Partners
HOME    BLOGS    BLOGGERS    MESSAGES    VIDEO    AUDIO    REPORTS    RESEARCH    WEBINARS

Kaspersky's Plan to Secure Cities

Newest First    Oldest First    Threaded View
Page 1 / 2   >   >>
wbalthrop
wbalthrop  
11/5/2012 10:25:41 AM
User Rank Urban Legend
Re: But do you trust Kaspersky?
@SylvieBarak, as a Software Architect for a large municipal government in the U.S. I can tell you the location of the server (as in cloud) is more important than the source of the software. Federal operation may have different priorities. What is even a bigger concern is that this OS will probably not be compatible with Windows or or any big iron operating systems theat are predominantly used by municipal governments. That would mean re-writing billions of lines of code for a platform that at current has no developers. A cost the no U.S. munricipality can afford. Most of us are struggling just to keep the wheels on the wagon.  Here in Las Vegas we are operating with 60% of the staff we had four years ago.

Mary Jander
Mary Jander  
11/4/2012 8:04:17 PM
User Rank Staff
Great topic
Interesting questions here. Given that as much cyber crime emerges from within an organization as outside of it, I think we can only try for better security, not perfect security. Or, rather, aim for perfect but expect there will be breaches.

Speaking of insiders, I think how one views vendors' involvement with government agencies reflects particular allegiances. Just because a US firm might have as much interest in intelligence as a Russian or Chinese firm doesn't mean that as a US firm I'd give the outsiders the benefit of the doubt.

Resurgent phoenix
Resurgent phoenix  
11/3/2012 9:42:03 PM
User Rank Burgher
Trusted Boot / Segregation of Duties
Windows 8 uses the trusted book method by scanning every file being loaded during the boot phase and if the file has been modified copying the orginal file over it.  At the same time it has a anti-virus program  "Windows Defender" that load right after the boot.  I say add a little Accounting to Computer O.S. that control large infrastructure.  Have Segregation of Duties....Something that controls a large City Sewage System must have different verification and duties in order to allow 150? of raw sewage released.  Or multiple points have to give input before one persone or virus can cause a rolling black-out.  Bigger was better but it is not so enjoyable to be tied in with a system 5000 miles away that can cause all of the lights to go out.

tmccreight
tmccreight  
11/3/2012 12:14:19 AM
User Rank City Slicker
Want to know more
I echo some of the other bloggers on this topic - I'd like to know more.  I've dealt with SCADA security issues in the past, and found them to be a challenge for more reasons that what was presented.  I'm intrigued to see what Kaspersky has come up with, and if his OS can deal with the dual requirements of "always on" and "need to patch".  We never won the "need to patch" argument, because of the nature of the systems.

I appreciate the other concerns about the potential for back doors in proprietary code.  I also know that we need to do something about securing our infrastructure...if Kaspersky has something, why not look into it and see what we can see?

SylvieBarak
SylvieBarak  
11/1/2012 5:42:27 PM
User Rank Blogger
Re: But do you trust Kaspersky?
good policy! As Intel's Andy Grove once said... "only the paranoid survive..."

NewDream
NewDream  
11/1/2012 5:40:22 PM
User Rank Urban Legend
Re: But do you trust Kaspersky?
I don't trust Kaspersky. But I don't trust anybody. ;)

NewDream
NewDream  
11/1/2012 5:39:29 PM
User Rank Urban Legend
Re: Trusted, or busted?
My question: will each processor at every level be protected in this way? Each microcontroller, whether it's supervising a communication channel, monitoring a sensor, positioning a mechanical actuator...will each of these have its software and hardware married together so the one won't function without the other? Further, the system that is aggregating and processing their data...will it be keeping track of the 'signature' for each one of these smart devices, as well as of its own and that of the next one up the chain? How about redundant systems? 'Voting' setups like the traditional NASA method? How will this all play together, and will it still meet the primary goal of keeping everything running continuously?

JVerity
JVerity  
11/1/2012 3:20:37 PM
User Rank Blogger
Trusted, or busted?
The Kaspersky OS is, as I understand it, based on the idea of digital certificates. Without proper credentials, persons are not permitted into buildings. Likewise, without a validated digital certificate, based on public-key cryptographic techniques, this OS will not permit a given piece of code to be executed. Moreover, the OS itself will be similarly tied to a specific piece of silicon (microprocessor chip, that is). The result is a mathematically proven binding between all of the elements, from silicon up. This is what's called a trusted computing platform, and it is an idea that has been kicked around for many years, hammered on by experts and generally proven to be sound. Kaspersky may have added something to this, I don't know - and he/it is not teling, yet. 

I find fairly laughable the criticisms leveled at Kaspersky and his connections to the KGB and to Russia, as if US computer companies are not working closely with NSA and other intelligence/spook/spy agencies here in this country. NSA has long worked closely with companies such as IBM and later, Cray Computer, in developing new supercomputers, for instance. And IBM's DES crypto algorithm, widely used and approved, is well known to be vulnerable in the limited form that it was released to the commercial market. (It could have been made much tougher to crack, but certain interests didn't want that, so it was kept weak.) Likewise, ATT was found to be quietly feeding NSA all phone and email traffic off its networks.

Perhaps Kaspersky is a kreature of the KGB, but so are most major computer companies in the US in bed with our own government's intelligence agencies. It's not surprising, given how critical it is for the government to make sure it can be up on all the latest crypto technologies and the latest methods proposed for subverting those technologies. 

SylvieBarak
SylvieBarak  
11/1/2012 2:55:50 PM
User Rank Blogger
But do you trust Kaspersky?
I'm wondering whether some countries (like the U.S.) may have an issue with a Russian company "securing" all the communications for their cities. Just look how much trouble Huawei is having building networks in the U.S.

Paranoia dies hard....

NewDream
NewDream  
11/1/2012 12:27:43 PM
User Rank Urban Legend
Distributed Hackability
I'm wondering just what devices will run this new operating system. Will it be the PLC or similar microcontroller device that is responsible for acquiring data and/or adjusting a pump motor's speed or the depth of a control rod in a nuclear core? Perhaps it will be the measurement and control system that aggregates data from a particular plant, or part of one? Or will it be the supervisory system that is responsible for an entire neighborhood, or even for a whole city or a whole country?

It will not be possible to secure the infrastructure of a city without addressing the security at each of these levels, and also securing the interconnection both hardwired and via wi-fi. It's not a small challenge that Kaspersky has set.

I'll be very interested to read more about this. The details released so far do not give me a great deal of confidence, but we can always hope.

Page 1 / 2   >   >>
today's cartoon
 | 
contest
Write a Caption, Win a Starbucks Card! Click here
Wait till you see the one they put next to the tracks…
Cartoon Archive
research
Smart City Money Makers
companies and solutions that are most prominent, and destined to be most profitable, in the smart city revolution.
How to Make Your City Smarter
Cities all over the world need to become smarter and more sustainable. But where to start? Download this guide to learn the first, proven steps toward making your city smarter.
all research
quick poll
Join the discussion
All polls
twitter feed
Future Cities Twitter Feed
follow us on facebook
Site Moderators
Future Cities is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations; earn kudos and perks. Interested? E-mail:
moderators@ubmfuturecities.com
directory
Designed to provide the people with access to green building products all year round
connect to us
Terms of Service
Privacy Policy
Copyright © 2014 UBM,
All rights reserved.