Profiles in courage: Eugene Kaspersky

[Dave Aitel <dave () immunityinc com>]

So in my talk in Ottawa <http://www.countermeasure2012.com/program.html>
this month, the first section is "Profiles in Courage". One of the
people profiled is Eugene Kaspersky. To put it simply, Eugene likes to
poke big cats in the eyeball. That takes balls, even for a billionaire
with a Russian military uniform in his closet
<http://www.wired.com/dangerroom/2012/07/ff_kaspersky/6/>.

As a sample illustration, let's take a quick look at yesterday, when
Kaspersky came out with a big press effort announcing they had found a
"miniFlame" (compare their lengthy paper
<http://www.securelist.com/en/blog/763/miniFlame_aka_SPE_Elvis_and_his_friends>
to Symantec's slight blurb
<http://www.symantec.com/connect/blogs/w32flamerb-additional-module-discovered>).
Of course, this is just one example - it's been obvious from his twitter
feed that Kaspersky has taken the "nation state" threat /personally/ in
some ways. True, Kaspersky Antivirus protects many of those customers in
the Middle East who have been infected by Flame.

But there's "Being annoyed because my commercial interests are at stake"
and there's "taking it personally" and if I had to guess which one
Eugene was doing, it would be the latter. Because knowing, as he does in
great detail, how casually the authors of Stuxnet could
"deny/degrade/distrupt/destroy" Kaspersky (say, by using the Kaspersky
AV code signing key for the next version of Flame, which would be hugely
amusing), he still appears to make quite a point of calling them out
whenever possible.

But this brings us to today, when Eugene announced on his personal blog
<http://eugene.kaspersky.com/2012/10/16/kl-developing-its-own-operating-system-we-confirm-the-rumors-and-end-the-speculation/>
that Kaspersky was creating a system to run industrial control systems
(ICS) - but run them securely! Frankly, I think the whole ICS security
excitement is slightly overblown (there are many gateways to creating
"interesting effects" from cyberspace and ICS is just one of them - and
not, in my personal opinion, the best one) but building a whole new OS
is definitely an interesting path to take.

It goes without saying that there won't be any Kaspersky-OS installs on
critical infrastructure in the United States (or her allies), but the
courage of creating such a thing, and installing it on important Russian
critical infrastructure, is to say that Eugene thinks that his company
is capable of defeating the team that built Stuxnet - and defeat them on
their own turf.

It's that kind of extreme (and frankly admirable) hutzpa that wins
Eugene a spot in the talk. :>

-dave



-- 
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
www.infiltratecon.com

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave