Sophos, a security vendor has released a 18-page report on potential security threat coming this year. Last year was a year of rapid changing nature of threat. Sophos summarizes the trends as follow:
- Malware authors are continuing to turn their backs on large-scale attacks.
- Explosive growth of web-based downloaders to spy on users.
- Trojans outnumbering Windows viruses and worms 4:1.
- New mass-mailing worm, Stratio had over 1000 unique variants in November.
- Email containing infected attachments down to 1 in 337.
- Most spams are continuing to be relayed by poorly protected US computers.
The outlook of security threat in 2007 is largely dim with 66% of businesses thinking of a worse year. Even with the launch of Windows Vista end of the month, users are advised not to rely solely on Vista’s security improvements. Why? Windows is the targeted platform for attack and will continue to be the case in the near future.
Microsoft Windows Vista is not as secure as what Microsoft claims. According to a report in New York Times on Christmas day, a number of flaws have been discovered on the brand new OS.
On Dec. 15, a Russian programmer posted a description (in Russian) of a flaw that makes it possible to increase a user’s privileges on all of the company’s recent operating systems, including Vista. The flaw affects csrss.exe, which is the main executable for the Microsoft Client/Server Runtime Server.
Furthermore, computer security company Determina notified Microsoft on Dec. 20 of five more vulnerabilities it had identified — four affecting Vista and earlier versions of Windows, and one affecting Microsoft’s Exchange e-mail server.
e-Passports or RFID passports are passports embedded with RFID tags. The first issuing country was Malaysia in 1998. The Malaysian passport records the travel history (time, date, and place) of entries and exits from the country.
On October 25, 2005, the U.S. government announced that all U.S. passports would be implanted with RFID tags starting in October 2006.
How can you tell if your passport contains a RFID tag? Look for the Electronic Passport logo on the front cover (shown on the left). The tag is capable of transmitting your name, nationality, sex, date of birth, place of birth and digitized photograph. Additional digitized data such as “fingerprints or iris scans” may also be included.
Wi-Fi networking is inherently insecure. Wi-Fi and its latest security and encryption updates (WEP/WPA/WPA2) try to protect network access but not necessarily the information that flows over that network. Using public Wi-Fi network should be considered as open to the public as if you had published your accounts, passwords, and correspondence in a newspaper.
There are three primary threats from bedevil Wi-Fi users - sniffers, rogue access points and worms/probes.
Sniffers
Wi-Fi uses radio waves to send data thus making it ripe for monitoring from vicinity. Unless a building is surrounded with a wire cage, signals leak and you must treat your access to the network as completely available to anyone within line-of-sight range. A used $200 laptop with a $10 Wi-Fi card and free software is quite effective and often used for these purposes of sniffing. The sniffer can decode any data passing by into its original form.
Ian Hellen and Vishal Kumar, both security PM at Secure Windows Initiative (SWI) have put up some presentation slides for the recent Hack In the Box Security Conference in KL, Malaysia. The slides give an overview of the major security initiatives that fundamentally change the engineering process of Windows Vista compared to Windows XP.
“Stop playing catch up! - Find & fix before ship!” is the guideline for the initiatives. Windows Vista security approach starts with the engineering process. There are 4 key areas Microsoft has identified to address in Windows Vista.
- Apply least privilege throughout the architecture: Harden services, applications, browser