Nota Bene

Hi folks!

Let me kick off by paraphrasing a rather famous philosophical postulate: ‘Does a profession determine man’s social being, or does his social being determine his profession?’ Apparently this question (actually, the original) has been hotly debated for more than 150 years. And since the invention and spread of the Internet, this holy war only looks set to be extended for another 150, at least. Now, I personally don’t claim to support one side or the other; however, I do want to argue (based on personal experience) in favor of the dualism of a profession and being, since they mutually affect each other – in many ways and continually.

Toward the end of the 1980s, computer virology came about as a response to the growing proliferation of malicious programs. Fast-forward 30 years, and virology has evolved (rather, merged – in ecstasy – with adjacent fields) into the cybersecurity industry, which now often dictates the development of being IT: given inevitable competition, only the technology with the best protection survives.

In the 30 years since the end of the 1980s, we (AV companies) have been called quite a few different colorful and/or unsavory names. But the most accurate in recent years, IMHO, is the meme cyber-paleontologists.

Indeed, the industry has learned how to fight mass epidemics: either proactively (like we protected users from the largest epidemics of recent years – Wannacry and ExPetr), or reactively (using cloud-based threat-data analysis and prompt updates) – it doesn’t matter. But when it comes to targeted cyberattacks, there’s still a long way to go for the industry on the whole: only a few companies have sufficient technical maturity and resources to be able to cope with them, but if you add an unwavering commitment to expose any and all cyber-baddies no matter where they may come from or what their motives might be – you’re left with just one company: KL! (Which reminds me of something Napoleon Hill once said: ‘The ladder of success is never crowded at the top’.) Well it’s no wonder we’re in a lonely position (at the top of the ladder): maintaining that unwavering commitment to expose literally anyone is waaaaay more expensive than not maintaining it. And it’s waaaay more troublesome given the ongoing geopolitical upheavals of late, but our experience shows it’s the right thing to do – and users confirm this with their wallets.

A cyber-espionage operation is a very long, expensive, complex, hi-tech project. Of course, the authors of such operations get very upset and annoyed when they get caught, and many think that they try to get rid of ‘undesirable’ developers by using different methods via manipulation of the media. There are other, similar theories too:

But I digress…

Now, these cyber-espionage operations can remain under the radar for years. The authors take good care of their investments kit: they attack just a few specially selected targets (no mass attacks, which are more easily detected), they test it on all the popular cybersecurity products out there, they quickly change tactics if the need arises, and so on. It’s no stretch of the imagination to state that the many targeted attacks that have been detected are just the tip of the iceberg. And the only really effective means of uncovering such attacks is with cyber-paleontology; that is, long-term, meticulous collection of data for building the ‘big picture’; cooperation with experts from other companies; detection and analysis of anomalies; and subsequent development of protection technologies.

In the field of cyber-paleontology there are two main sub-fields: ad hoc investigations (after detecting something by chance and pursuing it), and systemic operational investigations (the process of planned analysis of the corporate IT landscape).

The obvious advantages of operational cyber-paleontology are highly valued by large organizations (be they state or commercial ones), which are always the primary target in targeted attacks. However, not all organizations have the opportunity or ability to undertake operational cyber-paleontology themselves: true specialists (for hire) in this niche line of work are few and far between – and they’re expensive too. We should know – we’ve plenty of them all around the world (with outstanding experience and world-renowned names). Thus, recently, given our strength in this field and the great need for it on the part of our corporate customers – true to the market principles of supply and demand – we decided to come up with a new service for the market – Kaspersky Managed Protection (KMP).

Read on…

Ciao folks!

After Munich, I headed almost directly south to Rome for a few days full of intense business activity. For there was a lot going on down there for KL…

First and foremost it was our Italian office’s tenth birthday! What? Already? A decade? Where did that go? So, of course, it was celebration time: we gathered together our partners, favorite customers and old friends for a jubilee jamboree, and it was just great!

Many happy returns KL Italy. Here’s to the next 10 years! Saluti!

Read on…

Finding myself in Munich at the end of September, it would have been out of the question not checking out Oktoberfest. I mean, why would anyone want to do such a thing? A wonderful, sprawling, fun event that’s not to be missed.

Beer stalls and one-liter jugs, attractions with varying degrees of technical infrastructure (even good old rowing boats), and endless smiling crowds. Fantastisch!

Read on…

For much of August and September of this year I was forced into ‘working from home’, something I don’t normally do. So with zero globetrotting/commuting/working out/interviews/speeches and other daily workday chores, I had rather a lot of time on my hands. So I read. Lots. There was plenty of the usual bad news, but, occasionally, there was some very good news in there too. In particular, there was good excellent news from the front in the fight against patent trolls: a district court of Texas rejected Uniloc’s lawsuit against us for infringement of patent US5490216. This is the infamous patent that since the early 2000s had struck terror into the hearts of IT companies, added years to the appearance of many a patent lawyer, and mercilessly lightened the wallets of more than 160 (!) companies – including Microsoft and Google, no less.

But the excellent news doesn’t stop there folks!…

The combined efforts of the IT industry have secured the invalidation of the IT patent-from-hell. But it’s not just the invalidation itself that’s worth celebrating; also worthy of champagne quaffing is the fact that the invalidation heralds serious (albeit long overdue) change in the U.S. patent system. Sure – it’s only ‘slowly but surely’ for now, but slowly is at least better than no change at all; especially when the changes have global significance: at last the IT industry can start to pluck the patent parasites off its back that do nothing but bloodsuck hinder technological development.

The ball hasn’t merely started rolling, it’s racing down the hill: developers are becoming freer in what they can do – protected against persecution from owners of (excuse my Belgian) BS patents: those describing abstract and at times blatantly obvious things, which in practice aren’t even applied or are used only for ‘milking’ developers of similar technologies.

All told, the story of patent ‘216 reads much like a thriller – so much so that I thought I’d retell it here for your thrill-seeking pleasure. So go get a coffee (better – popcorn) and settle back down for a mini-nailbiter from the patent parasite side…

Read on…

Hallo folks!

Munich has lots of excellent museums. But when’s the best time of year to go check them out? Turns out: late September/early October. Why? Because that’s when Oktoberfest takes place! Yes, while practically the whole population of the city and surrounding areas, plus millions of tourists from around the world are at the city’s famous Volkfest (the largest Volkfest in the world, no less), the museums are practically empty! Yeh! It’s like having a whole museum to yourself. Weh!

The first museum we checked out was the Pinakothek der Moderne. And just look at all the crowds we had to elbow our way through:

Read on: A lengthy line for entry tickets…

Hi folks!

Today I’ve got some fresh, surprising cybersecurity news items for you. The first few are worrying stories about threats stemming from a certain ubiquitous small device, which many folks simply can’t be without just for one minute – including in bed and in the bathroom. The last few are positive, encouraging stories – about women on the up in IT. Ok, let’s dive in with those worrying ones first…

Don’t join the Asacub victim club

These days, folks tend to entrust their (trusty?) smartphones with all sorts of stuff – banking, important work and personal documents, messaging (often with very personal details strictly for a few eyes only), and more. But, hey, you’ll know all this perfectly well already, and may be one of these folks to this or that extent yourself; and if you are – you really do need to read this one carefully…

At the end of August a sharp increase was detected in the proliferation of the Android Trojan Asacub, which exploits that peculiarly human weakness called curiosity. The Trojan sends a text message with words like: ‘Hey John: You should be ashamed of yourself! [link]’, or ‘John – you’ve been sent an MMS from Pete: [link]’. So John scratches his head, becomes as curious as a cat, wonders what’s in the photo, clicks on the link, and (willingly!) downloads an application… which then proceeds to stealthily access his full contact list and start sending out similar messages to all his peers.

But this crafty malware doesn’t stop there. It can also, for example, read incoming texts and send their contents to the hackers running the malware, or send messages with a given text to a given number. And the ability to intercept and send texts gives the authors of the Trojan the ability to, among other things, transfer to themselves funds from the bank card of the victim if the card is digitally connected to the phone number. And as if that weren’t bad enough – there’s a bonus for the victim: a huge bill from his mobile provider for sending all those messages to everybody.

So how can you protect yourself from such fearsome mobile malware? Here’s how:

• Don’t click on suspicious links;
• Carefully check which rights are being requested by the downloaded application (e.g., microphone, camera, location…);
• And last and most: the simplest step – install reliable protection on your Android smartphone.

Android? Hmmm. I can hear all the sighs of relief just now: ‘Aaaaahhhh, thank goodness I’ve got an iPhone!’!

Hold your horses all you Apple lovers; here’s a couple of links for you too (don’t worry: you can click these – honest!):

Read on…

Hi Folks!

Herewith, the LAST post in the series on our Kamchatka-2018 expedition! No, really. “What? No meandering 30-post extended-version travelogue with several hundred pics?” Nope. Not this year. Don’t worry though: I’ll make up for this year’s scant reportage after the next Kamchatka mission.

But back to this year’s trip…

So. What have I got for you today?

First, of course, there’s the full route taken this year in on the peninsula, with a few assorted pics inserted at different points along the way:

I do hope that this route – plus the few travel-tales in the earlier Kamchatka-2018 posts, or indeed all my Kamchatka notes (and there are a lot of them!) – might make the seemingly daunting destination of Kamchatka a bit less intimidating for some of the more adventurous among you, dear readers. If we can do it – average folks with average fitness levels – so can you! Just follow our route and you’ll be fine ).

Now what else?

As it’s Tuesday, and you’ve probably got enough reading on your plate already, I’ve got for you today a series of videos on this year’s expedition:

1) Expedition highlights:

Read on: Bears in action!…

I’d been planning on getting myself in early September to the Far North industrial city of Norilsk. I’d a chock-full itinerary planned, including giving speeches, business meetings with the management of our highly esteemed customer, plus of course a spot of tourism: checking out the main natural must-see of the region: Putorana Plateau.

At least, like I say: that was the plan. But then Kamchatka-2018 put paid to all that – six weeks with a leg in plaster. So I had to put the trip off. But only I had to postpone it: all the others in our delegation still went. And they had a whale of a time, by all accounts.

Well one of those accounts I’ll give you here: that of D.Z., one of my most-regular travel companions. Herewith, his short essay,plus photos.

(Note (from me): Unfortunately there are no pics of Putorana. Much like what happened most of the time this summer in Kamchatka, the weather turned real bad – not fit for flying. So there was to be no helicopter flight to the Siberian Traps, which incidentally came about around 250 million years ago as the result of a mega volcanic eruption. Btw: that eruption was one of the most global geo-catastrophes this planet of ours has ever seen: it changed its climate, and brought the Paleozoic Era to a close while ushering in that of the Mesozoic and its all its dinosaurs. Remnants of that prehistoric cataclysm can today be found around 100 kilometers from Norilsk, but are rarely accessible to tourists due to the habitually terrible weather conditions above the Arctic Circle. Oh well: next time…

—8<—

For someone who’s never been to Norilsk, the place is a mere city in the Far North of Russia. However, a taxi ride from its airport around the territory and to its downtown changes this visualization: Norilsk is a more than a mere city; it’s a whole industrial district (one of its official titles is the ‘Norilsk Industrial District’), which covers the wide expanse of land from the Yenisei River to the Putorana Plateau. And its residential neighborhoods – with a population totaling nearly 200,000 – dot this industrial landscape to almost resemble oases.

Read on…

My definition of happiness: In excellent company; in nice weather (under a warm sun and clear blue skies); with oh-my-gorgeous views all around (and no other tourists getting in the way!); not counting the great many kilometers trekked, or the number of rivers waded or zip-lined across, or the masses of mosquitoes and innumerable insects (which mysteriously disappear all of a sudden); having ones mind, body and soul filled with the rejuvenating tonic of exotic expedition; with a fresh wind blowing; with a spirit that is tranquil, contemplative and meditative… where?… – you guessed it: in KAMCHATKA!!

Along wild meadows, dry tundra, and sometimes swampy stretches; across volcanic rubble… – it all equals contentedness.

Read on…

There are just two ways to get to the white waterfalls I told you about in a recent post post. You can either walk from the village Pauzhetka (en route to the peaks of Koshelev volcano), or – just the opposite – walk from the same volcano en route to Pauzhetka. So you see: all roads lead to and from Pauzhetka. Accordingly, this post is dedicated to the small yet significant – and most curious – village of Pauzhetka…

Pauzhetka is a village of extremes:

First: It’s probably one of the remotest settlements on the whole of the peninsula. To get there in a regular road car is probably impossible. To get there in a 4×4 or off-road vehicle from nearest town of Ust-Bolsheretsk takes up to two days (including a long stretch along the shore of the Sea of Okhotsk, and probably entailing a few ferry crossings). On the other hand, getting to the village by air isn’t too much trouble: there are scheduled flights once a week (from Petropavlovsk) to Ozernaya airport, which isn’t far from the nearest village on the coast – a mere 30 kilometers from the Pauzhetka. The only other means of transport that can be used to get there is chartered helicopter.

Second: It’s tiny. Locals put the population at a mere 42 folks ((co)incidentally, a magical number:).

Third: Still – as of summer 2018 (!), there’s no cellphone coverage – at all!

Fourth: Though the village is tiny and very inaccessible, it nevertheless has its own… geothermal power plant – Pauzhetskaya (the first power plant of its kind in Russia (or maybe even the USSR – I’m not sure)! As a result, the local area is supplied with free electricity and hot water! Free, as in – zero rubles! And it comes in seemingly unlimited supply: no electricity meters… nothing: as much as you want to use, whenever. Leave the TV on – fine! Never turn the iron off (if that’s what really floats your boat) ok! And it’s not as if the local authorities discourage such wanton waste of energy supplies: they don’t bother turning off every home’s central heating… ever! See – told you the place is one of extremes ).

(Btw: I’ve written about Pauzhetka before.)

AAAnnnyway, that’s all beside the point (yes, I do like to digress).

What makes Pauzhetka so significant to me is that you need to go through it to get to the nearby OMG-stratovolcanoes – Koshelev and Kambalny. Now, since Pauzhetka is located in such a touristic paradise, you might think that it’d be all… Davos-like: nothing but hotels and guesthouses and restaurants to cater for the tourists. Alas – nope. Pauzhetka doesn’t do tourism – for a few reasons.

First, this place is inaccessible, literally middle-of-nowhere, and literally unheard of (almost). Just try Google photos of Koshelev Volcano: my photos are the first to be shown!

Second, getting here ain’t cheap (in part because it’s so hard to get to), which reduces its average-tourist magnetism to around zero. And for the serious explorer-expeditioner-climber, the volcanoes are just too easy to conquer:

– What were you climbing this summer?
– I did a couple volcanoes in Kamchatka.
– Cool. I hear Kamchatka’s the bomb when it comes to serious volcanism. What altitudes did you get up to then?
– Ah. Er… 1800 and 2200 meters.
– Oh…

Accordingly, every tourist passing through Pauzhetka fits easily in this here ‘tourist base’ made up of two buildings with sleeping quarters, the inevitable pool filled with hot thermal water, and lots of vegetable patches and greenhouses:

But these aren’t just regular, common-or-vegetable-garden greenhouses…

First, these are greenhouses supplied with as much free hot water as needed all year round. Second, the soil here is super fertile volcanic soil packed with mega-doses of the minerals fruit and veg love. Third, there’s the industriousness of the locals who tend the greenhouses…

Read on…