Tag Archives: AVAR

2nd Security Blogger Summit

This is an interesting event (of which I only became aware yesterday – thanks, Julio!) taking place in Madrid on 4th February. See:

http://www.securitybloggersummit.com/ 

(It’s in Spanish, but there are plenty of translation tools around nowadays to help with that for non-Spanish speakers.)

Although Panda is organizing the event, the company is being scrupulous about keeping it vendor neutral, so I won’t be attending on this, unfortunately (it looks really interesting).

The thought did occur to me, though, that a forum where independent security bloggers, industry bloggers and the media could discuss issues and approaches would be a Good Thing: a sort of AMTSO for bloggers.

Randy Abrams and I put together  a paper for AVAR last year on “practical, strategic and ethical issues that arise when the security industry augments its marketing role by taking civic responsibility for the education of the community as a whole” that seems quite relevant to that thought.

http://preview.tinyurl.com/ylfu3e6

Maybe I need to revisit it.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

Advertisements

That’s it, I’m Out of Here…

John Ozimek of The Register has pointed out some issues around blogging, journalism and freedom of speech in an article called “It’s official: Blogging is a dangerous business”.
http://www.theregister.co.uk/2010/01/07/blogging_report/ 

He’s referring to a report published by Reporters Sans Frontieres at:
http://www.rsf.org/IMG/pdf/Bilan_2009_GB_BD.pdf
.

Of course, when you compare the figures for casualties of one sort or another for “real” journalists, the trend looks less dramatic (for instance, one blogger died in prison whereas 76 journalists are reported as having been killed). However, there is a distinct and alarming upward trend: nearly three times as many bloggers and “cyber-dissidents” were arrested in 2009: 151 as compared to 59 in 2008. Similarly, physical assaults on bloggers went up by 35%, and the number of countries affected by online censorship went up by 62%.

Fortunately for me, my geographical location and the nature of the work I do spares me most of those risks, though I suspect that there are one or two testers who wouldn’t mind slapping me round a bit. 😉

That’s not to say that there aren’t less dramatic risks to being a blogger, though: I pointed out some of them in an AVAR paper last year.
http://preview.tinyurl.com/ylfu3e6 

Still, compared to the 30 journalists killed in a single day in the Phillipines, the odd flame from other bloggers, commenters, and the occasional suit doesn’t seem to bad.

Which reminds me that we don’t seem to have any takers for AVIEN members to swell our blogger population so far. C’mon, live dangerously! 🙂

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

The Register: “Welcome to the out-of-control decade”

A disquieting article by Rik Myslewski that strikes some deep chords with me. :-/

“Waiting in the wings are corporate entities eager to exploit your personal information, and government agencies watching your every step.”

http://www.theregister.co.uk/2009/12/31/the_out_of_control_decade/

The issue of government monitoring spends a lot of time under the spotlight, of course, and so it should. (Craig Johnston and I considered some of the law-enforcement issues in an AVAR paper this year, but there’s much more to it than that, obviously.)

http://www.eset.com/download/whitepapers/Please_Police_Me.pdf

But I’m seriously concerned about the consequences of the increasing amount of personal data (good, bad, and purely mythical) available to anyone with a browser (or even a USB port). It’s an issue I’ve had occasion to think about several times recently, and I expect to return to it a lot more in the coming months. For instance:

http://www.eset.com/threat-center/blog/2009/12/14/que-sera-sera-%e2%80%93-a-buffet-of-predications-for-2010

http://www.eset.com/threat-center/blog/2009/12/14/your-data-and-your-credit-card

http://www.eset.com/threat-center/blog/2009/12/12/the-internet-book-of-the-dead

http://www.eset.com/threat-center/blog/2009/06/09/data-protection-not-a-priority

Also, this quote from the ESET Global Threat Trends report for December: “Criminals and legitimate businesses will mine data from a widening range of resources, exploiting interoperability between social networking providers. Sharing of data in the private sector will be an increasing threat until the need is accepted for more data protection regulation on similar lines to that seen in the public sector, especially in Europe.”

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

A Few Interesting Links

Nice commentary by Lysa Myers in SC Magazine. “Facebook’s new wrinkles must be understood”: 

 

 

Since this post is likely to find its way onto several twitter accounts and at least one Facebook page in the next few minutes, point taken. 🙂

Also, a paper drawn to my attention by Jose Nazario, with whom I’ve had animated discussions in the past about whether there’s any value in user education.

http://research.microsoft.com/en-us/um/people/cormac/papers/2009/SoLongAndNoThanks.pdf

Incidentally, I happen to think the answer  is yes, there is some value, and Randy Abrams and I put our point of view into an AVAR paper last year:

http://www.eset.com/download/whitepapers/People_Patching.pdf 

And a paper on botnets I hadn’t noticed before.  “ITU Botnet Mitigation Toolkit”: 

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

 

 

 

 

Lawyers in Love

One minute I was saying “…AMTSO in Prague next week…” and the next Prague was long gone, and so was AVAR in Kyoto. Hopefully, though, that was my last long trip for this year, and I’ll get into the habit of blogging regularly here. Well, I suppose once every blue moon is regular. 😉

This is a bit of a cheat, since I already blogged it for ESET, but I’m a believer in green blogging with lots of recycling. Juraj Malcho, head of ESET’s virus lab in Bratislava, did an excellent paper and presentation at VB 2009 on “Is there a lawyer in the lab?”: it’s about the complications that ensue when the authors of Possibly Unwanted Applications and other blahware try to tie up anti-malware companies in legal process for daring to detect it as Something Not Very Useful.

I think I may have just coined blahware: in this case, I’m referring not to those irritating Facebook applets that so many of my friends are addicted to, but to software which, if not actively malicious, is nevertheless of more value to its author than to anyone who’s misled into paying for it, and is distributed by semi-malicious channels such as spam or push-installations. I’d call it irrelevantware, but that’s not so catchy. And come to think of it, it probably does apply to most Facebook apps.

Anyway, the paper is at :

http://www.eset.com/download/whitepapers/Lawyer_in_the_lab.pdf,

The slide deck is at:

http://www.eset.com/download/whitepapers/is-there-a-lawyer-in-the-lab.pdf.

Well worth looking at, and we don’t ask you for your email address when you download them, either. 🙂

David Harley

The Kyoto Protocol

Over the next few days, many of the Anti-malware industry’s researchers will be gathered in Kyoto Japan, for the 12th Annual AVAR conference (http://www.aavar.org/avar2009/). Apart from being a beautiful place, in a wonderful country, I hope it will be an occasion for interesting discussion and the opening of new ideas. There are topics as wide as system virtualisation and cloud computing, packers and obfuscation, social networking and information security policy. Quite a few AVIEN members, including me and David Harley will be speaking at the conference. We’ll blog the best bits here 😉

Andrew Lee CISSP
AVIEN CEO