Kaspersky wants to make Tor illegal and supports a globalized policed internet.

[John Case]

On Sun, 18 Oct 2009, Jacob Todd wrote:

>> http://www.theregister.co.uk/2009/10/16/kaspersky_rebukes_net_anonymity/
>> "
>> In Kaspersky's world, services such as Psiphon and The Onion Router
>> (Tor)Â - which are legitimately used by Chinese dissidents and Google
>> users alike to shield personally identifiable information - would no
>> longer be legal. Or at least they'd have to be redesigned from the
>> ground up to give police the ability to surveil them. That's not the
>> kind of world many law-abiding citizens would feel comfortable
>> inhabiting.


As far as any authority is concerned , one bit of SSL traffic is 
indistinguishable from any other bit of SSL traffic.  So while current 
anonymity models may not be workable in 5 or 10 years, if people are 
generating strongly encrypted traffic to arbitrary hosts, _some_ models 
will be workable.

Multinational, corporate interests will not allow information security 
(SSL, VPNs) to just go away.  Further, if TPTB have "broken" SSL, they 
aren't going to tip their hand to the rest of the world to blow the nym 
you access twitter with.

I am pessimistic about the march of freedom and the limits of state power, 
but these are now basic to all commerce and infrastructure worldwide.  The 
cats out of the bag, I'm afraid.


>> He's talking about supporting a police state, where the "law" can
>> watch everything you do.
>>
>> http://www.zdnetasia.com/insight/security/0,39044829,62058697,00.htm
>> "
>> [Q:] Are you saying that people often don't understand the
>> complexities of the work security researchers are involved in?
>> Consumers, businesses and even governments?
>> [A:] Governments do understand because they are more and more in touch
>> with these problems. Enterprises, big enterprises, some of them have
>> dedicated teams of security experts and they really understand what's
>> going on. Consumers generally have no clue, but they don't need to
>> understand.


He's lobbying.  He sees the money that cisco, et. al, have made building 
the great firewall and he wants a piece of the action.


>> I'd like to change the design of the Internet by introducing
>> regulation--Internet passports, Internet police and international
>> agreement--about following Internet standards. And if some countries
>> don't agree with or don't pay attention to the agreement, just cut
>> them off.


Let's say this is successful ... it will simply lead to a parallel, mostly 
wireless network that is even more decentralized than the current 
Internet.  How much does it cost these days to link 10mbps across 10 km ?

In a few years, with "n" hardware flooding the market, how much will it 
cost to link 100mbps across 50 km ?


>> Something worth noting, today's A/V solutions do not scan inside
>> virtual machines and would not be able to detect Tor easily.  Use
>> encryption with the VM and it'll be impossible for any A/V product to
>> scan the data inside.  If you use an external anonymity device like
>> januspa or a linux router + Tor, then you would not feel the affects
>> of bad A/V software against your anonymity.
>>
>> Personally, I will be encouraging everyone I know to stay as far away
>> from this company and their products simply out of principle at this
>> point.  I had no problem with Kaspersky until I read this.  If
>> Kaspersky is going to treat non malicious software as malware, then we
>> might as well treat their software with the same regard.


Will there really be any intersection between end users using reactionary, 
clueless, least-common-denominator snake oil like this, and users of Tor ?