Author
David Harley
David Harley
Senior Research Fellow

Education? Academic background in modern languages, social sciences, and computer science. A Fellow of the BCS Institute (formerly the British Computing Society), Chartered IT Professional, Certified Information Security Systems Professional, BS7799/ISO27001 Lead Auditor.

Highlights of your career? Office administration, programming, and IT support at Royal Free Hospital, then with Human Genome Project. System administration and support, then security analyst at Imperial Cancer Research Fund (now Cancer Research UK). Wrote/co-wrote/edited a number of Internet FAQs and my first articles on programming, security etc. I presented my first conference papers in 1997 (at Virus Bulletin and SANS), and soon after inherited the Mac Virus web site, which I still run as an independent security information resource. In 2001 I joined the UK’s National Health Service, where I ran the Threat Assessment Centre until 2006, acquired qualifications in computer security, security audit, and service management (ITIL), and was the go-to person nationally for issues related to malware. Viruses Revealed, published the same year by Osborne, wasn’t my first security book (I’ve written or contributed to about a dozen) but it was the first to make a real impact and was published in 2001: that, and the AVIEN Malware Defense Guide (Syngress), to which Andrew Lee also contributed, are probably the best known of my books.

Position and history at ESET? Senior Research Fellow at ESET N. America. I’ve worked with ESET since 2006, primarily as an author and blogger, editor, conference speaker, and commentator on a wide range of security issues. Essentially, they put up with me because I’ve been around so long.

What malware do you hate the most? Malware is just code. It’s malicious people I detest. While I’ve no love of the gangs behind phishing scams and banking Trojans, fake AV, 419s, support scams and so on, I can see that it’s easier to be honest in a relatively prosperous environment, if there is such a thing anymore, and that cybercrime can be driven by an economic imperative. But I have nothing but contempt for those sociopaths who cause harm to others for no reason except that they can.

Favorite activities? The guitar (I still play semi-professionally when time allows), songwriting, recording, listening to other people’s music. I love opera but don’t attempt to sing it. Photography, art, poetry, country walking – well, ambling is about as much as I can manage at my age – good food and wine, good television when I can find it...

What is your golden rule for cyberspace? Scepticism is a survival trait: don’t assume that anything you read online is gospel truth. Even this adage.

When did you get your first computer and what kind was it? Amstrad PCW in 1986. It ran a version of CP/M and came with an integral printer, word-processing software and versions of BASIC and Logo. I moved on to an 8086 when I got my first job in IT. What else would you expect a not-very-rich author to buy in 1986? :)

Favorite computer game/activity? Extra-curricular writing (blogging, verse, articles). Artwork and digital photography.

More Info

Dorifel/Quervar: the support scammer's secret weapon

The threat of the Dorifel/Quervar malware spreading in the Netherlands is being used by telephone scammers to trick local PC users into paying for ‘protection’.

Support Scammer Anna’s CLSID confusion

Scammer Anna claims to be from Global PC Helpline, and certainly that site seems to be confused about what it is and where it operates from.

Misusing VERIFY (and other support scam tricks)

After Event Viewer, ASSOC, INF, PREFETCH and Task Manager, it seems that VERIFY is the latest system utility to be misused by PC tech support scammers.

Rakshasa hardware backdooring: the demon that can't be exorcized?

Jonathan Brossard describes an ‘undetectable, unremovable’ attack on firmware through gimmicked hardware or a subsequent malware attack. David Harley isn’t convinced.

The Tech Support Scammer's Revenge

Giving a support scammer access to your PC can give you more problems than any imaginary virus, especially if you refuse to pay for his ‘service’.

Passwords of Plenty*: what 442773 leaked Yahoo! accounts can tell us

If a service leaks your credentials, your options are limited, but changing all your passwords to something harder to guess/break is never a bad idea.

DNSChanger: lies, damn' lies and telemetry statistics

First the panic, then the accusations of hype. Can we really estimate the impact of DNSchanger yet?

DNSChanger mini-FAQ

Some brief answers to questions about the server shutdown that will affect tens/hundreds of thousands of DNSChanger victims on 9th July.

Support scams: social engineering update

More cold-call/support scam information.

Support Scammer Update: Misrepresenting Task Manager

David Harley describes a support scam that uses a slightly different twist, misrepresenting the output from Windows Task Manager.

ZeroAccess? Much too much access…

Why the ZeroAccess rootkit family modifications are important to the end user.

Sharing versus Security: Driving without Brakes

Does the enterprise still have a choice about sharing information?

Passwords and PINs: the worst choices

It’s important to know the worst password choices, but also the worst choices for numeric passcodes.

Carberp and Hodprot: six more gang members held

Group-IB and ESET Russia assisted in the investigation that led to the arrest of 6 people suspected of stealing 125m roubles from bank customers in Russia .

Win32/Flamer: the 21st Century Whale

Despite the confusion and the stampede to claim detection ownership, W32/Flamer is more than a media sensation.

Infosecurity Magazine on AMTSO's credibility gap

I was interviewed yesterday by Fred Donovan, following up on the paper on AMTSO I presented at EICAR earlier this month. I may be prejudiced, but I think he's summarized my current  thoughts on the topic pretty well in the article, though it isn't my recommendation that the existing guidelines be reviewed independently: it was

AMTSO's New Direction (and some resources updates)

AMTSO’s discussions on its own new directions, and updates to its testing-related resources.

AV Testing, AMTSO and EICAR

A new conference paper discusses whether AMTSO has the credibility to achieve its aims of raising testing standards on its own.

Facebook Memes: not always innocuous

A short comment piece on how Facebook memetic games could be used in a data aggregation attack.

Support Scam Poll

Internet Storm Center is running a poll on Fake Tech Support Calls, also the topic of a paper for VB 2012.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.