ITJuju.com

I posted the following over at http://talkbiz.com/blog/the-future-of-spam-and-cyber-crime/

Lots of very important information that I’ll be expanding on in future posts and products.

….

A better and simpler solution is to turn off the modem and disconnect from the internet when it’s not being used.

You may pay for a always on connection but you don’t need to always be on. Plus you become unpredictable if someone is actually targeting you (doesn’t work if you have predictable habits).

On power, if you leave the computer on for long enough you end up spending the same amount on power as you did to buy the machine. Usually a couple of years of 24/7 will do it if it’s part of a bot net.

Problem with turning the machine off is that most Windows users who have enabled Automatic updates, leave it on the default Auto Update setting. Which by default only updates the machine at 3am in the morning.

Those same users usually have a screen saver setup which will turn off parts of the machine and operating system after a while. When 3am rolls round, the machine is in a power saving mode and doesn’t update.

I did some work for a client who had their systems setup in exactly the same way and they were shocked when I connected the machines to the Windows update site to do a manual update, they all had 90+ critical updates to be downloaded and installed (some updates going as far back as 2 years).

The solution is simple, use the second option – download and notify. The notification takes place when you go through the shutdown process. When you confirm the install and shutdown option all updates are installed for you.

Microsoft had a good idea with automatic updates but as usual they did a pi*s poor job of implementation of the idea. What they should have done is configure the software to default to the second option (to download and notify).

If the machine is connected to a domain with a SUS or windows update server then it should set it’s self to automatically update at 3am. But as it’s Microsoft all the security tools and options look and feel like they were implemented by monkeys.

I’ll leave the personal firewall, anti-virus software, anti-spyware software and identity theft protection software for another time but will sum it up as: false sense of security.

…

On the future of spam and cyber crime:

There is software now becoming available that is designed to be undetected by the 10 most popular Anti virus software systems in use. The software developers who create the malicious software used by the criminals (not always the same person or group) are forcing what I call the Dr. Strangelove (as in the film) effect on to the security industry.

Companies who produce anti-virus software and anti-spyware software, but mainly anti-virus software are always playing catchup. As in the film Dr. Strangelove where just before the Russian ambassador reviles the existence of the Dooms day machine the ambassador tells the American President that they couldn’t afford the expense of the missile race, the space race and the peace race so they built the dooms day machine to get round the cost of reducing the missile/space/peace gaps.

The dooms day machine for the anti-virus industry came in the form of Day 0 viruses.

In reality it’s just a big con as all viruses are Day 0 viruses until the antivirus companies employ resources to develop a way to detect them. Which means that the anti-virus companies are always playing catchup and their always loosing because there are more viruses being released in to the wild then they have resources to develop ways to detect them.

And now that the malicious software developers are designing their wares to avoid detection it’s going to get even worse for the anti-virus companies. The future isn’t good for people who believe the B.S put out by the security industry.

Also for those who use other operating systems: Windows is low hanging fruit, all other operating systems are higher hanging fruit, their not being targeted at the moment because there’s more than enough low hanging fruit to go round.

PlusiIn order to target other operating systems the malicious software developer needs to “retool”. But the more people who jump ship to say OS X the more of a target it becomes. Then you have the fact that some exploits are not going to be that hard to retool for, take Java and Flash for example. Their both available on Windows, Mac OS X, Linux based distributions and so on.

Vulnerabilities found in Flash or Java on Windows will more than likely be available on the other operating systems.

There is one thing you can count on with OS X users and that’s their demographics. Or put it another way: niche market (compared to Windows but even then 10million+ is nothing to sneeze at) with known buyers who have all bought high ticket items. With a lot believing the security BS Apple put out.

Disclaimer: I own a Mac, I also own Windows machine’s, Linux based machines as well as use BSD and Solaris machines. My view on which is the best is simply: their all tools and like the tools you have in your tool box, no single tool is best for every single job you need to use a tool for.

Sure you can use a claw hammer to cut wood but it’s easier to use a saw then it is to use the hammer. All in one multi tools are convenient when you don’t have your tool box and only need to do a one off job. But when you have to do a lot of work you can’t beet a single use tool designed to do a single job.

Rogerio
http://www.itjuju.com