Tag Archives: FSB

Kaspersky Global Transparency Initiative Explained!

The Kaspersky Global Transparency Initiative Explained!

The upcoming Trump-Putin summit aside, Kaspersky Lab is pushing forward with their Global Transparency Initiative. What is the Kaspersky Global Transparency Initiative? And how does it help guarantee that Kaspersky Lab products and services are safe to use?

We explain it all, with a little help from Stephan Neumeier and Oleg Abdurashitov from Kaspersky Lab!

 

The Kaspersky Global Transparency Initiative

The Kaspersky Global Transparency Initiative began in October 2017, as a way to allay fears that Kaspersky Lab products and services had backdoors built-in.

It was really an extension of Eugene Kaspersky’s offer to show Kaspersky Lab source codes to the US government.

July 2017 : Eugene Kaspersky Offers Source Codes To US Government

In response to the US government’s prohibition on the use of Kaspersky Lab products, Eugene Kaspersky offered to make Kaspersky Lab source codes available to the US government for inspection.

Oct. 2017 : Source Codes Available For Inspection

In the initial version, Kaspersky Lab offered to :

  • make their source codes available for independent review and evaluation,
  • conduct an independent assessment of their software development and supply chain,
  • establish three Transparency Centers in Asia, Europe and the US.
  • increase bug bounty awards to US$100,000

We immediately pointed out that it did not address a major concern of the US government – that data is still being routed through Russian Internet service providers that are subject to the Russian intelligence surveillance system called SORM (System of Operative-Investigative Measures).

Kaspersky Lab maintained that customer data sent to their Russian servers are encrypted, and they do not decrypt them for the Russian government. But it would be impossible for them to prove that to anyone’s satisfaction.

May 2018 : Core Operations Moves To Switzerland

Last month, Kaspersky Lab announced that they are establishing a data center in Zurich by the end of 2019. This facility will store and process all information for users in Europe, North America, Singapore, Australia, Japan and South Korea, with more countries to follow.

The Kaspersky Switzerland facility will :

  • store and process customer data of select countries outside of Russia
  • host Kaspersky’s software build conveyer that will assemble and digitally-sign the final executable files and updates
  • serve as the first Kaspersky Transparency Center.

In addition, Kaspersky will be arranging for a qualified and independent third-party to review and supervise the data storage, processing, software assembly and source codes at this Zurich facility.

The very act of moving their customer data out of Russia to a neutral country finally removes our main criticism of their initial transparency initiative. Now, no one has to worry about sensitive data being transmitted through the Russian SORM intelligence surveillance system.

 

The Kaspersky Global Transparency Initiative Going Forward

The establishment of the Swiss datacenter is merely another phase in the long process of “earning trust”, as Stephan Neumeier called it. Eventually, customer data from most countries outside of Russia will move to that datacenter.

By the end of 2018, all Kaspersky Lab products and threat detection rule databases (AV databases) will be assembled and signed with a digital signature in Switzerland, before being distributed to customers worldwide. All newly assembled software will also be verified by an independent organization, certifying that software builds and updates received by customers match the source code provided for audit.

The next step would be the establishment of two more Transparency Centers – one in Asia, and another one in North America. Singapore and Canada are probable favourites.

 

Perhaps A Backdoor Bounty?

We would suggest that perhaps Kaspersky Lab should establish an independent backdoor bounty program, separate from their current bug bounty.

A large sum of money could be placed in escrow, under an independent and competent third-party, which can freely investigate and reward security researchers who can successfully prove the existence of a backdoor in any Kaspersky product or service.

That would go a long way into shoring up trust of those who have neither the financial nor the technical capabilities to visit a Kaspersky Transparency Center and peruse millions of lines of code.

 

Suggested Reading

Go Back To > Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How Kaspersky Lab Plans To Counter Alleged Ties To Russian Intelligence

Alleged Ties To Russian Intelligence

Kaspersky Lab can’t seem to get rid of the stigma of being a Russian company. Even after Eugene Kaspersky publicly declared that Russian President Vladimir Putin is not his friend, and offered to show his source codes to the US government, he can’t shake off the perception that he’s helping the Russian government attack Western interests.

It did not help that Israeli government hackers provided the US National Security Agency (NSA) with evidence that Russian hackers used Kaspersky Lab software to scan for American classified programs. They also found NSA hacking tools in the Kaspersky Lab network, the same tools that the NSA later confirmed were in Russian intelligence hands.

That was what led to the US General Services Administration directive to remove Kaspersky Lab from its list of approved vendors, and the US Senate to call for a government-wide ban.

There is no evidence that Kaspersky Lab itself was complicit in helping Russian intelligence scan for American classified programs, or obtain the NSA hacking tools. It is entirely possible that the Russian intelligence hackers merely exploited the same flaws in Kaspersky Lab software that the Israelis used to gain access to their network and software.

However, all these controversies have greatly undermined Kaspersky Lab’s credibility and sales worldwide.

 

The Kaspersky Lab Global Transparency Initiative

The Kaspersky Lab Global Transparency Initiative attempts to prove and assure their customers (and potential customers) that there are no backdoors in their software. Under this initiative, Kaspersky Lab will make their source codes, including software updates and threat detection rules, available for independent review and evaluation.

Their Global Transparency Initiative will kick off with these actions :

  1. Kaspersky Lab will offer their source codes for an independent review by Q1 2018, with similar independent reviews of their software updates and threat detection rules to follow.
  2. An independent assessment of the Kaspersky Lab development lifecycle processes, and its software and supply chain risk mitigation strategies, will begin by Q1 2018.
  3. Additional controls to govern Kaspersky Lab data processing practices, with verification by an independent party, will be developed by Q1 2018.
  4. Three Transparency Centers will be established in Asia, Europe and the US to address security issues with Kaspersky Lab partners, customers and government stakeholders. They will also serve as a facility for “trusted partners to access reviews on the company’s code, software updates and threat detection rules“. The first Transparency Center will open by 2018, with the rest by 2020.
  5. Kaspersky Lab will increase their bug bounty awards up to $100,000 for the most severe vulnerabilities found under their Coordinated Vulnerability Disclosure program by the end of 2017.

Kaspersky Lab will later announce the next phase of the Global Transparency Initiative, after engaging with their stakeholders and the cybersecurity community.

 

What This Does Not Address

[adrotate group=”2″]

The initial phase of the Kaspersky Lab Global Transparency Initiative will help verify, and assure their customers, that there are no backdoors in their software. However, it does not address a major concern for the US government – the fact that their data is routed through Russian Internet service providers that are subject to the Russian intelligence surveillance system called SORM (System of Operative-Investigative Measures).

Kaspersky Lab has said that customer data sent to their Russian servers are encrypted, and they do not decrypt it for the Russian government. But it would be impossible for them to prove it. Perhaps they will address this concern in the next phase of their Global Transparency Initiative.

Don’t forget to read our interview with Eugene Kaspersky on his alleged ties with Russian President Vladimir Putin and the Kremlin.

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!