"For Your Protection"

There are just some things that a person can hear, that should stir the natural instinct in humans to just RUN. Run like you just heard your wife say “lets play our new Andy Griffith Christmas CD”. Maybe it was a redneck yelling “hold my beer and watch this sh%@! (Ok, run first then watch from a safe distance). Two of my favorite saying's are “It's for the children” or “In the name of safety”.  You will hear me “chimpin” about those two phrases quite often. Sorry parents, I just don’t feel every kid should be forced to wear an ET shaped helmet to ride a bike “in the name of safety”. I also don’t feel that city officials that failed to balance the check book and spend the sales tax money on schools the first time around should get more money to blow because “Its for the children”. I think that I am going to have to add another phrase to my list. Tonight, I heard “For your protection” used to entice me to give up every bit of personal information I have, in order to have the privilege of buying a $60 bed frame. This was not an elaborate $3000 bed where it would behoove me to leave my name and number for warranty information. Nope, this was for the privilege of buying your very basic bed frame. The following is a list of information, that this nationally recognized mattress company asked me for.

1) Name

2) Address

3) Phone

4) Drivers License Number! What the ......

I looked at the salesman and told him that there was no way that I was giving him my personal information to buy this $60 bed frame. I wasn’t paying with a check, and when he asked for my Driver License, I nearly jumped over the counter. It was at this point that he told me that providing him with my driver’s license number was “FOR MY PROTECTION”. I wondered if my response that flashed quickly through my head qualifies as self-defense. Anyway, It was convenient for me to purchase the product here, rather than to deal with the rush hour traffic. I decided to lecture him about the importance of every American truly protecting their personal information, by not providing it in the first place. He swore that the information would not go into a database, as I watched his hands on the keys ready to type any shred of information that I provided, into a window that looked suspiciously like a mainframe session. He finally gave in, and even provided me with some information. He said that he would sell me the bed frame without collecting any information, and that I was in the 1% of people that was not willing to give him their drivers license number or personally identifiable information. I didn’t doubt this information, as it was probably the first truth that came out of his mouth.

PEOPLE. PLEASE, Protect your freedom and your personal information, as they were your children. For once they are gone, it is very hard to get them back, if ever.

The BLOG Phenomenon

Like others at myITforum, I “TIVO me some shows”. I “tivoed” (I expect it to be added to websters dictionary, possibly next to chimpin', though I dont get that.) The DailyShow with Jon Stewart. They ran a segment on bloging to make fun of the mainstream media. You have got to see this, I was ROFL. After a quick “Google” (eliphino, may already be in websters dictionary), OK, it was actually a Dogpile (Which will probably not be in websters dictionary), (Is that a big o nuff run on sentance for ya), wit out further ado, I found this video. P.S. Rid your mouth of any soda before watching the clip.

Are global virus outbreaks a thing of the past?

http://news.zdnet.co.uk/internet/security/0,39020375,39199961,00.htm

 The words “follow the money” are echoing in my head. Generally speaking, you can follow the money trail to get to the source of crime, deception, lies, fraud, theft, and just about everything else related to negative karma. Many experts have noticed an increase in the number of bot networks, a trend that is not likely to end soon.

“Kaspersky Labs has warned that malware authors have worked out that there is more money to be made from causing many low-key virus infestations than single, massive outbreaks”

While I don’t think that the global virus outbreaks are dead just yet, I have to say that I think following the money will identify new trends and the future direction of malware. Sure, there will always be pranksters and virus writing groups that are willing to create havoc for free. (Side note – Maybe naming conventions will have a profit and non–profit designator like nastyvirus@MM.NP)

All joking aside, what do you think? Are global virus outbreaks a thing of the past?

Great article on the witty worm

http://www.securityfocus.com/news/11235?ref=rss

Here ya go Rod, a chance to rant on eEye ; )

New Attack Can Recover AES Keys

I just caught this article. It seems like it would take a pretty sophisticated attacker, but it is definately something to keep in mind for OpenSSL implementations.

Microsoft Windows Genuine Activation Cracked

http://www.virus.org/modules.php?op=modload&name=News&file=article&sid=107

Proof of concept can be found here

Sober.p virus poised to attack 23MAY05?

http://nwc.personaltechpipeline.com/showArticle.jhtml?articleID=163106233

I don’t get too hyped up when the end of the world is predicted, but there is a very interesting point to note about this one. Machines infected with the Sober.P virus are set to download new code on Monday. In the past, viruses would normally contain specific URL's or IP Addresses in the code. In most cases, authorities are able to take the servers offline before the new code is downloaded. The Sober.P virus uses an algorithm to dynamically create random URL’s in order to download the new code. This will allow the author to seed the server well in advance of the attack. The cat and mouse game continues…..

Article: Microsoft looks to "monkeys" to find Web threats

http://www.securityfocus.com/news/11178?ref=rss

“Researchers at Microsoft are creating their own version of a million monkeys to crawl the Internet looking for threats in an effort to secure the Web for Windows.”

 I assumed that this was already being done by AV companies, although I never thought to verify that it was indeed being done. Reguardless of my ignorance, its a good idea and should help Microsoft improve security for their products. The security initiatives that Microsft is working on today, will lead to better products in the future.

ARTICLE: MasterCard Shuts Down 1,400 Phishing Sites

http://www.informationweek.com/story/showArticle.jhtml?articleID=163100641

The growth in the number of phishing sites per month is what caught my attention. 26% by month is staggering. A while ago, I tried to think of ways to educate consumers on  safe practices of protecting personal information. Two of the ideas that I thought of, are warnings in credit card statements and banner notifications at ATM'S. It wasnt long after this brainstorming session that I used a Suntrust ATM and saw such a banner ad. It had a warning message and referred to www.suntrust.com/alert . With this kind of growth in phishing sites, we need to take many more measures to educate consumers about phishing threats.

You can find information to help protect yourself or others against phishing scams here.

Microsoft Antivirus Press release

Bill Gates: Cellphone will beat iPod

http://money.cnn.com/2005/05/12/technology/personaltech/gates_cellphones.reut/index.htm?cnn=yes

CNN has a poll on their main site asking the question “Will mobile phones overtake portable MP3 players as the primary way of listening to music?”  Not that I beleive the primary way of listening music is MP3 players.

Its neck and neck at this point.

Rod isnt the only successful one!

Microsoft Security Updates 10MAY05

Microsoft Security Bulletin MS05-024

Vulnerability in Web View Could Allow Remote Code Execution (894320)

Summary

http://www.microsoft.com/technet/security/bulletin/MS05-024.mspx

Light month, enjoy.

Stopping viruses at the source

I attended a Microsoft Event not too long ago. The topic was outside my normal scope of things, but it is sometimes fun to sit in on a topic that you have little experience in. While sitting in on the event, I was watching the techniques used in programming and the marbles began to roll around in my head. Why don’t we have an antivirus plug-in for Visual Studio that scans for potential vulnerabilities as the code is compiled?  MS04-028 affected not just Microsoft applications, but any application that used the vulnerable gdiplus.dll file. It seems that if programmers had a plug-in that alerted them when they were using a vulnerable file such as the gdiplus.dll, then that would be a comprehensive antivirus package. We often fight viruses at gateways and any potential avenues of infection, but seldom at the programming level. We all know that security awareness education for programmers would help considerably to counter bad programming techniques, but when the programmer is deep in thought on how to make an application work, I am sure security takes a second place to innovation and functionality. I think that programmers would gain a heightened sense of awareness should they get an alert when they are trying to compile vulnerable code. As I was downloading a free tool from Foundstone that I frequently use, I ran across their new .NET security toolkit. It is the closest thing that I have seen that compared to the product that I envisioned.

Maybe you know of some other tools available that could be used to help programmers secure their code. I would love to hear about them. Hopefully in the future we can stop software vulnerability’s where it counts, at the source.

Virus writer appreciates Symantec

“Please, Symantec stop doing definitions for my worm. I'm trying to fight Mydoom and Beagle!! And I appriciate your work!!“