Security Information |
|
Desktop Security Software Risks - Part 1
This is the second in a series of articles highlighting reasons why we need a new model for anti-virus and security solutions. Reason #2: the Desktop Security Software Risks The risks of placing software on the desktop are such that I will be breaking this article into two parts. Fundamentally we think of having software on our desktops as a good thing. I love downloading or installing new packages and seeing what new creative things people do to the user interface or what they do to make certain aspects of my life easier or more fun. But there are problems inherent with software that resides on the desktop, especially security software. All developers will know what I mean. First and foremost, desktop software can be reverse engineered. What's that mean? Have you ever inadvertently double-clicked on a file and had garbage show up or seen something that looks similar to this? http://www.checkinmyemail.com/Articles/image001.jpg The old hex dump. Programmers will know it well. We actually spend a good deal of time trying to read this stuff. Basically, if there are programs that can (and do) turn instructions like the following If UserBirthDate < "01/01/1960" then IsReallyOld = "Yes Else IsReallyOld = "No" End If into something like the picture above, then the reverse is true: people have developed software that can take that gobbeldy-gook in the picture above and turn it somewhat into the if-statement I wrote out. The reversing software won't know that I had an item called UserBirthDate, but it will know I was testing for a value of January 1, 1960 and it will be able to say that based on that value I set another item to Yes or No. So now we install our fool-proof anti-virus software on our desktop (or our firewall for that matter). Well, so too can a virus author. And that virus author or hacker will also have gotten a copy of the latest reverse-engineering software from his local hacking site. He now goes upon his task of reverse-engineering the software and then trying to decipher the results. It's not easy but it can be done. Unfortunately, vendors know this and understand this as an acceptable risk. The problem here is that your security software is at risk. If your vendor codes an error, the virus author can and will detect it. For example, if your vendor should exclude a file from scanning, it's possible the virus author will figure out which file (or type of file) that is and bury his code there. If the vendor excludes files from scanning or heuristics, it's possible that virus author will figure out a way to corrupt that file. That being said, there are other risks. As we have said, once software is on the desktop it affords virus authors an opportunity to reverse-engineer security software. The knowledge that reverse-engineering provides is invaluable to a virus author when building his next software attack. Third, virus authors can learn where the anti-virus vendors put there software and put the links to their software (directory folders, registry entries, etc.). This too is invaluable information. In fact, in some ways it teaches people intent on writing malicious software clues as to how to infiltrate the computers' operating system, where registry entries need to be made to force software to be loaded every time a computer is started, etc. This information is generally available all over the web and in manuals for operating systems, especially manuals on such subjects as the Windows Registry. But having the software teach you where things belong to be effective is powerful knowledge. Lastly, and perhaps most significantly, is the issue of forebearance. The anti-virus vendors usually know more about the potential exploits inherent in programs than virus authors but they are bound by the fact that should they try to prevent them before the exploits occur, they could be branded as irresponsible for teaching virus authors about these very exploits. For example, when Microsoft first released the macro capabilities of Word, anti-virus vendors immediately realized the potential for danger in macros, but they were handcuffed. If they released software that disabled macros before the first macro virus was ever released, they would signal to virus authors the inherent destructive powers of macros. They chose instead to wait, handcuffed by the limitations of desktop software. Until the Internet there really has been no better medium for delivering virus solutions than desktop software. It was relatively inexpensive to deploy (either market the software and sell it in stores or provide free downloads on bulletin boards and web sites). It is, however, expensive to keep updated in terms of time and effort, even with automated update systems. The Internet caused several things to happen: by becoming a powerful medium for sharing files, whole families of viruses disappeared practically overnight (boot sector viruses, for example); by becoming the option of choice for sharing files, it was easier to infect a single file and have thousands download it. A better solution is to place the security software in an offsite appliance of its own making. All Internet, intranet, networking connections flow through the appliance. Selling off the shelf hardware appliances with built-in security software is better than a desktop software solution but it still suffers -to a lesser extent- from the pratfalls that desktop software falls prey to. Even better is to create a service that a 3rd party vendor manages in a secure environment. In such an instance both the software and the hardware are away from the prying eyes of the malicious software authors. This further reduces the opportunity for malicious authors to discover the tricks and techniques employed by the security vendors to protect you. About The Author Tim Klemmer Tim Klemmer has spent the better part of 12 years designing and perfecting the first true patented behavior-based solution to malicious software.
MORE RESOURCES: US State Department issues worldwide security alert due to potential for attacks on LGBTQ people and events KCCI Des Moines 'Blow the whistle': Indiana's top election official spends $35k on security guide mailings • Indiana Capital Chronicle Indiana Capital Chronicle Violence in New Caledonia subsides slightly as France sends reinforcements for security The Associated Press Canada security intelligence chief warns China can use TikTok to spy on users, CBC reports Reuters.com House Passes Israel Security Assistance Support Act | House Committee on Appropriations - Republicans House Appropriations Israel Resists Grand Bargain as U.S. and Saudis Work on Security Pact The New York Times International Community Meets to Discuss the Future of Nuclear Security International Atomic Energy Agency U.S.-Ukraine Security Entanglement Risks Forever War The American Conservative Security Alert: Worldwide Caution - U.S. Embassy & Consulates in Indonesia US Embassy and Consulates in Indonesia Palo Alto Networks and IBM to Jointly Provide AI-powered Security Offerings; IBM to Deliver Security Consulting ... IBM Newsroom Now armed with AI, America's adversaries will try to influence election, security officials warn The Associated Press Women are worried about their financial security. That may affect the 2024 presidential election CNBC Sean 'Diddy' Combs Allegedly Paid $50K to Obtain Hotel Security Footage of Cassie Assault: Lawsuit PEOPLE Nuclear security through the eyes of the Co-Presidents of ICONS 2024 International Atomic Energy Agency Security video appears to show Sean 'Diddy' Combs beating singer Cassie in hotel hallway in 2016 Washington Times Appropriators Lead Israel Security Assistance Support Act | House Committee on Appropriations - Republicans House Appropriations IBM Selling Cloud Security Software to Palo Alto Networks in Broader Cyber Strategy Shift The Wall Street Journal Security footage calls into question Anchorage police account of fatal shooting Alaska Public Media News Security Council Secretary: ‘Not an Inch of Armenian Land Ceded to Azerbaijan’ Armenian News by MassisPost TikTok is a threat to Canadians' data security, CSIS chief warns Bennington Banner Canada Releases Defense Policy Update to Boost Security Department of Defense NATO and Economic Security: A Political Oxymoron or Inevitability? CSIS | Center for Strategic and International Studies Amazon security guard tries to kill unsuspecting boss before he's shot dead in gunfight with police: 'He almost executed me' New York Post Identity Management and Information Security News for the Week of May 17; Exabeam, Saviynt, VAST Data, and More Solutions Review Fox News Poll: Abortion, economy, and border security are top deal-breakers in 2024 elections Fox News New Survey Finds a Paradox of Confidence in Software Supply Chain Security Security Boulevard Putin has ditched his paranoid security chief. Here are 5 of the wackiest things Nikolai Patrushev has said. POLITICO Europe See cops working security at Tacoma grocery stores? Here’s why and what policies allow Tacoma News Tribune OWASP dep-scan: Open-source security and risk audit tool Help Net Security Opinion | Is TikTok Chinese ownership a U.S. national security issue? Come on. - The Washington Post Opinion | Is TikTok Chinese ownership a U.S. national security issue? Come on. The Washington Post EXCLUSIVE: Two students uncover security bug that could let millions do their laundry for free TechCrunch Endpoint Security and Network Monitoring News for the Week of May 17; Alkira, Preamble, c/side, and More Solutions Review Diddy Physically Assaults Cassie in Never-Before-Seen Hotel Footage Entertainment Tonight UN sexual violence envoy pulls out of Security Council briefing on Hamas hostages The Times of Israel RSA Conference 2024: AI and the Future Of Security Security Boulevard The New U.S. Strategy on Global Health Security Think Global Health Multnomah County Signs $40 Million Contract for Armed and Unarmed Security at County Facilities, Including Public ... Willamette Week An inspector general warned the Justice Department of gaps in its security clearance appeals process Government Executive Fintech giant Flutterwave loses ₦11 billion to security breach Business Insider Africa PKI-Based Passkeys Lead The Way For A Passwordless Future Security Boulevard 7 months since Oct 7, UN Security Council holds first meeting entirely dedicated to Israeli hostages in Gaza All Israel News FCC proposes BGP security measures Network World May 17: IDF fighter jet carries out rare strike on target in West Bank city of Jenin The Times of Israel Votiro Keeps Up the Momentum in 2024 Security Boulevard The Best Home Security Systems of 2024 Security.org The situation concerning Iraq - Security Council, 9628th meeting Welcome to the United Nations JLOTS, an obscure Army-Navy capability, arrives in Gaza NavyTimes.com 'Abnormal' security video, Google Drive led to Stephan Sterns' arrest in Madeline Soto case, documents show WKMG News 6 & ClickOrlando Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds Security Boulevard Making Safety and Security Intrinsic to School Design Campus Security Today Cybersecurity Insights with Contrast CISO David Lindner | 5/17/24 Security Boulevard The Dell API Breach: It could have been prevented Security Boulevard Yemeni security forces deploy in Aden as anger simmers over lengthy power outages The Associated Press U.S. Security Cooperation with Ukraine - United States Department of State Department of State Belgium cuts off ticket sales for soccer match against Israel over ‘security concerns’ The Times of Israel |
RELATED ARTICLES
Three-pronged Trojan Attack Threatens Security on the Internet Glieder (Win32.Glieder. Protecting Your Children On The Internet If you are a parent, as am I, I think we can agree there is little else more important than keeping our children safe and protected. It's difficult enough keeping them safe from the unscrupulous people we read about in the news, but dealing with children and the Internet takes it to a completely new level. Phishing - A High Tech Identity Theft With A Low Tech Solution Have you ever got an email asking you to confirm your account information from a bank or a company that you have never done business with? The email looks official and it even has a link that appears to take you to the company's website. The email you have received is actually from an identity thief. Reclaim Your PC from the Internet Spies Viruses are, however, not the only malicious software programs out there. The newest addition to the evil software family is the so called Spywares and a good anti-virus program or firewall is not enough to safeguard against these clever programs. Wireless Network Security Working from home has its advantages, including no commute, a more flexible work schedule and fresh coffee and home-cooked meals whenever you want.But working from home while using a wireless local area network (WLAN) may lead to theft of sensitive information and hacker or virus infiltration unless proper measures are taken. Message Board Security Problems Security leaks can be a big problem for any site using a message board. Hackers can actually use your message board to go in and change things on your site. Make Money Online - Defend Against The Latest Scam First, let's do a little recap'. As I stated in the first part of the article, "Make Money Online - The Latest Scam Disclosed", "refund policy scammers" affect the websites that make money online by selling digital products by buying the product and asking for refunds, while keeping the product. Top Spyware Removers Considerations Only the top spyware removers are successful at detecting and removing spyware and adware from your computer. You should look for complete protection against these threats: spyware, adware, keyloggers browser hijackers and Remote Access Trojans. Criminals are Fishing For Your Identity What is Phishing? In a typical Phishing attack, a criminal will send you an email which appears to be from a well known company, bank or government agency. The email will direct you to click on a link which directs you to a Website or pop-up box that looks like the company's or organization's legitimate site. 3 Pervasive Phishing Scams Scams involving email continue to plague consumers across America, indeed the world. These so called "phishing" scams involve "spoofed" emails meant to draw the unwary to bogus internet sites masquerading as legitimate sites. Network Security 101 As more people are logging onto the Internet everyday, Network Security becomes a larger issue. In the United States, identity theft and computer fraud are among the fastest rising crimes. Just Whos Computer is this Anyway? Well, this is an article I never thought I would have to write. Computer ownership was just not something I thought people would get confused over but, after overhearing a number of conversations last week from my co-workers, I realized that quite a few people just don't know how cut and dry this topic is. Is My PC Vulnerable on the Internet? No longer are viruses the only threat on the internet. In recent years other threats have evolved which include spyware, adware, hacking, identity theft, information theft, pop-ups and the loss of information. Remove Rogue Desktop Icons Created By Spyware If you have used a Windows machine for a while, whether it's Windows XP, Windows 2000, or Windows 98, you're sure to have noticed desktop icons appearing from out of nowhere. How can icons mysteriously emerge on your Windows desktop?1. Phishing: An Interesting Twist On A Common Scam After Two Security Assessments I Must Be Secure, Right?---------------------------------------Imagine you are the CIO of a national financial institution and you've recently deployed a state of the art online transaction service for your customers. To make sure your company's network perimeter is secure, you executed two external security assessments and penetration tests. Is the Internet Insecure Because of You? Long gone are the days that we could feel secure and know for certain that we had privacy. With the digital age upon us we can no longer be so sure that our privacy is secure. Corporate Security for Your Home Business The words Corporate Security may conjure up images of a group of techies working in a wire-filled basement room of Microsoft or HP, combating hackers and terrorists online using words like algorithm and encryption. If you own your own business, do not allow yourself to think that security is only for big corporations. The Importance of Protecting Your PC from Viruses and Spam Today the internet is a mine field of malicious code looking to harm your computer. Hackers want to have access to your PC for both fun and profit. What Can Be Done About Spyware And Adware Having a good Spyware eliminator on your computer is vital now a days with all of the different Spyware, Adware, and other malicious computer parasites that are out there. Most of them are reasonably priced and very easy to use. Web Browsing - Collected Information You may not realize it, but as you are surfing the web all sorts of details are being left behind about your computer and where you have been. Most of this information is used harmlessly in website statistics, but it could also be used to profile you, or identify you as a vulnerable target for an exploit. |
home | site map |
© 2006 |