David Harley | WeLiveSecurity

Bio

David Harley

David Harley

Senior Research Fellow

Education? Academic background in modern languages, social sciences, and computer science.

Highlights of your career? I was a late starter (1986) as an IT professional, beginning at the Royal Free Hospital, then with the Human Genome Project (1989), then at Imperial Cancer Research Fund (1991-2001), where I wrote/co-wrote/edited a number of Internet FAQs and my first articles on programming and security. I presented my first conference papers in 1997 (at Virus Bulletin and SANS). In 2001 Osborne published Viruses Revealed (co-written with Robert Slade and Urs Gattiker): VR and the later AVIEN Malware Defense Guide (Syngress) – to which Andrew Lee also contributed – are probably the best known of my books. When I rejoined the UK’s National Health Service in 2001, I ran the Threat Assessment Centre and was the go-to person nationally for malware issues. I left to work as a freelance author and consultant in 2006, which is also when I began to work with ESET.

Position and history at ESET? Senior Research Fellow at ESET N. America. Primarily, I’m an author and blogger, editor, conference speaker, and commentator on a wide range of security issues. Like the rest of the industry, they put up with me because I’ve been around so long.

What malware do you hate the most? Malware is just code. It’s malicious people I detest. While I’ve no love of scammers, I can see that it’s easier to be honest in a relatively prosperous environment – if there is such a thing anymore – and that cybercrime can be driven by an economic imperative. But I have nothing but contempt for those sociopaths who cause harm to others for no reason except that they can.

Favorite activities? The guitar (I still gig and record when time allows), other people’s music. I love opera but don’t attempt to sing it. Photography, art, poetry, country walking – well, ambling is about as much as I can manage at my age – good food and wine, good television when I can find it...

What is your golden rule for cyberspace? Scepticism is a survival trait: don’t assume that anything you read online is gospel truth, even this adage.

When did you get your first computer and what kind was it? Amstrad PCW (primarily a word-processor) in 1986. What else would you expect a not-very-rich author to buy in 1986? :)

Favorite computer game/activity? Extra-curricular writing (blogging, verse and lyrics, articles). Digital photography and miscellaneous artwork.

Articles by author

Millennium Falcon: Crash & Burn Revisited

I originally posted this on the AVIEN blog site at http://avien.net/blog/?p=286, but in view of the increasing volume of "Y2.10k" date-related bug reports, I'll re-post it here with an updated list. (Thanks to Mikko Hypponen for posting a couple of links I hadn't seen.) Windows Mobile/SMS bug (Welcome to 2016!) http://www.theregister.co.uk/2010/01/05/windows_mobe_bug/ http://www.wmexperts.com/y2016-sms-bug Bank Bugs: http://www.theregister.co.uk/2010/01/04/bank_queensland/ http://www.msnbc.msn.com/id/34706092/ns/technology_and_science-security/?ocid=twitter]

Dark Reading and Crystal Balls

Apparently it's not just me that's sceptical about the value of security crystal ball-gazing. Tim Wilson of Dark Reading takes us (the security industry) to task for being "subjective" and inconsistent in our predictions for the coming year. Strangely, although he does quote an ESET blog (an observation of Randy's) in his selection of predictions he

Ten Ways to Dodge Cyber‑Bullets (Part 3)

[Part 3 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Do You Need Administrative Privileges? Included for completists, though I don’t think I’ve added anything here to the original blog. I think it’s

Adobe, Javascript, and the CVE‑2009‑4324 Exploit

There has been quite a lot of traffic in the last few weeks about the doc.media.newPlayer vulnerability referenced in the CVE database as CVE-2009-4324. The following Adobe articles refer: http://www.adobe.com/support/security/advisories/apsa09-07.html http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html http://blogs.adobe.com/psirt/2009/12/security_advisory_apsa09-07_up.html Today’s article at the Internet Storm Center by Bojan Zdrnja (http://isc.sans.org/diary.html?storyid=7867) gives a lot of detail on a particularly inventive exploit of the

Advance Fee Fraud: Another Aspect

When we think Advance Fee Fraud (AFF) we usually think in terms of the 419-type scams often associated with Nigeria, though similar frauds actually come from all over. You know the sort of thing: the banker, or the wife or son or daughter of a defunct dictator or benevolently inclined millionaire plane-crash victim wants to share their

Ten Ways to Dodge Cyber‑Bullets (Part 2)

[Part 2 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Catch the Patch Batch Keep applications and operating system components up-to-date with automated updates and patches, and by regularly reviewing the vendors’ product

The out‑of‑control decade

We interrupt our – well, my – scheduled programming to bring to your attention an article in “The Register” that I think deserves your attention. I put up what was intended to be a brief pointer on the AVIEN blog (http://avien.net/blog/?p=253), but I found myself kind of warming to the subject, to the extent that I

Ten Ways to Dodge Cyber‑Bullets (Part 1)

OK, so I lied about not doing a top ten. Twice. For a paper that’s going through the publication process at the moment, I revisited some of the ideas that our research team at ESET LLC came up with this time last year for a top ten things that people can do to protect themselves

Top Ten Trite Security Predictions

1. Every security blogger in the world will mark the transition from 2009 to 2010 with at least one top ten something-or-other article. Except me, of course. 2. There will be headlines about the death of anti-virus, and a famous security guru will state that anti-malware only catches malware that’s already been identified and analysed, that

Party Line – GSM Eavesdropping

The BBC has reported (http://news.bbc.co.uk/1/hi/technology/8429233.stm) that Karsten Nohl has published details of the encryption algorithm used to encrypt mobile phonecalls made using GSM technology. The topic has inspired much discussion following a talk at the Chaos Computer Congress in Berlin. The GSM Association seems, according to the BBC report, to be a little ambivalent about the

Ten Years A‑Spamming

Well, I’m pretty sure I’ve been seeing spam for a bit more than ten years, as has CAUCE (Coalition Against Unsolicited Commercial Email) in its various incarnations. However, the blog by Neil Schwartzman that was put up yesterday at http://www.cauce.org/archives/155-This-Decade-in-Spam.html#extended covered only the notable events of the last decade. Which was indeed eventful enough. In fact, it turns

A Thought or Two about Testing

The Hype-free blog at http://hype-free.blogspot.com/2009/12/congratulation-to-av-comparatives.html yesterday mentioned the latest AV-Comparatives round of test reports, including: The whole product dynamic test at http://www.av-comparatives.org/comparativesreviews/dynamic-tests The December 2009 performance test at http://www.av-comparatives.org/comparativesreviews/performance-tests The summary reports at http://www.av-comparatives.org/comparativesreviews/main-tests/summary-reports I have a pretty jaundiced view of testing organizations in general: after all, I see some pretty awful tests proclaimed by the

Seasonal Gratings

I’m not exactly taking time off for the holiday: I have too many deadlines to meet. Let’s hope the bad guys will be taking some time out to sing carols (or maybe pirate shanties) around the Christmas tree, though. (A forlorn hope: on another screen, I see I have a lengthy list of today’s Zeus

The Curious Art of Anti‑Malware Testing

I recently made a presentation to  the Special Interest Group in Software Testing of the BCS Chartered Institute for IT (formerly better known as the British Computer Society). The PDF version of the slide deck is now up at: http://www.eset.com/download/whitepapers/Curious_Act_Of_Anti_Malware_Testing.pdf The presentation outlines some of the problems with anti-malware testing and summarizes the mission and principles of

Hounded by 419s

And it’s a big hello to Lisa Presley. Or, at least, Lisa the owner of an English bulldog called Presley, who even has his own web site (in fact, at least two). Not, I presume, Lisa Marie Presley, formerly associated with assorted defunct rock stars. Sorry to hear about your recently deceased husband, dear  (no,

Anniversaries Galore

Following my blog at http://www.eset.com/threat-center/blog/2009/12/18/a-trojan-anniversary, I came across a blog by Kurt Wismer that picked up the theme. As it happens, though I don’t think we’ve ever met, Kurt and I have corresponded from time to time for quite a few years (fourteen, apparently), so I guess it’s not so surprising that he also dates

A Trojan Anniversary

I don’t suppose anyone remembers my mentioning this before, or cares much anyway, but the 19th of December marks what I consider to be the 20th official anniversary of my entry into the anti-virus/security field. Nowadays, viruses (and, in general, worms) have declined in importance and now constitute a fairly small proportion of the totality

Your Data and Your Credit Card

[Update: I had a couple of machine crashes while I was writing this, and only just realized that a pointer to Allan Dyer’s excellent article at http://articles.yuikee.com.hk/newsletter/2009/12/a.html hadn’t survived to the final version. Which is a pity, because it’s very relevant, and well worth reading.] Over the weekend, I posted a blog on the AVIEN site

The Internet Book of the Dead

This blog is a bit of an oddity. ESET UK were approached by Dan Damon, a reporter putting together a piece about “the complications of a digital world when someone passes away”, asking if there was someone at ESET who would be interested in being interviewed for BBC1 radio on the subject. The request got

Droid Avoids with an AppleJackHack

Will the Motorola Droid be the next malware-victimized smartphone? Well, it’s a bit early to make a claim like that, but the fact that it’s been rooted (an analogous process to jailbreaking on the iPhone and iPod Touch) in order to allow end-users to install unapproved applications, puts the platform one step nearer. See the