Theme

Welcome · log in · join	food

Home

Reviews

Speed Test

	All Forums		Hot Topics		Gallery

Security → Kaspersky Lab To Create New OS 'To Save The World'

uniqs
1364

« Gary McKinnon NOT To Be Extradited To The US • Microsoft Security Bulletin Minor Revisions - Oct 17, 2012 »

FF4m3 @rr.com	FF4m3 Anon 2012-Oct-16 7:08 pm Kaspersky Lab To Create New OS 'To Save The World' From The Register: Kaspersky Lab, the Russian security firm that has garnered headlines with its research into Stuxnet, Flame, Duqu, Gauss, and other sophisticated malware, says it is working on a new operating system designed specifically to shield against attacks by cyber-weapons. The as-yet unnamed OS – internally it's known only as "11.11" because the project was launched on November 11 – is intended to protect industrial control systems (ICS) of the type used in manufacturing and infrastructure from attacks like the one that sabotaged Iranian nuclear facilities in 2010. The new OS aims to create a fully secure operating environment into which existing ICS software can be installed, where it can run with the assurance that any defects in its code cannot be exploited by outside programs. Details on just how this can be accomplished this remain vague. Kaspersky says his company is working closely with ICS vendors and customers to develop the OS, and that details of that collaboration must remain confidential. Other aspects of the project he's just not sharing. To achieve this, Kaspersky says his company is building an OS environment that will contain absolutely zero defects or vulnerabilities in the OS kernel and that will make running unauthorized, outside code "a categorical impossibility." The new OS will not be based on Linux or any other existing platform. To retain a degree of security through obscurity, Kaspersky says it will be written entirely from scratch. The number of lines of code in the kernel will also be kept to an absolute minimum to reduce the likelihood of defects.
	actions · 2012-Oct-16 7:08 pm ·
siljaline I'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC 1 edit	siljaline Premium Member 2012-Oct-16 10:58 pm More: • »eugene.kaspersky.com/201 ··· ulation/ • »www.securelist.com/en/an ··· ing_Base • »www.securityweek.com/kas ··· cyberwar • »www.h-online.com/securit ··· 798.html • »www.wired.com/threatleve ··· -system/ • »www.engadget.com/2012/10 ··· warfare/
	actions · 2012-Oct-16 10:58 pm ·
OZO Premium Member join:2003-01-17	OZO to FF4m3 Premium Member 2012-Oct-16 11:18 pm to FF4m3 Well, good luck to them. I guess they will call it "Passports OS", because each application will need to carry an Internet passport in order to run and Task Manager will ask them time-to-time - show your papers... The old vision of Kaspersky's kind of world...
	actions · 2012-Oct-16 11:18 pm ·
Blackbird Built for Speed Premium Member join:2005-01-14 Fort Wayne, IN 1 recommendation	Blackbird Premium Member 2012-Oct-16 11:58 pm said by OZO: Well, good luck to them. I guess they will call it "Passports OS", because each application will need to carry an Internet passport in order to run and Task Manager will ask them time-to-time - show your papers... The old vision of Kaspersky's kind of world... The absolute worst thing they could do would be to make an OS functionally dependent on the Internet, especially for ICS applications. Those kinds of apps should not be on systems connected to the Internet... that's how so many infrastructure systems have become vulnerable in the first place. Infrastructure and critical manufacturing control systems should be operated over private, encrypted networks - not the Internet. Until that lesson is learned, Internet-related vulnerabilities, phone-home exploits, and cyber-attacks can only worsen in magnitude and rate of occurrance, whatever the OS. Of course, what (if anything) emerges from their OS development efforts or whether it would have any Internet involvement remain to be seen.
	actions · 2012-Oct-16 11:58 pm ·
jcliff join:2012-10-09 1 recommendation	jcliff Member 2012-Oct-17 12:26 am Fully agree. If it's connected to the internet and allows _anything_ to happen over the internet then that's an abuse waiting to happen. Doesn't matter how secure you make it, when you need someone to log in and check something then you're going to have a problem.
	actions · 2012-Oct-17 12:26 am ·
mmainprize join:2001-12-06 Houghton Lake, MI	mmainprize to Blackbird Member 2012-Oct-17 12:35 am to Blackbird You are correct that ICS systems should not be connected to the Internet, But in the end most of the larger company do connect them. They also have the IT department configure them in most cases like a regular network. I worked in this field for many years, and we had a department to do just the network design and configuire all the network hardware setting to best practices but most company's would not pay the high price for the service. The newer controller have built in firewalls that should stop any virus from making changes to the controllers controls. But that does not stop them on the PCS (Process Control Network). So like in this last virus it could hit the Operator Stations, and the other servers even if it did not make it to the controllers. That is where the paid service above comes in, as it breaks the network into at least 4 levels, each with very high priced switches that limit which PC on the upper level can even talk to PC on each lower level and what protocols are allowed through each level. This might of stopped that last virus.
	actions · 2012-Oct-17 12:35 am ·
your moderator at work hidden : hidden : hidden :
MagnusM Premium Member join:2001-07-07 1 recommendation	MagnusM to FF4m3 Premium Member 2012-Oct-17 5:52 am to FF4m3 Re: Kaspersky Lab To Create New OS 'To Save The World' So yea, I don't want to derail ( ) this thread, but from the articles, this new Kaspersky OS is an industrial control operating system, not a consumer operating system. They're not trying to compete with Microsoft or Apple.
	actions · 2012-Oct-17 5:52 am ·
K McAleavey Premium Member join:2003-11-12 Voorheesville, NY 1 recommendation	K McAleavey Premium Member 2012-Oct-17 6:00 am Hey guy! Clearly not a derail and absolutely correct. I've read his sketchy notes and what he has in mind is both an embedded OS, end user OS, server OS, as well as secure communications protocols on top of that with validation to their origin, destination and "intent." I sincerely wish him luck. Over the years, I've communicated with Gene plenty/ Where I see the potential problem for what they're doing though is Gene's eager coverage of stuxnet, duqu and the others in terms of those who carefully watch over security in the western nations such as yours. Gene was originally KGB and with those entities who he's been providing the most protection to in the past two years, I can see some major "political" issues to whatever he does now simply based on how he exposed stuxnet and the others. I'm sure he'll do well in the former Soviet sphere now that that's back again. It's not like they'd trust any of US for their security to begin with. That's pretty much where I went with it having tried to get our own governments interested in what we're doing.
	actions · 2012-Oct-17 6:00 am ·
norwegian Premium Member join:2005-02-15 Outback	norwegian to MagnusM Premium Member 2012-Oct-17 6:02 am to MagnusM said by MagnusM: .....this new Kaspersky OS is an industrial control operating system, not a consumer operating system. They're not trying to compete with Microsoft or Apple. So the title is a glorified one.
	actions · 2012-Oct-17 6:02 am ·
MagnusM Premium Member join:2001-07-07	MagnusM to FF4m3 Premium Member 2012-Oct-17 6:06 am to FF4m3 Ah, seems you read the Wired exposé on Kaspersky too, Kevin. I happened to pick up a copy of Wired recently and found it a fascinating read. Especially his ties to the Russian government was something I wasn't aware of. I can't imagine that Eugene is too happy with the reporter after the story, though. Here's a link to the online version of the article for anyone who's interested. It's a fascinating article: »www.wired.com/dangerroom ··· spersky/
	actions · 2012-Oct-17 6:06 am ·

norwegian Premium Member join:2005-02-15 Outback	norwegian Premium Member 2012-Oct-17 6:16 am said by MagnusM: Especially his ties to the Russian government was something I wasn't aware of. He was working for them as a cryptographer originally from memory.
	actions · 2012-Oct-17 6:16 am ·
K McAleavey Premium Member join:2003-11-12 Voorheesville, NY 1 edit 1 recommendation	K McAleavey to MagnusM Premium Member 2012-Oct-17 6:25 am to MagnusM While I was at COMODO, got to work with people that he had trained and had worked for him years earlier and knew the whole scoop. All of us knew about his past years ago, he even talked about it at length back in the day. What we DIDN'T know was that he would turn around and reveal the covert ops regarding stuxnet, duqu and the rest. Once that happened, we all knew that he hadn't really retired. Didn't require the media to tell any of us. Kaspersky is right on. However, I'm not sure I trust who his coders are working with. In the end, I guess it's all a matter of trust and one thing I learned years ago is to trust no one.
	actions · 2012-Oct-17 6:25 am ·
K McAleavey 3 recommendations	K McAleavey to MagnusM Premium Member 2012-Oct-17 6:38 am to MagnusM I should also add, for those who don't know Gene, that he's really a great guy, an absolute genius and fun to hang around. Sadly though, his world has changed since ... first of all when his kid was kidnapped and held for ransom, that whole ordeal seriously changed Gene ... and not for the better. Then there's the whole Putin thing after Gene came into his own realm back in the Yeltsin days. Haven't been in contact with him at all in a number of years since I dropped out of the AV business, but I can definitely see the changes in Gene that resulted from the last few years and while I like Gene a lot, I do have my own reasons for questioning his intentions ... given ...
	actions · 2012-Oct-17 6:38 am ·
norwegian Premium Member join:2005-02-15 Outback 1 edit 1 recommendation	norwegian to K McAleavey Premium Member 2012-Oct-17 6:44 am to K McAleavey said by K McAleavey: In the end, I guess it's all a matter of trust and one thing I learned years ago is to trust no one. Doesn't "Don't delegate to others that which you can do better yourself" come into play..... EK could do all the work himself too but where would that get him? He did say one of his fears was A/V coders that worked for him that ~~went to the black side~~ turned into a bad egg, even while employed by him still....it must be something that still eats at him today, is it pride, is it ego, is it something else, who knows and is anyone's guess really. But comments like that tend to lead me to believe he tries to do the right thing which is the best he can do, but in who's eyes, certainly not the US govt if the alleged malware of late was their doing, but to him it was the right thing. It's in the eyes of the beholder......
	actions · 2012-Oct-17 6:44 am ·
Name Game Premium Member join:2002-07-07 Grand Rapids, MI 1 recommendation	Name Game to K McAleavey Premium Member 2012-Oct-17 8:48 am to K McAleavey I was watching the twitter when he first came out with this proclamation and it had not yet hit the real news media..I had a little smile myself..hang in there Kevin..you do good work.
	actions · 2012-Oct-17 8:48 am ·
FF4m3 @bhn.net	FF4m3 to Anon Anon 2012-Oct-17 9:48 am to Anon Kevin, thanks for your valued input.
	actions · 2012-Oct-17 9:48 am ·
Stumbles join:2002-12-17 Port Saint Lucie, FL	Stumbles to FF4m3 Member 2012-Oct-17 10:00 am to FF4m3 ...that will contain absolutely zero defects or vulnerabilities... ... To retain a degree of security through obscurity... Yeah... right. I smell a load of snake oil on both those points.
	actions · 2012-Oct-17 10:00 am ·
Cthen Premium Member join:2004-08-01 Detroit, MI 1 recommendation	Cthen to FF4m3 Premium Member 2012-Oct-17 11:29 am to FF4m3 said by FF4m3 : From The Register: To achieve this, Kaspersky says his company is building an OS environment that will contain absolutely zero defects or vulnerabilities in the OS kernel and that will make running unauthorized, outside code "a categorical impossibility." Zero defects or vulnerabilities? Like I tell any OS maker, I will believe it when I see it. The only few questions I really have is how do they intend on getting around the end user stupidity that infects an OS the most? Are they planning on not letting the end user do anything with the OS but sit there and look at it?
	actions · 2012-Oct-17 11:29 am ·
tek001 @optonline.net	tek001 to FF4m3 Anon 2012-Oct-17 11:37 am to FF4m3 KGB BACKDOOR
	actions · 2012-Oct-17 11:37 am ·
Blackbird Built for Speed Premium Member join:2005-01-14 Fort Wayne, IN	Blackbird Premium Member 2012-Oct-17 12:34 pm said by tek001 : ~~KGB~~ BACKDOOR Actually, FSB/SVR... they're the new KGB.
	actions · 2012-Oct-17 12:34 pm ·
FF4m3 @bhn.net	FF4m3 to Cthen Anon 2012-Oct-17 1:14 pm to Cthen said by Cthen: Zero defects or vulnerabilities? Oh, ye of little faith!
	actions · 2012-Oct-17 1:14 pm ·
Mike Mod join:2000-09-17 Pittsburgh, PA	Mike to FF4m3 Mod 2012-Oct-17 10:04 pm to FF4m3 Let me guess. A retrofit of KDE 4 with the Kaspersky logo running on the linux kernel
	actions · 2012-Oct-17 10:04 pm ·

Forums → Software and Operating Systems → Security	« Gary McKinnon NOT To Be Extradited To The US • Microsoft Security Bulletin Minor Revisions - Oct 17, 2012 »

Security → Kaspersky Lab To Create New OS 'To Save The World'

Kaspersky Lab To Create New OS 'To Save The World'

Re: Kaspersky Lab To Create New OS 'To Save The World'