In his personal Blog, Eugene Kaspersky wrote;
At last – we’ve done it!
I’ve anticipated this day for ages – the day when the first commercially available mass market hardware device based our own secure operating system landed on my desk.
And there’s plenty more in the pipeline where this came from too, meaning the tech will be applied in other Internet-connected bits of kit, aka the Internet of Things (IoT). Why? Because this OS just so happens to be ideal for applications where a small, optimized and secure platform is required.
The operating system boasts several distinctive features;
First, it’s based on microkernel architecture, which allows to assemble ‘from blocks’ different modifications of the operating system depending on a customer’s specific requirements.
Second, there’s its built-in security system, which controls the behavior of applications and the OS’s modules. In order to hack this platform a cyber-baddie would need to break the digital signature, which – any time before the introduction of quantum computers – would be exorbitantly expensive.
Third, everything has been built from scratch. Anticipating your questions: not even the slightest smell of Linux. All the popular operating systems aren’t designed with security in mind, so it’s simpler and safer to start from the ground up and do everything correctly. Which is just what Kaspersky did.
The very first meeting held regarding this project took place 14 (fourteen!) years ago on November 11! , according to Eugene.
“In the first several years not a single line of code was written. We met from time to time, discussed technical details, architecture, and drew pretty pictures on large sheets of paper. Then we built up a team – very slowly, since OS specialists are few and far between. And onwards we move, slowly but surely. Fast forward several years, and today we aren’t simply celebrating the latest team discussion, but our first commercial hardware device actually ready!” Eugene said in regard to the OS conceptualization and development.
November 11 is of course easy to remember as it’s 11-11. Which is birthday of this big, ambitious project. Indeed, within Kaspersky, the project is known simply as ’11-11′.
Did Kaspersky build an operating system that is impossible to hack in principle? or is such an OS really necessary?
Here is why as reported by Eugene on his Blog;
“Once, cyberthreats targeting critical infrastructure, telecoms and other modern-life-essential systems looked mostly like science fiction. No one – besides us paranoids (actually, and also the most advanced hackers, cyber-spies and cyber-militaries) really had any idea that data security could directly affect physicalsecurity. Nor were they aware that literally all digital systems in existence around the world can be hacked. After all, we started our project long before Stuxnet, and even before Die Hard 4, where the cyber-baddies hacked and wrecked critical infrastructure. But as time has passed the general level of understanding of the threats has gradually – and increasingly conspicuously – risen…
The serious problem of security of critical infrastructure started to be discussed at high-profile international conferences. Then, gradually, the topic started to spread into the imaginations of Hollywood (Die Hard 4, Skyfall…). Next, literally in the last year to 18 months, attention has risen still further – exponentially – to finally make the topic of cybersecurity one of the main topics at various top-level international summits and meetings of world leaders. Meanwhile, quietly in the background all this time, alchemists KL experts were toiling away in their workshops edging ever nearer to the unveiling of our very own OS!
We realized that the operating system needed to have lots of different applications.
First, it should provide a basis for the development of protected industrial control systems.
Second, it should provide a basis for the development of protected embedded devices, including the IoT. Btw, the recent DDoS attack on Dyn’s DNS servers, which brought down sites like Amazon and Twitter, was carried out by a botnet that had infected ‘smart’ (actually, rather stupid:) devices like IP-cameras. The attack generated an astounding 1.2 terabytes a second – the biggest DDoS in history.
So, I’m hoping it’s obvious by now how protecting the IoT and, of course, critical infrastructure (industry, transport, telecoms, etc.) from IT threats is simply mandatory. I also hope it’s clear that it’s better – no matter how difficult – to build IoT/infrastructure devices from the very beginning in such a way that hacking them is practically impossible. Indeed, that is a fundamental goal with Kaspersky OS.”
well it seems that Kaspersky has most of the threats scaled down to a well assebled hardware and robust OS, what do you think? Please share your comments below…