F-Secure_Logo

25 Fellows for 25 Years: Jose Perez Alegre

2010_25th_timeline_web_images-23As we celebrate our 25th anniversary, we’re paying tribute to the women and men who helped build the success story that is F-Secure. You can experience that story here and help us fight malware in our anniversary arcade game.

Today we speak to Jose Perez Alegre — Senior Researcher, Anti-malware Technologies in F-Secure Labs.

Where were you 25 years ago?

I was in Madrid eating hundreds of Marie biscuits, according to my mother, and watching the children’s program “Sesame District”. At that time, I already started my Judo lessons, my belt was yellow-white and I was one of the strongest, I guess because of the amount of biscuits (: .

What’s surprised you most since you’ve joined F-Secure?

Definitely, the people. There are and there have been many professionals I had the luck to work with and share ideas along the years. Without a doubt, the most valuable asset of this company, hardworking people, motivated and eager for new challenges and innovation.

What’s your favorite piece of technology?

At the moment, I’m pretty happy with my new yellowish Nokia Lumia. I’m just learning about its inner workings to start playing with it. Maybe not the conventional “playing with your phone”, but as you may know already, the F-Secure Labs is full of geeks, cool ones.

What F-Secure memory is most irreplaceable to you?

The day I first came to see the office and join the sauna session. It was with a group of students from the University where we were attending a course being taught by F-Secure, as it does still today. That day, I made a couple of “tricky” questions during the presentations which ended up with the later visit to the office some weeks later to start the interview process, a very productive day.

How will the world be different in 25 years?

Hopefully still exciting. In my opinion, the advances and innovation in science, technology and medicine will let humanity to live longer, better and be connected to each other, physically or virtually, like never before. Energy, water, food and the environment will become more critical problems yet to solve, until then and beyond. And I hope, we will know by then what dark matter is?

What’s your 25th birthday wish for F-Secure?

Live long and prosper.

25 Fellows for 25 Years

Mikko Hypponen – 1991
Jyrki Airola — 1994
Pekka Usva — 1995
Kim Englund — 1996
Pirkka Palomäki — 1997

Ilkka Ranta — 1997
Veli-Jussi Kesti — 1998
Taneli Virtanen — 1999
Kalle Korpi — 2001
Mike Graham — 2001

Johan Jarl — 2002
Miska Repo– 2004
Cord Stukenberg — 2005
Morgan MacDonald — 2006
Suh Gim Goh –2010

Harri Kiljander — 2010
Orestis Kostakis — 2010
Pratima Potturu — 2010
Eric Wang – 2011
Ines Finisie – 2011

Timo Laaksonen — 2012
Gianni Pintonello — 2012
Wille Miljas — 2013

More posts from this topic

Lee Rigby

Whose job is it to catch terrorists, MI5’s or Facebook’s?

The sad killing of British soldier Lee Rigby has been in the headlines lately after release of a report about how authorities handled the case. Publicity was boosted because the committee thinks Facebook is responsible for the killing. They think the social media giant has a clear obligation to identify and report people who plan attacks like this. Just like the fact that phone companies report everybody who are talking about terrorism and the postal service sends a copy of all fishy letters to the Scotland Yard. I’m sure you get the sarcasm. What happened is that British agencies, MI5, MI6 and GCHQ, had identified the killers, Michael Adebolajo and Michael Adebowale, as interesting persons before the attack. They did however fail to investigate properly and apparently made no attempts to get the suspects’ communications from Facebook. There would have been several ways for them to do that, by a direct request from the police to Facebook or by the secret intelligence connections between GCHQ and NSA. Meanwhile Facebook's internal controls had flagged the killers’ communications and automatically closed their accounts. Facebook did however never report this to the British agencies. Which gave the Brits a convenient scapegoat to focus on instead of the fact that they never asked for that data. Ok, so the Brits blame Facebook. Let’s take a closer look at some numbers and what they really are demanding. There’s about 1,6 billion users total on Facebook. 1,3 billion monthly active and about 860 million daily active users. These users share around 5 billion items and send over 10 billion messages every day. This creates a total stream of around 10 million items per hour and 173 000 per second. Quite a haystack to look for terrorists in! Facebook has some 8 300 employees. If every single one of them, Mark Zuckerberg included, would spend their full working day monitoring messages and shared items, they would have to do over 60 items per second to keep up. Needless to say, any kind of monitoring must be automated for volumes like this. Facebook is monitoring its content automatically. Some keywords and phrases trigger actions, which can lead to closure of accounts. This is understandable as no company want to be a safe haven for criminals and many kinds of harmful activities are prohibited in the user agreement. But Facebook is walking a thin line here. Their primary task is not to be a law enforcement agency but to provide a social media service. They must also be well aware of the fact that reporting innocent people to the authorities is highly irresponsible. Commonly accepted practices of justice are not obeyed anymore when dealing with potential security threats and there is no transparency. There are numerous cases where western authorities have detained and even tortured innocent persons, apparently based on some very vague indications. Maher Arar’s case is a well-known example. So the bar for reporting someone must be high. It is easy for an Internet service to throw out a suspected user. They are after all not paying anything and Facebook have no obligation to let them be users. This ensures compliance with the user terms, no criminal activities allowed. But the threshold to report someone is naturally a lot higher. Especially when the volume forces Facebook to make automated decisions. This is not a sign of carelessness from Facebook’s side, it’s because people by default are entitled to communication privacy. It is also a direct consequence of the fact that terrorism suspicions are handled outside the normal justice system in many western countries. You carry a heavy responsibility if you feed innocent peoples’ data into a system like that. Let’s face it. There’s a large number of criminal conversations going on right now both on Facebook and other social services. Many terrorists are also on the phone right now and some are picking up deliveries with items related to planned attacks. Nobody is expecting the phone company to routinely listen in to identify potential terrorists and nobody is expecting the post to check parcels randomly. Facebook may not report every flagged conversation, but they are at least doing something to not be a safe haven for terrorists. Still they are the only of these services that the Brits call a safe haven. Not very logical. The simple reason for this apparent inconsistency is naturally the need for a scapegoat. The British agencies failed to investigate so they need someone else to blame. But there is a more dangerous aspect hidden here as well. Snowden made us aware of the privacy threats on Internet. The wide-spread mass surveillance has so far to a large extent been secret and even illegal. Pandora’s Box is open now and authorities all over the world are racing to get legal rights to mass surveillance, before the large masses understand what it really would mean. Putting pressure on Facebook fits that agenda perfectly. To be fair, one can naturally also ask if Facebook could have done more. A calm and balanced debate about that is welcome and beneficial. The flagged messages is probably quite a haystack too. To what extent is Facebook reviewing those messages manually, and could this process be improved to catch more potential killers? And at the same time avoid reporting any innocent users. To illustrate that this isn’t as simple as many think. People are asking why Facebook didn’t react on stuff containing the phrase “let’s kill a soldier”. Well, this blog post contains it too. Am I a killer because of that? Should this post be flagged and given to MI5?   Safe surfing, Micke    

Nov 28, 2014
BY 
network

What is a supercookie and why is it more important than you think?

Many techie terms in the headlines lately. Supercookies, supertrackers, HTTP headers and X-UIDH. If you just skim the news you will learn that this is some kind of new threat against our privacy. But what is it really? Let’s dig a bit deeper. We will discover that this is an issue of surprisingly big importance. Cookies are already familiar to most of us. These are small pieces of information that a web server can ask our browser to store. They are very useful for identifying users and managing sessions. They are designed with security and privacy in mind, and users can control how these cookies are used. In short, they are essential, they can be a privacy problem but we have tools to manage that threat. What’s said above is good for us ordinary folks, but not so good for advertisers. Users get more and more privacy-aware and execute their ability to opt out from too excessive tracking. The mobile device revolution has also changed the game. More and more of our Internet access is done through apps instead of the browser. This is like using a separate “browser” for all the services we use, and this makes it a lot harder to get an overall picture of our surfing habits. And that’s exactly what advertisers want, advertising is like a lottery with bad odds unless they know who’s watching the ad. A new generation of supercookies (* were developed to fight this trend. It is a piece of information that is inserted in your web traffic by your broadband provider. Its purpose is to identify the user from whom the traffic comes. And to generate revenue for the broadband provider by selling information about who you really are to the advertisers. These supercookies are typically used on mobile broadband connections where the subscription is personal, meaning that all traffic on it comes from a single person. So why are supercookies bad? They are inserted in the traffic without your consent and you have no way to opt out. They are not visible at all on your device so there is no way to control them by using browser settings or special tools. They are designed to support advertisers and generate revenue for the mobile broadband provider. Your need for privacy has not been a design goal. They are not domain-specific like ordinary cookies. They are broadcasted to any site you communicate with. They were designed to remain secret. They are hidden in an obscure part of the header information that very few web administrators need to touch. There are two ways to pay for Internet services, with money or by letting someone profile you for marketing purposes. This system combines both. You are utilized for marketing profit by someone you pay money to. But what can and should I do as an ordinary user? Despite the name, this kind of supercookies are technically totally different from ordinary cookies. The privacy challenges related with ordinary cookies are still there and need to be managed. Supercookies have not replaced them. Whatever you do to manage ordinary cookies, keep doing it. Supercookies are only used by some mobile broadband providers. Verizon and AT&T have been most in the headlines, but at least AT&T seems to be ramping down as a result of the bad press. Some other operators are affected as well. If you use a device with a mobile broadband connection, you can test if your provider inserts them. Go to this page while connected over the device’s own data connection, not WiFi. Check what comes after “Broadcast UID:”. This field should be empty. If not, then your broadband provider uses supercookies. Changing provider is one way to get rid of them. Another way is to use a VPN-service. This will encapsulate all your traffic in an encrypted connection, which is impossible to tamper with. We happen to have a great offering for you, F-secure Freedome. Needless to say, using Freedome on your mobile device is a good idea even if you are not affected by these supercookies. Check the site for more details. Last but not least. Even if you’re unaffected, as most of you probably are, this is a great reminder of how important net neutrality is. It means that any carrier that deliver your network traffic should do that only, and not manipulate it for their own profit. This kind of tampering is one evil trick, throttling to extort money from other businesses is another. We take neutrality and equal handling for granted on many other common resources in our society. The road network, the postal service, delivery of electricity, etc. Internet is already a backbone in society and will grow even more important in the future. Maintaining neutrality and fair rules in this network is of paramount importance for our future society.   Safe surfing, Micke   PS. The bad press has already made AT&T drop the supercookies, which is great. All others involved mobile broadband providers may have done the same by the time you are reading this. But this is still an excellent example of why net neutrality is important and need to be guaranteed by legislation.     (* This article uses the simplified term supercookie for the X-UIDH -based tracker values used by Verizon, AT&T and others in November 2014. Supercookie may in other contexts refer to other types of cookie-like objects. The common factor is that a supercookie is more persistent and harder to get rid of than an ordinary cookie.   Image by Jer Thorp  

Nov 18, 2014
BY