Kaspersky launches KasperskyOS, claims to be unhackable

Though maybe the fact that they claim to prevent any other code from executing that is not signed, maybe it turns out to be more resistant against worms like they are now forming the botnet zombies?

We will have to see, what struck me was the big mouthed claim of being unhackable, which will have to be proven. Otherwise I am curious if they ever will gain a significant market share.

It's something that needs to be put through the ringer for sure. The IoT devices being used in a BotNet are due to the chinese manufacturer of a specific part ( I'm paraphrasing ) Bios being hacked. I heard Allan Jude on TechSnap talk about it 2 weeks ago, and how the devices have the same key/password for admin privileges. It's literally millions of devices.

1 Like

I know that the initial attack is performed by default credntials that got used by the OEM, but maybe the checksum and certificate checks would have the sidloaded code from executing. Thats what I think might be a function that KOS provides, it seems to me

1 Like

Here's the thing, (My Logic) Anyone concious of updating/upgrading an IoT device with new OS/firmware is already ahead of the many who are just pointed to purchase/update physical devices ( which are also poorly implemented) for production. KOS would have to implement the OS at device launch or provide service to deployed devices... Maybe I'm wrong? ( I'm all over the place on this BTW sorry)

1 Like

Wow, how did i not know that was a thing lol...

Is there a book that can tell me about all the cool exploits I've missed out on?

1 Like

Well with every certificate secured device it all depends on the safety of the keys, if your bios/uefi if flawless, and only executes a signed flawless bootloader, which in turn only loads a flawless kernel, which than only loads flawless drivers and programs you have a flawless system ... as far as I am aware of how that should work ^^

1 Like

Boom !

Here is a snippet from krebs...

Source Code for IoT Botnet β€˜Mirai’ Released
2 Likes

Trust me I'll hack it in a week.

2 Likes

There you go:

https://vvdveen.com/publications/drammer.pdf

1 Like