Monthly Archives: September 2012

Kaspersky (Server) Anti-Spam: No Longer the Underdog; More Top Dog.

There’s an old Russian saying: As you start the New Year – that’s how you’ll spend the rest of it.

And this year started rather well for us: First, we were awarded Product of the Year by the Austrian testing lab AV-Comparatives; second, we broke the record on the number of points from Germany’s AV-Test.org; and third, we secured the top grade from Virus Bulletin in the UK. But after that pleasant start to the year things just got better, with the number of medals on our lapel going up and up and up! There were top marks in comparative testing of our proactive protection by Matousec; we were No. 1 in testing of our Application Control function by West Coast Labs; and we also secured excellent results in testing of our mobile security product (pdf) by PCSL. But we didn’t stop at serial-wins with our personal products; we also tore up the competition with our corporate ones; for example, in the August round of testing by AV-Test.org both KIS and KES were awarded 17 and 16 points, respectively – both higher than all the other competing solutions.

So, as you can see, in the first eight months of 2012 we’ve had rather a lot of good news. But never enough good news for me to forget to praise our ever faithful and pioneering AV lab (which praise I think it appreciates – so expect more victorious bulletins from the malware front soon!).

On this backdrop of positivity and optimism, the more deeper-delving observer might remark, “ok, your antivirus technologies come top-of-the-class across-the-board, but what about your NON-antivirus technologies – the important whistles and bells that add to a solution’s completeness and thus overall usefulness – like for example anti-spam?” All-righty: that’s what I’ll address in this post.

Just recently the results of Virus Bulletin’s VBSpam testing were released in which our new Kaspersky Linux Mail Security (KLMS) – unexpectedly for our competitors but quite expectedly for us – was among the winners – actually second – with an outstanding result of a 93.93% spam catch rate and 0.01% false positives. “Who wants to come second?” might come the refrain from those used to nothing but first place for KL. But in answer I’d say, “I do!” Here’s why…

VBSpam Comparison Chart

More: It’s not for nothing I write ‘outstanding’ in italics……

Kamchatka-2012: Fishes, Not Phishes!

Days 20-22 (6-8). Rafting.

Kamchatka’s hardly known for its rafting: none of the rivers are all that lengthy – only long enough for three or four days rafting at the most. Calm rapids, calm swells. Almost all the rivers I know about here are pensioner-level! Therefore, rafting on Kamchatka is recommended only as an addition to other activities, as a wind-down exercise to allow those blisters a brief respite, and of course to get one’s fill of fresh fish!

Kamchatka Dock

More: The fish menu …

Kamchatka-2012: Tolbachik and the Northern Fissure.

Hardy tourists are attracted to Tolbachik in high season like… like office workers to social networks during office hours! But this year there were even more tourists than usual – maybe too many. The Leningrad Base we were staying at was filled with more than a hundred tourists from different countries – with groups from Poland and Germany among others. But this is quite understandable really, since there’s so much to see here. Besides the black-red desert and hills of the Northern Fissure there’s also Ploskiy (Flat) Tolbachik to check out – a must …

More: Kamchatka-2012: Tolbachik and the Northern Fissure.. . .

Tianjin – Moscow – Simferopol – Yalta.

Hi all!

Ready. Steady. Go!

The season’s traversing the globe – rather, the northern hemisphere – has begun with gusto.

First up – Tianjin (天津, “Heavenly Passage, Ford”), China, which is approximately 100 kilometers southeast of Beijing en route to the sea. The city (actually, its central district – along the banks of the river) is really impressive to look at – but not in the more traditional Chinese sense of hustle and bustle and lots of folks and bicycles; instead – one of calm, quiet neat-and-tidiness, plus very few folks – and fewer bikes. Some of the parks are almost like those in… er, a much smaller nearby country, which I’d better not mention just now.

Tianjin

Along the riverbanks there’s a kind of fusion of styles going on here. Looking at the new buildings and bridges you’d be forgiven for thinking you’re in Paris, a bit later on – London; over there there’s a totally-Tokyo (oops) skyscraper, round the corner there was an Italian quarter… (we didn’t manage to see that, or plenty of other places worth checking as we only had an hour for our walkabout). The river is the Hai (海河) btw, which means “sea-river”.

More: The place where famous pics of FDR, Churchill and Stalin sat together were taken …

Star City.

Greetings all!

Here we are again. September. The holiday month of August over, and it’s back to work – which for me means back on the road or, rather, in the plane. This season is set to see me doing my usual globetrotting thing, but with the itinerary including some new countries and new events. Goodo, gotta keep some novelty in there! The schedule needs to stay real flexible as plans can easily change real quick, as experience has shown many times. This year I may even break my previous record – or maybe better put, dubious record – of 100 flights made in a year. This year I’ve already notched up 59… (I keep careful count of them, just in case).

But between Kamchatka and the next whirlwind tour, I really wanted to “lay low in MOW” for a few weeks, get my bearings, regroup, ground myself, and all that – and re-familiarize myself with the abode and city I – on paper – reside in. I figured this necessary as I’d started forgetting which switch is for the kitchen and which for the hall! Thus, today – a story and pics about a trip to a really interesting place in the Moscow Region – the Yuri Gagarin Cosmonaut Training Center in Star City. This place is really something – I highly recommend a visit. A day excursion can be arranged where they show and tell you all, let you poke and prod the various exhibits and climb inside the spaceships in which they train cosmonauts (who keep appearing in the hall walking about to and fro, to the delight of the excursioners).

You can clamber inside the reentry capsule of Soyuz in which cosmonauts return back to earth. The guides go into all sorts of detail about space missions and the landing back on earth, about particular cases, and so on and on and on… I won’t tell you it all here. Best see it and hear it all for yourselves in the flesh.

Training Center Dummy

More: centrifuges, hydro-pool, planetarium and MIR space station …

Kamchatka-2012: Volcanism.

Day 15 (for the second group – day 1). Heading north.

If you ever happen to one day find yourself in Kamchatka, specifically in Petropavlovsk-Kamchatsky, and you have a free day on which the weather is good and the wallet is sufficiently bulging, then it’s perfectly feasible to have yourself a fantastic day to remember. What you do is organize a helicopter excursion and head north – to Klyuchevskaya Sopka and back. Such a day-excursion comes highly recommended – a total mind… flip – is guaranteed!

As mentioned – you need to sort yourself a helicopter, which really should be ordered in advance. After having done so, you pray for fine weather on the day of your trip. It’s a good idea to take spare batteries with you for your cameras and similar kit, as you’ll find you use them pretty much non-stop.

I’ve been lucky enough to have been on numerous helicopter excursions all over the planet – but in terms of the sheer overload of impressions, Kamchatka leads by a mile.

En route we flew over several volcanoes (including an erupting one, but which by next season may die down), the hissing caldera of the Uzon volcano (with a touchdown and excursion), the Valley of the Geysers (touchdown & excursion), the Kluchevskaya group of volcanoes, and the Northern Fissure (where we walked along the peaks of red hills). Unforgettable!

// For those in need of more details re all the below-listed, click here, or search the net.

1. Karymsky, 1536m – a permanently active volcano:

Karymsky Volcano

More: An unforgettable day …

Catching the Phishes.

I’m not completely sure why, but  somehow since the invention of the Internet, there has always existed a stereotypical attitude towards all things WWW. That attitude sees the net as little more than a toy, while the viruses that come with it are put down to mere playing about at best, and just hooliganism at worst. However, the reality is quite something else – especially lately.

Remember Cascade and other similar viruses? Ah, so naïve and innocent compared to what was to come… Fast forward a couple of decades and the bad guys started stealing data, Trojanizing computers for zombie networks to perform distributed attacks, and milking bank accounts. And today we’ve arrived at attacks on industrial, infrastructural and military systems. Some toy!

We need to get away from such a stereotype ASAP. Faulty impressions give cybercrime a romantic aura, which in turn attracts the younger generations of would-be cybergeeks-come-cybercriminals – who can’t seem to grasp the seriousness of their “fun” or understand how many years they could face in jail.

Then there’s another stereotype: that computer crime pays, and the perpetrators don’t get caught. Romanticism! Ok, it’s true that several years ago in many countries computer crime was in fact not all that often prosecuted; however, now that situation has changed: the law enforcement bodies have both the experience and know-how required, have made great strides in terms of cyber-criminalistics (cyber-CSI stuff), and have established good working relations with professionals, all leading them to now being able to solve one hi-tech crime after another.

We are always ready to assist national and international law enforcement agencies if they request it. I think the development of such cooperation is crucial for the successful fight against cybercrime – as security companies are the ones that possess the necessary knowledge.

Now, let me give you an illustrative example of how it works in Russia.

More: Catching the phishes …

Crowdsourcing in Security.

To think of all the yummy stuff the Internet has brought us, though interesting, would probably be a waste of time: by the time you’d have finished totting up all the scrumptiousness you remember, just as much new scrummyness would have appeared. But there is one particular Internet-delicacy concept that, due to its importance and value, should really never be overlooked, even in just a “Best Hits” of the Internet. This concept deserves closer consideration. And this concept is crowdsourcing.

I won’t go into loads of detail – you can get that at the other end of the Wikipedia link above (incidentally, Wikipedia is also a crowdsourcing project :) or via a search engine. Here, let me briefly go through the idea:

The WWW permits large numbers of folks from all over the world to very quickly all get together and combine efforts to solve some kind of difficult task or other. The result is collective intelligence, backed up by gigahertz, gigabytes and terabytes of computers and communication channels. Technically, its all about the sharing and allocation of computing power. For example, I remember well how at the end of the nineties many at night connected their comps to SETI@Home – a non-commercial project that searched for radio signals of extraterrestrial civilizations. The project is still going, with 1.2 million participants and a total processing power running up to 1.6 petaflops.

SETI@home

Perhaps surprisingly, you’ll generally find network crowdsourcing being applied in practically every sphere of life. And security is no exception. Recent examples: the international brainstorming that went into solving the Duqu Framework, and into trying to crack the mystery of the encrypted Gauss payload. (For the former, by the way, we received a rather flattering write-up on darkreading.com.) Still, these cases aren’t really the best examples of crowdsourcing at work…

The best example is probably to be found in the way we (KL) successfully process 125,000 samples of malware every day (up from 70,000 late last year). Of course, robots and other technologies of automation and data-flow analysis help, but the most important ingredient to make it all work – the statistical food – is furnished by you! Yes, you! The system’s a big you-scratch-my-back, I’ll-scratch-yours gig in which our users help both us and one another in the business of preventing cyber break-ins around the world, and in particular of tackling unknown threats. And everyone helps anonymously and voluntarily after having clearly expressed a willingness to take part; and none of it affecting computer performance!

More: Let me tell you how it works …

Kamchatka-2012: The Battle for Mutnovka.

Mutnovsky volcano and environs (locally known simply as Mutnovka) are made up – handily – of three birds (killed with one stone) and a bonus track.

First, there’s Mutnovka itself – an active volcano of indescribable beauty, a canyon, ice cap, craters, streams, steam vents, sulfuric springs, and so on and so forth. Second, there’s Gorely – also a volcano, but nothing like Mutnovka, so also very interesting and visit-worthy. (By the way, right before our last trip here, in 2010, Gorely suddenly started to hiss and gurgle – so we gave it a miss then, just in case.) Third, amazing lava fields, caves and tunnels. And the bonus track? I’ll get to that a bit later…

The great thing about the place is that all four sights are close together: you can walk among all four quite easily in minutes, not hours.

Mutnovsky volcano

More: The weather takes a sharp turn …