David Harley
davidharley copy 2
David Harley
Senior Research Fellow
Go to latest posts

Education? Academic background in modern languages, social sciences, and computer science.

Highlights of your career? I was a late starter (1986) as an IT professional, beginning at the Royal Free Hospital, then with the Human Genome Project (1989), then at Imperial Cancer Research Fund (1991-2001), where I wrote/co-wrote/edited a number of Internet FAQs and my first articles on programming and security. I presented my first conference papers in 1997 (at Virus Bulletin and SANS). In 2001 Osborne published Viruses Revealed (co-written with Robert Slade and Urs Gattiker): VR and the later AVIEN Malware Defense Guide (Syngress) – to which Andrew Lee also contributed – are probably the best known of my books. When I rejoined the UK’s National Health Service in 2006, I ran the Threat Assessment Centre and was the go-to person nationally for malware issues. I left to work as a freelance author and consultant in 2006, which is also when I began to work with ESET.

Position and history at ESET? Senior Research Fellow at ESET N. America. Primarily, I’m an author and blogger, editor, conference speaker, and commentator on a wide range of security issues. Like the rest of the industry, they put up with me because I’ve been around so long.

What malware do you hate the most? Malware is just code. It’s malicious people I detest. While I’ve no love of scammers, I can see that it’s easier to be honest in a relatively prosperous environment – if there is such a thing anymore – and that cybercrime can be driven by an economic imperative. But I have nothing but contempt for those sociopaths who cause harm to others for no reason except that they can.

Favorite activities? The guitar (I still gig and record when time allows), other people’s music. I love opera but don’t attempt to sing it. Photography, art, poetry, country walking – well, ambling is about as much as I can manage at my age – good food and wine, good television when I can find it...

What is your golden rule for cyberspace? Scepticism is a survival trait: don’t assume that anything you read online is gospel truth, even this adage.

When did you get your first computer and what kind was it? Amstrad PCW (primarily a word-processor) in 1986. What else would you expect a not-very-rich author to buy in 1986? :)

Favorite computer game/activity? Extra-curricular writing (blogging, verse and lyrics, articles). Digital photography and miscellaneous artwork.

Fake Adobe Updates

An email headed “ADOBE PDF READER SOFTWARE UPGRADE NOTIFICATION” has been spammed out recently: of course, it’s a fake, linking to a site that isn’t Adobe’s.

Stuxnet Paper Revision

The Stuxnet analysis “Stuxnet under the Microscope” we published a few weeks ago has been updated…

Win32k.sys: A Patched Stuxnet Exploit

…we also indicated in that paper that there are two Elevation of Privilege (EoP) vulnerabilities that we chose not to describe while patches were pending. One of these has now been patched, so we’re now able to publish some of the information we have on it. (When the other vulnerability has been patched, we plan to update the Stuxnet paper with information on both issues.)

Stuxnet the Inscrutable

This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.

A Little Light Reading

1) Another Virus Bulletin conference paper has just gone up on the ESET white papers page, by kind permission of the magazine. Large-Scale Malware Experiments: Why, How, And So What? by Joan Calvet, Jose M. Fernandez, our own Pierre-Marc Bureau, and Jean-Yves Marion, discusses how they replicated a botnet for experimental purposes, and what use they

Virus Bulletin 2010 papers

By kind permission of Virus Bulletin, we’ve already put two of the papers written or co-authored by ESET researchers up on the White Papers page.

Images are not always what they seem

So what we really have is a file with a filename extension that looks like a jpg image, but which really acts as a container for a file with a deceptive double extension.

Yet more Stuxnet

Just in case you haven’t heard enough from me on the topic of Stuxnet, the Security Week article I mentioned in a previous blog is now up at ;-) David Harley CITP FBCS CISSP ESET Senior Research Fellow

Cyberwar, Cyberhysteria

I guess I wasn’t forceful, or controversial, or sensationalist, or ungeek enough to rate any column inches. So I’m going to give you a sneak preview … in the light of all the speculation today on whether Stuxnet is an attack by Israel on Iran.

ESET Stuxnet Paper

…we have just published a lengthy analysis that considers many of these questions, as well as discussing some of the characteristics of this fascinating and multi-faceted malicious code. The report is already available here, and will shortly be available on the ESET white papers page.

Social Media: 5 Unexpected Threats

…a piece at Discovery News about 5 Unexpected Threats of Online Social Networking…

Privacy? Who Cares?

In the security industry, we’re sometimes over-ready to be over-prescriptive, seeing security and privacy concerns as paramount where others see them as a distraction. And we’ve become used to the mindset that computer users will always prefer convenience to security.

Scareware and Legitimate Marketing

Kurt Wismer posted a much-to-the-point blog a few days ago about the way that purveyors of scareware (fake/rogue anti-virus/security products) mimic the marketing practices of legitimate security providers. You may remember that a while ago, I commented here about a post by Rob Rosenberger that made some related points. If you’re a regular reader of

New Papers and Articles

Here are a few papers and articles that have become available in the last week or two.

Strong passwords: deja vu all over again

Since never changing your password isn’t generally a realistic option, and some sites actually prevent you from using good passwords and, even better, passphrases, we’ve produced a number of articles and papers on the topic to help make it easier to follow good practice, even when your provider seems set on preventing it. Here they are as a list, to make it easier to follow.

Email Scam Resource

On Guard Online, has a number of other useful-looking pages, though I haven’t checked them all out personally: for example, talking to children about privacy and the internet, other forms of fraud and abuse, and social networking.

Facebook ’em, Danno*

Will I no longer be able to blog from my Netbook, or my antique iBook or Lifebook? Will I have to tear up my addressbook and insert appropriate spaces into the title page of the Handbook of Computer Security, to which I was a contributor? If I don’t do all these things, will Facebook go after my chequebook?

Cell Phone Telemarketing Hoax

You may have received an email message that looks something like this. (ESET was just asked about it – thanks to Chris Dale for passing it on.) Please note: this is, if not an out-and-out hoax, a very misleading message. Don't act upon it until you've read the rest of this article. REMEMBER: Cell Phone

DLL loading vulnerability

Scarcely had we got our breath back mainly after Microsoft addressed a serious vulnerability in handling .LNK (shortcut) files, before researcher HD Moore made public a serious security failure in the dynamic loading of libraries in Windows that came to light when he was investigating the .LNK issue.

AMTSO’s next meeting

…quite a few other issues have come up that are less obviously related to AMTSO’s aims, and it’s probably inevitable that some of those concerns will find their way out in the course of the meeting. Watch this space.

Follow us

Copyright © 2015 ESET, All Rights Reserved.