Tag Archives: security

One rootkit to rule us all…

Posted on by
Reply

It’s a good thing that the EFF has waded into the battle against Carrier IQ – the weaselly company that makes even Smeagle of LOTR fame seem upright and forthcoming.

You can catch up on carriergate here, or if you are averse to long passages of reading you can also look at a summary here: Schneier on Security… and then after all that you too can ponder on how relatively calm the people with the most to lose are being.

Update: watch vid of US Senator Al Franken quizzing an FBI pointy-haired about its use of CarrierIQ data. The answer is just… well, preciousssss. Vid after the jump: Continue reading

virulent clouds: crimeware-as-a-service

Posted on by
Reply

virulent-cloudsAnother telling example of how the battle continues to rage between regular apps and… well, not-so-regular apps. The one-upmanship continues into the stratospheric realms of computing:

http://malwareint.blogspot.com/2010/01/crimeware-as-service-and-antivirus.html

And it makes sense, doesn’t it? Line up the current vanguard of antivir sniffer dogs in the cloud, toss up evil binaries to see which sniffers pick up the scent. Modify as needed, rinse and repeat. And then spray the net with the results. What *I* want to understand is why baddies run with technology that much faster, while the rest of us sheeples can’t even coordinate our defences in a similar manner.

Of course, a malware creator has really only one thing to look after, where as we have the entire suite of apps, systems and subsystems that make up our personal (or business) machines, to look after.  Sounds a lot similar to the human body’s neverending battle with diseases induced by single-minded – not to mention simple – enemies, actually.

Malicious engineering

Posted on by
Reply

mal-engQuivering there in the shadows of an axed registry, lying low, this little app has to hide itself, feed itself, load itself, talk to its owners behind your back and pretend to be YOU whenever you visit the bank. The rest of the time it stealthily marks the passage of opportunity, with phone-home events from the heated insides of your ‘puter… Continue reading

Net anonimity schmanonimity

Posted on by
Reply

Clicktale, crazyegg, userfly. Suppose I asked you to Google those and then come back.

If I had those sorts of things installed on my pages, I could tell who among you did indeed go and look, and whom amongst you bothered to come back at all, and how long you lingered thereafter.

And if I had forms on any of these pages I could peep over your shoulder and watch you filling in each field, with what amounts to a keystroke logger that I wouldn’t even have had to write from scratch. Continue reading