>