[security] Fascinating ID Theft saga

It is quite amazing (but not surprising) the degree of sophistication, care, and patience these hackers apply. Their engineering and business savvy are at the same level as the best of Google and Amazon.

Data Broker Giants Hacked by ID Theft Service — Krebs on Security:

An identity theft service that sells Social Security numbers, birth records, credit and background reports on millions of Americans has infiltrated computers at some of America’s largest consumer and business data aggregators, according to a seven-month investigation by KrebsOnSecurity.

 

Securing or attacking Industrial Control Systems

It turns out that Kaspersky Labs is developing a brand new operating system specifically designed to be used in embedded industrial systems and industrial control systems.

In this article, Eugene Kaspersky explains why his company decided to embark on the creation of an operating system designed specifically and only for embedded industrial control systems.

The obvious question:

“First I’ll answer the most obvious question: how will it be possible for KL to create a secure OS if no one at Microsoft, Apple, or the open source community has been able to fully secure their respective operating systems? It’s all quite simple really.

“First: our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media. Second: we’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity. This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable.” (from Kaspersky Lab Developing Its Own Operating System? We Confirm the Rumors, and End the Speculation!)