Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Interviews: Ask What You Will of Eugene Kaspersky

timothy posted more than 2 years ago | from the make-his-day dept.

Security 115

Eugene Kaspersky probably hates malware just as much as you do on his own machines, but as the head of Kaspersky Labs, the world's largest privately held security software company, he might have a different perspective — the existence of malware and other forms of online malice drives the need for security software of all kinds, and not just on personal desktops or typical internet servers. The SCADA software vulnerabilities of the last few years have led him to announce work on an operating system for industrial control systems of the kind affected by Flame and Stuxnet. But Kaspersky is not just toiling away in the computer equivalent of the CDC: He's been outspoken in his opinions — some of which have drawn ire on Slashdot, like calling for mandatory "Internet ID" and an "Internet Interpol". He's also come out in favor of Internet voting, and against SOPA, even pulling his company out of the BSA over it. More recently, he's been criticized for ties to the current Russian government. (With regard to that Wired article, though, read Kaspersky's detailed response to its claims.) Now, he's agreed to answer Slashdot readers' questions. As usual, you're encouraged to ask all the question you'd like, but please confine your questions to one per post. We'll pass on the best of these for Kaspersky's answers. Update: 12/04 14:20 GMT by T : For more on Kaspersky's thoughts on the importance of online IDs, see this detailed blog posting.

Sorry! There are no comments related to the filter you selected.

What Color Is Your Hat? (5, Interesting)

eldavojohn (898314) | more than 2 years ago | (#42170561)

I feel like when someone is as deep in malware protection as you are, you're basically running malware and, I assume, developing malware or finding exploitable aspects of software. I notice you "discover" a lot of malware but I don't recall seeing you publish any exploits. How much malware development do you do? Any at all? Is there anyone in your company that attempts to mimic what other malware does so you can better understand it? Do you feel like that is a necessity in the field of malware protection?

Re:What Color Is Your Hat? (0)

Anonymous Coward | more than 2 years ago | (#42170789)

I could see this question being taken multiple ways, so, just to make it easier for him to answer (even though I think the answer is fairly obvious):
When you ask about him / his company developing malware - do you mean 'to release as normal malware' or do you mean 'for in house experimental use only'?

Re:What Color Is Your Hat? (-1)

Anonymous Coward | more than 2 years ago | (#42171251)

Do you wank often ? I mean with all those viruses you risk transmitting sexually transmissible diseases. The best way is to play with your wrist.

Re:What Color Is Your Hat? (0)

Anonymous Coward | more than 2 years ago | (#42171241)

They give those exploits for the Russian government to use.

Where in the world is John McAfee ? (5, Funny)

whizzter (592586) | more than 2 years ago | (#42170595)

Sorry could not resist :)

Re:Where in the world is John McAfee ? (3, Funny)

chill (34294) | more than 2 years ago | (#42170657)

I think you're confusing Kaspersky with Broderbund.

Re:Where in the world is John McAfee ? (0)

Anonymous Coward | more than 2 years ago | (#42170707)

look at the time stamp of this and the current summary [slashdot.org]

How did the AC do that?

Re:Where in the world is John McAfee ? (1)

Forty Two Tenfold (1134125) | more than 2 years ago | (#42171171)

Were you (or were you not , heh-heh) involved in any murder recently or otherwise?

Re:Where in the world is John McAfee ? (0)

Anonymous Coward | more than 2 years ago | (#42171643)

Now that we have an idea where he is, how about "You have any thoughts on John McAfee?"

Re:Where in the world is John McAfee ? (2)

alexhs (877055) | more than 2 years ago | (#42172395)

Where in the world is John McAfee ?

There's no world in which McAfee and Kaspersky can both exist at the same time.

How do you keep yourself out of jail? (0)

Anonymous Coward | more than 2 years ago | (#42170643)

Related, have you ever tried bath salts?

faster than light! (0)

Anonymous Coward | more than 2 years ago | (#42170759)

O.J. Simpson is innocent. They did it.

On Your Exploit-Free OS (4, Interesting)

eldavojohn (898314) | more than 2 years ago | (#42170649)

Recently you confirmed you're working on an exploit-free OS [kaspersky.com] following all the SCADA attacks. Among other things, you're claiming it is to be written from scratch [securelist.com] but I can't find many details on what it's going to look like architecturally. You say:

Architecturally, the operating system is constructed in such a way that even a break-in into any of the components or applications loaded onto it won’t allow an intruder to gain control over it or to run malicious code.

Could you expound on this? Are you writing this code or still in the design phase? Or better yet, could you compare it to something like, say, CentOS or Debian and tell us how your architecture is going to be more secure? I understand you're scoping down the requirements of your OS to be more easily manageable but the skeptic in me feels like it just can't be done. The cat and mouse game must be played in some form or fashion.

Re:On Your Exploit-Free OS (1)

Synerg1y (2169962) | more than 2 years ago | (#42170745)

Not an OS in the traditional sense. It's mission specific firmware code tailored for single purposes. They're in for a nasty surprise when they discover that not all industrial systems are set up in the same manner, time period, or with the same risk scope.

Re:On Your Exploit-Free OS (1)

vlm (69642) | more than 2 years ago | (#42170939)

Not an OS in the traditional sense. It's mission specific firmware code tailored for single purposes.

So.... its freedos run as virtualization images? An awful lot of embedded work got done before modern OS and its still getting done more or less despite them.

Re:On Your Exploit-Free OS (1)

anubi (640541) | more than 2 years ago | (#42173025)

I wonder how a RTOS like Micrium's uCOS [micrium.com] holds up to this.

Re:On Your Exploit-Free OS (1)

vlm (69642) | more than 2 years ago | (#42173959)

I don't think RTOS like being virtualized very much. Overhead. I use linuxcnc on my milling machine and the devs make a big deal out of microseconds.

Re:On Your Exploit-Free OS (3, Interesting)

Elbereth (58257) | more than 2 years ago | (#42171389)

Well, yes, but I think Kaspersky is advocating that we swing the pendulum in the opposite direction: instead of making trade-offs against security, we make a niche OS that makes all of its trade-offs in favor of security, trying to keep in mind the specific needs of industrial control systems. He's also advocating -- if you'll forgive me -- a paradigm shift, in which security becomes the mantra, rather than stability. This is unsurprising, coming from a security professional. I can't say whether he's an ideological fool or a visionary, but they are not mutually exclusive.

Of course, convincing people to use an operating system that made all of its trade-offs against ease-of-use, backwards compatibility, features, and stability may end being even harder than writing it.

Re:On Your Exploit-Free OS (1)

VortexCortex (1117377) | more than 2 years ago | (#42176373)

Of course, convincing people to use an operating system that made all of its trade-offs against ease-of-use, backwards compatibility, features, and stability may end being even harder than writing it.

Nah, it's not hard to convince people that matter to use the operating system. Or, rather, I should say that shouldn't be a goal to get mainstream adoption. I too am creating a secruity focused operating system from scratch -- Uses separate isloated call stacks rather than place data and code pointers in the same stack, and some other tricks to keep code pointers in heap data structures from being modified. My design calls for a different compilable programming language other than C as a base because C's essentially designed to do shit the most insecure way possible -- Hell, x86 even has ENTER and LEAVE instructions specifically to facilitate doing bad things faster, so doing safer things is slightly less performant. Once I've finished implementing my programming language I'll be able to implement a C compiler with it that utilizes the other language's features -- eg: functions are just a special case of coroutines... Then I can compile much of the stuff people expect in an OS, like existing drivers for their hardware, not just for mine.

Now, I know I'm pretty much the only one who's going to use my OS and my programming language, but my goal isn't adoption, it's to prove a point: You CAN make much more secure OSs that protects against many programming pitfals. Remember when the Internet was 1st built and how all the services were open and everyone was essetially trusted to be good guys -- network admins would only close ports if they detected some trouble there? Now an admin would be fired for such practices. Now we have firewalls by default and only let throught stuff that we know is good... Our OS's are still like that old trust everything model. We've made a few advances, but we're still just patching troubel spots. We still TRUST THE MODIFIABLE PARAMETER STACK TO CONTAIN CODE POINTERS. Ugh, I feel like I'm still in the 80s when it comes to OS security. GCC has an option to place a canary value to try and catch some overruns, but it's just like closing one more port because we saw some trouble there -- it does nothing if the exploit knows how to write over a canary with itself or exploits code pointers on the heap. We need to go back to the drawing board. Seriously. For fuck's sake people: I'm all for avoiding needless re-inventing of the wheel, but you don't put steel banded wooden waggon wheels on a damn Porche, that's assinine and UNSAFE.

I don't think for a second that everyone's going to start using my OS even if it's uncrackable. No, instead I only with to show folks how it can be done, by example. My aim is more of a reference implementation of techniques that other mainstream OSs can analyize and apply to improve their security. Eg: In no event does a buffer overrun, stack smashing, or any other unintended data modification cause unexpected or arbitrary code execution in my OS... This stuff is easy, It's not brain science, but we've got a lot of time invested in doing things the wrong way -- Popping the CODE pointer off the same stack we put our working DATA in, and running wherever it says to. It would be funny if it weren't so fucking moronic.

There's no reason that today's OSs can't have a whole host of security enhancing techniques except that when some unknown dude, or even a well respected fellow, pops into a compiler or OS discussion and points out how everything is all wrong everywhere, then folks just laugh at you, bugs crawling all over their faces, but they can't feel them anymore -- They'll argue that it's not worth fixing while neck deep in someone's dumpped core sewage, or they'll outright deny there's anything wrong as a family of cockroaches crawl from their nostrials and into their ears. These people have lived wallowing in the shit with the bugs for so long they don't even flinch. To me, it's just disgusting and silly -- Like when my dog rubs it's head on some dead thing, Its primitive mind has no notion of germs or disease at all.

There's really not as much "collaboration" on new things as there probably should be. No one really likes change, they're comfortable and they'll belittle you for even suggesting something different. So, you really do have to go off on your own and make stuff in isolation and prove things can be done and that they are worth it before anyone will really take you seriously. IMO, Kaspersky's doing the right thing. Don't expect detailed explanation of the innerworkings because, bet your bottom dollar it's not 100% fleshed out, and he'd only catch flack and waste time trying to explain it. Same thing happens in any kind of software, even indie games too -- Folks say they like seeing work in progress stuff, but rip you a new one when you show partial stuff... Be closed as hell and you're seen as antisocial & overly secretive, but folks don't give you as hard of a time and are more interested when you release your project.

Re:On Your Exploit-Free OS (0)

Anonymous Coward | more than 2 years ago | (#42171725)

It can't be done. It's not possible.

You can easily prove this (Left as an exercise for the reader).

Re:On Your Exploit-Free OS (0)

Anonymous Coward | more than 2 years ago | (#42174339)

I would think we could come up with a read only OS and RAM, so that nothing could jack it and only a reboot like windows drivers could make changes. You could flush anything trying when you shut down, if you are not making any changes.

Re:On Your Exploit-Free OS (1)

wolrahnaes (632574) | more than 2 years ago | (#42175071)

A read-only OS is called a Live CD (or more generally Live distro, since they're rarely used from CDs anymore). The downside of course is that updates are more challenging.

If you can netboot, you can get the advantages of a read-only system while not being a pain to update by simply making sure the network machines can't write to whatever they're booting from. Admins can still write changes in, then updates become as easy as making the change once and telling people to reboot. Unfortunately this has the obvious downside of being significantly slower than a local system install, especially when SSDs are involved.

I haven't played around with EFI yet, but I'd imagine it may be possible to design an EFI application which could check a remote server for updates to the system image on boot and download updates automatically. At that point it would be simply a matter of making sure the system volume(s) were mounted read-only, maybe with a unioned tmpfs on top so programs that want to write places they shouldn't can run. Not hard for *nixes, no idea on Windows.

I'd imagine any sort of checksumming on boot would slow things enough that the netboot solution would make more sense.

Did.... (1)

WGFCrafty (1062506) | more than 2 years ago | (#42170661)

Did... your special relationship with Russias former KGB help secure your son, or would any Russian have received that promt service?

Wired - Corrected Link (4, Informative)

chill (34294) | more than 2 years ago | (#42170685)

Re:Wired - Corrected Link (0)

anubi (640541) | more than 2 years ago | (#42173071)

posting to kill a bad moderation. sorry. my bad - laptop slipped.

Your secure OS (2)

lister king of smeg (2481612) | more than 2 years ago | (#42170711)

You plan on making a secure OS for for industrial/infrastructure systems do you plan on basing it on preexisting open kernals, BSD, Linux, Haiku, Mach. Will it be a Unix/Posix like? will it be a monolithic or micro kernal? or are you think of more of hypervisor that host and monitor the guest os for the scada systems?

2-3 digital concepts young people should learn? (4, Interesting)

davecrusoe (861547) | more than 2 years ago | (#42170737)

There's much talk about combating malware through technical solutions (e.g., adding transparency to communication, building increasingly sophisticated scanning systems, etc).

But what interests me is what we should be teaching our young people (students, in primary and secondary school) with respect to the expertise we wished that all adults possessed.

In your estimation, what are 2-3 things that, if young people understood well, would help them excel in the face of cyber adversity (e.g., malware, privacy theft, etc)?


Have you ever had to make a person disappear? (0)

Anonymous Coward | more than 2 years ago | (#42170799)

Hello. Love your product.

Can you tell us anything about your work with the KGB? Did you work in operations, or support?

Online anonymity (5, Interesting)

gallondr00nk (868673) | more than 2 years ago | (#42170815)

Recent protest movements and the Arab Spring have shown that the ability to use the Internet anonymously is crucial to organising resistance and circumventing censorship or oppression. In light of that. have you modified your views on the "Internet ID"?

Let me put that question slightly differently: (0)

Anonymous Coward | more than 2 years ago | (#42171147)

Does mr. Kaspersky still think that tracking everybody's every move (which is the inevitable result of "internet ID") is a reasonable approach to curbing a relatively small (as in tiny) percentage of bad apples, seeing how that so far has yielded zilch results in other fields (airport security theatre), and whether the costs, not just in financial terms but also eg liberty lost and foregone (persecution, panopticon effect) are worth it, in the long term [slashdot.org] ?

Posted anonymously, while I still can. Please do try and convince us that we oughtn't be able to.

easiest way to wipe? (4, Funny)

csumpi (2258986) | more than 2 years ago | (#42170817)

What's the easiest way to wipe all the Kaspersky bloat/trial/crapware from new Windows machines?

Re:easiest way to wipe? (1)

jandrese (485) | more than 2 years ago | (#42170853)

I've never seen an OEM PC with any Kaspersky stuff on it.

VAIO S Series 15 Custom Laptop (2)

csumpi (2258986) | more than 2 years ago | (#42170933)

Received it today:

Description: VAIO S Series 15 Custom LaptopComponent: 750GB (7200rpm) hard drive
Component: 3rd gen Intel® Core i7-3632QM quad-core processor (2.20GHz / 3.20GHz with Turbo Boost)
Component: NVIDIA® GeForce® GT 640M LE (2GB) hybrid graphics with Intel® Wireless Display technology
Component: Windows 8 64-bit
Component: Internal lithium polymer battery (4400mAh)
Component: Kaspersky® Internet Security (30-day trial)
Component: Black

Re:VAIO S Series 15 Custom Laptop (-1)

Anonymous Coward | more than 2 years ago | (#42171009)

I believe what you are looking for is this [ubuntu.com] .

Re:VAIO S Series 15 Custom Laptop (0)

Anonymous Coward | more than 2 years ago | (#42171477)

No, the user said to get rid of the crapware. Not to install it, you dolt.

Natalia Kaspersky's Support of Government Malware? (4, Interesting)

eldavojohn (898314) | more than 2 years ago | (#42170823)

According to Wikipedia [wikipedia.org] , Natalia Kaspersky, former CEO and co-majority shareholder of Kaspersky Lab released a statement supporting Russia's interest in a countrywide firewall similar to the Great Firewall of China. The definition of 'malware' I most prefer is "Software that is intended to damage or disable computers and computer systems." I see implementations like countrywide firewalls to be little more than disabling computers and computer systems by limiting their ability to connect to other computers. Would you care to comment on why government malware is okay or even desired? Would you care to refute Natalia's position that appears in Kaspersky Lab's Wikipedia article?

Re:Natalia Kaspersky's Support of Government Malwa (0)

Anonymous Coward | more than 2 years ago | (#42171021)

By your definition, what firewall isn't malware?

Re:Natalia Kaspersky's Support of Government Malwa (1)

Anonymous Coward | more than 2 years ago | (#42171105)

By your definition, what firewall isn't malware?

The ones that allow a user to configure them as they please. Once that level is abstracted, it's under someone else's control and is limiting and disabling user desired computer interaction. Everyone should run a firewall, no one should be subjected to another man's firewall.

Anonymous Internet IDs (4, Interesting)

AaronLS (1804210) | more than 2 years ago | (#42170851)

Do you believe everyone could be issued an ID, and still remain anonymous? What I mean is, I believe that you could ensure each of your users is unique, but not necessarily know who they are. If everyone is issued a certificate signed by some trusted authority, one could verify that the certificate is valid, without the certificate exposing the information about who you are. You could even have a scheme that lets the authority issue you multiple IDs, but only one for each unique ForUseWithDomain attribute, such that if you wanted to keep your identity from being correlated across different sites, you could do so. This could probably even be automated.

This would ensure that if you banned a malicious user from your site, they wouldn't be able to come back without compromising someone else's certificate. Yet, you still get a high level of anonymity.

Sites that require non-anonymous access could deny anonymous certificates, and require that you authorize access to full name perhaps. This would be like OpenID in the way it will prompt you for a site requesting additional information, like your email.

Re:Anonymous Internet IDs (0)

Anonymous Coward | more than 2 years ago | (#42173579)

Already covered. It's called pseudonymous. It's been used, tried, and...not really discarded, so much as...it wasn't practical for the world at large. It doesn't quite handle your case, but your case asks for something that is a semantic contradiction...

You can't have both things you describe. I can make a new ID -- it has to be totally new. If it comes to a root, people can trace it up to the root.

If it can't be traced up to the root, I can make a new one. If I can't trace an ID up the root, and I can't make a new one, then I can only have one ID.

The best you can pull off are trust chains, or computation chains.

The authority issuing multiple IDs does not prevent the authority from tracking my ID, aggregating my ID, selling my information. In short, the authority is subject to compromise.

You want non-anonymous access, you need to enforce it through rep or law. Either one is subject to automated compromise.

Let's say you kill a guy (5, Funny)

Anonymous Coward | more than 2 years ago | (#42170857)

In a small Latin American country like Belize. You've gone on the run, the police are hunting you and your options for escape are coming up short. You've started a blog to discuss your situation, but no external entities have helped. What's your next step?

-- John

Why do we still use the black list security model? (3, Insightful)

Zaphod-AVA (471116) | more than 2 years ago | (#42170863)

Malware continues to be successful despite our current efforts. Why do we continue to use the same failed security model? Automated white listing seems like a better answer to modern security problems.

Re:Why do we still use the black list security mod (0)

Anonymous Coward | more than 2 years ago | (#42171007)

2 reasons:
1. Existing solutions haven't really been tried, especially in Windows.
2. Every computer owner must have the freedom to run software of his own choice.

Of couse, #2 is going away anyway, with the proliferation of the walled garden.

Re:Why do we still use the black list security mod (0)

Anonymous Coward | more than 2 years ago | (#42173115)

Isn't this what vista started? Where it asks if you allow said program to do xyz?
A better interface to lock programs down would be nice.
I think it was Core Force software that used a white list approach. It was extremely complicated to setup but I remember having to give permissions to programs accessing the registry, internet ports and sites and directory access. I never could get it working with all the programs I used but nothing ran default. I might want to try it again on my xp vm I use for netflix.

Re:Why do we still use the black list security mod (0)

Anonymous Coward | more than 2 years ago | (#42174375)

Where it asks if you allow said program to do xyz?

For values of "said program" being useless and "xyz" being completely useless. You might as well say:

Where it asks if you allow doing it

Every single time I get this prompt its because a program "asdfjlajeklfefeklagjles.exe" wants to write to my drive somewhere. Where? Damned if I know. The warning for running something I downloaded from the internet is far more informative, especially if the app was signed and it can tell me what the fuck it is rather than a useless gibberish exe name.

Are you planning on moving to Belize? (0)

stox (131684) | more than 2 years ago | (#42170899)

For a life of adventure? It seems to be the in thing for writers of AV software these days.

What's... (2, Insightful)

Antipater (2053064) | more than 2 years ago | (#42170913)

your favorite brand of vodka?

Re:What's... (0)

Anonymous Coward | more than 2 years ago | (#42173707)

lol insightful mod. All vodka is basically the same once you get away from the cheap crap, just aqueous ethanol with almost no taste. With Grey Goose etc you're paying for the nice bottles and perceived coolness.

What is an internet ID? (1)

gr8_phk (621180) | more than 2 years ago | (#42170947)

If you're in favor of "mandatory internet ID" as the summary says, what form should that take? I have been an advocate of fixed IP addresses for everyone, but would something like that be sufficient? I realize there may be issues with mobile devices, but in principle does a fixed IP come close to what you're in favor of? Or is it something much more complex?

Kaspersky's relationship with the government? (4, Interesting)

swb (14022) | more than 2 years ago | (#42170991)

Does Kaspersky have a relationship with the Putin administration or the FSB?

Do either of these organizations have any influence on the business practices or technology of Kaspersky antivirus?

Should a security minded person be concerned with the geographic origin of security software?

Ken Thompson's Hack (4, Interesting)

Sarten-X (1102295) | more than 2 years ago | (#42171031)

One of the threats I expect to see more of is in the vein of Ken Thompson's hack [bell-labs.com] , where a compiler (or any other build tool) hosts a trojan and infects other programs it compiles (or links, assembles, etc.) practically undetectably. With open-source software taking an ever-more-vital role in the Internet's core systems, will this kind of attack be easier to detect (perhaps due to the widespread availability of still-clean compilers), or more difficult (perhaps due to the wide network of trusted developers)?

Fully Countering Trusting Trust (1)

Sits (117492) | more than 2 years ago | (#42174269)

Mentions of Ken Thompson's Reflections on Trusting Trust should also mention David A. Wheeler's "Fully Countering Trusting Trust" [dwheeler.com] which provides a means of identifying and resolving a malicious compiler.

Re:Ken Thompson's Hack (1)

lister king of smeg (2481612) | more than 2 years ago | (#42175183)

well you could in the case of a open source compiler read the source or if you don't have the expertise in that are hire a(team of) code analyst / auditors / programers. you could also compare the binaries of two different standard complaint compilers that have compiled the same code on the same hardware. you also write you own compiler and boot strap you own system from source ala gentoo/linux from scratch

Re:Ken Thompson's Hack (1)

eer (526805) | more than 2 years ago | (#42175263)

No, actually, you can't. Its computationally infeasible to find deliberately hidden malware in a body of code, whether source or object. So no amount of analysis and/or testing can ever reliably tell you whether in fact your existing system is corrupt. You can only accomplish that by starting with a formal set of requirements that you can then successively refine into code that is (a) minimal, and (b) demonstrably maps directly to your formal specifications and their requirements. Any excess beyond what is minimally required to accomplish your task is a potential reservoir of latent malware. Note that such malware may be present in the source (ref. Ken Thompson's attack), or if it is, it may make use of various global state variables on the system as a trigger, or key, to unlock its functionality.

Are you safe Mr. Kaspersky? (2)

Lieutenant_Dan (583843) | more than 2 years ago | (#42171039)

Mr. Kaspersky are you safe?

Your operating out of the same country that has a ton of botnet operators and raking in some decent dought with cheap pharmaceutical sales thanks to people desperate or naive enough to do so.

There are have been some interesting stories hailing from your corner of your world. How do you feel with your ability to run your company the way you want and without any threats to you or your staff?

why no Bootable Discs anymore?? (1)

RobertLTux (260313) | more than 2 years ago | (#42171047)

I was surprised that companies don't rig the install disc to be self booting anymore Why is this??

would not be a problem but an updated bootable copy seems to be either Vodoo or in the form of download a full copy every time

pfffft how's Vladmir? (0)

Anonymous Coward | more than 2 years ago | (#42171161)

Speak , memory.

Internet X meme (4, Interesting)

vlm (69642) | more than 2 years ago | (#42171173)

You seem to support the "Internet X" meme where X is whatever we have in the physical world. ID, passport, voting, interpol, perhaps others. Why?
I mean we are all techies here, OK, so we don't have to act all "marketing" with each other about our new "selling dog food over the internet" patent and so forth.

I've got a perfectly good ID in the physical world that I share with amazon.com called my postal addrs and my CC number, and we're both perfectly happy with that situation. I've got a perfectly good paper and ink passport for crossing international borders, an internet one seems pointless. I/we have an Interpol who already handle crime about as well as any multinational police force could ever hope to, so I'm unclear what one on the internet would do that the real one isn't already fully responsible for. I have a perfectly good voting site 2 blocks from my house where I can vote in person using optical scanned ballots in perfect safety for like 12 hours on voting day, with no intimidation, and very limited to non-existent corruption because there's both a paper and ink ballot and an instant optical scan, what needs fixing about that or moving to the internet?

You've listed some things that have evolved over time to, basically, work pretty well. What is the point of lets replicate that "... on the internet"? Wouldn't we be all better off if we just improved the real Interpol, instead of making a second shadowy clone? Or improved voting, not just "add internet voting". Or improved ID, not "add another form of ID to be stolen"?

Or looking at it another way, why not "Internet X" where X is stuff that doesn't work. Health care. Taxes. Politics. Debating.

I don't see this as a strictly financial self interest question, for example you can probably make as much dough, or more, selling to the real Interpol as selling instead to a shadowy secondary clone. What do you care what the name on the invoice is?

From a techie perspective I/we see this as weird. Say my video card is getting slow/flakey. I could fix the one I have by blowing the dust off the fan, but, naah I'll get a shadowy secondary video card that is a mystery and not nearly as debugged, and try to get them to work in parallel... No that's just now how techies work. We know better.

So why "Internet X"? Not just "improve X"?

Shylock Malware (0)

Anonymous Coward | more than 2 years ago | (#42171245)

Would Kaspersky labs release a detailed document on Shylock malware, what it does, infection rate and so on?

govt vs corporation (1)

vlm (69642) | more than 2 years ago | (#42171269)

criticized for ties to the current Russian government.

You'll have to give me a break because all the links WRT this topic in our provided summary were 404 when I checked a couple seconds ago, so if I mischaracterize anything then its all timothy's fault.

Anyways WRT to corp govt relations, I'm guessing the model of the disagreement is:

In the US the corps completely own and control the govt and no other groups or individuals have any input or control over the govt, and we expect everyone else to live that way, but in .ru, the relationship is not quite as centrally controlled or cozy, more or less. Is it that simple or is there more to it?

Healthcare/Industry-specific software (1)

HideyoshiJP (1392619) | more than 2 years ago | (#42171275)

Many pieces of software and hardware used in Healthcare are required to pass FDA certification, especially in areas like radiology. Often times, these vendors report that because they are certified on a certain patch level, these systems cannot be patched without losing that certification. Do you see any solutions to the current state of industry-specific software's seeming lack of quality, updates and security?

Class A1 design? (2)

eer (526805) | more than 2 years ago | (#42171295)

Given the the long established history with reference monitors and Class A1 design, will your from-scratch OS follow TCSEC (Orangebook) guidance so as to provide verifiable assurance that no trap doors or Trojan horses exist in the code? If not, what is your approach, instead?

Who is winning? (3, Interesting)

Anonymous Coward | more than 2 years ago | (#42171297)

Mr. Kaspersky,

Who is winning the Cyberwar?

Re:Who is winning? (2)

Sarten-X (1102295) | more than 2 years ago | (#42171751)

I'm not sure who's winning, but the users are losing.

Kaspersky Industrial Control Operation System (0)

Anonymous Coward | more than 2 years ago | (#42171339)

Do you think you've got a chance at selling your ICS software to Americans? Don't you think they'll be hesitant to buy it?

Segmentation to represent security objects? (1)

eer (526805) | more than 2 years ago | (#42171381)

Give the long established practice in high assurance computer systems design to use segments to represent base-level security objects (so as to maximize alignment of hardware-enforced security policies with promised protections of the objects), will your new OS design rely on segments to represent security objects, or if not, what hardware abstraction will you use, instead?

Huawei Treatment (0)

Anonymous Coward | more than 2 years ago | (#42171397)

What do you think of the way western countries have treated Huawei products? Most people agree they are inferior products, don't you agree? Do you feel Kaspersky has received similar treatment?

Question (0)

Anonymous Coward | more than 2 years ago | (#42171427)

Is there a question someone could ask you that would likely result in your death if you answered it honestly?

Re:Question (1)

lister king of smeg (2481612) | more than 2 years ago | (#42175205)

if there was do you think he would honestly answer your question?

mod 0p (-1)

Anonymous Coward | more than 2 years ago | (#42171531)

obvious that there You. The tireless And distraction well-known parties, but here the party in street the rai8..we can be website Third, you the mundane chores itself backwards,

1. e4 (0)

Anonymous Coward | more than 2 years ago | (#42171549)

Your move?

Your thoughts on "QUBES"... apk (0)

Anonymous Coward | more than 2 years ago | (#42171615)

http://theinvisiblethings.blogspot.com/2012/09/introducing-qubes-10.html [blogspot.com]

* Since I understand you are looking to design a secure Operating System of some sort, have you see that lady's ideas that are a work-in-practice already?


P.S.=> Do you plan to use a similar design?? apk

Re:Your thoughts on "QUBES"... apk (0)

Anonymous Coward | more than 2 years ago | (#42171815)

Ideas in post: 1

Number of signatures: 3

Overinflated ego ratio: too damned high

Re:Your thoughts on "QUBES"... apk (0)

Anonymous Coward | more than 2 years ago | (#42172037)

Ideas in post: 0 (off topic) Number of signatures: 0 ego ratio: no right to one since anonymous troll has accomplished zero to speak of whatsoever in computing.

Malware Detection a Fool's Errand? (0)

Anonymous Coward | more than 2 years ago | (#42171641)

Dear Mr. Kaspersky,

I have long thought that malware detection is a fool's errand: it seems incredibly difficult, if not possible, to write a detector for "bad" software when "bad" is not precisely defined. Furthermore, it seems that identifying malware requires computation at least linear in size to the data input into the system (since that's where one often looks for malware), so it does not seem to be a scalable solution. In my opinion, there are better approaches to security that are more worthy of time and effort: creating usable but strong access controls to compartmentalize software/data on a system being one, and creating compilers that can harden executables from attack as another. I think that malware detection has taken too many resources away from more profitable defenses.

Do you think that there is some value to malware detection that warrants attention to it instead of other techniques, and if so, what is that value?

AWYW? Do you mean AMA? (0)

Anonymous Coward | more than 2 years ago | (#42171759)

Oh sorry, it's because AMA (TM) is owned by reddit.

Re:AWYW? Do you mean AMA? (0)

Anonymous Coward | more than 2 years ago | (#42171851)

What's wrong with AHA? Ask Him/Her Anything?

Re:AWYW? Do you mean AMA? (2)

Antipater (2053064) | more than 2 years ago | (#42173211)

What's wrong with AHA?

It'll be gone

In a day or two!

KGB/FSB links (2)

concealment (2447304) | more than 2 years ago | (#42171861)

But Kaspersky’s rise is particularly notable—and to some, downright troubling—given his KGB-sponsored training, his tenure as a Soviet intelligence officer, his alliance with Vladimir Putin’s regime, and his deep and ongoing relationship with Russia’s Federal Security Service, or FSB.

http://www.wired.com/dangerroom/2012/07/ff_kaspersky/all/ [wired.com]

Any comment on these allegations?

How much of your company is yours? (1)

udachny (2454394) | more than 2 years ago | (#42171991)

My question is (and I understand if you are hesitant to voice anything on this matter) is your company still in your hands?

Your company represents a valuable asset, have the 'right people' (somebody from VTB and such) approached you and asked you to hand over or even just sell part of the company, so that they can have their hands in it?

A more correct question would be: when have they done it and how much did you have to 'share' (percentage wise)?

Operating System for Industrial Control Systems (0)

Anonymous Coward | more than 2 years ago | (#42172101)

How important will the process of choosing a "language-based system" be to ensure the security of the operating system (OS) you envisage? Choosing a type-safe language to create a memory-safe OS can help with the threats posed by the Internet or malware while also reducing some complex code used to get around a lack of type-safety in an OS. Will you be creating your own system or general purpose programming language to ensure this security in this way? If not, there are a few languages already available, or partially available, to choose from, Cyclone (an extension of the last version of C), Red/System (still under development), Euphoria (a system language with type-checking, and it uses simple words instead of punctuation to improve readability) and the combination of a type-safe Assembly that handles hardware and memory with managed C# that handles the rest of the kernel and the applications (like Microsoft implements in the Verve OS and might implement in a future Windows; that is, code-named Midori) .

malware history and future (1)

Anonymous Coward | more than 2 years ago | (#42172221)

You've been in computer security a long time, and have seen many things come and go.
DOS/bootsector viruses, Windows viruses, macro viruses, rise of worms to replace them, and now the commercialization of malware with botnets, extortion-ware and the targeted weaponised malware like the one that hit Iran (and who knows what else).

What's changed? What's remained the same? What about the malware creators - has their motivation changed?
Where do you believe things are headed?

"Approved" Spyware (2)

Fnord666 (889225) | more than 2 years ago | (#42172299)

I assume that various state sponsored agencies provide you with their "research" tools and ask that you not detect them with your products nor should you interfere with their operation. To what extent does this happen, to what degree are you "asked" to comply, and to what degree are you forbidden to discuss this topic? Do you, or if you had the opportunity to do so without repercussions would you offer a version of your products that identified and disabled this spyware?

Why be a Formula One Racing sponsor ? (1)

lemur3 (997863) | more than 2 years ago | (#42172325)

What brought about the move to sponsor the Ferrari Formula One Racing team in 2011 and 2012?

Eugene Kaspersky *loves* malware (1)

HuguesT (84078) | more than 2 years ago | (#42172415)

Of course, malware is making him rich and famous, how could it be otherwise.

Other things E.K. loves: poorly conceived O/Ses ; lack of education in users ; and the status quo in matters of computer security.

I'm personally convinced that anti-malware software is a useless hack. Without it, we would have moved away long ago away from easily hackable systems.

You & Russian Intelligence. (0)

Anonymous Coward | more than 2 years ago | (#42172577)

It's well known that the K in Kaspersky stands for KGB. How tightly are you currently coupled to Russian intelligence, and what services do you provide to them?

Eliminate the competition (1)

Muad'Dave (255648) | more than 2 years ago | (#42172615)

What arm of the Russian mafia did you send to whack John McAfee's neighbor? :-)

Why did Symantec go silent after Stuxnet? (0)

Anonymous Coward | more than 2 years ago | (#42172715)

When Stuxnet originally came out, Symantec provided some amazing research. After Stuxnet, they have been amazingly silent on subsequent threats like Duqu, Flame, etc while your Russian company has provided details. Do you know why Symantec went silent?

Assembly code and vulnerability of Apple (1)

dave562 (969951) | more than 2 years ago | (#42172759)

This is kind of a two part question. Or more like one statement and one question.

We see Apple growing in market share and one of the memes that has been accepted by a large part of the community is that Apple is not targeted by malware authors in part because the return on investment is not as high as it is for Windows machines. To put it another way, if a malware author targets Windows they get millions of home users, but more importantly, they also have the potential to infect corporate systems, server farms, etc. If they go after OSX, they get a bunch of home computers and some audio visual professionals.

Apple's market share is growing, and they also have converted their OS over to run on Intel chips. It now shares the same hardware base as PCs that run Windows. Given that all of the really advanced malware code (rootkits, polymorphism, etc) is written in Assembly, do you foresee any tipping point coming where OSX will be targeted on a large scale like Windows has been? Or is there simply not enough of a payoff there for the malware creators, given the ease of exploitation and wide spread deployment of Windows?

Do you create malware? (1)

wiedzmin (1269816) | more than 2 years ago | (#42172839)

Are there any grounds to allegations that antivirus companies may be involved with creating malware, as a form of job security?

Which OS/OSs do you run? (2)

magic maverick (2615475) | more than 2 years ago | (#42173107)

While MS Windows is the most common computer OS around, there are obviously many others. For your personal use, what is your main OS, and how do you keep it secure (do you, e.g. run MS Windows with anti-malware software, or do you run Ubuntu Linux with the defaults)? Is this a setup that you would suggest for others, or is it too esoteric?

How will your business model change for Linux? (1)

SgtChaireBourne (457691) | more than 2 years ago | (#42177397)

How will your business model change if Linux became dominant on desktops as it has for tablets?

The Moral Equivalent of War (2)

dhomstad (1424117) | more than 2 years ago | (#42173723)

[Introduction] (My apologies for the long introduction to the question, but Slashdot only allows one!)

Mr. Kaspersky,

In the 1970's, following an Arab enforced oil embargo on Israel, the United States found itself a midst an energy crisis. President Jimmy Carter educated America on the Energy Crisis, warning that the issue could escalate into a national crisis, and equating the energy crisis "the Moral Equivalent of War." President Carter outlined 10 policies which touched on reducing demand through conservation, pushing for "predictable and certain" governmental policies, creation of a Strategic Petroleum Reserve, and development of new sources of energy.

Fast forward to the 2010's, and America is in a similar economic condition. Unemployment is rising, economic rebound is uncertain, and inflation all but inevitable. I see the US government pointing fingers of blame at "China" (as if all Chinese hackers represent their state) targeting security vulnerabilities of private and public US companies' databases, which often hold valuable, private information on US citizens. I assume the US government either funding or assisting in the development of malware as a Tool for International Policy. The economic incentive towards hacking continually increases, yet no few steps are made to prevent it.

[Question] Imagine you are President (any country in general, not necessarily the United States) - what policies would you put forward to curb this Security Crisis we are entangled in . I've read some snippets about the 'internet interpol' and 'internet ID,' but I'd like to offer you the opportunity to put forward a short, detailed plan (perhaps 5 or 6 bullet points) towards combating this Security Crisis. If you want to change any past statements, or add a little more substance to them, feel free.

[Post Statement] I hope your own opinions have more sustenance than immature, ultra-libertarian view that government's role is to shrink into nonexistence, ridding the world of its evil. I understand the government is both extremely powerful, yet also inefficient in some cases. I like government, but only when the correct checks and balances are in place.

Criminal malware vs Government sponsered malware (1)

Anonymous Coward | more than 2 years ago | (#42175153)

With your experience in malware research. What percentage of malware in use today do you see as being from criminals vs how much is from rogue governments such as China or the US and how do you see that percentage changing over the next ten years? Technically two questions but they are deeply related.

Everyone's question (1)

slashmydots (2189826) | more than 2 years ago | (#42175241)

Why did the 2012 version get so unbelievably bulky and slow when everyone knows that has killed dozens of antivirus products in the past? At the same time, the kings of bulky and slow, Symantec, improved their product so much it's not virtually the fastest. My shop would never carry them because I hate them to an unbelievable degree but now we don't carry Kaspersky either. It's just too detrimental to performance. What happened?

Anti-virus companies make virii (0)

Anonymous Coward | more than 2 years ago | (#42175389)

Is it true that anti-virus companies make virii? Have you ever heard of such a thing?

Share some of your local viewpoint with us, please (1)

Anonymous Coward | more than 2 years ago | (#42175423)

Mr. Kaspersky,

Your position running a leading high technology company out of a former Iron Curtain country gives you a unique perspective combining a deep knowledge of information technology with a deep local knowledge of the strengths and weaknesses and possibilities in the largest country in the world. Please spell out for us how Russia could become the dominant country in high tech by the end of the 21st century, displacing Silicon Valley, by making the best use of various local strengths. Please focus your answer on educating us about the resources which Russia has in it`s people, it`s institutions, and it`s society. This is not a question about whether or not this will happen, but a question about what things exist today in Russia in an early stage which could lead to a great leap forward if they are managed correctly.

I believe that Russia is unfairly characterized in the English language media by journalists who do not really understand the richness and variety of the that they are writing about. Please enlighten us.

Enumerating Badness (0)

Anonymous Coward | more than 2 years ago | (#42175441)

In a world that is so full of "badness" ( virii/viruses , trojans, worms , exploits, malware, galore ) , and where you can just as easily buy a toolkit for making your own "badness", there's more badness than there is "goodness" these days! ..... Why on earth do all the security and anti-virus tools still "enumerate Badness"? ( *1 ). It's one of the The Six Dumbest Ideas in Computer Security!

Please can't we just have a piece of Anti-Virus software that simply prevents *everything* from running, unless you say otherwise? Then all we need to is "be smart" about what we *allow* and when , not constantly have to update the list of what we *deny*.

*1 - enumerating badness , and the ""The Six Dumbest Ideas in Computer Security" . http://www.ranum.com/security/computer_security/editorials/dumb/

Re: Enumerating Badness (1)

dgharmon (2564621) | more than 2 years ago | (#42176665)

"Please can't we just have a piece of Anti-Virus software that simply prevents *everything* from running, unless you say otherwise? Then all we need to is "be smart" about what we *allow* and when , not constantly have to update the list of what we *deny*.

Because there is no money in enumerating goodness ...

consumer behavior (2)

Aryeh Goretsky (129230) | more than 2 years ago | (#42175773)


If there was one piece of behavior you could change in home Internet users, what would it be?


Aryeh Goretsky

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?