of Philosophy and Technology

There is a major shift in ways how consumers’ PCs are attacked online.  In the past, computers can be infected only when they visit dangerous sites or click malicious links that lead to infected sites.  Today, malicious hackers just look for poorly secured websites — a task that has become easy because of available vulnerability scanners in the Web. A vulnerability scanner is a computer program designed to search for weaknesses in an application, computer or network. Once a poorly secured site is found, these hackers then insert malicious codes that can infect users who will visit these sites.  A user can be infected even without clicking anything on that site. This is called “drive-by download” as it downloads programs and other malicious content without the consent of the user who happens to visit that site.

A vulnerable site can contain keyloggers that can capture the user’s keystrokes then e-mail all these strokes to a particular e-mail address; Spyware that can collect various types of personal information – it can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, or diverting advertising revenue to a third party; and adware that automatically plays, displays, or downloads advertising material to a computer.

Symantec demonstrated in Vision 2007 held in Las Vegas recently “the strongest level of protection from surfing the web.”  Codenamed “Canary” the new software identifies signatures of all types of browser-based exploits and blocks them immediately.  Canary not only stops worms and viruses but also known and unknown browser-based attacks. As patches take a while to come out and even longer to deploy, the best way to block attacks is signature based technology like the Canary. Canary can shut down the attack without forcing the user to deploy the patch.

In the past, users have no choice but to wait for the official patch from Microsoft to secure their systems. Virus writers are a step ahead of everyone as they immediately exploit any vulnerability announced by Microsoft as most customers delay widespread deployment of a patch released by Microsoft because of cost. As virus writers create new exploits, security vendors then create fingerprints and tools to clean up the mess.  Customers will then remove infections and may deploy patches to critical systems, but the damage has already been done.

Symantec’s strategy now is to create a new vulnerability signature as soon as they find out about it and distribute it to customers via LiveUpdate. Customers can easily deploy this signature, just like virus definitions, to all desktops, servers and devices. So even if virus writers create a new worm that takes advantage of the vulnerability, it is blocked immediately.

A computer hacker who claimed to have breached a computer at London-based Bloomsbury Publishing said that he was able to download a digital copy of JK Rowling’s seventh and final book, “Harry Potter and the Deathly Hallows.”

The hacker known as “Gabriel” posted a spoiler of the book in the website www.insecure.org, a site maintained by Fyodor, a self confessed hacker (“the good kind”) and the  author of the program NMAP, a network security scanner available in the Internet for FREE.

LAS VEGAS – Symantec Vision 2007 – Symantec Corp. announced Storage United, a new business initiative designed to help enterprise storage professionals address the root causes behind the growing cost and complexity of their storage environments. Symantec’s Storage United strategy provides a software-oriented approach to enable even the largest, most heterogeneous data center environments to unite their diverse storage platforms, to unite their isolated islands of storage administration, and to unite storage operations with the business by delivering storage as a service.