How effective is antivirus software if the computer doesn’t have the latest patch updates?
Secunia tested 12 Internet security suites (PDF report) and found them all wanting. Symantec came in first, but it only detected 64 out of 300 exploits.
This suggests that McAfee, Norton, Windows OneCare, ZoneAlarm, AVG, CA, F-Secure, TrendMicro, BitDefender, Panda, Kaspersky, and Norman may be ignoring a key strategy to improve their products; products that claim to do so much for the consumer.
If these products detected vulnerabilities and installed patches maybe they would protect customers better. Secunia recommends the features offered by Kaspersky Internet Security 2009 to identify programs that need patching. Interesting thing is Kaspersky did poorly in this test.
One security suite I would like to see tested against this list is eEye’s Blink. Unlike most other products, it was designed with vulnerability scanning and patching in mind.
Tags: Anti-Virus · Patch Management · Secunia
September 24th, 2008 · Add Comment
I know a company that recently paid a premium for Websense because of a single feature: An alert is sent to an administrator each time a user visits an unauthorized website.
Most (all?) filters can report on such activity after the fact, but many don’t have the real-time alerting feature that this customer felt was so valuable.
This is an example of using feature vectors rather than feature matrices to compare products. Comparing a single most important feature across products is simple, fast and minimizes distraction by features that aren’t relevant to the problem at hand.
Tags: Web Filtering · Websense
September 22nd, 2008 · 3 Comments
I heard from Daniel about ChaCha. I’ve never used a mobile search service nor had the slightest clue how they work, but I was impressed enough by the answer they sent Daniel that I figured I would try it out.
I texted “Is the Bald Eagle and endangered species?”. About 5 minutes later I received this:
Yes it is. Have a great day! http://search.chacha.com/u/762jt53n
But the Bald Eagle isn’t an endangered species. ChaCha sent me a false answer.
If you follow the link, you’ll see my conversation along with these two links:
Visit Source Website
View info about your guide Eric W.
I basically outsourced a google search to someone else, who then breezed through a page about the Bald Eagle and somehow figured they were endangered, despite the source website clearly stating:
The Bald Eagle was listed as Endangered in most of the U.S. from 1967 to 1995, when it was slighted upgraded to Threatened in the lower 48 states. The number of nesting pairs of Bald Eagles in the lower 48 states had increased from less than 500 in the early 1960’s to over 10,000 in 2007. They had recovered sufficiently to delist them from Threatened status on June 28, 2007.
I found myself looking for a way to correct my guide’s answer or at least to be able to vote him down or something. I can see the ChaCha service being useful but I would need the research to be accurate. Maybe along with the answer they can indicate the guide’s trust rating. Or perhaps they can referee the answers, sending your question through two guides before they text you the answer. I can definitely imagine outsourcing simple research to ChaCha in that case.
UPDATE: I texted back to ChaCha: “The bald eagle is not an endangered species.”
Melissa C. responded:
Your right! The bald eagle, America’s national symbol, is flying high after spending three decades in recovery. On MORE?
Her source website returns CNN’s 404 page though.
Tags: Web
Secunia doesn’t think AV and IDS vendors are writing signatures well enough and plans to remedy the situation by opening up their analyses to a wider customer base with easier “pay-as-you-go” terms.
we have also realised that far too many of the other AV and IDS / IPS vendors - including the major ones - fail to detect many attacks utilising critical vulnerabilities simply because they too often create payload based signatures rather than vulnerability based signatures.
Tags: Anti-Virus · Secunia
September 5th, 2008 · 1 Comment
Security Nirvana Blog
Nir is now blogging.
Tags: Uncategorized
PhishGuru
PhishGuru is an email-based anti-phishing training system in which training messages are designed to look like phishing messages.
Tags: Security
A cursory web search will show you many end users that perceive better performance using Firefox for MobileMe hosted websites instead of Apple’s own Safari browser.
My wife uses iWeb to maintain the family website. A couple of weeks ago, the comments stopped working. I figured it was just another MobileMe problem and planned on switching to Wordpress or something. Tonight we noticed that people were leaving comments. We viewed the site in Firefox and the comments worked. Comments on our MobileMe hosted webpage do not work in Safari.
Here are the comments viewed with Safari:
Here are the comments viewed with Firefox:
If anyone has any idea how to fix this, feel free to let me know, but I’ll probably be moving it over to another platform soon. Marsedit and Wordpress will be just as easy iWeb.
As far as I’m concerned, MobileMe is alpha software. A few minutes on their Apple’s support site shows as much.
Tags: Apple · Firefox · MobileMe · Safari
MetricsCenter Articles
Stuff to read on security metrics.
Tags: Risk Management · risk
Alex’s post got me thinking about reputation.
Companies think they own their reputation, but in reality they don’t. A reputation is the aggregate of the popular opinion about you. Opinions, or thoughts, belong to an individual, true or not, and a company doesn’t own a person’s thoughts, therefore a company doesn’t own its reputation. QED.
If the company doesn’t own its reputation then how can they press charges on a disgruntled employee (link via Alex) for trying to convince stockholders to sell? I’m simplifying here since he was probably under some sort of gag contract, but if you think about it, the act of persuading someone to sell a stock, while it may be malicious from the company’s point of view, isn’t qualitatively different than trying to convince them to hold or buy, which the company does constantly. If his information was false, then the sellers that believed him will lose money. If it was true, then the company has been lying. The point is, he isn’t causing any physical damage to the company by disseminating information, even if it is false, and this follows from the fact that no one owns their own reputation.
That doesn’t mean reputation isn’t real. It is real, and I think firms already measure it to an extent when they calculate the results of their marketing campaigns.
As far as selling security to preserve a reputation, everyone is trying it, because you see it in every vendor’s ad copy, but I really doubt anyone buys security because they are scared of a tarnished reputation. This is because breaches don’t effect the bottom line, which means they don’t make customers leave, which means a customer’s perceived risk of loss is small. The odds of any particular customer suffering loss if their beloved vendor loses a million credit card numbers is small, so they don’t care. They continue to shop there. This drives security people nuts, but that’s how it seems to be right now.
Tags: Reputation · risk
Tags: Mac · Quicksilver
