RB | Bach Seat - Part 184

Archive for RB

RB | September 6, 2011

Malware in Text

A team of security researchers has engineered a way of hiding malware in sentences that read like English language spam. The research led by Dr. Josh Mason of Johns Hopkins University along with Dr. Sam Small of Johns Hopkins, Dr. Fabian Monrose of the University of North Carolina, and Greg MacManus of iSIGHT Partners outlined the threat in a paper English Shellcode (PDF) presented at the 2009 ACM Conference on Computer and Communications Security. According to the UK’s Computing, the paper shows hackers could evade anti-virus protection by hiding malicious code in sentences that read like English language spam

The article says that attackers could develop a tool that would be the next step in the hacking and virus arms race. Hackers could hide alphanumeric shellcode in valid files which would activate the malicious payload of a code-injection attack. This attack vector could give attackers control of system resources, applications, and data on a compromised computer.

The researchers report they can generate English shellcode in less than one hour on standard PC hardware. The text in bold is the instruction set and the plain text is skipped. “There is a major center of economic activity, such as Star Trek, including The Ed Sullivan Show. The former Soviet Union. International organization participation.”

The good news, Dr. Mason said that the widespread use of this attack vector is limited because the alphanumeric character set is much smaller than the set of characters available in Unicode and UTF-8 encodings. This means that the set of instructions available for composing alphanumeric shellcode is relatively small. “There was really not a lot to suggest it could be done because of the restricted instruction set,” said Dr. Mason. Long strings of mostly capital letters, for example, would be very suspicious.

Computing claims the work is a breakthrough. Current network security techniques work on the assumption that the code used in code-injection attacks, where it is delivered and run on victims’ computers, has a different structure to non-executable plain data, such as English prose. If an attacker challenge’s the assumption that executable code structure is different from non-executable data malware would be almost impossible to detect.

Dr. Nicolas T Courtois, an expert in security and cryptology at University College London, said malware deployed in this way would be “hard, if not impossible, to detect reliably.” The research is a proof of concept, but Dr. Mason doubts any hackers are using the technique to disguise their code. “I’d be astounded if anyone is using this method in the real world owing to the amount of engineering it took to pull off,” he said. “A lot of people didn’t think it could be done.”

Professor John Walker, managing director of forensics consultancy Secure-Bastion, argued the research highlights the flaws in the anti-virus community’s approach to security exploits. “There is no doubt in my mind that anti-virus software as we know it today has gone well past its sell-by date,” he said.

Malware Is a Disease; Let’s Treat It Like One (yro.slashdot.org)

rb-

Carly Fiorina

If this technology gets out in the wild, most experts believe that the current signature-based anti-malware products will miss the attack and leave us all defenseless. Sounds like something the chip makers should be working on. Is this why Intel bought McAfee?

What do you think?

Loading ...

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2011, Anti-Virus, Johns Hopkins University, Malware, Microsoft, MSFT, Security, Shellcode, Virus

RB | September 4, 2011

Comments Off

Labor Day 2011

Labor Day in Detroit

Top 10 Labor Day Conspiracies (huffingtonpost.com)
How America Spends Their Labor Day (businesspundit.com)

Category: Holidays | Tags: 2011, Detroit, Labor Day, Labor Movement, Michigan, Outsourcing, Recession, United States, Work

RB | September 1, 2011

Comments Off

Mobile Patent Warfare

One of the hobbies i have taken up is patent troll watching. Thanks to Flowing Data for pointing out work by Mike Bostock which visualizes the data of who is suing who in the mobile patent warfare battles. To see a live version of this data network go to the bl.ocks.org website here.

The data on this chart indicates that Apple is at the heart of mobile patent warfare. Apple (AAPL) has been involved in 9 patent lawsuits. Other prodigious mobile patent litigators include Microsoft (MSFT) with 8 lawsuits, Kodak (KODK) with 7 suits, and newly created Google (GOOG)/Motorola union is involved in 5 mobile patent warfare skirmishes.

Google gets 18 key patents from $12.5 billion Motorola deal (slashgear.com)
Patent Trolling: Kodak Next Up (EK, GOOG, MMI, AAPL, MSFT, RIMM, EMC) (247wallst.com)
Google’s patent plot thickens with new Microsoft lawsuit against Motorola Mobility (venturebeat.com)

Category: Uncategorized | Tags: 2011, AAPL, Apple, Eastman Kodak, GOOG, Google, Lawsuit, Microsoft, Mobile, Motorola, MSFT, Patents

RB | August 30, 2011

One comment

Verizon Upgrades Michigan Service to 4G – Almost

I was going to let this press release from Verizon Wireless slide without comment until I got to the end and then I had to jump right out of my Bach Seat and crank out this post. Verizon Wireless (VZ) told MiTechNews they are investing $850,000 in Michigan to upgrade 450 antennas on all of its cell sites between the Saginaw Bay north to the Mackinaw Bridge and east of Interstate 75 to Lake Huron. The company reports the new antenna equipment has resulted in incremental network coverage gains of up to one mile, improving overall reliability for customers.

The project will be complete when the company can swap equipment on one last tower in Roscommon where a nest of osprey chicks has called home since March.

“Our customers in eastern northern Michigan are able to use their devices in more places, especially in buildings,” explained David MacBeth, executive director–Network, Michigan/Indiana/Kentucky region, Verizon Wireless. “We’re constantly refining our network to ensure our customers have the best experience every time they pick up their wireless device.”

The company’s ongoing network investment in Michigan now totals more than $1.6 billion to increase the coverage and capacity of its network and to add new services.

rb-

Despite what Mr. MacBeth claims, I’ve heard about an organization that moved to VZW from another wireless provider and VZW could not provide the 4G or any G service in the building. When the customer pushed on VZW to provide any G or basic voice service in their building, the sales rep. came back and said, “we won’t help you because we spent all of our money.”

Apparently, that was the wrong answer, the organization reportedly moved 20 smartphones accounts from VZW back to the previous provider. But hey it is a good press release at least because VZW cares about baby birdies.

What do you think?

Loading ...

Verizon Wireless Expanding Its 4G LTE Market On Thursday, August 18th – Adding 15 More Cities To The Mix (androidpolice.com)

Category: Uncategorized | Tags: 2011, Lake Huron, Michigan, Saginaw Bay, Sprint Nextel, Telecommunications, Verizon, VZ, Wireless

RB | August 25, 2011

One comment

Facebook Violates EU Privacy Rules

The Facebook facial recognition application “Tag Suggestions” violates European Union (EU) and German data protection law according to German regulators. The social network must stop the program for Germans and delete all data already collected on German users or face fines up to €300,000 ($430,560), says Johannes Caspar, head of the Hamburg Data Protection Authority, reports eBrandz.com.

Mr. Casper notified the Palo Alto, CA firm that the company’s facial recognition application which is active by default amounts to unauthorized data collection on individuals. Mr. Caspar gave Facebook two weeks to respond. “Should Facebook plans to continue the function, it must ensure that only data from persons who have granted their approval to the storage of their biometric facial profiles be stored in the database,” he said.

The software offered the potential for “considerable abuse” and was illegal. “If the users’ data lands into the wrong hands, it would be possible to compare and identify anybody captured in a photo taken with a mobile phone,” Mr. Caspar told the Hamburger Abenblatt newspaper.

The Facebook application tries to find faces on uploaded photos according to physical features and automatically saves them, creating “the world’s largest database of biometric features,” according to Bloomberg. The program attempts to compare data captured in a picture with the trove of data it has already collected from its hundreds of millions of users.

Users can opt-out of the automatic tagging, but Facebook can still gather and store (indefinitely) all photos added to the site. “This is what is most troublesome. The program feeds off a stock of data designed to physically identify millions of users,” Mr. Casper said.

“The legal situation is clear in my opinion,” Caspar told the newspaper that such a system could be exploited by undemocratic governments to spy on the opposition or by security services around the world. “The right to anonymity is in danger,” he said.

The German federal consumer protection ministry backs Mr. Casper. “We expect Facebook to comply with all European and German data protection standards and for it to respond to the request from the Hamburg regional data protection officer,” said a spokeswoman.

As expected Facebook denies any wrongdoing and responded, “We will consider the points the Hamburg Data Protection Authority have made about the ‘photo tag suggest’ feature, but “firmly rejected any accusations that we are not complying with our obligations to European Union data protection laws” reports eBrandz.

American web 2.0 companies have often had problems in Germany which takes online privacy much more seriously than the US. Bloomberg says German privacy laws restrict photographs of people and property except in public places without a person’s consent. These policies have also caught Microsoft’s (MSFT) Bing Maps Streetside service and Google’s (GOOG) Streetview ran afoul Germany’s privacy laws.

rb-

Facebook users should have noticed the automatic tagging application, which finds your friends when you upload photos. Like with many Facebook “features” it is, in my opinion intentionally hard for the average user to switch off – and is on by default.

In the US, privacy is a joke. I have covered firms like Rapleaf several times here and here. In Germany, their history drives them to take privacy seriously. They are rightfully suspicious of large collections of personal data that can be turned over to the State and used to categorize people. Facebook has over 750 million users, most of which don’t care about their privacy and help Facebook build the world’s largest biometric database. It makes you wonder how many three-letter agencies already own the Facebook biometric database.

What do you think?

Loading ...

Category: Social Networking | Tags: 2011, European Union, Facebook, Facial recognition system, Germany, Google, Information privacy, Microsoft, MSFT, Tag (metadata)

« Older Entries Recent Entries »

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

Bach Seat

Archive for RB

Malware in Text

Related articles

Labor Day 2011

Labor Day in Detroit

Related articles

Mobile Patent Warfare

Related articles

Verizon Upgrades Michigan Service to 4G – Almost

Related articles

Meta