Desktop Security Software Risks - Part 1
This is the second in a series of articles highlighting reasons why we need a new model for anti-virus and security solutions.
Reason #2: the Desktop Security Software Risks
The risks of placing software on the desktop are such that I will be breaking this article into two parts.
Fundamentally we think of having software on our desktops as a good thing. I love downloading or installing new packages and seeing what new creative things people do to the user interface or what they do to make certain aspects of my life easier or more fun.
But there are problems inherent with software that resides on the desktop, especially security software. All developers will know what I mean. First and foremost, desktop software can be reverse engineered. What's that mean? Have you ever inadvertently double-clicked on a file and had garbage show up or seen something that looks similar to this?
The old hex dump. Programmers will know it well. We actually spend a good deal of time trying to read this stuff. Basically, if there are programs that can (and do) turn instructions like the following
If UserBirthDate < "01/01/1960" then
IsReallyOld = "Yes
IsReallyOld = "No"
into something like the picture above, then the reverse is true: people have developed software that can take that gobbeldy-gook in the picture above and turn it somewhat into the if-statement I wrote out. The reversing software won't know that I had an item called UserBirthDate, but it will know I was testing for a value of January 1, 1960 and it will be able to say that based on that value I set another item to Yes or No.
So now we install our fool-proof anti-virus software on our desktop (or our firewall for that matter). Well, so too can a virus author. And that virus author or hacker will also have gotten a copy of the latest reverse-engineering software from his local hacking site. He now goes upon his task of reverse-engineering the software and then trying to decipher the results. It's not easy but it can be done. Unfortunately, vendors know this and understand this as an acceptable risk.
The problem here is that your security software is at risk. If your vendor codes an error, the virus author can and will detect it. For example, if your vendor should exclude a file from scanning, it's possible the virus author will figure out which file (or type of file) that is and bury his code there. If the vendor excludes files from scanning or heuristics, it's possible that virus author will figure out a way to corrupt that file.
That being said, there are other risks. As we have said, once software is on the desktop it affords virus authors an opportunity to reverse-engineer security software. The knowledge that reverse-engineering provides is invaluable to a virus author when building his next software attack. Third, virus authors can learn where the anti-virus vendors put there software and put the links to their software (directory folders, registry entries, etc.). This too is invaluable information. In fact, in some ways it teaches people intent on writing malicious software clues as to how to infiltrate the computers' operating system, where registry entries need to be made to force software to be loaded every time a computer is started, etc.
This information is generally available all over the web and in manuals for operating systems, especially manuals on such subjects as the Windows Registry. But having the software teach you where things belong to be effective is powerful knowledge.
Lastly, and perhaps most significantly, is the issue of forebearance. The anti-virus vendors usually know more about the potential exploits inherent in programs than virus authors but they are bound by the fact that should they try to prevent them before the exploits occur, they could be branded as irresponsible for teaching virus authors about these very exploits.
For example, when Microsoft first released the macro capabilities of Word, anti-virus vendors immediately realized the potential for danger in macros, but they were handcuffed. If they released software that disabled macros before the first macro virus was ever released, they would signal to virus authors the inherent destructive powers of macros. They chose instead to wait, handcuffed by the limitations of desktop software.
Until the Internet there really has been no better medium for delivering virus solutions than desktop software. It was relatively inexpensive to deploy (either market the software and sell it in stores or provide free downloads on bulletin boards and web sites). It is, however, expensive to keep updated in terms of time and effort, even with automated update systems.
The Internet caused several things to happen: by becoming a powerful medium for sharing files, whole families of viruses disappeared practically overnight (boot sector viruses, for example); by becoming the option of choice for sharing files, it was easier to infect a single file and have thousands download it.
A better solution is to place the security software in an offsite appliance of its own making. All Internet, intranet, networking connections flow through the appliance.
Selling off the shelf hardware appliances with built-in security software is better than a desktop software solution but it still suffers -to a lesser extent- from the pratfalls that desktop software falls prey to.
Even better is to create a service that a 3rd party vendor manages in a secure environment. In such an instance both the software and the hardware are away from the prying eyes of the malicious software authors. This further reduces the opportunity for malicious authors to discover the tricks and techniques employed by the security vendors to protect you.
About The Author
Tim Klemmer has spent the better part of 12 years designing and perfecting the first true patented behavior-based solution to malicious software.
Security breach at Florida school district exposed personal identifying info of more than 250 students - Fox News
Security breach at Florida school district exposed personal identifying info of more than 250 students Fox News
Security alert: It’s time to update your iPhone — again NewsNation Now
Secretary Antony J. Blinken At the Addressing the Urgent Security Situation in Haiti Meeting - United States Department ... - Department of State
Secretary Antony J. Blinken At the Addressing the Urgent Security Situation in Haiti Meeting - United States Department ... Department of State
Mozambique-U.S. seek to deepen defence, security ties Africanews English
Chicago Mayor Signs $29 Million Deal With Private Security Firm To Create Tent Camps For Migrants - Forbes
Chicago Mayor Signs $29 Million Deal With Private Security Firm To Create Tent Camps For Migrants Forbes
PM Modi lauds security official who worked at Bharat Mandapam amid G20 Summit despite mother's heart attack | Watch | Mint - Mint
PM Modi lauds security official who worked at Bharat Mandapam amid G20 Summit despite mother's heart attack | Watch | Mint Mint
TSA showcases security checkpoint technologies in use at Antonio ... - Transportation Security Administration
TSA showcases security checkpoint technologies in use at Antonio ... Transportation Security Administration
Biden-Harris Administration Announces Final National Security ... US Department of Commerce
United States Hosts UNGA Side Event: Addressing the Urgent ... Department of State
Austin Lauds Mozambique's Leadership on Regional Security > U.S Department of Defense
Biden Administration Announces Additional Security Assistance for ... Department of Defense
OSCE in crisis as Russian veto threatens security body Financial Times
Five questions with security expert Greg Parker Johnson Controls
Operation Lone Star Bolsters Border Security To Stem Historic Influx Office of the Texas Governor
Software supply chain security Grant Thornton
Fact Sheet: The Biden-Harris Administration Takes New Actions to ... Homeland Security
Secretary Antony J. Blinken At United Nations Security Council ... Department of State
DHS Homeland Security Investigations Announces Strategy to ... Homeland Security
At Disagree Better Event, National Security Experts Warn of the ... - National Governors Association
At Disagree Better Event, National Security Experts Warn of the ... National Governors Association
Increased online security coming soon to El Camino El Camino College Union
Statement by President Charles Michel at the UN Security Council ... - Présidence française du Conseil de l'Union européenne 2022
Statement by President Charles Michel at the UN Security Council ... Présidence française du Conseil de l'Union européenne 2022
Remarks by Ambassador Linda Thomas-Greenfield at a UN Security ... - United States Mission to the United Nations
Remarks by Ambassador Linda Thomas-Greenfield at a UN Security ... United States Mission to the United Nations
CU Boulder earns $5 million award for 5G cellular security research - CU Boulder's College of Engineering & Applied Science
CU Boulder earns $5 million award for 5G cellular security research CU Boulder's College of Engineering & Applied Science
Diving Deep Into Key Input on the Access Control Market Security Sales & Integration
Building the Quad: A Diamond of National Security United States Army
Job Security Isn't Enough to Keep Many Accountants From Quitting The Wall Street Journal
GEN Nakasone Offers Insight into Future of Cybersecurity and SIGINT National Security Agency
Why Aviation Security Is A Deadly Serious Matter? Indiatimes.com
30th Security Forces Squadron Expeditionary Training ... Vandenberg Space Force Base
Indiana University Health reports data security incident pertaining to one of its vendors - FOX 59 Indianapolis
Indiana University Health reports data security incident pertaining to one of its vendors FOX 59 Indianapolis
Unlocking IoT Endpoint Security in 2023: What You Need to Know Security Boulevard
Secretary Mayorkas Delivers Remarks at Ukrainian Cultural Artifacts ... Homeland Security
ROSEN, TRUSTED INVESTOR COUNSEL, Encourages NAPCO ... GlobeNewswire
Fleeing Militants Pose Challenge to Somalia’s Security Voice of America - VOA News
LastPass: 'Horse Gone Barn Bolted' is Strong Password – Krebs on ... Krebs on Security
Remarks by Ambassador Thomas-Greenfield at a UN Security ... U.S. Embassy Moscow
Airport Security Officer Caught Stealing From Passenger, Stuffs ... View from the Wing
Ambassador Linda Thomas-Greenfield Joins Secretary Blinken for ... - United States Mission to the United Nations
Ambassador Linda Thomas-Greenfield Joins Secretary Blinken for ... United States Mission to the United Nations
Robert Habeck on Germany's new approach to 'economic security ... Atlantic Council
Why We're Pulling Our Recommendation of Wyze Security Cameras The New York Times
Added security at Yom Kippur services after recent incidents RochesterFirst
At the edge of the UN security perimeter, those with causes (and signs) try to be heard - West Hawaii Today
At the edge of the UN security perimeter, those with causes (and signs) try to be heard West Hawaii Today
Emma Watson returns to school at Oxford; tight security surrounds her studies | Onmanorama - Onmanorama
Emma Watson returns to school at Oxford; tight security surrounds her studies | Onmanorama Onmanorama
Opinion | Economic cooperation boosts worldwide prosperity ... The Capital Times
ylera's Vision: Pioneering IoT Security and Intelligence for Healthcare Healthcare Digital
146th Security Forces Squadron Train with Emergency Management ... 146aw.ang.af.mil
Lottery Scam, What It is and how to Avoid It?
Internet scams and frauds are on the rise! The quantity of scam emails with various fraud schemes any email account receives today is simply overwhelming! There is this infamous Nigerian 419 scam, which is by far the most widely circulated one. I wrote about it in one of our ezine articles not long ago.
How To Cover Your Tracks On The Internet
Every single time you access a website, you leave tracks. Tracks that others can access.
An Open Door To Your Home Wireless Internet Network Security?
This is not some new fangled techno-speak, it is a real tool to be used for the protection of your wireless internet network and LAN. African American SMBs have to realize that if your Internet connection is on 24/7 then your network, and it is a network that your computer is connected to, is at risk.
How to Manage Your Username and Password The Easy and Secure Way
Have been an Internet user for more than 9 years, I have 100's of logins and passwords to keep. I'm paranoid.
All About Computer Viruses
Your computer is as slow as molasses. Your mouse freezes every 15 minutes, and that Microsoft Word program just won't seem to open.
Instant Messaging - Expressway for Identity Theft, Trojan Horses, Viruses, and Worms
Never before with Instant Messaging (IM) has a more vital warning been needed for current and potential IM buddies who chat on line.John Sakoda of IMlogic CTO and Vice President of Products stated that,"IM viruses and worms are growing exponentially.
Corporate Security for Your Home Business
The words Corporate Security may conjure up images of a group of techies working in a wire-filled basement room of Microsoft or HP, combating hackers and terrorists online using words like algorithm and encryption. If you own your own business, do not allow yourself to think that security is only for big corporations.
Be Aware of Phishing Scams!
If you use emails actively in your communication, you must have received various messages claiming to be from Ebay, Paypal and a number of banks. A recent email as if from U.
A Basic Introduction To Spyware
Spyware is the most troublesome software to appear on theInternet in recent times. When spyware infects a computersystem, it may be relatively harmless or it may bedevastating.
The Importance of Protecting Your PC from Viruses and Spam
Today the internet is a mine field of malicious code looking to harm your computer. Hackers want to have access to your PC for both fun and profit.
How To Prevent Spyware Attacking Your Computer
Spyware is software or hardware installed on a computerwithout a user's knowledge. It gathers information andreports it back to its source.
Make Money Online - Defend Against The Latest Scam
First, let's do a little recap'. As I stated in the first part of the article, "Make Money Online - The Latest Scam Disclosed", "refund policy scammers" affect the websites that make money online by selling digital products by buying the product and asking for refunds, while keeping the product.
Passwords or Pass Phrase? Protecting your Intellectual Property
Much has been said on the theory of password protection for files, computer login, and other network access. In the past we used a combination of letters, special characters, and other techniques to try and prevent unwanted or unauthorized access to our computers, resources, and networks.
Personal Firewalls - Secure Your Computer
There has not been a time in the history of the personal computer that firewalls and anti-virus programs have been more necessary and in-demand. Today, personal computer security is not only threatened by viruses and worms, but also by spyware - those severely annoying programs that are illegally loaded onto your computer from the internet.
Whats All This I Hear About Firewalls?
At this point, if you've got the whole "turning the computer on" thing down; you are ready to learn about firewalls. Whether you use your computer for business or pleasure, it is important to have a firewall.
Delete Cookies: New-Age Diet or Common Sense Internet Security?
No, this article isn't about some new, lose-20-pounds-in-a-week, certified-by-some-tan-Southern-California-doctor diet. It's about cookies on your computer - what they are, why they are there, and what to do about them.
Is Shopping Online For Your Horse Gifts Safe?
Shopping for horse gifts or other gift items on the internetis quick, convenient and is probably safer than you think.However, you still need to be aware that it is essential tovigorously protect your privacy and financial informationwhen making purchases online.
Phishing, Fraudulent, and Malicious Websites
Whether we like it or not, we are all living in the Information Age. We have nothing left but adapt to rapidly developing information technology, no matter who we are and what we do for living.
Web Browsing - Collected Information
You may not realize it, but as you are surfing the web all sorts of details are being left behind about your computer and where you have been. Most of this information is used harmlessly in website statistics, but it could also be used to profile you, or identify you as a vulnerable target for an exploit.
The One Critical Piece Of Free Software Thats Been Overlooked
Can You Prevent Spyware, Worms, Trojans, Viruses,..
|home | site map|