,
15 tweets,
9 min read
Read on Twitter
1/15 A reply from @eneketasen leads me to discuss the fate of firms like @McAfee and @kaspersky when they decide (or claim they "got forced") to take sides in a physical war. We'll use BASF's role in the #Holocaust as our keystone to understand cyber firms' future kill counts.
2/15 Recap: BASF is forever linked to Zyklon-B, the gas used to kill one million Jews in Germany's "final solution." Their own website acknowledges how they enabled the #Holocaust. It's a concise, easy read about the wartime slaughter of innocents:
basf.com/global/en/who-…
basf.com/global/en/who-…
3/15 @McAfee's software engineers, like BASF's entomologists, worked long & hard to create the best *defensive* products.
@kaspersky's malware analysts, like BASF's infestation analysts, worked long & hard to keenly understand their enemies' weaknesses.
@kaspersky's malware analysts, like BASF's infestation analysts, worked long & hard to keenly understand their enemies' weaknesses.
4/15 Like BASF, @McAfee and @kaspersky view their "purely defensive research" as just that:
Defensive.
In reality, though, their research is OFFENSIVE and COUNTER-DEFENSIVE.
I said "research," not "products." Most cybersecurity firms / employees don't realize the difference.
Defensive.
In reality, though, their research is OFFENSIVE and COUNTER-DEFENSIVE.
I said "research," not "products." Most cybersecurity firms / employees don't realize the difference.
5/15 Like BASF, @McAfee's reverse-engineering is "counter-defensive" because they seek to overpower (read: "uninstall") the malware they detect.
Like BASF, @kaspersky's analysis is "offensive" because it reveals how to attack & disable a swarm of pests (read: "C&C servers").
Like BASF, @kaspersky's analysis is "offensive" because it reveals how to attack & disable a swarm of pests (read: "C&C servers").
6/15 BASF, like @McAfee and @kaspersky, are NOT specially trained in seeing their "defensive" research turned into killing machines.
And TBH: *I* only recognized it 22yrs ago when I started building the "ADVEIS" antivirus rootkit.
And TBH: *I* only recognized it 22yrs ago when I started building the "ADVEIS" antivirus rootkit.
7/15 This leads us to the concept of "war" where soldiers fire on each other; where pilots bomb civilian industrial centers; where navies sink merchant ships.
A future war will include cyber.
@McAfee and @kaspersky et al. will *cringe* at their roles just like BASF did.
A future war will include cyber.
@McAfee and @kaspersky et al. will *cringe* at their roles just like BASF did.
9/15 "Rob, that was the early 2000s. Your INTSUM is old news." Oh, I agree!
Less than a week after the U.S. gov't turned on @kaspersky, I found myself in a 4½ hour "interview" with investigators who treated me like Congress gnawing on Robert Mueller.
Less than a week after the U.S. gov't turned on @kaspersky, I found myself in a 4½ hour "interview" with investigators who treated me like Congress gnawing on Robert Mueller.
10/15 I told the investigators they still fail to understand the mindset at @kaspersky. "How do we fail to understand it?" Because their civilian employees honestly believe they conduct "defensive" research. And so do the civilians at @McAfee.
And, of course, at BASF.
And, of course, at BASF.
11/15 "Rob, your recent gov't inquisition doesn't change the fact you fell out of the loop a decade ago. I'm with @VessOnSecurity: 'you have no clue' about today's industry mindset."
Ah, but human nature *doesn't* change!
Civilian experts overwhelmingly identify as "defense."
Ah, but human nature *doesn't* change!
Civilian experts overwhelmingly identify as "defense."
12/15 But hey, let's trod back to our global skirmish.
Some civilian "defense" cybersecurity experts will surge with patriotism to sign a new "Manifesto Of The 93" blindly endorsing whatever their country's military can accomplish in cyber.
en.m.wikipedia.org/wiki/Manifesto…
Some civilian "defense" cybersecurity experts will surge with patriotism to sign a new "Manifesto Of The 93" blindly endorsing whatever their country's military can accomplish in cyber.
en.m.wikipedia.org/wiki/Manifesto…
13/15 Other civilian experts might reel at the notion of *any* military using cyber weapons as a "final solution" to turn the war in their favor.
Worst, though, for pacifist civilian experts whose "defensive" research morphs into a killing machine.
web.archive.org/web/2011071508…
Worst, though, for pacifist civilian experts whose "defensive" research morphs into a killing machine.
web.archive.org/web/2011071508…
14/15 @McAfee & @kaspersky et al. *will* go into the business of war just like BASF did. Whether they only sell defensive products ... remains to be seen.
It's a safe bet some cybersecurity firms will retool in WW3.0 for patriotism & profit -- to deliver CYBER tools of death.
It's a safe bet some cybersecurity firms will retool in WW3.0 for patriotism & profit -- to deliver CYBER tools of death.
15/15 In the end, @McAfee & @kaspersky et al. might need to publish a history report on their websites just like BASF did. It will summarize their "unwitting role" in the wartime slaughter of innocent civilians--
--including customers who *paid* them for protection.
--including customers who *paid* them for protection.
