Kaspersky wants to make Tor illegal and supports a globalized policed internet.

Sun Oct 18 19:04:35 PDT 2009

On Sun, 18 Oct 2009, Jacob Todd wrote:

>> http://www.theregister.co.uk/2009/10/16/kaspersky_rebukes_net_anonymity/
>> "
>> In Kaspersky's world, services such asB PsiphonB andB The Onion Router
>> (Tor)B - which are legitimately used by Chinese dissidents and Google
>> users alike to shield personally identifiable information - would no
>> longer be legal. Or at least they'd have to be redesigned from the
>> ground up to give police the ability to surveil them. That's not the
>> kind of world many law-abiding citizens would feel comfortable
>> inhabiting.

As far as any authority is concerned , one bit of SSL traffic is
indistinguishable from any other bit of SSL traffic.  So while current
anonymity models may not be workable in 5 or 10 years, if people are
generating strongly encrypted traffic to arbitrary hosts, _some_ models
will be workable.

Multinational, corporate interests will not allow information security
(SSL, VPNs) to just go away.  Further, if TPTB have "broken" SSL, they
aren't going to tip their hand to the rest of the world to blow the nym
you access twitter with.

I am pessimistic about the march of freedom and the limits of state power,
but these are now basic to all commerce and infrastructure worldwide.  The
cats out of the bag, I'm afraid.

>> He's talking about supporting a police state, where the "law" can
>> watch everything you do.
>>
>> http://www.zdnetasia.com/insight/security/0,39044829,62058697,00.htm
>> "
>> [Q:] Are you saying that people often don't understand the
>> complexities of the work security researchers are involved in?
>> Consumers, businesses and even governments?
>> [A:] Governments do understand because they are more and more in touch
>> with these problems. Enterprises, big enterprises, some of them have
>> dedicated teams of security experts and they really understand what's
>> going on. Consumers generally have no clue, but they don't need to
>> understand.

He's lobbying.  He sees the money that cisco, et. al, have made building
the great firewall and he wants a piece of the action.

>> I'd like to change the design of the Internet by introducing
>> regulation--Internet passports, Internet police and international
>> agreement--about following Internet standards. And if some countries
>> don't agree with or don't pay attention to the agreement, just cut
>> them off.

Let's say this is successful ... it will simply lead to a parallel, mostly
wireless network that is even more decentralized than the current
Internet.  How much does it cost these days to link 10mbps across 10 km ?

In a few years, with "n" hardware flooding the market, how much will it
cost to link 100mbps across 50 km ?

>> Something worth noting, today's A/V solutions do not scan inside
>> virtual machines and would not be able to detect Tor easily.  Use
>> encryption with the VM and it'll be impossible for any A/V product to
>> scan the data inside.  If you use an external anonymity device like
>> januspa or a linux router + Tor, then you would not feel the affects
>> of bad A/V software against your anonymity.
>>
>> Personally, I will be encouraging everyone I know to stay as far away
>> from this company and their products simply out of principle at this
>> point.  I had no problem with Kaspersky until I read this.  If
>> Kaspersky is going to treat non malicious software as malware, then we
>> might as well treat their software with the same regard.

Will there really be any intersection between end users using reactionary,
clueless, least-common-denominator snake oil like this, and users of Tor ?