499 加油站 NO.29 | Vladimir Hrytsan:信息即财产!如何在数字时代保护自己?

2019年10月16日 15:17

摘 要

这是你的数据,你拥有它,你可以去交易

_《加油站》29 期访谈实录:_

-嘉宾介绍-

Vladimir Hrytsan

专业生物信息研究人员,精通最前沿的编程技术,并有多年软件开发与系统架构从业经验。

MTC Group Ltd. 的联合创始人。发明了混淆编译器 Morpher,后卖给了全球最大 SIM 卡制造商 Gemalto。

不仅仅有出色的管理能力,Vladimir Hrytsan 在他从事的每一个公司都致力于技术难题的解决方案,带领团队技术精英攻坚克难。

ROMAD 的创业理念就是以创新的方法,创造主动防御系统来帮助解决当今杀毒软件行业中的多种疑难杂症。

Co-founder and CTO of ROMAD.

Formally trained in Biochemistry, with broad and up-to-date experience in
system programming, large scale software development and systems architecture.

Co-founder of MTC Group Ltd. where he created Morpher, an obfuscating
compiler, which was sold to the world's largest manufacturer of SIM cards,
Gemalto.

Despite the management position, in each of the companies he serves, he has
put forward many solutions to technical problems and led the team in
technology development.

He led ROMAD team to come up with the idea of innovative antivirus engine and
is driving technology development to proactively solve the long lasting issues
in the industry.

-**

-
**

_Sunny:_大家好,我叫 Sunny,是本次 499 加油站的主持人,第 29 期在线访谈我们很荣幸的请到了 Vladimir
Hrytsan 来当分享嘉宾,本期分享的主题是“信息即财产!如何在数字时代保护自己。”大家欢迎 Vladimir 先生来分享他的观点。

Hello everyone, my name is Sunny and I will be your host for this week's
interview.Today's interview is the 29th edition of the 499 Blockchain
Community, and we have the pleasure of inviting Mr. Vladimir Hrytsan to speak
with us today. The topic of this week's interview: “Information is property!
How to properly protect yourself in the digital age.”Now, let us formally
welcome Mr. Vladimir Hrytsan to the center stage to share his perspectives on
the topic ~ !

Hrytsan
非常感谢 Sunny 的介绍以及 499 小姐姐的热情的欢迎。我很高兴来到这分享我的观点。我是一个技术人员,但我会尽量减少技术术语。

很多人认为网络安全市场是很浅显的,我却不这样认为,这是一个巨大的市场,里面充斥着好人与坏人不断比拼的故事。恶意软件的产生源于利益驱动。
在过去二十年中,我们发现了很多针对最盈利的领域的不同恶意软件浪潮。

Thank you so much, Sunny for the warm introduction and thank you, community
for the warm words. It is my pleasure being here. I am a technical guy,
however I will try to be as less technical as I can.

Some people tend to think cybersecurity market is shallow. I am going to
disprove this claim today. This market is huge and full of the stories of an
armrace between good and bad guys.The malware strives for the profitability.
We were observing different malware waves targeting the most profitable
sections during the last two decades.

例如,2005 - 2009 年恶意软件盯上了银行。 使用不同的复杂技术来说服最终用户将财产转给网络骗子。
银行正在增加额外的保护措施。这场战斗至少花了 4-5 年,银行恶意软件数量开始下降。
恶意软件作者正在寻找其他一些利润丰厚的领域。预计下一个恶意软件浪潮的目标是加密用户文档并要求赎金来解密它们。勒索软件恶意软件正在盛行。

For example, malware was hunting for the banks in 2005-2009. Different
sophisticated techniques were used to convince the end users to transfer the
wires to the cyber crooks. Banks were adding the additional protective
measures. This battle took at least 4-5 years and the banking malware volumes
started to drop. The malware authors were looking for some other lucrative
sectors.The next malware wave were aiming for the encrypting the user
documents and asking for a money to decrypt them back. The ransomware malware
was on the rise.

传统防毒手段无能为力。勒索软件浪潮始于 2010 年。不是杀毒软件技术试图以某种方式废除它,而是执法机构试图阻止它。他们正在寻找可怜的用户支付的赎金。
不同国家的多个执法机构联合起来试图将这些网络骗子关进监狱。 这些行动是有效的,但它们不能很好地扩展,勒索软件浪潮仍在继续。

加密货币的出现对整个恶意软件影响很大! 现在正在发生一种新的恶意软件浪潮 - 密码输入器和密码攻击者。加密货币的分散性使恶意软件的工作变得更容易。
一旦您设法进行转移,就没有中央权限可以为您恢复转移。 一旦消失,你的钱就永远消失了。

The traditional antiviruses were powerless to do something about it. The
ransomware wave started in yearly 2010. It was not the AV technology that is
trying to dump it somehow, instead the law enforcement agencies were trying to
stop it. They were looking going after the money being paid by the poor users.
Multiple law enforcement agencies of the different countries united in an
attempt to put the cyber crooks to jail. These actions were efficient, however
they do not scale well and the ransomware wave is still here.

Cryptocurrencies changed a lot! A new malware wave is happening right now –
the cryptostealers and cryptojackers. The decentralized nature of the
cryptocurrencies makes the malwares’job easier. Once you managed to make a
transfer, there is no central authority to revert it for you. Once gone, your
money is gone forever.

这些恶意软件目前以电子货币用户为目标。
它可能会查找您的冷钱包文件,它可能会尝试替换您的 Binance 登录页面,或者它可能只是以隐藏的方式使用您的 CPU 来挖掘 Monero。就像过去与银行的战斗一样,这股潮流刚刚到来。我个人认为它至少将持续好几年。未来还有什么对我们有用?物联网:
智能住宅,智能汽车。 想象一下,恶意软件会阻碍你的特斯拉并向你要钱。 你会付钱吗?如果同样的事情发生在人造心脏? 你还不会付钱吗?

(https://blog.avira.com/mikrotik-415-thousand-routers-affected-by-cryptominer/
一个特洛伊木马的例子,感染家庭 wifi 路由器为开采 Monero)

The malware is targeting the crypto users these days. It may look for your
cold wallet files, it may attempt to replace your Binance login page or it may
simply use your CPU in a hidden manner to mine for Monero. Like the battle
with the banks in the past, this current wave has just come. I personally
think it will last for another couple of years if not more. What else does the
future hold for us?IoT. smart houses, smart cars. Imagine a malware blocking
up your Tesla and asking for money. Would you pay? what if something like it
happens with the artificial heart? Would you pay now?

(https://blog.avira.com/mikrotik-415-thousand-routers-affected-by-cryptominer/
Example of the Trojan that infects the home wifi routers to mine for Monero)

目前我们每个人都有私人电脑,iPad 和智能手表。 很快就会有更多的智能小玩意儿。 人工器官,增强现实 -每个物联网设备都可能是恶意软件的目标,市场容量巨大。Gartner 预测了安全行业 7.9% 的复合年增长率,但我个人认为它会更多。以上就是我对安全行业的一些看法。

Currently each of us has a PC, an iPad and a smart watch. Soon more gadgets to
come. Artificial organs, augmented reality – each IoT device is a likely
target for the malware and the market volume is huge. Gartner promises as the
CAGR of 7.9, however I personally think it is going to be much more.

__Sunny:__
感谢 Vladimir,这是一个对大家很有帮助的行业趋势分享。现在,我有一个问题要请教你:你认为市场规模和行业的痛点是什么?

Wow, Thanks, Vladimir. It's a great sharing for trend of the industry. Now I
have the question for you: What do you think of the size of the market and the
painpoints of the industry?

**Hrytsan**市场的规模是由华尔街的巨头们决定的。 正如 Cybersecurity
Ventures 预测的那样,从 2017 年到 2021 年,全球网络安全支出将达到 1000 亿美元。2015 年,网络犯罪造成的损失计入 3 万亿美元。
预计 2021 年将达到 6 万亿美元。万亿级别的。 我甚至无法想象这些数字中有几个 0。数不过来了

The size of the market was determined by the big aces from Wall Street for us
already. As predicted by Cybersecurity Ventures, from 2017 to 2021, the global
spending on cyber security will be $100 billion. In 2015 losses caused by the
cybercrime counted for $3 trillion. It is predicted to be $6 trillion in
2021.Trillion. I cannot even imagine the numbers of nils in these numbers._
__**
__**_

据埃森哲称,医疗行业受到恶意攻击的影响最大。
美国 83%的医生都经历过恶意软件攻击。市场分析公司 IDC 预测,2020 年网络安全的市场需求将达到 1016 亿美元。
因此,在这个利基市场中,每个玩家有足够的空间。因此大量资金投入到了市场。尽管市场上有很多玩家,但为什么我们每天都会听到有关恶意软件漏洞的消息?

According to Accenture, medical industry suffers most from the malicious
attacks. 83% of doctors in US have experienced malicious attacks.IDC, a market
analysis company predicts the market requirement of cybersecurity in 2020 will
be $101.6 billion. So there is a plenty of room for the different players in
this niche. So lots of money being invested. Lots of players on the market.
Why do we then hear about the malware breaches on the daily basis?

WannaCry 在其扩散的前四天造成了 40 亿美元的损失。联邦快递被 NotPetya 击中,造成 3 亿美元的损失。
韩国 Bithumb 受到恶意软件攻击,并损失了 700 万美元。 每天新发生的案例不胜枚举。重点是我们仍然没有可靠的工具来对抗恶意软件。
经典的杀毒软件无法有效地完成对抗。
他们的核心技术自 1990 年以来没有改变,这还不足以对抗当今的威胁。这就是 Gartner 在经典杀毒软件和下一代技术之间建立分水岭的原因,下一代技术旨在有效地应对当前的威胁。

WannaCry had caused the losses of $4 billion during just the first four days
of its proliferation. Fedex was hit by NotPetya causing the losses of $300
million. South Korean Bithumb was hit by the malware attack and lost $7
million. There are other numerous examples that happen every day. The main
point is we still do not have the reliable tools to combat the malware. The
classic AVs cannot do it efficiently. They core technologies had not changed
since 1990 and this is not enough to combat today's threats. This is why
Gartner has put a watershed line between the classic AVs and the next
generation technologies that are designed to combat current threats
efficiently.

ROMAD Endpoint Defense 属于下一代安防技术,已经做好准备对抗当前可怕的世界。 它简单地完成了它的设计 -有效地抵御恶意软件。它不需要 24/7 更新来可靠地排除恶意软件攻击。 它不消耗系统资源。 它甚至可以在过时的硬件上运行。ROMAD Endpoint
Defense 不扫描文件。 它实时监控系统并在启动时阻止恶意软件。 并且不需要任何用户交互。

ROMAD Endpoint Defense belongs to the set of the next generation tools and is
ready to meet the current scary world. It simply does what it is designed for
– efficiently combats malware.It does not need 24/7 updates to reliably repel
malware attacks. It does not consume the system resources. It can even work on
an outdated hardware. ROMAD Endpoint Defense does not scan files. It instead
monitors the system in real time and blocks malware when launched. And no any
user interaction is required.

__Sunny:__
总而言之,市场的规模是值得期待的,网络安全的痛点也会得到解决,现在让我们继续第二部分的分享“ROMAD 的优势”。你准备好了吗?Hrytsan?

In a word, market size worth looking forward to and the solution to the
painpoints is resolvable. Now Let's go on the second part of the sharing“The
prominence of ROMAD.” Are you ready?

**Hrytsan**让我们继续吧 , 就像刚才提到的的,ROMAD
Endpoint 防御系统是下一代防病毒技术,旨在对抗当今的威胁。问题是当用户购买防病毒软件时,他们不想花时间进行教育。
他们希望该工具可以为他们做所有事情。这是我们的情况。
ROMAD 不会问你任何愚蠢的问题,也不需要任何复杂的技能来控制它。因为那都是昙花一现的解决方案。你做你一直在做的事情 - 聊天,工作和看电影。 ROMAD
Endpoint Defense 将关注提供给您可靠的保护。

I am! Let us continue. Like a said, ROMAD Endpoint defense is the next
generation antivirus which is designed to combat today's threats. The thing is
when the user buys the antivirus, they do not want to spend their time for the
education. They expect the tool would do everything for them. This is our
case. ROMAD will not ask you any stupid questions and will not require any
sophisticated skills to control it. This is a fire-and-forget solution. You do
what you are always doing with the PC - chatting, working and watching movies.
ROMAD Endpoint Defense will care for your reliable protection.

我不打算说空话。 ROMAD 在美国开始,b2b 市场非常严格。 我们与福特等不同公司的众多首席信息安全官一起参与了鲨鱼坦克比赛。 还有 Truly
Sharks。我们成功赢得了 2017 年坦克旧金山的安全鲨鱼坦克和 2016 年库比蒂诺奖的安全鲨鱼坦克冠军。

I am not going to make the empty claims. ROMAD had started in USA and the b2b
market is a very strict one. We were participating on the Shark Tanks with the
numerous CISOs of the different companies like Ford. And there were truly
sharks. We managed to win Security Shark Tank Cupertino 2016, Shark Tank San
Francisco 2017.We are named as the key innovator by the MarketsandMarkets
agency report.

欧洲的政府机构不会给你空洞的陈述机会。 因此,随着我们的技术获得专利(US 9372989 B2 和 EP 2 767 923
A3 专利),我们还成功赢得了地平线 2020 的第一阶段投资,这是一项政府支持的巨大投资计划。因此,我们所做的陈述是有基础的。当然,我们并不是获得了所有我们想要的奖励。
希望我们能在不久的将来争取更多的荣誉。 请关注我们的更多好消息。

European beurocracy will not give you a single chance for the empty
statements. So as our technology is patented (US 9372989 B2 and EP 2 767 923
A3 patents), we had also managed to win the Phase 1 of the Horizon 2020, which
is a huge governmental supported investment programme. So we do have a
foundation for the solid statements that we make. Of course we do not have as
many rewards as I want us to. Hopefully we are fixing it in some nearest
future. Watch us for more good news to come.

__Sunny:____关于你的下一个问题,你能和我们分享一下 ROMAD 与竞争对手的不同之处吗?

For your next question, can you share with us about how ROMAD differs from its
competition?

**Hrytsan**
我认为现在是时候稍微解释一下这项技术是如何运作的。我是首席技术官,但我最初表示我不会成为技术人员。
有一种说法是:“如果一些事情你无法对你的奶奶解释清楚,那么说明你自己也不理解这些事情。”每个程序(即 Word,Skype,PowerPoint)都要求操作系统执行不同的操作:移动鼠标光标,使用硬盘驱动器或将信息发送到网络。
“询问过程”是通过系统调用完成的。 没有例外。ROMAD 实时拦截 100%的系统调用并分析所有系统调用。找到恶意行为后,将阻止对其负责的程序。

I think it is time to a little bit explain how the technology works. I'm a
CTO, however I initially promised I'm not going to be technical. There is a
saying: "if you cannot explain how something works to your granny, you do not
know it yourself"Every program (i.e. Word, Skype, PowerPoint) asks the
operating system to do different actions: moving the mouse cursor, working
with the hard disk drive or sending the information to the Internet. The
“asking process” is done via the system calls. No exceptions. ROMAD intercepts
100% of the system calls in real time and analyzes all of them. When the
malicious behavior is found, the program that is responsible for it is
blocked.

整体观念听起来很容易 ; 但是,实施起来并不容易。 经过 4 年的深入研发,才创造出工作原型。回想一下常规流感。 我们每年冬天都会感染的疾病。 流感是一样的。
病毒外壳已经改变了。 因此,我们的免疫系统不能识别它。 如果有办法进入病毒内部,重点看病毒的 DNA,战斗将随即结束。这就是经典的防病毒软件正在做的事情。
他们正在寻找外层。 ROMAD Endpoint Defense 反而坚持针对恶意软件的 DNA。
这就是我们计划赢得这场战斗的方式。我尽了最大的努力尽可能地通俗而直白的做出了解释。小姐姐们来判断我解释的是好还是坏吧。

It overall idea sounds easy; however, the implementation was not easy at all.
It took 4 years of an intensive R&D; to create the working prototype.Recall a
regular flu. The disease that we catch every winter. The flu is the same. The
outer layer has changed. Therefore, our immune system stops recognizing it. If
there were a way to look inside, to stick to the flu’s DNA, the battle would
be over finally. This is what the classic antiviruses are doing. They are
looking for the outer layer. ROMAD Endpoint Defense instead sticks right to
the malware’s DNA. This is how we plan to win this battle. I tried my best to
be as less technical as possible. It is up to the community to judge, if the
explanations were OK or not.

__Sunny:____你解释的非常好,你能分享一些 ROMAD 的技术应用场景吗?

You did it very well,Can you share some examples of application of our
technology?

**Hrytsan**
第一个应用程序场景是抗击病毒。我们的专利技术是 ROMAD 终点防御系统的核心。B2C 版本将通过“通过共享攻击信息进行挖矿”来推广。当我们的软件成功地抵御恶意软件攻击时,我们的用户将得到带有 ROMAD 的 Token 作为奖励。这将成就一个双赢的局面,网络安全行业获得了包含世界各地真实恶意软件案例的公共数据库,而终端用户则得到了 ROMAD 的 Token。

The first application scenario is combating the viruses. The patented
technology is at the heart of ROMAD Endpoint Defense. The B2C version will be
promoted via ‘mining by sharing attack information'. Our users will be
rewarded with ROMAD tokens when our software successfully repels the malware
attack. This creates a win-win situation where the cyber-security industry
gets the public database that contains the real malware cases all over the
world and the end users are rewarded with ROMAD tokens.

第二个应用程序场景则范围更加庞大:“个性化”的广告正在统治世界,它们无孔不入,在谷歌上,在 Twitter 上。每个人都希望拥有尽可能多的用户数据。ROMAD 允许用户根据自己的意愿去分析自己的数据,从而开创了革命性的改变。ROMAD 创建了一个大型企业与普通用户进行数据交换的平台,用你自己的数据去换代币。这是你的数据,你拥有它,你可以去交易。

The second application scenario goes even beyond that. Targeted ads rule the
world. Google uses it. Twitter uses it. Everybody wants to have as much user’s
data as possible. ROMAD creates the revolutionary step by allowing the users
to trade their own data at their own will. ROMAD creates a platform where the
big enterprises meet with the regular users for the data exchange. Trade your
own data for the tokens. This is your data. You own it. You trade it.

亲爱的 Sunny,我已经强调了我们计划在 2019 年实施的两个最重要的步骤。每个步骤都将改变行业的格局。

Dear Sunny, I have underlined the two most important steps we plan to have in
2019. Each of them is going to change the landscape of the industry.

__Sunny:____我知道你今天在这里要发表重大声明。 这个大惊喜是什么?

I know you are here today to make a big announcement for the first time. What
is this big surprise?

**Hrytsan**
我已经向您介绍了我们将在 2019 年实现的两个主要步骤。它们需要快速便捷的支付方式。
ROMAD 正在创建桌面数字货币钱包以支持其自己的通证生态系统。这将是一个具有独特功能的冷钱包 - 主动防御病毒的攻击。 借助我们的专利技术,这是可以实现的。

I have described you the two major steps we are going to have in 2019. They
require a fast and convenient way to pay. I have described you the two major
steps we are going to have in 2019. They require a fast and convenient way to
pay. ROMAD is creating the desktop cryptowallet to support its own token
ecosystem.This will be a cold wallet with the unique feature – the protection
from the viruses. This becomes possible with the help of our patented
technology.

80%的 ICO 问题都是人为的。 由于恶意软件因素,70%的人为的问题正在发生。
ROMAD 是一个独特的技术,它主动为其数字货币钱包提供对不同病毒家族的全面保护。创建主动防御病毒攻击的数字货币钱包很不错,但现代市场需要更多功能。
这些是我们计划推出的主要两项:BTC,ETH,XLM,XRP,LTC 等的交换以及与美元和欧元的兑换。

80% of the ICO problems are human related. 70% of the human related problems
are happening because of the malware factor. ROMAD is a unique player, which
proactively provides a full protection from different families of viruses for
its cryptowallet. Creating the virus-protected cryptowallet is nice, however
the modern market wants more features. These are the main two we are planning
to introduce: atomic swaps for BTC, ETH, XLM, XRP, LTC and so on and the
ability to operate with USD and EUR.

__Sunny:____感谢您抽出时间与我们分享您的项目。
接下来,是自由提问环节,欢迎大家踊跃参与,将由 Blair 来主持。

Vladimir, thank you for taking your time to share your project with us thus
far. Next, I'd like to open up a free form Q&A; session for everyone to
participate, and will pass it on to Blair to host this portion of the session.

-
-

持人

****499 小姐姐

**** Hrytsan

____Blair:____
之前个人介绍里提到,你在研究生期间学生物化学。是什么让你转行到 IT 领域的呀?

As mentioned in your introduction, you majored in biochemistry during graduate
school. I’m curious what makes you turned your research direction into IT
field?

****Hrytsa******_**
**n:**_**我在大学的第三门课上学习了汇编编程语言。 我在加拿大多伦多主攻生物信息学。
我们有一个旨在为人造细胞进行模拟的项目。 所以这是我从纯生物到生物信息学的第一步。随着时间的推移,我意识到比起生物我更喜欢 IT。
所以对我来说 IT 才是我的宿命。现在,IT 中发生了许多有趣的事情。 Cybersec,区块链,fintech,大数据和人工智能。
我们生活在一个非常有趣的时代。

I have learned the assembly programming language on the 3rd course at the
University. I was doing bioinformatics in Canada, Toronto. We had a project
aiming for doing the simulations for the artificial cell. So this was my first
step from pure bio to bioinformatics. As time passed by, I realized I love IT
more than bio. So it was more of an IT for me later on. Right now there are so
many interesting things happening in IT. Cybersec, blockchain, fintech. Big
data and artificial intelligence. We are living in a very interesting time.

____Nancy:____
所谓恶意程序 DNA 就是文件 hash 吗?

**********

****Hrytsan******_**
****_**DNA 是我过去从生物学中得到的概念。
DNA 是你无法改变的。所以当我说“重点放在 DNA”时,这意味着我坚持一些不会改变的东西。您可以轻松更改文件哈希值。
只需添加几个字节,boom,哈希就改变了。但是,您无法轻松更改行为。
回想一句话:“如果它像狗一样走路,如果它像狗一样吠叫,它就是一条狗”。因此,当我说“恶意软件的 DNA”时,我实际上是指恶意软件的行为。
恶意软件无法改变的东西。 勒索软件必须加密文件。 垃圾邮件特洛伊木马必须发送垃圾邮件。 他们就是这样设计的。

DNA is from by bio past. DNA is something that you cannot change. At least
easily So when I say "stick to the DNA" it means that I stick to something
that you cannot change. You can easily change the file hash. Just add a couple
of bytes, boom, the hash has changed. However you cannot change the behavior
easily. Recall a saying: "If it walks like a dog, If it barks like a dog, It
is a dog". So when I say the "malware's DNA" I effectively mean the malware
behavior. Something that malware cannot change. The ransomware has to encrypt
the files. The spam Trojan has to send spam. This is what they were designed
for.

____Sunny:____
那感谢 Vladimir 抽出时间与我们分享你对网络安全世界的所有深刻见解。我们对 ROMAD 的潜力和它将给我们社会带来的价值感到激动。

Thank you Vladimir for taking your time to share with us all of your
insightful perspectives into the cybersecurity world. We're thrilled about the
potential of your project and the value you will bring to our society.

**********

****Hrytsan******_**
****_**谢谢大家的参与! 我很高兴来到这里。 祝大家好运,我会想办法为大家拿到折扣!

Thank you everyone for your time! It was a pleasure for me being here. I wish
everyone good luck and I will think how to please you with the special
discounts!



499资讯站

快讯

499人物访谈

热门文章

行业活动

499加油站

499社群

499社群简介

499社群名称

加入条件

499榜单

行情热搜榜

交易所榜单

排行榜

关于我们

499简介

联系方式

请扫描二维码
关注我们

Copyright © 2019 版权所有