I’m happy to report that the good folks at Websense have Liquidmatrix correct! Much to my surprise, while I was reviewing websurfing reports I noticed that Liquidmatrix is in the right category “Computer Security”. Root Shell Security dot ca on the other hand is listed as a “Games” site. Very odd. Well cheers to them for getting it half right.
As I have written previously, rootkits are the new bad news. To futher illustrate that point virus writers are now distributing rootkits via Bagle variants. According to the folks at F-Secure the latest and greatest Bagle is a distro mechanism. This is the next round in the push to build bot nets that can be so lucrative for the furry toothed-set.
An Israeli couple that was making and selling spyware has confessed. For their troubles Michael Haephrati (44) received 4 years in prison and his wife, Ruth Brier-Haephrati (28) received 2 years in prison. The irony here being that Michael was the accomplice. Ah well, sucks to be him. The short form of this story is that the duo were writing software that helped some private dicks to snoop on their clients’ business competition.
The US government has found a new target having cut it’s teeth on the Checkpoint foolishness. A US State Department upgrade contract has raised concerns about the security of Lenovo’s computers due to the fact that they are owned by a Chinese company.
Members of the U.S. China Economic and Security Review Commission fear Lenovo’s involvement in the contract to upgrade the U.S. State Department’s computers is a threat to national security.
So, I have to wonder which lobby got to these guys? I hear that the golfing is nice this time of year down south. But, hey they could be in cohoots with those wacky Israelis.
Big Blue has jumped into the pool with their normal timing. Well after the market is littered with broken promises and vapour ware they have introduced. The Identity Manager Express security software is an add-on for the Tivoli kludge. This software appears to be little more than a behavioural analysis tool.
“This is different than a regular honeypot that just traps the virus,” said Steven Tomasco, an IBM spokesman. “The tool does not just trap it. It responds to it, so the worm will have to reveal its identity and there will be less false positives.”
In marketing speak this reads “yeah, we’re just like Cisco’s piss poor offering that really works like shit just as poorly”. I have spoken to technical leads for a couple security vendors that have told me quite candidly that IPS technology is a couple years away from any sort of maturity.
This amusing and daft article over on Boing Boing caught my eye this morning. A true testament to all things moronic. A quick test to show that someone has more money than brains.
Wow, Microsoft is getting with it. Well, later than the rest of the void dwellers but hey, it is an improvement. Microsoft is asking for feedback on it’s IE7 offering.
“Many customers have asked us about having a better way to enter IE bugs. It is asked, ‘Why don’t you have Bugzilla like Firefox or other groups do?’. We haven’t always had a good answer except it is something that the IE team has never done before.”
It’s exceptionally odd that Microsoft has taken so long to accept that they do not in fact rule the universe.
Here is a nasty twist to the world of spyware. A site in Russia is doing something that I guess I should have seen coming. They are selling a do-it-yourself spyware kit for $15. OK, imagine if you will, a truck full of weapons and ammunition being dropped in the middle of a rough neighbourhood. How long until someone gets their head blown off?
It keeps getting better with this NSA eavesdropping crap (earlier Post). According to an article on Wired. Yes I know, I’m breaking my own rule, I read Wired. Well, they managed to point out something rather obvious. The eavesdropping could, and probably did, capture privileged conversation between lawyers and their clients or doctors and…you get the idea.
Responding to questions from Congress, the [justice] department also said that it sees no prohibition to using information collected under the NSA’s program in court.
The “legal” footing seems to be as secure as a house built on quick sand. But yet, it continues.
The department also avoided questions on whether the administration believes it is legal to wiretap purely domestic calls without a warrant, when al-Qaida activity is suspected. The department wouldn’t say specifically that it hasn’t been done.
Folks, I meant to write about this last weekend. Mea culpa. But, if you are looking for a movie to watch this weekend (or ever) AVOID Ultraviolet. This abortion was almost 2 hours of my life that I’ll never have back. 88 minutes of Milla Jovovich strutting around in form fitting clothing was not enough to save this heap (I know I was shocked too). Not something I would normally write about…but damn. It’s REALLY bad.
Add to Google
Add to my Yahoo
Add to MSN
Add to Bloglines
Add to Newsgator
Explore
Security Bloggers Network (a FeedBurner Network)
