Killing Time in Airports – Frequent-Flyer Style.

In order to ease the mind-numbing tedium of hanging around Munich airport, T.T. and I started playing “Any-Letter Airport Code”. It’s a reasonably pointless game – but a great time killer – in which you take turns to come up with a three-letter airport code containing a letter from anywhere within the previous code (i.e., not just the last letter, like in similar party games).

It turned out to be quite fun. Here’s what we got:

MUC-DME-MAD-DBX-LAX-LHR-FRA-PUN-DUB-BRU-BCE-PEK-PKC- (and this is where it got trickier! But we got there!) -KUL-CUN-NAS-SVO-SFO-OGZ (I thought I’d beaten T.T. here for sure, but then he comes back and finishes me off!) – ZUR! Eeh, the things you (we) do when bored, eh? :)

It was just then that a stewardess approached us and told us to switch off all our electronic devices in a thick German accent that brooked no opposition.

Any-Letter Airport Code got me thinking: we could set up and organize a large-scale, multi-participant game of “Boarding Pass Bingo”! The idea is pretty straightforward:

More: A very weird game! No cheating possible …

Worse than Cheese: Scary Scenarios Causing Nightmares Now – the Five Main Issues of IT Security.

I recently found myself wondering how many interviews with the press I do every month. Of course the totals fairly helter skelter between months, but in the busier periods the number can get anywhere up to 70! And that’s only spoken interviews, i.e., those done in person or over the phone. If I were to also include e-mail interviews – the number would be just silly.

But I don’t complain. In fact just the opposite – I love interviews! Which reminds me of Richard Branson and his simple rule about interviews: “If CNN rings me up and wants to do an interview with me, I’ll drop everything to do it.” I also follow this rule – to the letter – and not without good reason.

Most interviews are what you’d expect. I get asked lots of questions, I answer them as best I can, and that’s about it.

But in a very few rare instances I get interviewed by a really well read-up journalist, meticulous to the point of hair-splitting, who not only knows all about me and KL and what we do, but also all about the particular narrow topic the interview’s about. By the end of the allotted hour I’m exhausted, the mind’s pretty much frazzled, and I feel like my very soul’s been extracted together with my long-winded answers to the sophisticated questions.

These are the trickiest and most trying kinds of interviews, but also the most useful. Why? Because during such intense sessions the gray matter inside the skull shifts up a gear or three and really gets to work, thinking in new ways and approaching familiar topics from fresh standpoints – to such an extent that after the end of the interview the momentum keeps the ideas coming, leading to all sorts of new insights. All really quite fascinating how creative cognition comes about. And all kicked-off by super-sharp reporters doing their job masterfully. Respect due. And a thank you!

Curiously, what unites such “special” interviews with regular ones is an inevitable question about the most pressing IT Security issues today – something like: “What keeps you up at night (in terms of IT Security hazards)?”! And I don’t get asked this all the time just by journalists in interviews. The question pops up at practically every IT conference I speak at.

And so: as promised earlier, here I’m presenting my List of the Five Main Issues Facing IT Security, in the broad sense of the term.

I should say straight away that I don’t have prescriptions for solving all five issues. The aim of this post is more to identify the problems, let you start to muse on them, and hopefully draw you into the fold of their ongoing discussion by raising your interest, empathy and/or sympathy!

Right, here’s my list:

  1. Privacy
  2. Internet Passports
  3. Social Networks
  4. Cybercrime
  5. Cyberwarfare

More: getting into details …

On The Flight Path.

Another crazy round-the-world tour is at an end.

The first half of the year is coming to a close – and we’ve spent much of it on the move. Our travels have been pretty intense. We (TT, KA, me – EK – and others) began our latest globetrotting stint on 2 May. We’ve managed to do a lot of things, sometimes just to satisfy our curiosity, and we’ve heard some interesting tales along the way. It’s been useful, action-packed, and at times even mind-blowing.

Travel Celebrations

The route was as follows:

More: SVO-GVA-NAS-DFW-BNE-MLB-SIN-CTA-BLQ-FCO … OMG!

Don’t Feed the Troll!

Ladies and gentlemen, your attention please!

Good news! After 3.5 years of legal battles with patent trolls we have finally won a resounding victory! This was our first patent litigation battle in the US and we won! // Well, we needed to make up somehow for Russia’s poor display at Euro 2012 :)

Here’s a recap.

Four years ago the patent trolls suddenly came on the scene trying to prove that we were using technology that had been patented by somebody else.

Because we were expecting this sort of thing, and knew all about patent trolls – albeit in theory – our very own patent department had for a number of years been quietly working away preparing our patent firepower in readiness for a showdown with all types of various patent trolls and black hats.

And then this story began, in the United States District Court for the Eastern District of Texas. By the look of things, the situation was only going to get worse for us, but we had absolutely no intention of just giving in. Even if we lost, we were going to go down fighting and make it as brutal and bloody as possible for them.

And just a few days ago came the final denouncement.

The Court for the Eastern District of Texas announced its verdict in the case brought by IPAT and completely dismissed all the charges against us. What’s more, it did so WITH PREJUDICE, i.e. IPAT can’t bring any more claims regarding those patents!

Court Filing

But this is not just some ordinary legal victory.

More: An insight into troll business, US patent system and search for a solution…

Doing The Homework.

Any software vendor sometimes makes unfortunate mistakes. We are human like everybody else and we make mistakes sometimes, too. What’s important in such cases is to publicly admit the error as soon as possible, correct it, notify users and make the right changes to ensure the mistake doesn’t happen again (which is exactly what we do at KL). In a nutshell, it’s rather easy – all you have to do is minimize damage to users.

But there is a problem. Since time immemorial (or rather memorial), antivirus solutions have had a peculiarity known as false positives or false detections. As you have no doubt guessed, this is when a clean file or site is detected as infected. Alas, nobody has been able to resolve this issue completely.

Technically, the issue involves such things as the much-talked-about human factor, technical flaws, and the actions of third-party software developers and web programmers. Here’s a very simple example: an analyst makes a mistake when analyzing a sample of malicious code and includes in the detection a piece of a library the malware uses. The problem is the library is used by some 10,000 other programs, including perfectly legitimate ones. As a result, about 20 minutes after the release of an update containing the faulty detection, technical support goes under due to a deluge of messages from frightened users, the analyst has to re-release the database in a rush and the social networks begin to surface angry, disparaging stories. And this is not the worst-case scenario by far: imagine what would happen if Explorer, svchost or Whitehouse.gov were falsely detected :)

More: How to evade detecting Whitehouse.gov as a phishing site …

A Very Old City.

Jerusalem, the Living City, is older than almost all others that have survived to the present day, older even than Rome, and a couple of millennia older than some of the world’s oldest cities. Only a few others can boast of such a history… the likes of Jericho, Babylon and Yerevan, for instance. But it’s surely true to say that Jerusalem is the oldest among the “big ticket” world cities, and as such it’s one of those places you have to explore at least once in this life. And it’s not just a place for strolling the streets – it’s worth descending underground, since the caves are now open for visitors. I was there recently – these are old sewage tunnels which were discovered not so long ago, enmeshing the whole city like a web. They are more than 2,000 years old!

Jerusalem Tunnels

More: Exploring the history …

The Masada Fortress.

Finally, after years of dreaming, I got the chance to visit!

Masada is the name of a ruined ancient fortress on the top of a 450 m mountain on the Israeli shore of the Dead Sea. It is notorious for a legend of the mass suicide of a thousand of Jews hiding there from Roman troops. After the Jewish revolt against Rome (1st century AD), was suppressed and Jerusalem fell into Roman hands, a group of surviving rebels settled in the fortress together with their families. The Romans besieged Masada but failed to capture it protected by forbidding vertical cliffs. Besides, the food and water supply seemed set to last for years. In the end, the Romans made a huge embankment in the lowest part of those fortifying cliffs, rolled in a battering ram and broke through a wall. Having realized the hopelessness of the situation, the besieged Jews chose death instead of slavery.

According to legend, a dozen warriors were selected and charged with slaughtering the others – including women and children – before destroyed food supplies and burning down the wooden buildings. Amid the carnage, they drew lots and one was left to stab his comrades in arms and, finally, himself (thereby committing a great sin). That’s how the story goes, and the evidence suggests it’s true. At least the remains of the fortress and embankment remain to the present day, adding weight to the story. Archeologists have even found earthen bowls with names – maybe these were the very vessels used to choose which warrior would be left to slay his comrades and finally himself. For the rest of the story see here.

Masada

More: A legend or a history? …

Rome On The Run.

It’s years since I’ve had a tourist trip to Rome. I visit the Eternal City on business from time to time, but as a tourist … it’s been five, maybe eight years since I last had the chance. That’s why, having got a free day today, I decided to embark on a whistle-stop tour to stimulate my mind and stir my emotions, without wiping myself out in the process. I’d recommend it to anyone who doesn’t mind spending six or eight hours on the go, always on their feet apart from a quick bite for lunch …

More: Rome On The Run.. . .

The Flame That Changed the World.

I’ll never forget Oktoberfest 2010 for as long as I live. Yes, I like beer, especially the German stuff, and especially at Oktoberfest. But I don’t even remember the beer, and that’s not because I had too much of it :) It was at that time we received the first news of a very unpleasant trend, which I had feared for a number of years. That’s right, it was the first time Stuxnet reared its ugly head – the first malware created with state backing and designed to fulfill a specific military mission. This is exactly what we had talked about at our Oktoberfest press conference: “Welcome to the age of cyber warfare!” It was already obvious then that Stuxnet was just the beginning.

Cyber Warfare

Indeed, little has changed since that September right up to the present day. Everybody had a pretty good idea where Stuxnet came from and who was behind it, although not a single state took responsibility; in fact, they distanced themselves from authorship as much as possible. The “breakthrough” came at the end of May when we discovered new malware which also left little doubt as to its military origins and aims.

Yes, I’m talking about Flame.

More: How can malware stop me from eating a fresh croissant in the morning? …