Education? Academic background in modern languages, social sciences, and computer science.
Highlights of your career? I was a late starter (1986) as an IT professional, beginning at the Royal Free Hospital, then with the Human Genome Project (1989), then at Imperial Cancer Research Fund (1991-2001), where I wrote/co-wrote/edited a number of Internet FAQs and my first articles on programming and security. I presented my first conference papers in 1997 (at Virus Bulletin and SANS). In 2001 Osborne published Viruses Revealed (co-written with Robert Slade and Urs Gattiker): VR and the later AVIEN Malware Defense Guide (Syngress) – to which Andrew Lee also contributed – are probably the best known of my books. When I rejoined the UK’s National Health Service in 2001, I ran the Threat Assessment Centre and was the go-to person nationally for malware issues. I left to work as a freelance author and consultant in 2006, which is also when I began to work with ESET.
Position and history at ESET? Senior Research Fellow at ESET N. America. Primarily, I’m an author and blogger, editor, conference speaker, and commentator on a wide range of security issues. Like the rest of the industry, they put up with me because I’ve been around so long.
What malware do you hate the most? Malware is just code. It’s malicious people I detest. While I’ve no love of scammers, I can see that it’s easier to be honest in a relatively prosperous environment – if there is such a thing anymore – and that cybercrime can be driven by an economic imperative. But I have nothing but contempt for those sociopaths who cause harm to others for no reason except that they can.
Favorite activities? The guitar (I still gig and record when time allows), other people’s music. I love opera but don’t attempt to sing it. Photography, art, poetry, country walking – well, ambling is about as much as I can manage at my age – good food and wine, good television when I can find it...
What is your golden rule for cyberspace? Scepticism is a survival trait: don’t assume that anything you read online is gospel truth, even this adage.
When did you get your first computer and what kind was it? Amstrad PCW (primarily a word-processor) in 1986. What else would you expect a not-very-rich author to buy in 1986? :)
Favorite computer game/activity? Extra-curricular writing (blogging, verse and lyrics, articles). Digital photography and miscellaneous artwork.
...we also indicated in that paper that there are two Elevation of Privilege (EoP) vulnerabilities that we chose not to describe while patches were pending. One of these has now been patched, so we’re now able to publish some of the information we have on it. (When the other vulnerability has been patched, we plan to update the Stuxnet paper with information on both issues.)
This is an item you may not have seen amid all the speculation about Stuxnet, Iran and Israel.
1) Another Virus Bulletin conference paper has just gone up on the ESET white papers page, by kind permission of the magazine. Large-Scale Malware Experiments: Why, How, And So What? by Joan Calvet, Jose M. Fernandez, our own Pierre-Marc Bureau, and Jean-Yves Marion, discusses how they replicated a botnet for experimental purposes, and what use they
By kind permission of Virus Bulletin, we've already put two of the papers written or co-authored by ESET researchers up on the White Papers page.
So what we really have is a file with a filename extension that looks like a jpg image, but which really acts as a container for a file with a deceptive double extension.
Just in case you haven’t heard enough from me on the topic of Stuxnet, the Security Week article I mentioned in a previous blog is now up at http://www.securityweek.com/stuxnet-sux-or-stuxnet-success-story. ;-) David Harley CITP FBCS CISSP ESET Senior Research Fellow
I guess I wasn't forceful, or controversial, or sensationalist, or ungeek enough to rate any column inches. So I'm going to give you a sneak preview ... in the light of all the speculation today on whether Stuxnet is an attack by Israel on Iran.
...we have just published a lengthy analysis that considers many of these questions, as well as discussing some of the characteristics of this fascinating and multi-faceted malicious code. The report is already available here, and will shortly be available on the ESET white papers page.
...a piece at Discovery News about 5 Unexpected Threats of Online Social Networking...
In the security industry, we're sometimes over-ready to be over-prescriptive, seeing security and privacy concerns as paramount where others see them as a distraction. And we've become used to the mindset that computer users will always prefer convenience to security.
Kurt Wismer posted a much-to-the-point blog a few days ago about the way that purveyors of scareware (fake/rogue anti-virus/security products) mimic the marketing practices of legitimate security providers. You may remember that a while ago, I commented here about a post by Rob Rosenberger that made some related points. If you’re a regular reader of
Here are a few papers and articles that have become available in the last week or two.
Since never changing your password isn't generally a realistic option, and some sites actually prevent you from using good passwords and, even better, passphrases, we've produced a number of articles and papers on the topic to help make it easier to follow good practice, even when your provider seems set on preventing it. Here they are as a list, to make it easier to follow.
On Guard Online, has a number of other useful-looking pages, though I haven’t checked them all out personally: for example, talking to children about privacy and the internet, other forms of fraud and abuse, and social networking.
Will I no longer be able to blog from my Netbook, or my antique iBook or Lifebook? Will I have to tear up my addressbook and insert appropriate spaces into the title page of the Handbook of Computer Security, to which I was a contributor? If I don't do all these things, will Facebook go after my chequebook?
You may have received an email message that looks something like this. (ESET was just asked about it – thanks to Chris Dale for passing it on.) Please note: this is, if not an out-and-out hoax, a very misleading message. Don't act upon it until you've read the rest of this article. REMEMBER: Cell Phone
Scarcely had we got our breath back mainly after Microsoft addressed a serious vulnerability in handling .LNK (shortcut) files, before researcher HD Moore made public a serious security failure in the dynamic loading of libraries in Windows that came to light when he was investigating the .LNK issue.
...quite a few other issues have come up that are less obviously related to AMTSO's aims, and it's probably inevitable that some of those concerns will find their way out in the course of the meeting. Watch this space.
Adobe has just released an update for 20 vulnerabilities in Shockwave Player, most of which could allow an attacker to execute malicious code. The bulletin APSB10-20 – Security update available for Shockwave Player – refers. According to Jeremy Kirk's Macworld report and the Adobe advisory, the vulnerabilities affect both Windows and OS X versions up to
...you might wonder how a South American snake came to swallow an African mammal in the first place. (Don't bother with the jokes about zoo viruses. I got there first.)
