Year 2014 will be a year of cybersecurity after the NSA revelations made in 2013: The headline news is that the NSA has surreptitiously “burrowed its way into nearly all the security architecture” sold by the world’s largest computer networking companies. A lot of people were shocked how NSA monitored and hacked almost everything in Internet. There will still be NSA aftershocks after new material comes out and different parties react to them (and news sources write about them). U.S. cloud services have been put into question for good reason. There will be a lot of NSA spying litigation. Those spying issues will also fuel some haktivism (it has already started to happen).
Security Professionals: Top Cyber Threat Predictions for 2014 article lists the following predictions that seem to pretty propable: Cybersecurity Regulatory Efforts Will Spark Greater Need for Harmonization, Service-Impacting Interruptions for Online Services Will Persist, We Will See an Increase in Cybercrime Activity Related to the World Cup, Rise of Regional Cloud Services, Dev-Ops Security Integration Fast Becoming Critical, Cybercrime that Leverages Unsupported Software will Increase, Increase in Social Engineering and Ransomware will Impact More People.
Ubiquitous mobile computing is all around us, which will lead to increased risks and concerns about social network privacy. Social networks have quickly become the key organizing principle of Internet communication and collaboration. Android anti-virus apps CAN’T kill nasties on sight like normal AV.
2013 was a very hacked year when there was many cases where information on millions or tens of millions of users were stolen from companies. It’s likely that we will see much more of the same in 2014, the way people use passwords and how the on-line services are built have not changed much in one year.
Gartner predicts that through 2014, improved JavaScript performance will begin to push HTML5 and the browser as a mainstream enterprise application development environment. I expect that HTML5 related security issues are increased due the fact that the technology being used more in 2014.
Over 50% of net traffic to web sited made by bots! More Than Half of Internet Traffic Is Just Bots article says that security and cloud service provider Incapsula analyzed and found out that more than 60 percent of internet traffic is computer generated, compared to less than 40 percent of traffic that is driven by human clicks. 31% of Bots Are Still Malicious. SEO link building has always a major motivation for automated link spamming, but it is decreasing due the fact that Google was able to discourage it. There are more advanced hacking and automatic vulnerability searching.
DDoS attacks are evolving from volumetric Layer 3-4 attacks to much more sophisticated and dangerous Layer 7 multi-vector threats.
There will be still many SCADA security issues in 2014. Even though traditional SCADA vulnerabilities have become easier to find, the increased connectivity brought with IoT will cause new issues. And there will still be very many controls systems openly accessible from the Internet for practically everybody who knows how to do that. There was a large number of SCADA systems found open in Internet in the beginning of 2013, and the numbers have not considerably dropped during the year. I expect that very many of those systems are still too open in the end of 2014.
The Internet is expanding into enterprise assets and consumer items such as cars and televisions. The Internet of Things (IoT) will evolve into the Web of Things, increasing the coordination between things in the real world and their counterparts on the Web. There will be many security issues to solve and as the system become more widely used more security issues on them will be found in them.
Cloud security will be talked about. Hopefully there will be some clear-up on the terminology on that area, because cloud security can mean a lot of things like the term cloud computing. Cloud security could mean how secure your cloud provider is, a service that runs on cloud filtering what comes through it (for example e-mails, web traffic), it could mean to product protecting some service running on cloud, or it could be a traditional anti-virus service that connects to cloud to advance it’s operation (for example update in real-time, verify unknown programs based on data on cloud). Research firm Gartner forecasts that cloud security sales will increase dramatically in the next few years. Cloud Security sales have increased over the past year by 2.1 billion to $ 3.1 billion in 2015.
Marketers try to put “cloud” term to security product brochures as much as they can. Cloud made from the traditional information security sound old-fashioned because companies are under pressure to move services to the cloud. Also, mobile devices and information security dispersed users to set new standards. OpenDNS ‘s CTO Dan Hubbard says that “Because of the data and equipment run in the cloud users with the cloud is the best way to protect them.” The Snowden Effect will also bring this year of PRIVATE cloud talk on table for security reasons because U.S. cloud services have been put into question for good reason.
In Finland a new Cyber Security Center started in the beginning of 2014. Security articles and warnings from it will be published at kyberturvallisuuskeskus.fi.
Late addition: Crypto-currencies like Bitcoin and similar are on the rise. Early adopters already use them already actively. Those crypto-currencies have many security related issues related to them. The values of the crypto-currencies vary quite much, and easily the value drops considerably when they get so used that different governments try to limit using them. Bitcoin is increasingly used as ramsonware payment method. Bitcoins have been stolen lately quite much (and I expect that to increase when usage increases), and those are stolen from users, on-line wallets and from exchanges. When more money is involved, more bad guys try to get into to get some of it. Sometimes bad guys do not try to steal your money, bit use resources you pay (your own PC, your server capacity, etc.) to generate money for them without you knowing about it. If you plan to use those crypto-currencies be careful to understand what you are doing with them, there is a real possibility that you can loose your money and there is no way that lost money can be recovered.
3,382 Comments
Tomi Engdahl says:
AltCoin Alert: Western Union Obtains Alternative Currency Exchange System Patent from USPTO
Alternative value exchange systems and methods
https://medium.com/p/23f9de5dc65e
No Joke Patent 8,688,563 Granted on April Fools Day 2014..was Filed in October 2009
“…Methods and systems for exchanging alternative currencies…”
To be clear there is no specific mention of everyone’s favorite cryptocurrency “Bitcoin” within this patent. But based on when it was originally filed, that was to be expected because Bitcoin was obscure.
this has made it past the application stage and has been granted patent status by USPTO
Tomi Engdahl says:
Published a picture of the coupon internet – someone else took the money in Finland
Iltalehti reported on Wednesday about a man, which was released on picture of betting coupon valid for 1600 Euros Sunday on Facebook. When the man went to the bank on Monday to redeem the victory , the teller told him , surprisingly , that the profit has already been redeemed.
Veikkaus says that this is an extremely rare case , as the company is aware of only one previous similar case , where the gain has been fraudulently cashed.
Source: http://www.iltalehti.fi/uutiset/2014050818277593_uu.shtml
Tomi Engdahl says:
SEC to investors: When dealing in Bitcoin, don’t get suckered
Top US securities regulator warns of scams, fraud, and other bad dealing
http://www.theregister.co.uk/2014/05/08/sec_bitcoin_alert/
“A new product, technology, or innovation – such as Bitcoin – has the potential to give rise both to frauds and high-risk investment opportunities,” the alert observes. “Potential investors can be easily enticed with the promise of high returns in a new investment space and also may be less skeptical when assessing something novel, new and cutting-edge.”
Don’t believe promises of “guaranteed” returns, the SEC’s note helpfully advises. Also, you should watch out for unlicensed sellers or securities, offers pitched via spam, offers that pressure you to buy right away, and anything that sounds too good to be true. All good advice for any investor.
Also, the commission warns, because Bitcoin is not backed by any central authority or government and transactions in virtual currencies can be difficult for law enforcement to trace. If you do get cheated by Bitcoin scammers, you may have very little recourse to recover your funds, the SEC states.
Tomi Engdahl says:
London police to use wearable video cameras in public interactions
Manufacturer says cameras are a “game changer,” cops not so excited.
http://arstechnica.com/tech-policy/2014/05/london-police-to-use-wearable-video-cameras-in-public-interactions/
The London Metropolitan Police Service (MPS) is set to launch a one-year pilot project that equips cops with body-worn video cameras to be used during their interactions with the public. The pilot will include a total of 500 cameras distributed across ten city boroughs.
The MPS chose to purchase 500 Axon body-worn cameras alongside a backend management system from Taser International, a manufacturer of law enforcement products and electrical weapons. The body-worn cameras in question are small, battery-operated devices that can attach to sunglasses, a shirt collar, a cap, or a head mount and can record wide-angle, full-color views of the officer’s visual field, according to a press release. A red “flash” appears on such devices to indicate when the camera is activated.
Privacy advocates like the American Civil Liberties Union (ACLU) have argued that the efficacy of police body-mounted cameras as a crime reduction and accountability tool hinges on enforcement of good policies and procedures—including something as basic as preventing officers from being able to deactivate the cameras at their own discretion.
Tomi Engdahl says:
McAfee accused of McSlurping Open Source Vulnerability Database
Lawyers say security giant should have paid before it unleashed slurping scripts
http://www.theregister.co.uk/2014/05/08/whats_copyright_mcafee_mcslurps_vuln_database/
Intel security subsidiary McAfee may be in hot water after it allegedly scraped thousands of records from the Open Source Vulnerability Database instead of paying for them.
The surreptitious slurp was said to be conducted using fast scripts after McAfee formally inquired about purchasing a license to the data.
“There is debate on if a database can be copyrighted. Instead of saying they are infringing that, we are saying they are wilfully ignoring our posted license,” Martin said.
OSVDB aggregates and formated public vulnerability records for free individual consumption but requests that those seeking more comprehensive access pay for the right.
Tomi Engdahl says:
Microsoft’s decision to patch Windows XP is a mistake
There will always be one more emergency.
http://arstechnica.com/security/2014/05/microsofts-decision-to-patch-windows-xp-is-a-mistake/
IT people who have had to impress on their superiors that they need the budget to upgrade from Windows XP because Microsoft won’t ship patches for it any longer. Microsoft has made these IT people into liars. “You said we had to spend all this money because XP wasn’t going to get patched any more. But it is!”
A complete about-turn means that Windows XP will take even longer to flush out of the market, making it a continued headache for developers and administrators alike.
But the option Microsoft took is the worst of all worlds. It undermines efforts by IT staff to ditch the ancient operating system, and undermines Microsoft’s assertion that Windows XP isn’t supported, while doing nothing to meaningfully improve the security of Windows XP users. The upside? It buys those users at best a few extra days of improved security. It’s hard to say how that was possibly worth it.
Tomi Engdahl says:
Hackers blag personal information from Orange servers
http://www.theinquirer.net/inquirer/news/2343633/hackers-blag-personal-information-from-orange-s-servers
“On 18 April, Orange identified an illegitimate access on a technical mailing and SMS platform, which it uses for its commercial campaigns in France. This access entailed the copy of a limited amount of personal data concerning certain customers and identified prospective customers,”
In February Orange confessed to a customer data loss that affected some 800,000 of its French users. Then, as now, Orange said that financial data was untouched.
Orange is not the only firm to ever lose customer data to hacking and this year US retail chain Target parted with both the details of hundreds of millions of its users and its CIO.
Tomi Engdahl says:
Why Your Organization Needs a Cloud-Based Disaster Recovery Plan
http://blogs.vmware.com/smb/2014/04/organization-needs-cloud-based-disaster-recovery-plan.html
Businesses know they need to back up their data, their workloads and their applications in the event that disaster strikes. Downtime of business-critical applications or data loss could cause a major disruption for organizations caught without a comprehensive disaster recovery (DR) plan in place. In fact, according to the U.S. Small Business Administration, approximately 25% of businesses that are affected by a disaster fail to reopen.
Today, pretty much every organization makes backups, typically every 24 hours or more. In a disaster, that means hours or days of data can be lost, and it takes hours or days to restore everything from backups. Disaster recovery protection (continuous replication) offers a much higher level of protection, allowing an organization to set a recovery point measured in minutes or hours, and the organization can quickly restart applications rather than having to restore them from different storage. Yet many small-to-mid sized businesses simply don’t do DR at all because implementing DR has been either too complicated, too expensive or both.
Tomi Engdahl says:
Symantec Sales Forecast Shows Improving Security Demand
http://www.bloomberg.com/news/2014-05-08/symantec-s-sales-forecast-shows-higher-security-demand.html
Symantec Corp. (SYMC) is benefiting as hacking attacks fuel higher demand for cyber-security software, while cost cuts are bolstering profits.
The biggest maker of antivirus tools issued a revenue forecast that topped projections. Sales in the fiscal first quarter will be $1.65 billion to $1.69 billion, the company said in a statement yesterday. Analysts, on average, are predicting revenue of $1.64 billion for the period that ends in June, according to data compiled by Bloomberg.
Spending on security software and equipment is on track to increase 9.1 percent this year to $71.7 billion, according to Gartner Inc. The forecast buys the struggling company time as it deals with a management transition and a market that is shifting to smartphones and tablet computing, where security tools aren’t as widely used.
Symantec is under pressure to break up the company as demand slows for antivirus software, which is now widely seen as incapable of catching all but the easiest-to-find attacks.
Tomi Engdahl says:
US officials vote to allow Bitcoin for political donations
Cryptocurrency cleared for campaign payments
http://www.theregister.co.uk/2014/05/09/us_officials_vote_to_allow_bitcoin_for_political_donations/
The US Federal Election Commission (FEC) has officially approved Bitcoin as a medium of exchange for political donations.
Tomi Engdahl says:
Net tech bods at IETF mull anti-NSA crypto-key swaps in future SSL
‘Perfect example of how Snowden has improved our privacy’ says professor
http://www.theregister.co.uk/2014/05/08/rsa_depreciated_from_tls/
Standards stewards on the Internet Engineering Task Force (IETF) are planning to drop RSA key exchanges from TLS 1.3, the next revision of SSL.
Specifically, the IETF has backed Diffie-Hellman key exchange (DHE) and Elliptic Curve Diffie-Hellman key exchange (ECDHE) over RSA because the former two support Perfect Forward Secrecy (PFS).
PFS ensures that the ephemeral session key is never exchanged in whole over the network between the two partners.
Thus even if, say, an NSA g-man silently intercepts the pair’s network traffic and then gains access to the web server’s private key used to initiate the connection, the spy cannot recover the session key and decrypt the snooped data.
And even if the eavesdropper somehow obtained the temporary key, it’s only good for that session and that session only.
Cryptographers have welcomed the decision to deprecate RSA key exchange from TLS 1.3.
“In case you’re missing context: the removal of RSA in the next version of TLS is a perfect example of how Snowden has improved our privacy,” said Matthew Green, a professor of computer science who teaches cryptography at Maryland’s Johns Hopkins University.
Tomi Engdahl says:
Security company : Virus detection systems are not in vain – ” Also aspirin does the trick for a hangover ”
Security company Symantec announced earlier in the week studying the virus to be in vain, and that the focus should be on minimizing the damage caused by the attacks. Symantec Brian Dye justified its position that the virus scanner detects now only about 45 per cent of the attacks .
The competitor Bitdefender does not claim to swallow . “It’s almost like saying that aspirin is dead, because it can not cure cancer, AIDS , or indeed all diseases of mankind ,”
“Asperin does the trick still a slight hangover or the flu, and people still like the product to the medicine cabinet . ”
Virus Radar should rather seen as part of a broader security solution as the only weapon.
Source: http://www.tietoviikko.fi/kaikki_uutiset/tietoturvayhtio+virustutkat+eivat+ole+turhia++quotaspiriinikin+tepsii+krapulaanquot/a986850
Tomi Engdahl says:
California Senate approves smartphone ‘kill-switch’ bill
http://www.cnet.com/news/california-senate-approves-smartphone-kill-switch-bill/
After failing in the state Senate two weeks ago, a bill requiring that device makers include antitheft software on phones sold in the state passes muster.
Tomi Engdahl says:
Investor Alert: Bitcoin and Other Virtual Currency-Related Investments
http://investor.gov/news-alerts/investor-alerts/investor-alert-bitcoin-other-virtual-currency-related-investments#.U2ylV1dM0in
The SEC’s Office of Investor Education and Advocacy is issuing this Investor Alert to make investors aware about the potential risks of investments involving Bitcoin and other forms of virtual currency.
The rise of Bitcoin and other virtual and digital currencies creates new concerns for investors. A new product, technology, or innovation – such as Bitcoin – has the potential to give rise both to frauds and high-risk investment opportunities.
Innovations and new technologies are often used by fraudsters to perpetrate fraudulent investment schemes.
Using Bitcoin may limit your recovery in the event of fraud or theft.
If fraud or theft results in you or your investment losing bitcoins, you may have limited recovery options. Third-party wallet services, payment processors and Bitcoin exchanges that play important roles in the use of bitcoins may be unregulated or operating unlawfully.
Investments involving Bitcoin present unique risks.
Consider these risks when evaluating investments involving Bitcoin:
Not insured. While securities accounts at U.S. brokerage firms are often insured by the Securities Investor Protection Corporation (SIPC) and bank accounts at U.S. banks are often insured by the Federal Deposit Insurance Corporation (FDIC), bitcoins held in a digital wallet or Bitcoin exchange currently do not have similar protections.
History of volatility. The exchange rate of Bitcoin historically has been very volatile and the exchange rate of Bitcoin could drastically decline. For example, the exchange rate of Bitcoin has dropped more than 50% in a single day. Bitcoin-related investments may be affected by such volatility.
Government regulation. Bitcoins are not legal tender. Federal, state or foreign governments may restrict the use and exchange of Bitcoin.
Security concerns. Bitcoin exchanges may stop operating or permanently shut down due to fraud, technical glitches, hackers or malware. Bitcoins also may be stolen by hackers.
New and developing. As a recent invention, Bitcoin does not have an established track record of credibility and trust. Bitcoin and other virtual currencies are evolving.
Tomi Engdahl says:
The struggle to ban killer robots
http://thebulletin.org/struggle-ban-killer-robots7150
The Campaign to Stop Killer Robots was launched in April 2013 with the objective of achieving a ban on the development, production, and deployment of lethal autonomous weapons. The same month, Christof Heyns, the United Nations’ special rapporteur on extrajudicial, summary or arbitrary executions, called for a moratorium on the development and deployment of such weapons while an international commission considered the issue. Within a remarkably short period of time, the campaign has achieved significant traction. Every month, a flurry of media reports, international conferences, and policy events are dedicated to the issue. The campaign is succeeding at something very important: bringing politics to bear on what are, at the most basic level, sets of computer algorithms designed to accomplish particular military tasks.
Tomi Engdahl says:
Leading Cause of Smartphone Theft: Careless Owners
Three million smartphones were stolen in 2013, but muggings weren’t the most common form of theft, according to new research.
http://blogs.cio.com/smartphones/18565/leading-cause-smartphone-theft-careless-owners
a new survey suggests many more smartphones are stolen because their owners carelessly leave them on café tables when they pick up their morning lattes.
That “Doh!” scenario – which obviously isn’t restricted to cafés – accounts for roughly 44 percent of all smartphone thefts, according to a survey of 2400 smartphone users commissioned by Lookout, which sells smartphone security products. The thief-grabs-phone-and-runs scenario only accounts for 11 percent of smartphone thefts, according to the research.
Most of us are attached to our expensive phones, but about three-quarters of the people who said their phones had been stolen didn’t notice for some time. That lapse that makes it that much harder to recover them
Tomi Engdahl says:
Physicists Turn 8MP Smartphone Camera Into a Quantum Random Number Generator
http://science.slashdot.org/story/14/05/09/1854254/physicists-turn-8mp-smartphone-camera-into-a-quantum-random-number-generator
“Random numbers are the lifeblood of many cryptographic systems and demand for them will only increase in the coming years as techniques such as quantum cryptography become mainstream.”
“Now physicists have worked out how to use a smartphone camera to generate random numbers using quantum uncertainties. The approach is based on the fact that the emission of a photon is a quantum process that is always random.”
How To Generate Quantum Random Numbers With A Smartphone Camera
https://medium.com/the-physics-arxiv-blog/602f88552b64
Physicists have exploited the laws of quantum mechanics to generate random numbers on a Nokia N9 smartphone, a breakthrough that could have major implications for information security
genuine random numbers are notoriously hard to find. In particular, they cannot be generated by a deterministic process such as a computer program.
So physicists have long searched for other ways to make genuinely random numbers based on physical processes that produce random outcomes. The gold standard is the quantum random number generator—a device that exploits the probabilistic nature of quantum mechanics to produce a sequence of entirely random digits.
However, quantum random number generators are complex, expensive devices.
And now they’ve found it. Today, Bruno Sanguinetti and pals at the University of Geneva in Switzerland have worked out how to generate random numbers on an ordinary smartphone using genuine quantum processes. And they say their new technique can produce random numbers at the rate of 1 megabit per second, more than enough for most security applications.
The quantum process that these guys exploit is the way light sources emit photons.
They put this to the test with a Nokia N9 smartphone, which has an ordinary 8 megapixel rear-facing colour camera
So the process of generating random numbers consists of pointing the camera at a green LED that evenly illuminates all the pixels and pressing the shutter button. A simple program then extracts the random digits.
Sanguinetti and co calculate that their numbers are pretty close to random.
Tomi Engdahl says:
Winklevoss twins eye up NASDAQ: Publicly traded Bitcoin fund… what could go wrong?
Filing comes 2 days after SEC warns on virtual currency
http://www.theregister.co.uk/2014/05/09/winklevoss_twins_sec_filing_bitcoin_trust/
The Winklevoss twins have set out plans to list their Bitcoin trust exchange on the NASDAQ to create what would be the world’s first publicly traded cryptocurrency biz – if it were approved.
Tomi Engdahl says:
Why Your Organization Needs a Cloud-Based Disaster Recovery Plan
http://blogs.vmware.com/smb/2014/04/organization-needs-cloud-based-disaster-recovery-plan.html
Businesses know they need to back up their data, their workloads and their applications in the event that disaster strikes. Downtime of business-critical applications or data loss could cause a major disruption for organizations caught without a comprehensive disaster recovery (DR) plan in place. In fact, according to the U.S. Small Business Administration, approximately 25% of businesses that are affected by a disaster fail to reopen.
Organizations don’t need to wait for a disaster to strike to start thinking about disaster readiness.
Today, pretty much every organization makes backups, typically every 24 hours or more. In a disaster, that means hours or days of data can be lost, and it takes hours or days to restore everything from backups. Disaster recovery protection (continuous replication) offers a much higher level of protection
Tomi Engdahl says:
Square Turned Dollars Into Data. Now It’ll Turn That Data Into Gold
http://www.wired.com/2014/05/square-data-diving/
Square’s already turning dollars into data. Now it wants to turn that data into even more dollars.
Tomi Engdahl says:
Feds: Sailor Hacked Navy Network While Aboard Nuclear Aircraft Carrier
http://it.slashdot.org/story/14/05/11/1221227/feds-sailor-hacked-navy-network-while-aboard-nuclear-aircraft-carrier
Feds: Sailor hacked Navy network while aboard nuclear aircraft carrier
“Team Digi7al” hacking spree targeted 30 organizations over 14 months.
http://arstechnica.com/security/2014/05/feds-sailor-hacked-navy-network-while-aboard-nuclear-aircraft-carrier/
Tomi Engdahl says:
Anti-surveillance mask lets you pass as someone else
http://www.cnet.com/news/urme-anti-surveillance-mask-lets-you-pass-as-someone-else/?ttag=fbwp
Uncomfortable with surveillance cameras? “Identity replacement tech” in the form of the Personal Surveillance Identity Prosthetic gives you a whole new face.
They’re like Guy Fawkes masks that look like real people
The 3D-printed resin mask, made from a 3D scan of Selvaggio’s face and manufactured by ThatsMyFace.com, renders his features and skin tone with surprising realism, though the eyes peeping out from the eye holes do lend a certain creepiness to the look.
Creepiness is, of course, part of the point here, as the interdisciplinary artist takes a his-face-in-everyone’s-face approach to exploring the impact of an increasingly networked world on personal identity.
It turns out some states have anti-mask laws
Tomi Engdahl says:
Goodbye Windows XP; Hello IsXP?
Microsoft Windows XP support ends April 8. What happens April 9? Three things to remember. NEW: Updated with answers to reader feedback on April 14.
http://www.controleng.com/single-article/goodbye-windows-xp-hello-isxp/7225421fd76472019f77c6899654717d.html
Because Windows XP was the first truly reliable commercial multi-windowed system, it became the “go-to” standard for control, human machine interface (HMI), and instrumentation systems. Companies have invested billions of dollars in these systems and expected them to have the same multi-decade lifetime of other industrial systems. Lifetimes of 15 to 30 years are common in industrial systems.
If Windows XP had been built on an open source model, there would probably still be an active community to support the operating system, just as other open source software has lasted 30 or more years. However, the Windows XP system is Microsoft’s property and the only support is through Microsoft. Microsoft may continue to offer extended support, but that seems unlikely
A better solution would be for Microsoft to outsource Windows XP support to an independent third party, to provide Lifetime Support XP (lsXP). That organization could then provide critical and important security patches on a subscription basis. It could quickly respond to zero day attacks, and help protect the millions of XP systems in critical infrastructure or mission critical systems. This approach is a win-win for Microsoft and users. Eventually the Windows XP systems will be replaced
3 things to remember after XP
If lsXP doesn’t develop, then there are only three things to remember to keep your XP systems running: protect, protect, and protect.
Unfortunately, there is no easy answer to the upcoming loss of support for Windows XP. These systems will become more expensive to maintain and replace. This is the hidden future cost of using commercial software on systems that have lifetimes of 15-30 years. If this is not a wakeup call for vendors to take a long, hard look at the systems they use for their systems, then it is a wakeup call for end users to demand software that lasts as long as the hardware.
1. Do you know if a Lifetime Support XP (lsXP) has become available?
Unfortunately, Lifetime Support is not available.
2. We have McAfee and Verizon anti-virus software on our computers. Is this enough to protect us from attacks or computer virus?
This is a good start, but zero-day attacks, which are vulnerabilities that are exploited before the anti-virus vendors can respond, are still a problem. To help in those attacks, the systems should also be protected behind firewalls, all unused programs and application removed, any unused accounts removed, and make sure that you are not using default passwords on any applications. These changes will reduce your risk, and if the systems have no direct connection to the intranet, or even your company’s business network, then this reduces your risk about as low as it can get for an XP system.
White listing tools are extensions to the operating system that checks that only approved (white listed) programs are running, and that the running programs have the signature. This means that have not been modified by a virus or hacker.
Root kit inspection tools check that the startup parts of the computer have not be modified or changes by a virus or hacker.
Tomi Engdahl says:
GE patches gap in infosec capabilities with Wurldtech buy
SCADA bug-hunter slurped to secure the ‘Industrial Internet’
http://www.theregister.co.uk/2014/05/12/ge_patches_gap_in_capabilities_with_infosec_buy/
Years after the infosec world noticed the chronic insecurity of SCADA kit, industrial giant GE has decided it needs to improve its in-house capabilities by announcing that it’s to acquire Wurldtech.
Founded in 2006, Wurldtech’s product portfolio, sold under the Achilles brand, includes a test suite and industrial firewall software. It’s also got a service operation under which it evaluates device communication looking for troublesome behaviours.
The test suite is based on hardware designed to sit between the control system and the target industrial device – stuff like SCADA, distributed control systems and smart meters – firing off test traffic to detect vulnerabilities as well as other faults. It covers Ethernet, Foundation Fieldbus, Modbus IP, OPC UA and Profinet IO systems.
The Achilles Threat Intelligence Software is designed to add an industrial-network wrinkle to the more prosaic business of network protection. Since industrial plant managers really dislike being told to take their systems down so the IT crowd can apply a patch, ATIS instead lets the user wrap up a system in extra security when a bug of vulnerability is published, letting the patching happen later.
Tomi Engdahl says:
Hey, does your Smart TV have a mic? Enjoy your surveillance, bro
Little reminder: Your shiny new telly is a computer, it can run malware
http://www.theregister.co.uk/2014/05/10/smarttv_bugging/
NSA whistleblower Edward Snowden told lawyers he met during his sojourn in Hong Kong to put their cell phones in his fridge to thwart any eavesdroppers.
But new research suggests he should have been worried about nearby TVs, too.
Smart tellies with built-in microphones and storage can be turned into bugging devices by malware and used to record conversations, security experts at NCC Group said. And they demonstrated exactly that just down the road from the Infosec Europe conference, held in London.
“Installing the bugging software requires physical access to the device, which is how we did it, or by installing a malicious app,”
In other words, Ingram’s research shows smart TVs can be abused in much the same way that dodgy apps on Android software stores hijack smartphones and tablets.
“There is nothing specific about them running Linux that makes the hacking any easier, though some manufacturers have released some of their source code, which could make developing applications for the devices a little easier.”
The smart TV hacking was part of a demonstration by NCC experts to highlight security shortcomings on the home front of the Internet of Things. Broadband routers and Wi-Fi-controlled power plugs were also attacked, and a smartphone with NFC wireless radio was used in an attempt to clone a hotel room access card.
Tomi Engdahl says:
The Pirates of Today are Hackers and Their Cyber-attacks are Growing
But torrent-based, copyright-infringing pirates are not really the biggest threat – the true pirates of today are hackers, and their pirate-army is growing.
CSOs and CISOs must become stricter with the security procedures and processes they put in place to ensure their cyber-security framework is strong and compliant. Because the pirates are out there – stealing invaluable information for personal gain. It’s time to batten-down the hatches.
See more at: http://collaboristablog.com/2014/03/pirates-today-hackers-cyber-attacks-growing/?utm_source=outbrain&utm_medium=outbrain&utm_campaign=outbraincollaboristablog#sthash.H4q1ONPj.dpuf
Tomi Engdahl says:
Router company that threatened a reviewer loses Amazon selling license
Customer accused of “illegal campaign to damage, discredit, defame, and libel.”
http://arstechnica.com/tech-policy/2014/05/lawyers-bully-redditor-for-negative-amazon-com-router-review/?kw=100k_pvs&search=100k_pvs
After posting the negative review of a Medialink Wireless Router product—which became the “most helpful” negative review on Amazon.com—an attorney for Mediabridge sent him a letter explaining that the company “zealously guards its hard-earned reputation” and that “you have harmed Mediabridge and we intend to hold you liable for all damages sustained.”
The company demands that “in order to avoid this coming to litigation” he must delete his negative product review on Amazon within three days of receiving this letter, stop all “defamatory and injurious” conduct toward the company, and agree to never purchase nor comment upon a Mediabridge product again.
Tomi Engdahl says:
Bitcoin Explained
https://www.choice-loans.co.uk/bitcoin/
Tomi Engdahl says:
Latent Malware Activity in Internal Networks Detection
Posted May 10, 2014 at 10:00 am
http://www.eeweb.com/company-blog/fujitsu_semiconductor/latent-malware-activity-in-internal-networks-detection/
Fujitsu Laboratories Ltd. today announced that it has developed technology that quickly detects latent malware activity in a network. This technology monitors an internal network to protect against advanced persistent threats (APT) on specific companies or individuals, an increasingly common problem.
In recent years there has been a surge in increasingly sophisticated APT against specific organizations and individuals for the purpose of stealing information. In APT, the target is thoroughly studied in advance, and the attack is persistently carried out through such methods as email messages disguised as regular business communications. It is not always possible for ordinary antivirus software to distinguish between regular software and software used in an attack, so it is difficult to fully protect an internal network from being infiltrated by malware.
To protect against such sophisticated malware activity, in addition to the conventional security protections used at the entry and exit points of internal networks, it is necessary to employ protection methods that focus inside internal networks.
The most common type of malware today is known as a Remote Access Trojan (RAT)(1). With a RAT, the intruder outside a network remotely operates an infected PC within a network to collect internal data, disguising activities as routine business communications such as sending or receiving emails.
By analyzing the types of communications flowing over a network and the related communications that precede or follow them, it is possible to detect latent activity within a network that is characteristic of a RAT, the remote-control type malware. Fujitsu Laboratories conducted research and development on ways to monitor choke points, which are the gateways attackers use in such attacks
This method, however, requires significant processing time as it is necessary to identify, within a huge stream of work-related traffic, the communications associated with an attack, and then confirm the links between multiple communications.
By focusing on the communications patterns seen in all latent activity of RATs within an internal network, and by analyzing the relationships between intranet communications, Fujitsu Laboratories developed technology for the high-speed detection of latent activity of RATs within an internal network.
Tomi Engdahl says:
Your Windows 7 PC is more likely to have malware than your XP one, says Microsoft
http://grahamcluley.com/2014/05/windows-7-xp-microsoft/
After all, Microsoft’s software is – by its very nature – running on every single Windows computer, giving the firm an opportunity to gather data on what’s really happening out there.
Yes, in the last quarter of 2013, Microsoft says that the Windows 7 computers it scanned were more likely to be infected by malware than PCs running Windows XP. An infection rate of 2.59% for Windows 7 (25.9 per 1000 computers scanned) compared to 2.42% for XP.
Windows Vista isn’t looking too healthy either.
Microsoft says the dramatic rise in infection rates from Q3 to Q4 2013 can be largely blamed on the Rotbrow family of malware which presented itself as a browser add-on.
So, do these statistics suggest that Windows 7 is a less safe environment than Windows XP? If only things were that simple.
Microsoft Security Intelligence ReportNo, the truth is that – if configured correctly – Windows 7 can provide better security than Windows XP.
For instance, users of more modern versions of Windows can take full advantage of Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a utility that can block malware successfully exploiting zero-day vulnerabilities, and make life harder for attackers.
It should also be remembered, of course, that not all malware relies upon vulnerabilities and security holes.
A large number of the malware attacks seen use simple social engineering techniques that trick users into making poor decisions, such as clicking on a malicious link or running a malware-infected file that has been sent to them.
Tomi Engdahl says:
Microsoft Security Intelligence Report (SIR)
http://download.microsoft.com/download/7/2/B/72B5DE91-04F4-42F4-A587-9D08C55E0734/Microsoft_Security_Intelligence_Report_Volume_16_English.pdf
The newly published Microsoft Security Intelligence Report (SIR) is a hefty 152 page read, which will probably keep many IT sysadmins occupied for a while.
Tomi Engdahl says:
Exclusive: Air traffic system failure caused by computer memory shortage
http://www.reuters.com/article/2014/05/12/us-airtraffic-bug-exclusive-idUSBREA4B02320140512
A common design problem in the U.S. air traffic control system made it possible for a U-2 spy plane to spark a computer glitch that recently grounded or delayed hundreds of Los Angeles area flights, according to an inside account and security experts.
In theory, the same vulnerability could have been used by an attacker in a deliberate shut-down, the experts said, though two people familiar with the incident said it would be difficult to replicate the exact conditions.
FAA spokeswoman Laura Brown said the computer had to examine a large number of air routes to “de-conflict the aircraft with lower-altitude flights”.
The FAA later set the system to require altitudes for every flight plan and added memory to the system, which should prevent such problems in the future, Brown said.
When the system went out, air traffic controllers working in the regional center switched to a back-up system so they could see the planes on their screens, according to one of the sources.
Paper slips and telephones were used to relay information about planes to other control centers.
The sources said the circumstances would be difficult for an attacker to mimic
Former military and commercial pilots said flight plans are generally carefully checked and manually entered into the air traffic control computers, which are owned by the FAA.
“It would be hard to replicate by a hostile government, but it shows a very basic limitation of the system,” said a former military and commercial pilot.
“We were completely shut down and 46 minutes later we were back up and running,”
Tomi Engdahl says:
All at sea: global shipping fleet exposed to hacking threat
http://www.reuters.com/article/2014/04/24/us-cybersecurity-shipping-idUSBREA3M20820140424
The next hacker playground: the open seas – and the oil tankers and container vessels that ship 90 percent of the goods moved around the planet.
“Increasingly, the maritime domain and energy sector has turned to technology to improve production, cost and reduce delivery schedules,” a NATO-accredited think-tank wrote in a recent report. “These technological changes have opened the door to emerging threats and vulnerabilities as equipment has become accessible to outside entities.”
Tomi Engdahl says:
Spotty solar power management platform could crash the grid
Flaky firmware makes power panels p0wnage possible
http://www.theregister.co.uk/2014/05/12/hackable_solar_systems_spurt_free_money/
Criminals could potentially cause black-outs and mess with power grid configurations by exploiting flaws in a popular solar panel management system used by thousands of homes and businesses.
Details of how the attacks could be executed were kept under wraps while solar panel monitoring kit vendor Solar-Log distributed a patch for the flaws.
The threat is substantial because, as the company boasts, its eponymous management system runs globally on roughly 229,300 solar plants that typically pump out 566TWh of electrical energy, or so we’re told.
“For instance a massive attack can cause power grid reconfiguration and chains of blackouts [and] bad guys can try to monetise it via blackmail,” Goreychik said.”
“At moment we can’t disclose more detail [about the vulnerabilities] because thousands of households around the globe are using vulnerable version of Solar-Log and can be attacked by cyber criminals.
Tomi Engdahl says:
Australian government apps access smartmobe cams but ‘don’t film you’
Department of Human Services says its apps need cameras to deliver better services
http://www.theregister.co.uk/2014/05/04/oz_dept_human_services_not_filming_users/
Australia’s Department of Human Services (DHS) says apparently-excessive permissions sought by its mobile apps are necessary for service delivery, and don’t put its customers’ privacy at risk.
The DHS has told The Register it doesn’t misuse the data, and it believes that the permissions it seeks are necessary for the operation of its apps.
Tomi Engdahl says:
UN to Debate Use of Fully Autonomous Weapons, New Report Released:
Should Killer Robots be Banned in Policing?
http://www.ibtimes.co.uk/should-killer-robots-be-banned-policing-1448189
The United Nations will debate the use of killer robots for the first time at the UN Convention on Certain Conventional Weapons (CCW) this week, but human rights activists are calling for the robots to be banned.
Human Rights Watch and Harvard Law School’s International Human Rights Clinic have published a new report entitled “Shaking the Foundations: The Human Rights Implications of Killer Robots”, which calls for killer robots to be banned to prevent a potential arms race between countries.
“In policing, as well as war, human judgment is critically important to any decision to use a lethal weapon. Governments need to say no to fully autonomous weapons for any purpose and to pre-emptively ban them now, before it is too late,” said Steve Goose, arms division director at Human Rights Watch.
Among the problems with killer robots highlighted in the report is the risk of criminal liability for a military officer, programmer or weapons manufacturer who created or used an autonomous weapon with intent to kill.
If a robot killed arbitrarily, it would be difficult to hold anyone accountable.
Tomi Engdahl says:
Cryptocurrency News Round-Up: Dogecoin on Twitch; Living on Bitcoin & Darkcoin rises
http://www.ibtimes.co.uk/cryptocurrency-news-round-dogecoin-twitch-living-bitcoin-darkcoin-rises-1448153
Dogecoin is already the widely used to tip people on Reddit and Twitter and now the creators of the dogetipbot are looking to bring that system to the video game streaming service Twitch.
It is interesting to see how much more accepted bitcoin has become in the last 12 months, following the cryptocurrency’s breakout year in 2013.
There have been numerous reports in recent weeks of China’s growing resistance to bitcoin – from government imposed regulations to banks shutting down all customers dealing in bitcoin.
However at the two-day Global Bitcoin Summit which began in Beijing on Saturday, there seemed to be no lack of interest in the cryptocurrency.
Darkcoin, an even more anonymous version of bitcoin, has seen its value skyrocket in recent days.
Tomi Engdahl says:
What you need to know about smart guns
http://www.engadget.com/2014/05/12/smart-gun-explainer/?ncid=rss_truncated
The term “smart gun” is trademarked by the company Mossberg, though it’s generally understood to refer to any firearm that is designed to allow only the owner to pull the trigger. How exactly a weapon accomplishes that doesn’t matter, so long as some form of authentication is required.
There are a number of different solutions out there
A smart lock would also make it near-impossible for a weapon to be turned on its owner.
And the government in Jersey isn’t the only one that believes in the personalized gun’s ability to reduce firearm deaths.
While the idea of a gun that can’t be turned on its owner seems like an obvious win for everyone involved, there are a number of problems with the concept. Chief among those worries: the safety mechanism will fail when it’s needed most.
Many of these systems claim they can read a fingerprint or other biometric and properly unlock the firearm 99.9 percent of the time — but when it comes to matters of life and death, even 0.1 percent chance of failure is considered too high. And then there’s always the worry that these weapons could be hacked or jammed remotely.
Not all advocates of gun control oppose the move toward smart guns, but there are plenty who do. One of the biggest is the Violence Policy Center, which believes they’re “a very seductive hoax.” The group argues that smart guns engender a sense of false security.
The strongest argument is that most of the people who would purchase a smart gun already own traditional firearms.
Tomi Engdahl says:
Independent Report on E-voting in Estonia
https://estoniaevoting.org/
A security analysis of Estonia’s Internet voting system by international e-voting experts.
Estonia is the only country in the world that relies on Internet voting in a significant way for legally-binding national elections — up to 25% of voters cast their ballots online. This makes the security of Estonia’s system of interest to technologists and voters the world over.
What we found alarmed us. There were staggering gaps in procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers, such as Russia. These attacks could alter votes or leave election outcomes in dispute. We have confirmed these attacks in our lab
Tomi Engdahl says:
Supposedly secure Dogecoin service Dogevault goes offline
Much worry. So familiar. Such losses
http://www.theregister.co.uk/2014/05/13/supposedly_secure_dogecoin_service_dogevault_goes_offline/
Dogevault.com, a site that claims to hold the cryptocurrency Dogecoin in conditions of optimal security, has gone down.
Speculation is rife in posts like this Reddit missive that the site was hacked, taking with it at least 950,000 Dogecoin. Another report suggests up to 111 million Dogecoin seem to have mysteriously appeared in a “mega wallet” linked to Dogevault.
If Dogevault has indeed been fatally compromised it will make it harder to sustain cryptocurrency enthusiasm:
Tomi Engdahl says:
Glenn Greenwald: how the NSA tampers with US-made internet routers
http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden
The NSA has been covertly implanting interception tools in US servers heading overseas – even though the US government has warned against using Chinese technology for the same reasons, says Glenn Greenwald, in an extract from his new book about the Snowden affair, No Place to Hide
For years, the US government loudly warned the world that Chinese routers and other internet devices pose a “threat” because they are built with backdoor surveillance functionality that gives the Chinese government the ability to spy on anyone using them. Yet what the NSA’s documents show is that Americans have been engaged in precisely the activity that the US accused the Chinese of doing.
Tomi Engdahl says:
Droid malware cloak outwits Google Bouncer and friends
Researchers show VXers a better way to infect Mountain View’s mobile OS
http://www.theregister.co.uk/2014/05/13/droid_malware_cloak_outwits_google_bouncer_and_friends/
Google’s Bouncer Android defence tool is one of a dozen malware detection platforms that can be flawlessly skirted by malware employing smarter heuristics, researchers have found.
Malware kitted out with virtual machine detection functions and clever heuristics could bypass seemingly any detection platform on the market.
Bouncer was employed by Mountain View to weed out malicious applications before they hit the official Play Store.
“We found all tools and services to be vulnerable to most of our evasion techniques,” the authors write. “Even trivial techniques, such as checking the value of the IMEI, are enough to evade some of the existing dynamic analysis frameworks.”
They said the raised “important questions” about the effectiveness of Android malware analysis systems.
Tomi Engdahl says:
Cybercrime boss offers a Ferrari for hacker who dreams up the biggest scam
http://www.independent.co.uk/news/uk/crime/cybercrime-boss-offers-a-ferrari-for-hacker-who-dreams-up-the-biggest-scam-9349931.html
The leader of a global cybercrime syndicate offered his associates a Ferrari for the hacker who came up with the best scam, according to a senior European security source.
The gift – made on a professionally produced video hidden in a dark recess of the internet – formed the basis of a bizarre “employee of the month” competition for the organised crime gang. On the tape, a presenter is pictured in a car showroom alongside a Porsche, a Ferrari and glamorous female assistants who offer the prize for the most successful hacker.
Troels Oerting, the head of the European Cybercrime Centre (EC3), said this was a sign of the lengths that organised crime will go to recruit and retain young technological talent.
Tomi Engdahl says:
Inmarsat takes the aircraft black boxes to the cloud
Inmarsat’s new system has been developed due the lost Malaysian Airlines flight MH370 the issues involved. The company provides satellite cloud monitoring is already equipped with Inmarsat satellite positioning over 11 000 km long-haul routes.
The company calls the new satellite positioning service “black box” cloud service ( aircraft black boxes are actually orange in color ) .
The service record deviations from planned flight paths and trails as well as real-time flight record the discussions of the pilots and airline security personnel and air traffic managers.
The new cloud-based service automatically collects data from the aircraft flight routes and the location, speed and destination , and forward them to the satellites via the Air Traffic Controllers . Through the network of the future knowledge will help air traffic controllers to locate the planes in real-time .
Inmarsat has introduced a black box cloud services to the international airport Iatalle organization ( the International Air Transport Association). Satellite company claims that the new system of supervision does not arise at all the airlines new costs in addition to the existing tracking devices .
Source: http://www.tietoviikko.fi/cio/inmarsat+vie+lentokoneiden+mustat+laatikot+pilveen/a987459
Tomi Engdahl says:
‘Free’ Global Aircraft Tracking Service Proposed By Satellite Company
The technology could be used to track aircraft in trouble, and to store black box information in the cloud
http://www.cio.com/article/752708/_39_Free_39_Global_Aircraft_Tracking_Service_Proposed_By_Satellite_Company?taxonomyId=3061
In the wake of the loss of flight MH370, satellite communications service provider Inmarsat has proposed to develop a global airliner tracking service that can be implemented for little to no cost.
The company is offering the system to all 11,000 commercial passenger aircraft that are already equipped with Inmarsat satellite technology, which is the vast majority of the world’s long haul commercial fleet, the company said Monday. The idea was pitched to the International Civil Aviation Organization (ICAO) in advance of a conference on aviation safety being held in Montreal today.
Inmarsat will also offer what it calls a “black box in the cloud” service. Events such as an unapproved course deviation will trigger this service to start streaming historic and real-time flight data and cockpit voice recorder information via satellite to aviation safety personnel, the company said.
The tracking service, which will add location data to those pings, can be implemented right away on all ocean-going commercial aircraft using equipment that is already installed, Inmarsat said, adding that it aviation safety partners are fully supportive of expanded use of its current automatic dependent surveillance system ADS-C.
That system is used for the automatic reporting of an aircraft’s real-time position, including altitude, speed and heading, via satellite to air traffic control centers, according to the company’s website. It helps aircraft controllers to know where an aircraft is at all times.
Inmarsat also proposed the idea to the International Air Transport Association (IATA), and said the system could be made available to the industry quickly and “at little or no cost”.
Tomi Engdahl says:
Google Has Most of My Email Because It Has All of Yours
http://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-all-of-yours
A few years ago, I was surprised to find out that my friend Peter Eckersley — a very privacy conscious person who is Technology Projects Director at the EFF — used Gmail. I asked him why he would willingly give Google copies of all his email. Peter pointed out that if all of your friends use Gmail, Google has your email anyway. Any time I email somebody who uses Gmail — and anytime they email me — Google has that email.
Since our conversation, I have often wondered just how much of my email Google really has.
The answer is surprisingly large. Despite the fact that I spend hundreds of dollars a year and hours of work to host my own email server, Google has about half of my personal email! Last year, Google delivered 57% of the emails in my inbox that I replied to. They have delivered more than a third of all the email I’ve replied to every year since 2006 and more than half since 2010.
The numbers are higher than I imagined and reflect somewhat depressing news. They show how it’s complicated to think about privacy and autonomy for communication between parties.
Tomi Engdahl says:
Windows XP die-hards can slash attack risk by dumping IE
Microsoft’s patch stats support advice to switch to another browser
http://www.computerworld.com/s/article/9248277/Windows_XP_die_hards_can_slash_attack_risk_by_dumping_IE?taxonomyId=125&pageNumber=1
By switching to a non-Microsoft browser, Windows XP users can halve the number of vulnerabilities that apply to the OS, according to a survey of flaws Microsoft fixed in the second half of 2013.
The statistics support the advice from security professionals, who have recommended users run a rival browser to avoid some of the attacks aimed at their unprotected PCs.
Microsoft stopped sending patches to Windows XP PCs last month. The ban also applies to any version of IE that runs on the aged operating system. But a tally of Windows and IE vulnerabilities patched from July to December 2013 shows that the browser poses a greater security risk to XP bitter-enders than does the OS itself.
Security experts, including those at Microsoft, have predicted that hackers will analyze the patches provided for other versions of the operating system to find flaws in XP.
Tomi Engdahl says:
Glenn Greenwald: how the NSA tampers with US-made internet routers
http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden
The NSA has been covertly implanting interception tools in US servers heading overseas – even though the US government has warned against using Chinese technology for the same reasons, says Glenn Greenwald, in an extract from his new book about the Snowden affair, No Place to Hide
Tomi Engdahl says:
EU Court of Justice Paves Way For “Right To Be Forgotten” Online
http://search.slashdot.org/story/14/05/13/1237200/eu-court-of-justice-paves-way-for-right-to-be-forgotten-online
“The European Court of Justice (ECJ) has today ruled that Google, Bing and others, acting as internet search engine operators, are responsible for the processing that they carry out of personal data which appears on web pages published by third parties.”
“The decision supports calls for a so-called ‘right to be forgotten’ by Internet privacy advocates, which ironically the European Commission are already working to implement via new legislation.”
Tomi Engdahl says:
Why Windows Will Always Be High-Risk
http://www.themobilityhub.com/author.asp?doc_id=266957&_mc=sem_otb_edt_mobilityhub
Year after year, new Windows versions and upgrades arrive, and mobile PC users dutifully use the enhanced operating system (OS) on their systems. Just as reliably, Microsoft representatives assure customers that the latest Windows edition is the most secure version ever.
There’s no doubt that Windows has become much safer over the years, but few would say it is even close to being secure. Microsoft’s OS is like a house where the owner gradually adds locks to more doors and windows over the years, yet many entryways remain wide open.
Despite Microsoft’s repeated promises and best intentions, malware continues to plague enterprise Windows users. Even businesses that are fastidious about installing and maintaining anti-malware tools face the threat of a zero-day attack that will immediately render their Windows-based systems insecure.
Windows’ soft underbelly is its registry.
Microsoft has struggled over the years to make the registry more secure, manageable, and self-repairing, yet hackers continue to find ways to bypass and defeat these changes. It doesn’t have to be this way.
Windows, sadly, is hobbled by its own legacy. Microsoft can’t get rid of the registry because it’s required by a huge stockpile of legacy applications — virtually every Windows application created to date.
To help loyal users worldwide, Microsoft needs to offer a version of Windows that sheds the registry in favor of a decentralized configuration and preferences model.