Archives - February 2007

3 years later and you still don’t have a name?

From time to time we get comments in response to blog postings. Sometimes we get questions. One such question received today not only requires a reply, but I feel deserves a blog entry as it is the kind of question that when answered can help a lot of people understand more. The question, posted as

What is Proactive Detection and Why Do You Need it?

In the antivirus industry one of the terms we use is “heuristics”. This is a fancy word for “how we detect bad programs that we have never seen before”. The ability to detect bad programs before we have ever seen them is proactive detection. We write the detection before the threat exists. How we can

Vulnerabilities, Exploits, and Infections

How can you tell if you are infected with a vulnerability? It is easy, you are not, and you do not get infected by vulnerabilities. So what are vulnerabilities then and why do they matter? The presence of a vulnerability simply means that you may be able to be attacked. Cars are vulnerable to being

The Moral Composition of a Spyware Purveyor

DirectRevenue, possibly former adware/spyware purveyor, settled Federal Trade Commission (FTC) charges of unfair and deceptive trade practices of installing unwanted and unsolicited spyware unto consumers’ computers. FTC Commissioner Jon Leibowitz voted against the deal because he alleges that DirectRevenue was still keeping about 20 million dollars in ill-gotten gains. What is interesting is the

More on the Norwich Witch Hunt

The case of Julie Amero has drawn national attention and deserved outrage. I have wracked by brain to try to come up with some tips for teachers to help protect themselves from situations like this where an incompetent administration completely fails the teachers, students, and parents.  Every teacher in America, especially those in Connecticut, should

Beware of Anna Nicole Smith Malware

Anna Nicole Smith died today and that means the scum of the internet will be out in force. History has taught us to expect a barrage of attacks coming in the form of email with attachments and/or links. The likely attack scenarios will be email messages claiming to have pictures of Smith’s dead body, or

Super Bowl Dolphin Stadium Website Trojan

A Trojan was recently planted on the web page of the Miami Dolphin’s Super Bowl web site. The Trojan was a script that would download a malicious file onto the user’s computer – if the user was not current on their security patches or not using NOD32. Websense first identified the compromised website through the

Mea Culpa

Some of you may notice that the blog entry “I See Antivirus Software in the Vista” has been changed. I made a mistake in referring to Vista Kernel Patch Protection (KPP) in Windows Vista 32-bit. There is no KPP in Windows Vista 32-bit edition. Rather than leaving inaccurate information up on the blog I have

Shhh – it’s a Secret!

There was recently a private meeting of security professionals hosted by Microsoft. This private meeting, complete with a public website has been called a “secret” meeting by some. Hmmm, secret meeting with a published agenda ( complete with date, time, location, and speakers. Some secret huh? Who was there and why did they meet? That