Thursday, February 24, 2011

SECURITY - It's Not Just Your PC Anymore

"Security to Ward Off Crime on Phones" by RIVA RICHMOND, New York Times 2/23/2011

Excerpt

More consumers are buying smartphones. So more criminals are taking aim at those devices.

Criminals still prefer PCs for stealing personal data, bank and credit card account numbers as well as for running frauds. However, most PC attacks focus on Microsoft’s decade-old Windows XP operating system, which is slowly being replaced by the more secure Windows 7. Over the next few years, hackers will have to find new targets.

With smartphones outselling PCs for the first time — 421 million of the hand-held computers are expected to be sold worldwide this year, according to market analysts at IDC — the long-predicted crime wave on hand-held devices appears to have arrived. According to the mobile-security firm Lookout, malware and spyware appeared on 9 out of 100 phones it scanned in May, more than twice the 4-in-100 rate in December 2009.

In fact, the most practical rule for protecting yourself is to start thinking of the smartphone as a PC.

Most malicious incidents on mobile devices involve bogus phone or text-message charges or rogue mobile applications, of which there are now more than 500 varieties, according to F-Secure, a Finnish security firm. All these ruses require users to take some kind of action, like clicking to accept or install a program, so caution while using mobile devices can prevent most problems. (However, experts warn that automated attacks are possible and could emerge in the future.)

Most attacks happen in Eastern Europe and China. An overwhelming number — 88 percent, according to F-Secure — have singled out devices running Nokia’s Symbian operating system. Symbian is the world’s most commonly used smartphone platform, but Nokia said this month that it would be replacing it over the next few years with Microsoft’s Windows Phone operating system.

Early attacks, like the Cabir and Commwarrior worms in 2004 and 2005, caused little damage. But since 2009, attacks have grown more menacing. In September, hackers trying to steal money from accounts at a Spanish bank installed malicious applications on Symbian devices when they synced to home PCs infected with a version of the ZeuS malware. The application enabled criminals to reply to security codes sent by the bank to validate cash transfers.

Such assaults could be a preview of what is to come for devices popular in the United States. Criminals have attacked phones running on Google’s Android, Research In Motion’s BlackBerry, Apple’s iPhone and Microsoft’s Windows Mobile operating system software, suggesting that more is ahead.

Tuesday, February 15, 2011

COMPUTERS - Watson Who?

"A: This Computer Could Defeat You at 'Jeopardy!' Q: What is Watson?"
PBS Newshour 2/14/2011

Excerpt from transcript for techies:

MILES O'BRIEN, Newshour science correspondent: That's David Ferrucci, Watson's proud papa.

DAVID FERRUCCI, Watson Project, IBM: So, you're looking at 10 racks of power 750. So, there's 10 racks. There's 90 what they call power 750 servers.

MILES O'BRIEN: He introduced me to his silicon progeny.

DAVID FERRUCCI: So, overall, there's about 2,880 cores in that system, about 15 terabytes of RAM.

MILES O'BRIEN: For those of us who don't have a doctorate in computer science, Watson is equivalent to about 6,000 high-end home computers. But the secret sauce is the software that gives Watson the ability to understand language like no computer ever has.

NOVA - Smartest Machine on Earth (full show)

Friday, February 11, 2011

SECURITY - NSS Labs Report

Anti-Virus Utilities will never stop all malware. It's a race between protection software/hardware and publishers of malware.

The reason I'm posting this old article reference, there is a Newsnet post that quotes an Inquirer article, but the article did NOT provide links to NSS Labs source. Which is why The Inquirer is NOT a creditable source on this subject.

"NSS Labs Finds Most Endpoint Security Products Lack Vulnerability-Based Protection" Report NSS Labs 3/12/2010

Excerpt

NSS Labs, Inc., the leading independent security testing organization, today announced the results of its evaluation of seven popular consumer endpoint security products in protecting the vulnerability exploited in the recent “Operation Aurora” attack conducted against Google and at least 30 other organizations. This test—the first of its kind in the industry—was designed to identify which products truly shielded the underlying Microsoft Windows Internet Explorer vulnerability (CVE-2010-0249) against additional attack variants. Products that defended the vulnerability versus simply stopping a single variant or its malicious payload are considered to have a more effective security model.

In its Austin, Texas facility, NSS Labs created variants of the Operation Aurora attack and tested the anti-malware software to see which of the seven products stopped the exploits and malicious code payloads. Given the level of visibility of the attack and the time that has passed since its initial discovery, it was thought that most, if not all, of the products would cover the vulnerability. However, only one out of seven tested products correctly thwarted multiple exploits and payloads, demonstrating vulnerability-based protection (McAfee).

"Generally, there are multiple ways to successfully exploit a vulnerability," said Rick Moy, president of NSS Labs. “This test case underscores the need for IT security vendors to provide greater vulnerability-based protection. Rather than reactively blocking individual exploits or malware, vendors should focus on minimizing their customers’ risk of exposure by insulating the vulnerability.”

Products tested included:
  • AVG Internet Security, version 9.0.733

  • ESET Smart Security 4, version 4.0.474.0 (see caution below)

  • Kaspersky Internet Security 2010, version 9.0.0.736

  • McAfee Internet Security 2010 with SecurityCenter, version 9.15.160

  • Norton Internet Security 2010, version 17.0.0.136

  • Sophos Endpoint Protection for Enterprise - Anti-Virus version 9.0.0

  • Trend Micro Internet Security 2010, version 17.50.1366.0000

A full report of the test and its findings is available here. Additionally, Vikram Phatak, CTO of NSS Labs will be discussing the test and demonstrating the Operation Aurora exploit on March 13, 2010 at BSidesAustin, to be held at Norris Conference Centers.

COMMENT:
  • I do NOT recommend "Security" nor "Internet" suites for home users because they tend to be resource hogs

  • I DO recommend a good Antivirus, that is not part of a suite

  • At home on my WinXP SP3 desktop system I use ESET NOD32 Antivirus 4, which is very fast, uses little resources; and includes Antivirus, anti-Trojan, anti-spyware protection.

CAUTION: ESET recently came out with ESET NOD32 Antivirus 5 and since I could "upgrade" for free, I tried it. In the next 5 days after upgrading I had problems I never had before, and my system became unstable. I was using the same settings I had for NOD32 Av 4. I did try changing settings. But after 5 days of instability, I uninstalled NOD32 Av 5 and reinstalled NOD32 Av 4. My system is back to being stable.

With NOD32 Av 5 I noted from its look-and-feel, that is likely written with Win7 in mind. I suspect that ESET did not fully test Av 5 on a Win XP system.