06.23.10
Eye on Security: Australia Cracks Down on Windows Botnets, Anti-Virus No Longer Effective, VPN Flawed, Defense Department Has Security Breached by Viruses
Windows viruses have just allowed China to access US secrets
Summary: Some in the security industry are giving up due to an explosion in malware while others in authority threaten to disconnect Windows, according to some new reports
• Aussie pols want compulsory AV software and firewalls (this is pretty serious)
As the Australian Government continues to grapple with the issue of how best to protect the nation from internet nastiness, the House of Representatives Standing Committee on Communications has just lobbed a major new element into the debate in the form of a mega-report on cyber-crime.
[...]
ISPs would be obliged to provide security advice, inform users when their IP address has been flagged as linked to infected machine, and put in place a policy of “graduated access restrictions” – with disconnection as the ultimate sanction.
• Antivirus vendors can’t deal with security threats
AN INSECURITY FIRM claims that the antivirus software vendors can’t keep up with the explosion in malware.
NSS Labs say that it takes an average of two days to block a website designed to attack a computer visiting it.
• Security firms taking days to block malware
Anti-malware vendors can take up to 92.48 hours to block malicious sites, potentially leaving clients in blissful ignorance of threats to their systems in the meantime.
Security researchers NSS Labs reviewed a range of endpoint security products from ten big-name security vendors and their response to “socially engineered or consensual malware threats”.
It said 15,000 to 50,000 such threats were presenting themselves per day.
• Security software often misses new malware: Lab
• Huge privacy flaw found in VPN systems
One alternative to PPTP is OpenVPN and offers a number of advantages, especially as it’s free and open-source. It’s more secure than PPTP, and more stable too, though it doesn’t work on mobile devices natively and isn’t quite as easy to set up on a computer, especially older machines. OpenVPN also has the advantage that it’s often not blocked in countries where PPTP systems are blocked.
• Chinese breaking into classified network
In earlier cases, Trojans and viruses also have been introduced that halted the use of flash drives on Defense Department computers.
While it remains unclear whether the Chinese have developed algorithms that would allow penetration systems that are Top Secret or beyond, it cannot be ruled out, since the Chinese have developed super computers capable of developing encryption and decrypting codes.
twitter said,
June 23, 2010 at 3:29 pm
Richard Clarke has good background on Windows use by the US military. Competent people in the military, like the good people at West Point, know the problems and avoid it.
Needs Sunlight said,
June 24, 2010 at 4:53 am
It looks more like the AU legislation is mandating Windowz. You see quite a few shops banning Linux and BSD because it does not have (Windows) Anti-Virus software.
The target of such cleanups should not be the software vendors. All kinds of companies make all kinds of crap. All kinds of companies make products that can be dangerous when used ineptly. In a machine shop or a restaurant, the onus is on the people using the products and tools to exercise competency. Why should computing or faux computing be granted exception to this universal practice?
The people that knowingly deploy Microsoft products online or in mission critical situations, not the vendors, are the ones to rake over the coals.
Dr. Roy Schestowitz Reply:
June 24th, 2010 at 5:17 am
What specifically is it that excludes non-Windows platforms? GNU/Linux too has firewalls.