ESET Research | WeLiveSecurity

Bio

ESET Research

ESET Research

Articles by author

A New Era?

I write this blog from Jakarta, Indonesia where yesterday I had a meeting with employees of the Koran Tempo. The Koran Tempo is a major magazine and news publication here. In the English edition of Tempo magazine there are several stories about Obama and the election in the US. One story that caught my eye

Watch Out For Good Download Sites

CNET, who hosts Download.com, has enjoyed a reputation for being a safe place to download software from. The program you download may be great or may be useless, but it had been “Tested Spyware Free.” At least that is what Download.com says about their downloads. Today it has come to my attention that the site

Election Day Storm Clouds: Is Your Vote Being Counted?

Electronic voting machines are a controversial topic. They really should not be, but due to the inept implementation of this method of voting by vendors like Diebold and Sequoia, there are serious questions about their accuracy and resilience to fraud. In 2005, Bruce Schneier wrote of some of the problems at http://www.schneier.com/blog/archives/2004/ 11/the_problem_wit.html In January

Go Out and Vote

I apologize in advance to our international readers if this post is not of international interest, however it may well be as the leaders of the US seem to have a little bit of global impact :) For the background of this post, please see the following articles/blogs: http://blog.wired.com/27bstroke6/2008/10/bogus-robocall.html http://blog.wired.com/27bstroke6/2008/10/colorado-judge.html And, very Importantly: http://howto.wired.com/wiki/Vote_(Even_If_They_Say_You_Can’t) This

An Introduction to Packers

Packing technology is really just compression. You know, ZIP, CAB, RAR, and so on. There are many types of packers and some people even write their own. The way a packer compresses the file is called an algorithm. There are many different algorithms and unless you know what one was used, or have a tool

Microsoft’s October Out of Band Patch

Typically, Microsoft releases patches (security fixes) on the second Tuesday of each month. This day is affectionately called “Patch Tuesday” by many. On very rare occasions when there is a particularly severe vulnerability Microsoft will release a patch as soon as possible. Yesterday (October 23rd, 2008) Microsoft made a rare exception and released an “out

It Doesn’t Hurt to Ask

Instant messaging is a very successful means for the bad guys to get their software onto your computer. It is also very easy. If a virus infects your friend’s computer’s instant messaging program then it can “type” anything into the chat windows and it will look like your friend said it. It can provide a

50 VB100 Awards!

With the June Virus Bulletin test, ESET became the first antivirus company in the world to pass 50 tests for VB100 awards. As consumers I think you should know what the VB100 award means. First of all, a VB100 award does not mean that a product detects 100% of all viruses or malware. The VB

The AV Industry from the Outside In and the Inside Out

I have a rather unique perspective on the antivirus industry. I used to work for Microsoft before they were a competitor. Come on, you can’t call MSAV from DOS 6 an antivirus product :) For over seven years my job at Microsoft was to make sure that Microsoft did not release any infected software. All

The Race to Zero

The Race to Zero contest is being held during Defcon 16 at the Riviera Hotel in Las Vegas, 8-10 August 2008. The event involves contestants being given a sample set of viruses and malcode to modify and upload through the contest portal. The portal passes the modified samples through a number of antivirus engines and

Happy Birthday CastleCops!

Sometimes it seems that we are fighting a battle that we are destined to lose. To some extent, win or lose depends upon your definition of the terms. We have never completely beat crime, but we still have victories against criminals… sometimes. Today it is a very great pleasure to wish a happy 6th anniversary

I AMTSO Happy to be here!

Well, I am happy to be here, but AMTSO stands for The Anti-Malware Testing Standards Organization. This is an initiative between Anti-Virus companies and anti-virus testers to improve the quality of testing performed on anti-virus products so as to provide consumers with meaningful tests. There have been so many bad tests performed, but “it’s on

The Anti‑Spyware Coalition Public Workshop

Back in December of 2006 I posted an entry titled “The Spirit of Cooperation” . Today I am attending the Anti-Spyware Coalition Public Workshop in Washington DC. It is a very satisfying feeling sitting with staunch allies in the fight against spyware, adware, and other threats. Who are these allies? You would probably call them

Are You Ready for Valentine’s Day?

Got the flowers ordered? Dinner plans? eCard? Wait, eCard? I didn’t send her an eCard. The bad guys are ready for Valentine ’s Day. Actually they are not waiting. The jerks that brought you the storm worm are back at the eCard scam with amorous incantations about an  eCard for you. As a rule of thumb,

Auto‑Infect

PLEEEEASE Infect me This is what Windows says when you install it. You see, there is a default setting called “autorun” that will automatically run a program when you insert a CD or DVD or thumb drive into your computer. The idea is that you put the media in there to run a program, so

What’s a redirect and why is it bad?

A redirect is a way to take a web surfer to another site. Redirection is very useful when done right. Instead of getting an error message that the page cannot be found you can be redirected to a page that helps you find what you are looking for. At ESET we use redirects properly. If

Don’t Get Burned Twice

The current fires in Southern California are causing misery to hundreds of thousands of people. ESET LLC calls San Diego home and is acutely aware of the impact this is having on people’s lives. Not only is ESET providing assistance to employees impacted by the fire, but some employees are volunteering their time and money

Virus Bulletin – Vienna

Quite a while ago I posted a blog titled “The Spirit of Cooperation”  in which I spoke of the AVAR conference. Today I write from the Virus Bulletin conference. It could be my last blog if my boss finds out I’m writing a blog while he’s addressing us in a session at the conference :)

Beta Test This!

Well, I said I wasn’t going to post each time the storm gang changes their tactics, however, perhaps I can use many of their ploys to teach anti-scam education. The scum-scam du jour is an email asking you to beta test some software. One I saw went as follows: ———————————————————————————————— Would you consider helping us