NOTA BENE

Notes, comment and buzz from Eugene Kaspersky – Official Blog

April 24, 2015

Singapore through the eyes of first-timer.

Hi all!

D.Z. – this is one most distinguished and respected KLers, with us since last century (taking a brief creative break in the mid-2000s). D.Z. has also been my fellow traveler a d.z.illion times to… oh, practically everywhere on this planet. He always takes with him a trusty large black (super-duper) DSLR camera with a dozen or so different lenses too – his tools to create most of the pro-level pics on this here blog and elsewhere. He’s also a great storyteller, so he helps out with all the tales I want to tell – whatever they may be about. Still, despite all these talents, plus his confirmed KL-Establishment member status, he is nevertheless the most modest guy you’d ever meet.

D.Z. et moiMr. modest… et moi (1999)

Somewhat surprisingly, this was D.Z.’s first visit to Singapore. He liked the place so much he took more pics than he normally does and wrote a long write-up to. It’s true that there’s ‘nothing like the first time’. It’s also true that a fresh pair of eyes will see things in a foreign place that others who’ve been several times before already miss due to familiarity – or just plain tiredness from the non-stop globetrotting. Thus, in this post, I pass the reins over to D.Z. to let him give his ‘first-time’ account of this remarkable city – just for a different, fresher perspective.

My only comment to the story: if you want one book to read to get the real real deal on Singapore? Check it: Lee Kuan Yew – ‘From Third World to First

So, D.Z.’s tale:

—-8<—-

What do we know about Singapore?

It’s a long way away, hot and humid, skyscraping, totalitarian, and they beat with sticks for dropping gum, spitting, walking barefoot, and other carnal sins. At least, those are the stereotypes impressions of I’d say the majority of non-Singaporeans from afar, for those are the bits that seem to end up in the world’s media about this city-state extraordinaire.

This was my first time in Singapore.

What I saw with my own eyes was far from what I expected – nothing like the above-described imaginings. I have habit of boning up on a country I’m planning on traveling to – to get to know the ‘real’ place and not get caught up in lazy stereotypes and maybe inadvertently insult or upset or annoy anyone. And Singapore’s ‘real deal’ fairly amazed and intrigued me. The first half of the 19th century is packed with curious history I’d let pass me by, but it’s fascinating how it’s connected with all sorts of details of international relations of my time. 

Collisions of civilizations, a struggle for colonies and trade routes, the friction within and between European and Asian powers, wars, injustice, betrayal, greed and other unpleasantness… Singapore had more than its fair share of all of them. Its history is peppered with nightmare tales, but all the same, in spite of all that, today it stands as the shining example of a successful state based on humane, productive cooperation among peoples, helped by being at an important crossroads of civilization.

A natural competitive advantage of Singapore is its geographical location on a strategic sea route connecting East Asia with the rest of the world. Despite miraculous diversification of the economy in its 50 years of independence, already on the approach to Changi airport it becomes clear how this advantage still plays a hugely important role in the development of the country.

DSC_6506

Back in 1819 it was exclusively the geography of the island that made Britain’s Sir Stamford Raffles set up on the bank of Singapore River a watch post. Within just several years it had become important hub of influence of the British Empire in Asia.

Singapore was founded not on an empty greenfield site but on a longstanding fishing village in which folks of different nationalities and religious faiths had lived peacefully for a long time. The arrival of the British naturally saw the town take on a decidedly more European flavor. And, talking of flavors, incidentally the resultant Singaporean cuisine came to be a most interesting and original one – the dishes both tasty and unique.

Having founded Singapore, Raffles left it for a few years to do yet more of his bit for the Empire, handing over the reins to a Major-General William Farquhar for the duration. Upon Raffles‘ return three years later, he was met with two main developments – basically good news and bad news. The good news was that the town had gotten much busier and bigger. The bad – it had gotten much busier and bigger un-systemically, resembling an eastern bazar than an exemplary model of a colony of the British Empire.

So a town council was quickly created under the supervision a Lieutenant Jackson, who soon developed a plan for the reconstruction of Singapore. In the main, it was divided up based on the ethnicity of the inhabitants; thus, European, Chinese, Indian, and Arab (Muslim) quarters emerged.

chinatown-singapore-1

It might seem correct at this point to label Jackson an out and out racist and accomplice in apartheid. However, it turned out that such division suited everyone just fine! Each group was happy to cook in its own juices – yet still work closely together; indeed, they’d be doing so for centuries before Raffles. Since then of course, in almost in 200 years, a lot has changed; all the same the main traits of the town-building designs of Jackson remain.

Singapore has two principal must-visits – Little India and Chinatown. Guess which ethnic nationalities make up most of their populations? Yep – Indians and Chinese, respectively, even after all these years. In fact the delineation is blurring somewhat, with many an Indian and much Indian signage to be seen in Chinatown, and vice versa. The result is a serious bit of multiculturalism: Pagodas, stupas, mandirs (Hindu temples), mosques and churches all together peacefully coexisting on small squares. Nice. All the same, the dominating cultural ‘signature’ of the districts remains.

chinatown-singapore-26

Read on: Chinatown vs Little India…

April 21, 2015

INTERNET-INTERPOL-2015.

I first used the term ‘Internet-INTERPOL’ somewhere around the start of the 2000s. The first time I got round to writing it down was in 2003. This year – 2015 – some 12 years later, finally, what I’ve been talking about, pushing for, advocating, promoting all these years is here:

An INTERPOL division dedicated exclusively to combatting the dark side of the Internet!

Yep, just the other week in sunny Singapore INTERPOL officially opened its new cyber-division – IGCI – whose mission is to clear cyberspace of all things criminal and similarly bogus. It will act as the coordinating center for all international cyber-related activities of police forces of all its member states (nearly 200 countries!). In short: international hackerism and other net-diseases – watch out, CYBERPOL is here for good to make your lives miserable and increasingly risky. Besides investigations it will also be training specialists, promoting the cybercrime fight, and doing a whole lot of other helpful stuff in the name of ww-security for the www.

This opening really is no less than monumentally significant. Up until now cyber-villains have been running amok in part due to a lack of unity among national law enforcement bodies – aka different jurisdictions not talking too much with one another. Like the classic FBI vs. CIA vs. regular cops thing that’s been shown in Hollywood movies since the year dot. But this is real folks! Example:

Late last year one cop was asking us for the contact details of certain other cops from a different country! Asking us! Of course – it should be the other way round: all cops knowing each other and their passing on our contact details when they need some cyber-expertise! Indeed, the two systems’ coexistence (the cybercrims’ one without borders, and state cyber-police’s within the jurisdictions of national borders, or, at best, within the European border) has always been a problem. And it’s only gotten worse over the past 15 years or so – with increasingly brazen cyber-swine doing their stuff practically with impunity. Some of them have been caught and punished, but in the main, those were just the tip of the iceberg.

What makes last week’s event in Singapore even more special for us is that the IGCI was opened with our active participation plus support of various kinds – organizational, consultative, financial, and even personnel. For example, one of our top experts, V.K., is now our assigned ‘man in Singapore’, having been living in the city state and working with INTERPOL for several months already, and set to continue for much longer. He’s helping his INTERPOL colleagues develop and deepen their cyber-knowledge and practical cyber-skills, and even takes part in ongoing investigations. And he’s as happy as a sand boy.

Vitaly Kamluk, our man in INTERPOLV.K. minus the trademark Mohican

Read on: INTERPOL can party too…

April 17, 2015

On a plane to Singapore: the kino – very poor.

Hi all!

Continuing a fave theme of mine here. No, not volcanoes; no, not cliffs; and no, not banya. Instead: planes, aeroplanes and airplanes…

Recently we flew on an Internetted Singapore Airlines Boeing 777 to Changi. And the experience was… mixed.

Moscow-Singapore

Read on: much things to improve on onboard Internet…

April 1, 2015

Internet on a jet.

Back on the road again… Rather – up in the air. So I continue one of my fave, recurring themes – flying and planes and all that.

2015 kicked off with some serious avia action for me: I’m already on my 30th flight, having been up in the skies 130+ hours. Not that I’m complaining – I like flying. It’s my version of time-out… It’s the only time I’m able to actually relax! The main reasons are that my phone’s turned off and there’s no Internet. So at last I’m able to wade through the ton of business emails that’s piled up over the previous few days, to read a book, and watch a movie (all of which I hardly ever do on the ground).

But as time passes of late, more and more airlines are pushing their inflight Internet connections. /* BUT!: ‘In the interests of safety all portable electronic devices must be switched off for the duration of the flight; however, our Internet – for a fee: no worries at all!’ I’ll refrain from commenting on these obvious contradictions… */

Anyway, despite normally turning down airlines’ Internet connectivity overtures, this time, just for a change, I thought I’d give it a try…

My experiment took place on a recent Shanghai-Moscow flight on Aeroflot. Everything was fine as usual (besides unexpected and unreasonable slow lines for registration – more than an hour!). Not so usual  – but perfectly fine – was the fact that onboard weren’t just the usual suspects – Russians and Chinese – but also plenty of folks speaking Italian and Spanish. ‘Paying ruble prices on Aeroflot via Moscow’, I thought! However, our friendly fellow passengers explained things differently: ‘Never – EVER! – fly Alitalia or Iberia! Much better Aeroflot via MOW.’ Well, well, I thought. Incidentally, more on different airlines and flights and routes, etc. – here.

Hmmm. Sidetracked.

So. We boarded the plane and off we flew. I agreed to the terms and conditions and finally I connected to plane’s Wi-Fi!

Inet 1st page

Inet 2nd page

Read on: The quality… so-so…

March 31, 2015

A hotel on the banks of the Colorado. Woh!

There are a great many beautiful and unusual towns and cities in the world, there are volcanoes, there are valleys and canyons, and islands and lakes. There are also of course rivers: loads of them – all different. There are the grandiose, like the super-wide Amazon with its adjacent jungles, anacondas, piranhas, crocodiles and other underwater perils. There’s the Nile (haven’t seen it myself) – running through the desert, also with crocs, and with 1001 ancient human stories to tell. There’s the Mississippi and all that Tom Sawyer-ness. There’s the Danube and Rhine (and the Lorelei and attendant songs about soldiers fallen in battle). There’s the Yellow River with its unfathomable intensity (also haven’t seen yet), there’s the Lena with its endlessness and Pillars running alongside. Yes, the list is long. // Can you help me continue the list?…

There’s another river – a rather unique one – in southwestern USA (and northwestern Mexico). It’s called the Colorado River. It’s so impressive they went and named a state after it. Its uniqueness flows from how it has cut through the rocky landscapes of several US states – Colorado, Utah, Nevada and California. Check it.

Much of what I snapped for my recent posts from Utah was made, literally, by the Colorado River. This river also happens to supply the water for a whole five states, and one particularly parched city of note (built bang in the middle of a desert): Las Vegas. I sometimes wonder how on earth this river hasn’t dried up completely yet.

It was the Colorado that over thousands (millions?) of years dried up the internal sea-lake of the West of Northern America. It was the Colorado that etched the most incredibly beautiful wrinkles – canyons – into the face of this particularly rocky part of the North American continent. Some sections of rock however wouldn’t be worn down, no matter how hard the river tried, and these still stand today, towering up above the canyons. The landscapes here are just astonishing. They’re difficult to describe. You need to experience it first hand to believe it really. Which I recommend you all do one day!

colorado-canyonlands-1

colorado-canyonlands-2

Read on: Just look at the views!…

March 28, 2015

Hold on tight! In an off-road vehicle – off-road in Utah.

A few words about the vehicle that transported us about in Utah. And let’s not forget the super chauffeur…

Here she is, a classic of the genre, giving the Land Rover Defender a run for its money: the Toyota Land Cruiser. Quite an old one at that. Only demonstrates the ruggedness of this remarkable 4×4:

Utah on the road again

At first I wondered why the need for such large wheels and tires…

Utah on the road again

… I quickly found out: Extreme off-roadness!

Read on: unevenness, rocks, boulders, jaggedness and steep slopes…

March 27, 2015

A quick guide to Utah arches.

Why this national park is called the Arches is a rhetorical question. But if you haven’t been following this mini-on-the-road series from Utah, then read this.

Yes, you want huge natural rock arches – you need to come here. There’s just so much awesome archness here. Wikipedia says there are as many as 2000 here, ranging from the meager to the massive, and from the weird to the wonderful. In our day here we managed to see just nine! They were: Surprise, Skull, Delicate, Tower, Skyline, (the two) Windows, Turret and Double Arch.

Let me jump in here at the deep end: the most beautiful and most famous (and that takes into account desktop wallpaper:) arch of them all is… this one here – Delicate Arch:

Arches National Park Utah

Read on: 70 spellbinding sights…

March 25, 2015

U tire of Utah’s canyons? Not possible!

The red rocks of Utah – a simply captivating sight; from the outside, that is, which is what we checked out yesterday. Today it was time we had a look at all this from the inside. So off we headed to the Arches National Park‘s Fiery Furnace rocky massif. This is what we saw…

arches-utah-intro-1

Read on: Woh! Surprise surprise!…

March 24, 2015

The Utah Saints: Crimson columns and massive mushrooms.

Since the previous day my brain had been variously boggling and boiling. This was eased a little by steam being emitted from said boggling and boiling brain out via my camera, but that alleviation process then went too far, leading poor brain into a state of half dehydration.

The diagnosis sounds like this:

I’ve (finally) been to the canyons of Utah!

Eyeballs fairy exploded, jaws drooped down to waist level, tongues hung out of mouths, minds… simply blown. Cameras – white hot with non-stop use! The latter in fact were the only things that didn’t completely lose the plot. The human beings and their mentioned body parts however just conked – unable to the take in unencompassable – in the red and white canyons of Utah.

mushrooms_1

Read on: Not bad, eh? This pic was just for starters…

March 20, 2015

A practical guide to making up a sensation.

There are many ways to make up something sensationalist in the media. One of the practical ways is to speculate and create conspiracy theories. Unfortunately, there’s a demand for such stories and they have a very good chance of making a splash.

So how can a global company with Russian roots play a part in a conspiracy theory? Well, this one is easy: there should be some devilish inner job of the Russian secret services (to produce the “I knew it!” effect). In many cases you can change the adjective “Russian” for any other to produce a similar effect. It’s a simple yet effective hands-on recipe for a sensationalist article. Exploiting paranoia is always a great tool for increasing readership.

There are questions we’ve answered a million times: what are our links with the KGB? Why do you expose cyber-campaigns by Western intelligence services? When do you plan to hire Edward Snowden? And other ones of the ‘have you stopped beating your wife?’ kind.

We’re a transparent company, so we’ve got detailed answers ready. Of course we want to dispel any speculation about our participation in any conspiracy. We’ve nothing to hide: we’re in the security business and to be successful in it you have to be open to scrutiny.

To my great regret, there are occasions when journalists publish something sensationalist without taking account obvious and/or easily obtainable facts contrary to their sensationalist claims, and produce stories that are at odds with professional ethics. And sometimes a bad tabloid journalism style finds its way into otherwise quality media publications. I’d like to comment on one such case.

The fashionable fever of looking for Kremlin-linked conspiracies this week reached some journalists at Bloomberg. Curiously, this happened not long after our investigation into the Equation Group.

It’s been a long time since I read an article so inaccurate from the get-go – literally from the title and the article’s subheading. So it came as little surprise that a large part of the rest of the article is simply false. Speculations, assumptions and unfair conclusions based on incorrect facts. In their pursuit for a sensation, the journalists turned things upside down and ignored some blatantly obvious facts.

My congratulations to the authors: they’ve scored high in bad journalism.

But that’s where the emotion stops today. Now let’s just look at the cold facts – rather, lack of them. Let me go through some of the most outrageous and twisted gaffes.

Bloomberg bullshit

I must have said this a million times, but we do not care who’s behind the cyber-campaigns we expose. There is cyber-evil and we fight it. If a customer comes and shows us a problem we investigate it. And once we take the genie out of the bottle, there’s no way we can put it back.

But since these journalists tried to attribute the cyberattacks we exposed to the countries mentioned, for some reason they forgot about our reports on Red OctoberCloudAtlas, Miniduke, CosmicDuke, Epic Turla, Penguin Turla, Black Energy 1 and 2, Agent.BTZ, and Teamspy. According to some observers, these attacks were attributed to Russian cyber-spies.

Bloomberg bullshit

The only other statement that can compete with this one in terms of frequency, silliness and falsity is: ‘AV companies write the virus themselves’.

Let me spell it out and use a few capitals: I’ve NEVER worked for the KGB.

My detailed biography has been widely distributed around the world and can be easily found online. It clearly states (I wonder if the journalists read it) that I studied mathematics at a school sponsored by they Ministry of Atomic Energy, the Ministry of Defense, the Soviet Space Agency and the KGB. After graduating, I worked for the Ministry of Defense as a software engineer for several years. But whatever… as they say, ‘never let the facts get in the way of a good story’. Right?

UPDATE:

bloomberg-lies-update

Looks like the Bloomberg journos behind the story read my post (but not in detail; otherwise they’d have taken the article down) and made a minor edit to their text. Now, I never worked for KGB but for … Russian military intelligence!

For the record: I never worked for Russian military intelligence. As I mentioned above, I worked as a software engineer at the Ministry of Defense.

Bloomberg bullshit

Is there an implication here that the ‘quickly removed by headquarters’ was to cover up some secret truth – before it got out? Maybe not. But if you do see a possible one, let me tell you what happened:

the design of the our antivirus software box with the KGB mention was developed by our Japanese partners. I learned about it only after it was printed, and asked to have it changed as it just wasn’t true, which was done.

And if there’s a further implication that the mention was removed because we were going global and recruiting ‘senior managers in the U.S. and Europe’ (with whom KGB mentions might not sit well), well then that’s not right either. We were already global. Our American, European and Asian employees (who now make up more than a third of total company’s headcount) had no say in it. Even if they did – so what? Bottom line – I never served in the KGB!

Bloomberg bullshit

Just nonsense!

First, people join and leave organizations all the time. Second, we value only professional qualities in our people. Third, there’s no evidence of ‘closer’ – not even close – ties to Russia’s military or intelligence services. Must say though, I’d be really interested to find out who’s joined our top management team since 2012 who has ‘closer ties to Russia’s military or intelligence services’. I’m dying of curiosity!

Bloomberg bullshit

I do appreciate this interest in my recreational-prophylactic habits. While the reader may visualize naked male bodies in a steam room and dicussions of conspirational plans to conquer the world, the truth of the matter is quite something else. It highlights another way in which the journalists ignored our emailed comments to them to sacrifice objectivity for quirky details and stereotypes.

First, sometimes I do go to the banya (sauna) with my colleagues. It’s not impossible that there might be Russian intelligence officials visiting the same building simultaneously with me, but I don’t know them.

Second, we do fight cybercrime. And without cooperating with law enforcement agencies around the globe (including in the U.S., the UK, Japan, other European countries; INTERPOL and Europol) our battle would have been significantly less effective than it has been recreational – if not completely futile.

Official meetings sometimes do turn pretty informal, including with officers belonging to the security services of the U.S., the UK, Japan, other European countries; INTERPOL and Europol (oops, I’m repeating myself). And I consider the stories about my possible encounters with security officials in a banya an attempt to deliberately mislead readers; the journalists don’t mention that we are impartial in our fight against cybercrime, no matter where it strikes. A warning, dear readers: don’t believe everything you read!

Bloomberg bullshit

‘Gotcha, we’ve caught you! You investigate only US operations and not Russian!’

Well, this one’s real simple. FireEye did some great research, so publishing our own after theirs made no sense. We carefully read the FireEye report, warned our users and… kept on researching the Sofacy operation. BTW, our experts are still working on it, as it’s closely connected to the MiniDuke operation. But please don’t ask why FireEye didn’t announce MiniDuke! You know the answer (hint: who was the first to uncover it?).

Bloomberg bullshit

That is false statement.

We’ve launched an internal investigation, carefully examined all our archives for the last three years, and haven’t found such an email. Those who know Garry personally know he’s not the kind of man to write such things.

Bloomberg bullshit

Does two-year compulsory military service of 18-year old private Chekunov equal working for the KGB? Really? Dear authors, why did you miss the detail where, in the USSR, military service was obligatory for all males, and it was random which particular service you served in? Some entered the infantry, others the submarine division of the navy. Mr. Chekunov served in the Soviet Union’s Border Service for two years, and at that time the service reported to the KGB.

Bloomberg bullshit

Oh those Russians banya nights. The nerve center of all secret operations’ planning!

Actually, here, thanks are due to the authors for the PR! Our Computer Incidents Investigation Unit (CIIU) helps our clients deal with sophisticated cyber-incidents. If law enforcement agencies contact us, we help – regardless of their country. We assist with our world-class expertise any law enforcement agency to save the world from any cyber-evil.

Bloomberg bullshit

The Computer Incidents Investigation Unit (CIIU) has remote access to the personal data of our users? That is a false statement.

Next: the keyword here is ‘can’. Theoretically, any security vendor can do that. Following this logic you can imagine what nasty things Facebook, Google or Microsoft can theoretically do. Theoretically, authors of an article can stick to facts.

The reality, however, is that I’ve no reason to risk my 700mln$ business. Everything we do and can do is stated in the End-User License Agreement (EULA). Moreover, we reveal our source code to large customers and governments. If you have any fears about backdoors – come and check. Seriously. Referring to a theory is an allegation unworthy of a respectable publication.

Bloomberg bullshit

This part explains a lot. Some folks who get fired have a chip on their shoulder. Human nature. It’s common. They have some media contacts – they fancy getting their ‘revenge’. Same old!

I am just worried about how respected media put their reputation on the line based on speculation. As a result we have a perfect example of a sensationalist headline:

Bloomberg bullshit

The result of the investigative journalism revealed these REAL facts:

  • I go to banya;
  • We hire and fire employees; employees leave of their own accord;
  • 60% of our employees are Russians;
  • Our Chief Legal Officer served in the Border Control when he was 18 and at that time the service was a part of the KGB.

 
Mysterious covert data which proves I’m a KGB spy?! This world-famous news agency undertook a huge investigation – believe me, it was impressive! During the fact checking they asked very detailed, probing questions, yet all they came up with were… unproved allegations. Do you know why?

Because there’s nothing there to find.

It’s very hard for a company with Russian roots to become successful in the  U.S., European and other markets. Nobody trusts us – by default. Our only strategy is to be 1000% transparent and honest. It took years to explain who we are. Many people attempted to find ‘dirt’ on us – and failed. Because we’ve nothing to hide.

Actually, I’d like to thank Bloomberg and all the journalists behind this story! Much like our antivirus often does, they performed a full system scan –and found nothing. It’s like a halal or kosher stamp – check! External audit successfully passed.

‘The hardest thing of all is to find a black cat in a dark room, especially if there’s no cat.”

.@e_kaspersky responds to Bloomberg’s allegations in connection with Russian LETweet

So, tell me, what do you think of this whole story: