Sunday 10th December, 2006
It's still happening
Rob, May 2015
This sort of thing seems to happen alot recently. Remember the Sony rootkit scandal? I'm sure Sony wish you wouldn't. Sony's reaction was interesting, they initially acted as though they had the right to install the rootkit on their customer's PCs. Thomas Hesse, Sony BMG's president of global digital business, was outrageously quoted as saying:
Most people don't even know what a rootkit is, so why should they care about it?
ComScore, the company involved in this particular incident, claim they would never install software without permission, and it does appear that it is being installed by third parties. The risk is that the software takes screenshots of every Web page viewed by its 1 million participants, even transactions completed in secure sessions, like online banking, or shopping.
It's not a safe world for Windows users, when even 'legitimate' software is proving invasive.
Wednesday 29th November, 2006
The Security Absurdity website is still around, but none of the links in the article seem to work.
Rob. April 2015.
The first link above is a very interesting and insightful article about the
current state of computer security. I thoroughly
advise anyone who uses a computer, whether you are an individual PC user
or the IT director of a company, to read this article.
The article assesses the risks, covering spyware, phishing,
trojans, viruses, worms, rootkits, spam, botnets, web vulnerabilities,
denial-of-service attacks, active-x weaknesses, passwords, patch management,
wireless networks, internal attacks, and more.
There is then an analysis of why these problems exist.
The second link above is a follow-up article continues on the same theme,
but focuses more on possible solutions.
Saturday 21st October, 2006
A malware researcher has discovered a trojan which eliminates potential competitors (for bandwidth) by installing and running a modified anti-virus software package. The rival trojans/viruses are tagged for removal on the next reboot. The anti-virus software has been modified to ignore the trojan which installed it.
The SpamThru trojan is used to send spam about stocks and shares. Personally, I have noticed a large increase in this sort of spam recently.
Thursday 19th October, 2006
Thanks to Edward Snowden, it is starting to become apparent that almost all governments have a blatant disregard for their citizens' privacy.
Rob. March 2015.
Do you know what's running on your system? The Swiss government are mulling over plans to surreptitiously install trojans onto people's PCs so that they can monitor VOIP transmissions. A trojan is a hidden program running on your computer without your knowledge.
The application, essentially a piece of Trojan code, is also able to turn on the microphone on the target PC and monitor not just VoIP conversations, but also any other ambient audio.
The company claims that the software is able to skirt round any firewalls and evade detection by any antivirus applications already installed on the target machine.
Those claims in the second quote are a bit broad, and certainly not sustainable for the future. The worrying thing is, if the Swiss government is proposing it, what other governments are thinking about it?
The thing about proprietary software is that if a government decides it wants a way in, it's hard for a company, even one like Microsoft, to refuse. Think of the benefits they could gain if a government, wishing to monitor its citizens, decided to actively promote (or decree) the use of software from a single, controllable entity.
With Open Source software, all those little backdoors become visible. Even if you're not a programmer, they become visible to thousands of others who are, and who are conscientious, and who will talk. You still have a choice, for now.
Wednesday 18th October, 2006
There have been many reports of this exploit. Rapid 7 seems to have announced this first on Monday 16th October, and story was rapidly taken up by Slashdot and Kerneltrap. The Rapid7 report goes on to state:
This bug can be exploited both locally or remotely (via a remote X client or an X client which visits a malicious web page).
The worry concerning this particular exploit seems to have been exacerbated by several factors: