Hackers are adding honeypot refused to run in VMware," said Lenny Zeltser, an analyst at SANS Institute's Internet Storm Center (ISC) in an online note Sunday.
Malware writers use a variety of techniques to detect virtualization, including sniffing out the presence of VMware-specific processes and hardware characteristics, said Zeltser. "More reliable techniques rely on assembly-level code that behaves differently on a virtual machine than on a physical host," he added.
Researchers can fight back, Zeltser said, by patching the malicious code so that the virtual machine routine(s) never executes, or by modifying the virtual machine to make it more difficult for malware to detect that it's running in a virtual environment.
Two other ISC researchers, Tom Liston and Ed Skoudis, spelled out anti-detection techniques at a recent SANS conference. The paper can be downloaded from the ISC site as a PDF file.
Written by Gregg Keizer TechWeb
Tuesday, November 21, 2006
California court expands immunity for bloggers
SAN FRANCISCO (Reuters) - Individuals who use the Internet to distribute information from another source may not be held to account if the material is considered defamatory, the California Supreme Court ruled on Monday in a reversal of a lower court decision.
The ruling supports federal law that clears individuals of liability if they transmit, but are not the source of, defamatory information. It expands protections the law gives to Internet service providers to include bloggers and activist Web sites.
"We acknowledge that recognizing broad immunity for defamatory republication on the Internet has some troubling consequences," California's high court justices said in their opinion.
"Until Congress chooses to revise the settled law in this area, however, plaintiffs who contend they were defamed in an Internet posting may only seek recovery from the original source of the statement," the decision stated.
The opinion, written by Associate Justice Carol Corrigan, addressed a lawsuit by two doctors who claimed defendant Ilena Rosenthal and others distributed e-mails and Internet postings that republished statements the doctors said impugned their character and competence.
Rosenthal operates a San Diego-based Web site known as the Humantics Foundation (http://www.humanticsfoundation.com), which is critical of silicone breast implants.
Rosenthal had countered that her statements were protected speech and immune under the Communications Decency Act of 1996. It holds that: "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."
A California appeals court had ruled that Internet service providers and users could be held liable if they republish a statement if it is known to be defamatory.
California's high court took that decision up for review because the lawsuit against Rosenthal involved an individual instead of a service provider, and opted for a broad view of immunity under the Communications Decency Act.
"Requiring providers, users, and courts to account for the nuances of common law defamation, and all the various ways they might play out in the Internet environment, is a Herculean assignment that we are reluctant to impose," the court's justices held in their opinion.
"By declaring that no 'user' may be treated as a 'publisher' of third party content, Congress has comprehensively immunized republication by individual Internet users," they added.
Mark Goldowitz, the defense counsel who represented Rosenthal, said in a statement that the ruling offers protection against those who would chill free speech on the Internet.
"The soapbox is not liable for what the speaker has said," said Kurt Opsahl, a staff attorney with the Electronic Frontier Foundation who filed a brief arguing free speech protections should cover individuals, not just Internet service providers.
(Additional reporting by Eric Auchard in San Francisco)
The ruling supports federal law that clears individuals of liability if they transmit, but are not the source of, defamatory information. It expands protections the law gives to Internet service providers to include bloggers and activist Web sites.
"We acknowledge that recognizing broad immunity for defamatory republication on the Internet has some troubling consequences," California's high court justices said in their opinion.
"Until Congress chooses to revise the settled law in this area, however, plaintiffs who contend they were defamed in an Internet posting may only seek recovery from the original source of the statement," the decision stated.
The opinion, written by Associate Justice Carol Corrigan, addressed a lawsuit by two doctors who claimed defendant Ilena Rosenthal and others distributed e-mails and Internet postings that republished statements the doctors said impugned their character and competence.
Rosenthal operates a San Diego-based Web site known as the Humantics Foundation (http://www.humanticsfoundation.com), which is critical of silicone breast implants.
Rosenthal had countered that her statements were protected speech and immune under the Communications Decency Act of 1996. It holds that: "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."
A California appeals court had ruled that Internet service providers and users could be held liable if they republish a statement if it is known to be defamatory.
California's high court took that decision up for review because the lawsuit against Rosenthal involved an individual instead of a service provider, and opted for a broad view of immunity under the Communications Decency Act.
"Requiring providers, users, and courts to account for the nuances of common law defamation, and all the various ways they might play out in the Internet environment, is a Herculean assignment that we are reluctant to impose," the court's justices held in their opinion.
"By declaring that no 'user' may be treated as a 'publisher' of third party content, Congress has comprehensively immunized republication by individual Internet users," they added.
Mark Goldowitz, the defense counsel who represented Rosenthal, said in a statement that the ruling offers protection against those who would chill free speech on the Internet.
"The soapbox is not liable for what the speaker has said," said Kurt Opsahl, a staff attorney with the Electronic Frontier Foundation who filed a brief arguing free speech protections should cover individuals, not just Internet service providers.
(Additional reporting by Eric Auchard in San Francisco)
Monday, November 20, 2006
As far as PC security, Goldilocks got it just right
SAN FRANCISCO - When Jud Fink decided to protect his PC, he treated it like a glorified science project. With a zeal that would put TV's resident obsessive Monk to shame, Fink evaluated every conceivable software and hardware program to come up with the best options for security and ease of use.
During the weeks-long process, Fink, 52, who does regulatory-compliance work for a health insurer near Philadelphia, left no technology stone unturned.
He looked at three browsers and chose Opera because he judged it faster and more secure than Microsoft's Internet Explorer and Mozilla Firefox. He appraised free and for-charge firewalls before opting for a hardware router.
Fink relies on e-mail services from Opera and FastMail, a local Internet service provider with advanced spam and virus-protection features. And he is thinking about adding the Macintosh OS to his Intel-based PC. He occasionally uses Linux, Unix and a beta version of Windows Vista as secondary operating systems. Oh, and he assiduously updates his system.
From all indications, Fink's approach has worked: He has never been victimized by a virus or spyware. Folks are so impressed with Fink's setup, they ask him for security tips.
"I've seen, and helped, lots of friends who are stuck in one of two situations: Either their computers are full of viruses and spyware, or they are unusable because they have so much (security) stuff and their systems slow to a crawl," he says.
Computing at home has never been so powerful - and treacherous. Just as millions of Americans are buying new PCs and signing up for blur-fast Internet connections, cybercrooks are hatching schemes to take control of their machines.
Consumers' 3 approaches
Americans, in turn, are beefing up their PC defenses to varying degrees. You might compare them to Goldilocks and the Three Bears.
Consumers are taking three distinct paths to the way they manage computer security. There are those of the fortress mentality, ever-vigilant taskmasters who overload their machines with every newfangled device. There are those who have it just right, with the proper mix of hardware and software. And there are those who simply plug in their machines with a wing and a prayer.
"Most people give careful consideration to security on their car or house, but when it comes to computers, most are not well educated," says Ed Rose, 59, a safety trainer in Orlando who attentively guards his personal computer at home. "It is not just the contents of your computer that must be safeguarded, but the possibility of someone entering your system and causing malicious damage."
Wave upon wave of infectious programs are scouring the Internet, allowing hackers to hijack millions of PCs and turn them into so-called bots - mostly in homes, at small businesses and on college campuses. The bots heed the orders of cybercrooks to spread spam, phishing e-mail and other nasty things.
If bots don't bite consumers, scores of other digital gremlins just might. They come in the form of virus-infected e-mails, Web pages crawling with contagious computer code or dozens of network worms - voracious, self-replicating programs that bounce around the Web, searching for security holes in Windows PCs.
The dangers have rattled consumers: 94% cite identity theft as a serious problem, according to a May report by the Cyber Security Industry Alliance and Pineda Consulting.
There are no studies available on the various degrees to which people protect their PCs. But security experts agree most fall somewhere in the vulnerable category. Indeed, 81% of home PCs lack fundamental protection in the guise of updated anti-virus software, a firewall and spyware defenses, according to a survey of 354 homes by AOL/National Cyber Security Alliance (AOL/NCSA) in late 2005. More than half lacked current virus protection.
The well-protected tend to be computer-literate and from safety-related fields. The defenseless tend to be novice or first-time users.
"Users should have to complete a driver's exam before they go on the Internet. They're that dangerous," says Toby Lucas, 49, a Web master in Newfoundland.
How PC users stack up:
Fortress mentality
There are cautious folks, and then there is Bruce Purcell.
Purcell is as overprotective of his home PC network as a mother bear of her cubs. His PCs are barricaded behind a phalanx of DSL routers that act as a sentinel to incoming Internet traffic. The second line of defense is
Windows XP's built-in firewall, McAfee's anti-virus software and Windows Defender for malware and spyware removal. Within Internet Explorer, Purcell uses the maximum setting on the pop-up blocker.
His e-mail is Google's ultra-secure Gmail system, which he deems less prone to spam and phishing e-mail than AOL and Microsoft MSN. Just to be extra careful, Purcell often creates temporary e-mail addresses when he shops online so he can delete them later.
Purcell, 48, also backs up photos, music and important documents to a disk in the event of a security mishap.
"All in all, it works," says Purcell, 48, the registrar at California State University, East Bay in Hayward, who also manages a tech team at the university.
Using the same concepts, his department of 100 people has endured only one virus in four years.
There is a limit to Purcell's caution, however. He does not overload his PCs with security accessories out of fear of dragging their performance. "Ironically, that's what happens when your PC gets hit by a virus," he says.
Purcell is among the technophiles who have made it their personal mission not to fall prey to cybercrooks. But in their zest, some overdo it with too many security programs, rendering their machines slower and - in isolated cases - disabling their firewalls, says Ross Brown, CEO of eEye Digital Security.
Another large group in the fortress category are those who have been burned by cybercrooks and are justly paranoid, Brown says. "They go belts and suspenders so, figuratively, their pants don't fall down," Brown says.
Somewhere between the obsessive and the indifferent are computer users with a healthy balance of hardware and software security tools. They often configure their system and heavily self-police their e-mail.
Just right!
Rick Kiphut, a 33-year-old firefighter in Memphis, typifies the middle-of-road approach. A self-taught PC user, Kiphut has read about computer security and, as a safety professional, is naturally cautious. His three laptops at home require encryption to log on. "People bring (a PC) home from Best Buy, plug it in and expect that's all they have to do," Kiphut says. "Me, I've always been pretty safe."
Thomas Gasque, 36, director of e-learning at a major retailer in Alabama, ascribes to a sensible approach. He keeps his McAfee Internet Security Suite - a combination of firewall, virus protection, spam filter and spyware detector, among other things - up to date. He uses a secure router. And he also backs up important files, photos and music.
"The generally prudent person does not do foolish things, like download unfamiliar applications or attachments from e-mail," Gasque says.
A wing and a prayer
Then there is the open gate, or laissez-faire, approach. Despite the inherent risks of computing and dire warnings from security experts, a large swath of consumers have little or no protection. Most aren't aware of the problem, while others take calculated risks.
Many of them, ironically, buy PCs preinstalled with security programs that last anywhere from 30 days to one year. Though it is their responsibility to maintain that security through paid subscriptions after the license of the preinstalled software expires, few do, says Brian Trombley, a product manager at McAfee.
"It's a case of not caring, knowing, or both," Trombley says. "Most consumers need simple programs that update themselves. Otherwise, they're in trouble."
Consumers, in general, remain blissfully unaware of computer security, based on the AOL/NCSA survey results. While two-thirds said they kept sensitive financial or health information on their PCs, 56% said they had never heard of phishing, e-mail scams designed to trick consumers into surrendering personal information.
"Most consumers blindly have total faith in their PCs and Internet providers to provide a secure and reliable connection," says Michael Pompura, an Orlando consumer who closely follows security issues. "These people typically have no qualms about sending personal information for banking or shopping with little thought (of security)."
Rob Carli considers himself lucky.
What other explanation, then, for Carli dodging a major computer problem for five years without the aid of any discernible security?
Carli, a 23-year-old sales consultant in Salt Lake City, says he just "rolled" with basic security updates and relied on software already installed on his PCs at home and at work. "My buddies always seemed to have a problem," he says. "I take (security) for granted."
Yet it is only a matter of time before folks like Carli get burned, computer experts say.
"Once you plug a high-speed PC in, the troubles begin," says John Kaufeld, 44, a Fort Wayne, Ind.-based author of 27 how-to computer books. "The bad guys are constantly seeking those connections to wreak havoc - and it's up to consumers to protect themselves."
Written by Jon Swartz, USA TODAY Mon Nov 20, 6:41 AM ET
During the weeks-long process, Fink, 52, who does regulatory-compliance work for a health insurer near Philadelphia, left no technology stone unturned.
He looked at three browsers and chose Opera because he judged it faster and more secure than Microsoft's Internet Explorer and Mozilla Firefox. He appraised free and for-charge firewalls before opting for a hardware router.
Fink relies on e-mail services from Opera and FastMail, a local Internet service provider with advanced spam and virus-protection features. And he is thinking about adding the Macintosh OS to his Intel-based PC. He occasionally uses Linux, Unix and a beta version of Windows Vista as secondary operating systems. Oh, and he assiduously updates his system.
From all indications, Fink's approach has worked: He has never been victimized by a virus or spyware. Folks are so impressed with Fink's setup, they ask him for security tips.
"I've seen, and helped, lots of friends who are stuck in one of two situations: Either their computers are full of viruses and spyware, or they are unusable because they have so much (security) stuff and their systems slow to a crawl," he says.
Computing at home has never been so powerful - and treacherous. Just as millions of Americans are buying new PCs and signing up for blur-fast Internet connections, cybercrooks are hatching schemes to take control of their machines.
Consumers' 3 approaches
Americans, in turn, are beefing up their PC defenses to varying degrees. You might compare them to Goldilocks and the Three Bears.
Consumers are taking three distinct paths to the way they manage computer security. There are those of the fortress mentality, ever-vigilant taskmasters who overload their machines with every newfangled device. There are those who have it just right, with the proper mix of hardware and software. And there are those who simply plug in their machines with a wing and a prayer.
"Most people give careful consideration to security on their car or house, but when it comes to computers, most are not well educated," says Ed Rose, 59, a safety trainer in Orlando who attentively guards his personal computer at home. "It is not just the contents of your computer that must be safeguarded, but the possibility of someone entering your system and causing malicious damage."
Wave upon wave of infectious programs are scouring the Internet, allowing hackers to hijack millions of PCs and turn them into so-called bots - mostly in homes, at small businesses and on college campuses. The bots heed the orders of cybercrooks to spread spam, phishing e-mail and other nasty things.
If bots don't bite consumers, scores of other digital gremlins just might. They come in the form of virus-infected e-mails, Web pages crawling with contagious computer code or dozens of network worms - voracious, self-replicating programs that bounce around the Web, searching for security holes in Windows PCs.
The dangers have rattled consumers: 94% cite identity theft as a serious problem, according to a May report by the Cyber Security Industry Alliance and Pineda Consulting.
There are no studies available on the various degrees to which people protect their PCs. But security experts agree most fall somewhere in the vulnerable category. Indeed, 81% of home PCs lack fundamental protection in the guise of updated anti-virus software, a firewall and spyware defenses, according to a survey of 354 homes by AOL/National Cyber Security Alliance (AOL/NCSA) in late 2005. More than half lacked current virus protection.
The well-protected tend to be computer-literate and from safety-related fields. The defenseless tend to be novice or first-time users.
"Users should have to complete a driver's exam before they go on the Internet. They're that dangerous," says Toby Lucas, 49, a Web master in Newfoundland.
How PC users stack up:
Fortress mentality
There are cautious folks, and then there is Bruce Purcell.
Purcell is as overprotective of his home PC network as a mother bear of her cubs. His PCs are barricaded behind a phalanx of DSL routers that act as a sentinel to incoming Internet traffic. The second line of defense is
Windows XP's built-in firewall, McAfee's anti-virus software and Windows Defender for malware and spyware removal. Within Internet Explorer, Purcell uses the maximum setting on the pop-up blocker.
His e-mail is Google's ultra-secure Gmail system, which he deems less prone to spam and phishing e-mail than AOL and Microsoft MSN. Just to be extra careful, Purcell often creates temporary e-mail addresses when he shops online so he can delete them later.
Purcell, 48, also backs up photos, music and important documents to a disk in the event of a security mishap.
"All in all, it works," says Purcell, 48, the registrar at California State University, East Bay in Hayward, who also manages a tech team at the university.
Using the same concepts, his department of 100 people has endured only one virus in four years.
There is a limit to Purcell's caution, however. He does not overload his PCs with security accessories out of fear of dragging their performance. "Ironically, that's what happens when your PC gets hit by a virus," he says.
Purcell is among the technophiles who have made it their personal mission not to fall prey to cybercrooks. But in their zest, some overdo it with too many security programs, rendering their machines slower and - in isolated cases - disabling their firewalls, says Ross Brown, CEO of eEye Digital Security.
Another large group in the fortress category are those who have been burned by cybercrooks and are justly paranoid, Brown says. "They go belts and suspenders so, figuratively, their pants don't fall down," Brown says.
Somewhere between the obsessive and the indifferent are computer users with a healthy balance of hardware and software security tools. They often configure their system and heavily self-police their e-mail.
Just right!
Rick Kiphut, a 33-year-old firefighter in Memphis, typifies the middle-of-road approach. A self-taught PC user, Kiphut has read about computer security and, as a safety professional, is naturally cautious. His three laptops at home require encryption to log on. "People bring (a PC) home from Best Buy, plug it in and expect that's all they have to do," Kiphut says. "Me, I've always been pretty safe."
Thomas Gasque, 36, director of e-learning at a major retailer in Alabama, ascribes to a sensible approach. He keeps his McAfee Internet Security Suite - a combination of firewall, virus protection, spam filter and spyware detector, among other things - up to date. He uses a secure router. And he also backs up important files, photos and music.
"The generally prudent person does not do foolish things, like download unfamiliar applications or attachments from e-mail," Gasque says.
A wing and a prayer
Then there is the open gate, or laissez-faire, approach. Despite the inherent risks of computing and dire warnings from security experts, a large swath of consumers have little or no protection. Most aren't aware of the problem, while others take calculated risks.
Many of them, ironically, buy PCs preinstalled with security programs that last anywhere from 30 days to one year. Though it is their responsibility to maintain that security through paid subscriptions after the license of the preinstalled software expires, few do, says Brian Trombley, a product manager at McAfee.
"It's a case of not caring, knowing, or both," Trombley says. "Most consumers need simple programs that update themselves. Otherwise, they're in trouble."
Consumers, in general, remain blissfully unaware of computer security, based on the AOL/NCSA survey results. While two-thirds said they kept sensitive financial or health information on their PCs, 56% said they had never heard of phishing, e-mail scams designed to trick consumers into surrendering personal information.
"Most consumers blindly have total faith in their PCs and Internet providers to provide a secure and reliable connection," says Michael Pompura, an Orlando consumer who closely follows security issues. "These people typically have no qualms about sending personal information for banking or shopping with little thought (of security)."
Rob Carli considers himself lucky.
What other explanation, then, for Carli dodging a major computer problem for five years without the aid of any discernible security?
Carli, a 23-year-old sales consultant in Salt Lake City, says he just "rolled" with basic security updates and relied on software already installed on his PCs at home and at work. "My buddies always seemed to have a problem," he says. "I take (security) for granted."
Yet it is only a matter of time before folks like Carli get burned, computer experts say.
"Once you plug a high-speed PC in, the troubles begin," says John Kaufeld, 44, a Fort Wayne, Ind.-based author of 27 how-to computer books. "The bad guys are constantly seeking those connections to wreak havoc - and it's up to consumers to protect themselves."
Written by Jon Swartz, USA TODAY Mon Nov 20, 6:41 AM ET
Microsoft to face challenge over Linux licenses
BRUSSELS (Reuters) - Supporters of PC operating system Linux are preparing to counter a recent deal penned by Microsoft Corp (Nasdaq:MSFT - news) which establishes for the first time the principle of paying the software giant for the operating system, whose license requires it to be free. Microsoft signed a deal with Novell, one of the providers of Linux, in which Novell paid it a lump sum in return for a guarantee that Microsoft would not sue Novell's clients for what it calls a violation of its own patents in the Linux program.
The prospect of a drawn-out legal battle with Microsoft, an experienced litigator, could push users of Linux into the hands of Novell (Nasdaq:NOVL - news) and away from dominant Linux provider, Red Hat (Nasdaq:RHAT - news), which does not have such a deal with Microsoft.
Although Linux is free, providers of the system offer the software with packaging, documentation and -- most important -- installation and maintenance, so any client shift from Red Hat would cost it money. "Either customers desert Red Hat to go to Novell, to get safety, or Red Hat will be forced into a similar deal with Microsoft," said Eban Moglen, a professor at Columbia Law School and founding director of the Software Freedom Law Center in New York.
Moglen, one of the pioneers of free software, said Microsoft's deal skirts the requirements of the GNU General Public License, used by Linux and other free programs, which requires the software to be given away.
He and others have started work on updating the license to close the loophole by saying a promise not to sue, such as the one given by Microsoft, would be automatically applicable to everyone. That would effectively flip Microsoft's agreement on its head and guarantee that no one would face a suit from Microsoft if anyone were protected.
"A clause like that would not be difficult to get community agreement on these days," Moglen said, adding that a change could be ready in weeks or months.
LIABILITY?
Under the Novell deal, in which both companies agreed not sue each other's clients for patent violation, Microsoft agreed to pay Novell $348 million, while Novell pays Microsoft $40 million, on the basis that Novell has fewer customers.
Microsoft says it has patent rights to some of the technology in Linux, although it has never said exactly what those rights might be or what patents are involved.
Microsoft Chief Executive Steve Ballmer said if customers bought Linux from anyone but Novell, they could face trouble.
"If a customer says, 'Look, do we have liability for the use of your patented work?' Essentially, if you're using non-SUSE Linux, then I'd say the answer is yes," Ballmer told eWeek.com recently, referring to the Linux system sold by Novell.
"I suspect that (customers) will take that issue up with their distributor," Ballmer said, adding that if customers considered doing a direct download of a non-SUSE Linux version, "they'll think twice about that."
Microsoft makes the Windows operating system, for which it charges billions of dollars a year, but Linux has been a thorn in the software giant's side because it is freely available.
Linux was created, maintained and improved by volunteers working under a license requiring that it be freely available for copying, modification and improvements.
The prospect of a drawn-out legal battle with Microsoft, an experienced litigator, could push users of Linux into the hands of Novell (Nasdaq:NOVL - news) and away from dominant Linux provider, Red Hat (Nasdaq:RHAT - news), which does not have such a deal with Microsoft.
Although Linux is free, providers of the system offer the software with packaging, documentation and -- most important -- installation and maintenance, so any client shift from Red Hat would cost it money. "Either customers desert Red Hat to go to Novell, to get safety, or Red Hat will be forced into a similar deal with Microsoft," said Eban Moglen, a professor at Columbia Law School and founding director of the Software Freedom Law Center in New York.
Moglen, one of the pioneers of free software, said Microsoft's deal skirts the requirements of the GNU General Public License, used by Linux and other free programs, which requires the software to be given away.
He and others have started work on updating the license to close the loophole by saying a promise not to sue, such as the one given by Microsoft, would be automatically applicable to everyone. That would effectively flip Microsoft's agreement on its head and guarantee that no one would face a suit from Microsoft if anyone were protected.
"A clause like that would not be difficult to get community agreement on these days," Moglen said, adding that a change could be ready in weeks or months.
LIABILITY?
Under the Novell deal, in which both companies agreed not sue each other's clients for patent violation, Microsoft agreed to pay Novell $348 million, while Novell pays Microsoft $40 million, on the basis that Novell has fewer customers.
Microsoft says it has patent rights to some of the technology in Linux, although it has never said exactly what those rights might be or what patents are involved.
Microsoft Chief Executive Steve Ballmer said if customers bought Linux from anyone but Novell, they could face trouble.
"If a customer says, 'Look, do we have liability for the use of your patented work?' Essentially, if you're using non-SUSE Linux, then I'd say the answer is yes," Ballmer told eWeek.com recently, referring to the Linux system sold by Novell.
"I suspect that (customers) will take that issue up with their distributor," Ballmer said, adding that if customers considered doing a direct download of a non-SUSE Linux version, "they'll think twice about that."
Microsoft makes the Windows operating system, for which it charges billions of dollars a year, but Linux has been a thorn in the software giant's side because it is freely available.
Linux was created, maintained and improved by volunteers working under a license requiring that it be freely available for copying, modification and improvements.
Subscribe to:
Posts (Atom)
