antiworm

The recent article Does open source encourage rootkits? [NetworkWorld] discusses a McAfee report, "Rootkits", in which McAfee lays the blame for rootkits at the door of the open source community by name, security researchers by implication, and unwittingly at the very doorstep of information sharing -- books, libraries, and printed material. The report was issued due to a large jump in the number of rootkits they detected (nine times as many this quarter as the year ago quarter - a dramatic increase). They specifically blame rootkit.com . The unstated basis for their argument is a classic tension between open sharing of information about security vulnerabilities on the one hand and secret cabals of security research on the other. McAfee is clearly coming down for the "keep it secret to be safe" camp. Most independent security researchers reject this argument, because industry has a very long track record of totally ignoring security issues until they are made p...

The New York Times today features an interesting article today, " A Sinister Web Entraps Victims of Cybrerstalking " [annoying but free registration probably required]. The article does a nice job of describing the problem, but it doesn't say much about how to protect yourself. Unfortunately, it's pretty difficult.

You should never throw out any piece of paper with any contact information on it. Any such papers should be shredded, rather than tossed out. In particular, never throw out credit card statements, always shred them, preferably in a cross-cut shredder. If you are not taking the risk of identity theft seriously, this article on " The Torn Up Credit Card Application " should strike an appropriate amount of fear, just enough to convince you to buy a small home-office shredder. Technorati Tags: identity theft

The breeding ground for the computer virus will be expanding continually and rapidly over the next decade as appliances, automobiles, and all manner of other things become equipped with wireless networking and miniature computers. Cell phone and similar networks may enable worms to leap between devices over long distances and other networks over short distances. Researchers have recently demonstrated that RFID tags may be vulnerable next. Articles on the topic: RFID worm created in the lab [NewScientist.com] Viruses leap to smart radio tags [BBC.co.uk] RFID tags could carry computer viruses [SecurityFocus.com] The details for the curious: RFID Viruses and Worms The AntiVirus paradigm that we [the IT community and industry] have foisted upon PC users is already breaking down under the strain of too many virus variants and too many non-technical PC users. The paradigm probably won't work at all for cell phones and the paradigm is completely broken for the typical RFID devic...

False positives are the bane of AntiVirus and IDS/IPS systems. On the one hand, hundreds and even thousands of new threats are released each week, where they must be discovered, submitted to vendors, analyzed by vendors, definitions, signature files or heuristic algorithms must be tweaked, tested, released to customers, and finally deployed to customer systems. All of this must be done in as short a time as possible, since the threats often spread in minutes and hours. AntiVirus signatures are often available within two days from the first appearance of a threat on the network. Polymorphic techniques, even simple ones like automatically generating dozens or more variants at the threat's compile time, are becoming more common making it more difficult for AntiVirus vendors to keep up with the expanding threat pool every year. Today we learned that an error in a signature file caused the McAfee AntiVirus system to delete good files from production systems. This unfortunate acciden...

I noticed this tidbit from a Gartner researcher quoted in a story about the recently disclosed PIN theft. PIN Scandal "Worst Hack Ever;" Citibank Only The Start "That's the irony, the PIN was supposed to make debit cards secure," Litan said. "Up until this breach, everyone thought ATMS and PINs could never be compromised."    - Avivah Litan, Gartner I wish the reporter or Gartner researchers would have checked with me or someone else who has direct experience auditing software systems. I've been warning my clients for years about the security exposure from data retention for e-commerce and credit card transaction systems and I know a number of other security professionals who've been doing the same. In fact, given the number of thefts of credit card data stolen from 3rd party web sites that have occurred in recent years it's unlikely that this is the first PIN number theft to have occurred, counter to the implication in this story. I...

This whitepaper spoof was written a couple years ago. I tripped over it by accident, and was rewarded with health boosting laughter. Microsoft Windows: A lower Total Cost of 0wnership