Monthly Archives: July 2014

Chek Lap Kok: No quick walk.

Flying round the globe as I do, I get to see all sorts of different destinations, a lot of different airports too. Which got me thinking – I should make up a list of the world’s best airports. Incidentally, that also got me thinking about perhaps making up another list – of the world’s worst airports!

And yes, what is now the ‘old’ terminal of Sheremetevo (‘F’) will be top of that list for certain! But today’s theme is great airports. And it just so happens that I recently flew from what I think is my favorite on the planet: Hong Kong International Airport, aka Chek Lap Kok.

Hong Kong airport

Read on: So what’s so great about it? …

Bowled over by the best batsman.

I once wondered why golf isn’t popular in Russia. Or rugby or cricket, for that matter. Why are these sports – played by millions and watched by billions – hardly noticeable in Russia?

After mulling it over a short while I think I came up with the answer, and it’s simple! Russia’s got winter going on for half the year. It would be daft looking for small white balls in the (white) snow. I remember playing ice hockey when I was young and very often the puck would end up in a snowdrift. We spent more time looking for errant pucks than playing the game. But that’s ice hockey. How can you have ice hockey with no ice/snow? As for other small-ball sports you can generally play in the street of yard – no. They just don’t suit Russia, so they never really took off.

Meanwhile in India!…

Snow to many an Indian is pretty exotic – only seen on the TV in a news report or film. It’s just something that isn’t thought about, like golf in Russia. So snow there doesn’t hinder ball games much, so ball games are mega popular. But you rarely see lads getting together for a kick-about of soccer in India like you do practically the world over. No, instead they all play the exotic (and not only to Russians) game of cricket. Yep, for cricket here is a lot more popular than football! Which has to be a fairly unique state of affairs for any country… So it’s only logical that the very best and most popular (ever!) Indian professional cricket player – Sachin Tendulkar – is referred to as the ‘God of Cricket’ here.

Everywhere the man goes there are cries of “Sachin! Sachin!”, with folks clapping and jumping about and taking as many pics as poss with their gadgets.

I saw the commotion he causes last week in the flesh while in Mumbai. Sachin is a long-time KL friend and partner, and he’s also been our ‘brand ambassador’ in India and nearby countries for several years already.

I was in India for the launch of the new version of KIS 2015, and also of our new education program to protect children from cybercrime in Indian schools. Of course there was much of the usual – presentations, interviews, solo and group photos… only this time things were just a little different due to the larger-than-life presence of the country’s No. 1 megastar showstopper! It was a lot of fun though. Don’t know how he manages it on a daily basis with all that frenzied attention.

Despite working with him for several years already it was the first time I’d met him in person, and the honor and pleasure were all mine. I particularly liked the bit when we kicked back and enjoyed a wonderful meal.

Sachin Tendulkar launching Kaspersky Kids program in India

Read on: pix, pix, pix…

Having a ball in Nepal.

How many timezones does the world have?

On being asked that question many will come up with the perfectly logical answer of 24. After all, that’s the number of hours in a day. But they’d be wrong! Yep, in all there are quite a few more than 24… There are actually 39 time zones! In a handful of countries the local time differs from the respective ‘geographical time zone’ (of which there are 24) – by half an hour (like in India, Iran and a few others) or even by 45 minutes – like, for example, in Nepal. Here the time difference from London is +4 hours and 45 minutes! These offsets are the reason for there being 39, not 24 time zones.

Last week, I was here in Kathmandu, the capital of Nepal!

Nepal, Katmandu

Read on: the country of the Buddha, the Himalayas and Everest…

Enter your email address to subscribe to this blog
(Required)

Cybernews from the dark side – July 26, 2014.

Remote controlled car – your car, while you’re driving it…

News about new hacks, targeted attacks and malware outbreaks is beginning to bore the general public. It’s becoming an incessant stream after all. What isn’t boring the life out of the general public is something a bit more unusual: stuff you wouldn’t dream could be hacked… getting hacked.

A report from China told how hackers broke into the Tesla motor car’s gadgetry – as part of a contest during a hacker conference. So, why Tesla? What’s so good about Tesla? Well, that’ll be its being an electric car, and its being crammed with so much ‘smart’ electronics that it hardly resembles an automobile than a mobile supercomputer. Still, what was Tesla expecting? Any new functionality – especially that developed without the involvement of IT security experts – will inevitably bring with it new threats via vulnerabilities, which is just what the hackers at the conference in China found.

Cybernews from the darkside

Read on: malware getting closer to industrial systems…

You can’t go wrong with Hong Kong.

It had been what seems like eons since I’d checked into a hotel which I simply had to tell you about separately due to its specialness. I get to stay in some real nice hotels on my travels, it has to be said, but only once a blue moon do I come across one that’s just… exceptionally and extraordinarily exquisite :).

So I must show you a few pics of where we were last week. We were in Hong Kong, having our APAC Partner Conference – in the HK InterContinental on the shore of Kowloon. And, oh, by the hammer of Thor, what views it offered of the skyscrapers across the bay. I won’t come up with OTT adjectives, I’ll just let you have a look for yourselves…

One thing I will say is that these views never fail to impress no matter if it’s day or night, or clear and sunny, or during a typhoon! It’ll be here we’re staying at next time, that’s for sure…

DSC01833

Hong Kong by night

Read on: More skyscrapers, close shot…

We’re 17!

We have a tradition at KL where mid-July each year we throw a company birthday bash. Last Friday it was our 17th, leaving us just one more year before we become fully adult! So a youthful theme was what we were after this year – our final year of innocent adolescence…

…The organization of this year’s festivities however were truly adult in nature. Everything went smoothly and to plan. In fact every year these summer blowouts just get better and better. But I for the life of me can’t imagine how this year’s is going to be improved on. But I say that on every birthday. True to tradition once again the organizers went one better :).

Kaspersky Lab Birthday Party

Kaspersky Lab Birthday PartyI guess a sweater, jumper or sweatshirt on the singer just wouldn’t have been right :)

Kaspersky Lab Birthday Party

Read on: So what stuck in my mind most of all?…

Our antivirus formula.

Every system is based on a unique algorithm; without the algorithm there’s no system. It doesn’t really matter what kind of algorithm the system follows – linear, hierarchical, determined, stochastic or whatever. What’s important is that to reach the best result the system needs to follow certain rules.

We’re often asked about our products‘ algorithms – especially how they help us detect future threats better than the competition.

Well, for obvious reasons I can’t divulge the details of our magic formulae; however, what I will be doing in this tech-post (perhaps the techiest post on this blog ever) is open ajar the door to our technological kitchen – to give you a glimpse of what goes on inside. And if you still want more info, please fire away with your questions in the comments, below.

Read on: A very brief look at our Coca-Cola-like ‘secret’ magical formula in a little over 2000 words…

Beyond good and evil?

A few days ago Microsoft announced a large scale raid on the dynamic DNS service No-IP, as a result of which 22 of its domains were seized. The guys in Redmond said there were very good reasons for this: No-IP hosts all kinds of unpleasant malware; No-IP is a breeding ground of cybercriminals; No-IP is an epicenter for targeted attacks; and No-IP never agrees to working with anyone else on trying to root out all the badness.

Like in most conflicts, the sides have exchanged the contradictory volleys of announcements in the eternal tradition of ‘it’s his fault – no she started it’.

In particular, No-IP has said it’s a real goody-two-shoes and always willing to cooperate in eliminating sources of cyberattacks, while its clients are most displeased with the raid and consider it an illegal attack on legal business – since it’s possible to find malware practically anywhere, so interrupting services through a court is simply not on.

Is it legal to shut down a service because of #malware found?… When it can be found everywhere?…Tweet

In the meantime, the result of the raid has been rather far-reaching: more than four million sites were pulled, including both malicious and harmless ones – affecting 1.8 million users. Microsoft is trying to sieve the wheat from the chaff and get the clean sites back up and running; however, many users are still complaining about ongoing disruption.

To work out who’s to blame is a thankless and probably hopeless task. I’ll leave the journalistic investigations to… the journalists. Instead, here let me give you some food for thought: dry, raw facts and figures – so maybe/hopefully you’ll be able to come to your own conclusions about the legality and ethicality of MS’s actions, based on those facts and figures…

1)      Shutting down 22 No-IP domains affected the operations of around 25% of the targeted attacks that we keep track of here at KL. That’s thousands of spy and cybercriminal operations ongoing for the last three years. Approximately a quarter of those have at least one command and control center (C&C) with this host. For example, hacker groups like the Syrian Electronic Army and Gaza Team use only No-IP, while Turla uses it for 90% of its hosts.

2)      We can confirm that out of all large providers the No-IP dynamic DNS was the most unwilling to cooperate. For example, they ignored all our emails about a botnet sinkhole.

3)      Our analysis of current malware shows that No-IP is often used by the cyberswine for botnet control centers. A simple search via the Virustotal scanning engine confirms this fact with a cold hard figure: a total of 4.5 million unique malware samples sprout from No-IP.

4)      However, the latest numbers from our security cloud (KSN) show something not quite so cut and dry. Here’s a table showing detections of cyberattacks from dozens of the largest dynamic DNS services:

Service % of malicious hosts Number of detections (in a week)
000webhost.com 89.47% 18,163
changeip.com 39.47% 89,742
dnsdynamic.org 37.04% 756
sitelutions.com 36.84% 199
no-ip.com 27.50% 29,382
dtdns.com 17.65% 14
dyn.com 11.51% 2321
smartdots.com 0.00% 0
oray.com 0.00% 0
dnserver.com 0.00% 0

So – No-IP isn’t leading in the number of detections, even though they’re still really high compared to most.

Here’s some more info for comparison: the % of malware hosts in the .com zone makes up 0.03% of the total; in the .ru zone – 0.39%; but in No-IP the figure’s 27.5%!

And now for other figures that add a bit of a different perspective: in one week, malware domains on No-IP generated around 30,000 detections, while in the same week on one of the most malicious domains in the .com zone, the figure was 429,000 – almost 14 times higher. Also: the tenth most infected domain in the .ru zone generated 146,000 detections – that is, about the same as the first ten providers of dynamic DNS mentioned above put together!

To summarize…

On the one hand, blocking popular services that are used by thousands – if not millions – of typical users: it ain’t right. On the other hand, closing spawning grounds for malware is right – and noble.

The takedown of No-IP domains. Was it right or wrong? Ambiguity with a big ATweet

But then mathematics takes on the role of devil’s advocate, and proves:

Quantitatively, closing all the domains of No-IP is no more effective in combatting the distribution of malware than closing one single top malware domain in one of the popular zones, i.e., .com, .net, or even .ru. Simpler put, even if you were to shut down all providers of dynamic DNS – the Internet still wouldn’t become ‘cleaner’ enough to notice the difference.

So there you have it – ambiguity with a big A. 

It leaves anyone in their right and honest-with-themselves mind to admit things are far from black and white here, and as regards the right and wrong, or good and bad, or Nietzsche’s thing – who can tell?

Still, another thought comes to mind at some point while reflecting on all this…

It’s further evidence that as soon as the quantity of piracy or degree of criminality gets above a certain threshold, the ‘powers that be’ get involved all of a sudden and start closing services, ignoring any notions of Internet freedom or freedom to do business. It’s just the way things are, a rule of life of human society: If it stinks, sooner or later it’ll get cleaned up.

The list of blocked services is already rather long: Napster, KaZaA, eMule, Pirate Bay and so on. Now No-IP‘s been added to the list.

Who’s next?

// Bitcoin? It’s already begun.

 

The rainiest city in Europe. Allegedly.

According to various sites on the Internet, Bergen is the wettest, rainiest city of the European continent. Don’t believe a word of it! Me and some pals were in the city just recently and in all the three days there not a single drop of rain fell on any of us. In its absence was a preponderance of sun – so much so that our cheeks became redder than the king prawns on offer in the Bergen fish market (see pic further below).

And probably up to 200 kilometers away there was nothing but clear sunny skies too, save for a few fluffy clouds. Only on the horizon did there sometimes appear something reminiscent of light rain. The locals were also fairly amazed too – they’ve never known such rain-free summery days here ever!

Bergen, Norway

Read on: fish appetizer, fish main dish and a desert …