Kaspersky Labs building their own OS

The folks at Kaspersky Labs have never been shy about voicing their opinions when it comes to the level of security in today’s operating systems, and now they’re planning to show the world how it’s done by building their own OS. Kaspersky’s ‘secret project’ is aimed at critical systems like power plants and telecommunications systems, ideally offering them the most secure option on the market.

KL OS, as Kaspersky calls their OS, is being “developed for solving a specific narrow tasks,” and is sacrificing features like executing third-party code and running unauthorized apps in the name of security. Kind of like iOS on steroids. Kaspersky Labs founder Eugene Kaspersky says that the system’s security is “both provable and testable.”

Right now details are fairly scarce (and considering what the OS is being tailored for, it may well stay that way), but considering what we’ve seen from malware like Stuxnet and Flame, it might not be a bad idea to retool the computer systems of critical infrastructure. Kaspersky says that there’s even more room for security improvements to infrastructure systems than elsewhere, since their ‘always on’ nature makes it a hassle to update them.

It’ll definitely be interesting to see if Kaspersky can pull off building an OS that’s strong enough to withstand the approaching cyberwar apocalypse. On the other hand, there’s always the possibility that it out to be the biggest security fail since Oracle's ‘unbreakable’ systems, but who knows, if they can figure out a way to make everyone’s system more secure, we’re all ears.

Source: PC Mag | Via CNet
Lock Button Image by Shutterstock

Report a problem with article
Previous Story

TechSpot: Thunderbolt-equipped Gigabyte Z77X-UP5TH meets Velociraptor Duo Review

Next Story

Microsoft: We will train store employees on Windows RT/Surface

28 Comments

Commenting is disabled on this article.

Building their own OS eh? Will it be another clone OS (nix) or something absolutely new that's never been done before?

Enron said,
A secure OS designed by the Soviets?! I'll pass!

Since the US seems to be the more trusted guy, erm, who told you that they are not spying on eberyone as they know ppl will use their stuff. aha. :-?

Why critical infrastructure like Power plants have systems connected to the Internet is beyond me. They should run on a totally separate network with no possibility of general internet access. Same for Military/Gov systems.

GreatMarkO said,
An anti-virus/security company developing their own OS? Yeah, that won't be targeted by virus creators/hackers(!).... much!!

Look at hp's infinity or integrity OS, maybe because of a mix of non-standard hardware/CPU type and it's very expensive but apparently it's the only unhacked commercial OS, so who knows.

n_K said,

Look at hp's infinity or integrity OS, maybe because of a mix of non-standard hardware/CPU type and it's very expensive but apparently it's the only unhacked commercial OS, so who knows.

security through obscurity does not count!!

ingramator said,

security through obscurity does not count!!


I do agree but, let's take the DoD modified linux, you won't get it outside of the military, and high up military at that, so unless you've got something online to attack and try to find flaws in or have direct access to one that isn't monitored, chances are you'll never find a security flaw in them.

Hello,

This is a very interesting move by Eugene Kaspersky. Speaking as both someone who has worked at an embedded systems manufacturer (VoIP telephony gear) and also as a competitor (antimalware) I know that each one has very specialized toolchain requirements and that expertise in one area does not necessarily translate to mastery of the other.

Probably more curious is the timing of the announcement: It seems an odd time for a Russian antimalware company whose founder has close ties to that country's intelligence agencies to announce a new operating system for critical infrastructure tasks, especially since the US House Intelligence Committee is tearing into Chinese telecom gear vendors Huawei Technologies and ZTE over concerns about the security of their products.

That said, while my interaction with Eugene Kaspersky has been minimal, he has assembled a world-class group of researchers, and I would have no concerns about running any code written by them on any computer I own were I not a competitor.

Regards,

Aryeh Goretsky

I would trust Kaspersky to write an OS because? They've just about managed to write a decent AV solution so what makes them think they'll be any good in the secure OS market?

A problem you won't be able to overcome: the human factor! Besides that, I am sure that governments and secret services will demand backdoors in operating systems to be able to take control or do other things. Once those backdoors are coded in, the "secure" os won't be any more secure than today's operating systems. The only advantage would be that security wholes are lesser known since the os wouldn't be as common / wide spread.

Here's how to make any computer made by man secure:
-Remove any networking
-Remove any interfacing
-Remove any storage expansion mediums
-Physically hold in a nuclear bomb proof bunker
-Keep computer remained off at all times

ingramator said,
Here's how to make any computer made by man secure:
-Remove any networking
-Remove any interfacing
-Remove any storage expansion mediums
-Physically hold in a nuclear bomb proof bunker
-Keep computer remained off at all times

Your funny you know lol.

ingramator said,
Here's how to make any computer made by man secure:
-Remove any networking
-Remove any interfacing
-Remove any storage expansion mediums
-Physically hold in a nuclear bomb proof bunker
-Keep computer remained off at all times

I now award you a CISSP Certificate!

ingramator said,
Here's how to make any computer made by man secure:
-Remove any networking
-Remove any interfacing
-Remove any storage expansion mediums
-Physically hold in a nuclear bomb proof bunker
-Keep computer remained off at all times

-Keep computer remained off at all times - should be enough

ingramator said,
Here's how to make any computer made by man secure:
-Remove any networking
-Remove any interfacing
-Remove any storage expansion mediums
-Physically hold in a nuclear bomb proof bunker
-Keep computer remained off at all times

Great in theory, but much more difficult in practise.
Bare in mind the systems mentioned above all require remote monitoring, telemetry communcications (remote access to the outside world).
In addition various components and parts of plant will require programming (such as PLCs, Inverters, IO systems etc).
Shutting 'the system' off from the outside world is far more difficult then what you've mentioned.

PmRd said,
What a stupid idea. The guy who thought of this must have been really high on cocaine or something

do you have any logic behind calling this stupid? I think its a good idea, just because you may not be able to use it doesn't mean certain niche markets and don't have a need for it. Even if only .1% of the world had a need for this that's still 7 million potential customers, and even at $25 a piece the money really starts to add up.

I am Reid said,

do you have any logic behind calling this stupid? I think its a good idea, just because you may not be able to use it doesn't mean certain niche markets and don't have a need for it. Even if only .1% of the world had a need for this that's still 7 million potential customers, and even at $25 a piece the money really starts to add up.

This is stupid, logic or not.
What are they gonna do ? Rebuild an entire suite of apps to at least do the basics (Browser, Office-like) to run only on their OS ?
They are an Anti-Virus company unless i'm wrong.
This is going to fail, this is too big for them. Even if they claim that this is the more secure OS ever, forget about this.

No, internet browser and office suites are not needed for such OS. It's for telecommunications, power plants, other critical infrastructure servers/routers and all other devices. It's not general purpose software used by customer. It's more like embedded OS, which must deliver small footprint, security and executes very specific tasks, might also be real-time. Again, it's a commercial product.

boumboqc said,

This is stupid, logic or not.
What are they gonna do ? Rebuild an entire suite of apps to at least do the basics (Browser, Office-like) to run only on their OS ?
They are an Anti-Virus company unless i'm wrong.
This is going to fail, this is too big for them. Even if they claim that this is the more secure OS ever, forget about this.


Yeah I forgot that whilst moving depleted uranium around in the local power plant, I need to pop on their servers so I can quickly check out neowin and write up a report on the current state of financial affairs to be published in a newspaper.....

PmRd said,
What a stupid idea. The guy who thought of this must have been really high on cocaine or something

It will be awkward when a security OS had vulnerabilities discovered and is hacked

PmRd said,
What a stupid idea. The guy who thought of this must have been really high on cocaine or something

It most certainly is not. BeOS was too early for the times. It might have been a wholelot more successful in today's environment.

Why would they want to build a whole plethora of applications? I for one need maybe 4-5 basic applications. Very secure internet access, video telephony, and a rudimentary text editor with formatting, media player and maybe a torrent client.

pmshah said,

It most certainly is not. BeOS was too early for the times. It might have been a wholelot more successful in today's environment.

Why would they want to build a whole plethora of applications? I for one need maybe 4-5 basic applications. Very secure internet access, video telephony, and a rudimentary text editor with formatting, media player and maybe a torrent client.

Yeah I think you did not read what the OS was for