Tuesday, August 30, 2005

We need security companies too quit shortchanging us.

I can’t help but wonder why security software companies aren’t using more of the protection methods available to them than they are. It’s time for sandbox technology and memory monitoring software to become a part of the standard tools available to us to protect our systems. I see no reason that companies like Diamond CS can write programs like ProcessGuard while companies like ZoneAlarm, Norton, and McAfee continue to hand us the same old methods that are becoming far too vulnerable to being compromised.

For any of you who aren’t familiar with ProcessGuard it’s a program that monitors the actions of all the programs running on your computer and prevents certain actions and processes from running with out permission. Sometimes it is a pest because of its messages but it is nice to realize that it is almost impossible for a program or process to run with out permission. It tells you every time something tries to do any action that is questionable or shouldn’t be happening. While it’s not perfect it works very well and provides an additional layer of protection that greatly increases security on a system running the program.

So if a little company like Diamond CS can provide such protection why aren’t other security companies also providing similar protection? I understand that not everyone would want to be bothered by a program like this but it should be available for those of us who want to use it.

Sandbox technology has the same problem of being used very little by the security software industry. To see my antivirus software detect a virus and quarantine it leads me to wonder why programs like Internet Explorer aren’t contained in a protected section of memory. Now we can even buy programs to run numerous “virtual machines” on the same computer without them disturbing each other but we can’t isolate the processes of a program to prevent it from running amuck on our machine. Strange isn’t it !

I currently run Windows XP and Red Hat Linux on the same machine at the same time with each OS running and sharing the resources of the computer without any problem. Each OS runs in a virtual machine that is configurable to allow for the amount of memory and hardware resources that it needs without affecting the other OS at all. If this is possible why can’t we use this method to protect our systems from malware and viruses?

It’s time that we as consumers start demanding that the best technology and methods are made available to provide us the protection we need and deserve. The security software companies are continuing to shove old outdated technology and solutions at us while raking in the profits. We need to demand that it stop and that they start using some creativity and quit ripping us off.

Sunday, August 28, 2005

Internet Explorer 7 a Tale of Two Programs

Microsoft’s new beta version of Internet Explorer is out and it is interesting to note that there are two versions. The first one is shipping with the Vista OS beta just released and is designed to be used with Vista. (See yesterdays post for my early impressions of Vista.) I didn’t have time to check out if it would also work with XP but it would be interesting to know if it would. The other Internet Explorer beta is designed for XP and it has slightly different features.

With Firefox breathing down their neck and their market share dropping quickly Microsoft decided to rush through a hurried up date to Internet Explorer for XP before they released Vista and it’s version of Internet Explorer. Lets hope that it isn’t such a rush job that security suffers. It’s hard to know how well a browser is constructed until it hits the net and the hackers and crackers have a shot at it. My prediction is that version 7 of Internet Explorer will have as many serious security problems as did version 5 and 6 and that doesn’t bode well for users.

So what’s up with version 7 of Internet Explorer? What new magic is Microsoft giving us this time?

Well it seems more than anything else Microsoft was feeling the pressure from Mozilla and Firefox with its growing market share. These last few months have found Microsoft feverishly trying to rework a tired threadbare Internet Explorer version 6 to hold off the competition from Firefox. Since the current version of Internet Explorer (version 6) wasn’t that much of an improvement or change over version 5 a change in Internet Explorer was long over do. Before Firefox Microsoft basically let Explorer coast along but Firefox’s competition forced them to take action on an update or risk further losses in market share and market share isn’t something Microsoft gives up easily.

So what is the verdict on the new program and does it offer any reason to move from version 6 to version 7.

Well the first thing that you notice is that it offers tabs just like Foxfire, Opera, and several other browsers. That is a nice feature as you can move around so much easer between sites you visit often by using tabs. I don’t think that it’s done as well as Firefox’s tab feature but it is pretty good. It’s just too bad that Microsoft was so stubborn about offering tabs before now.

Since Microsoft was only planning on updating Internet Explorer after Vista came out it shows just how desperate they were to keep their position. Pushing up the release date for the XP version is a risky decision for Microsoft. Can they get security right with a hurried rewrite of Internet Explorer is a question yet to be answered. Let’s hope so for everyone’s benefit.

We also see search being more visible with a new search box next to the address box in IE. Both Vista and Internet Explorer offer a much faster more complete search feature but it is hampered by not having the new file system that Microsoft promised. Search is definitely a hot button item right now with so many trying to corner the desktop search market that Microsoft felt that they had to improve search capacities, abilities, and speed. So far it looks like they did do that in this version of Internet Explorer as well as Vista.

Next is the addition of an RSS reader built into Internet Explorer. Once you get past the fact that Microsoft has changed the name from RSS feed to web feed you will find that it seems to work alright except for the fact that you have to check a feed source manually. Let’s hope that they fix that before the final version ships.

I for one don’t want to have to click on the my favorites tab and then click on the feed source to check for updates. That kind of defeats the purpose of using RSS and especially when you can have a tab for any site you visit often. With one simple click on a tab you can see the site anyway. Given the way Microsoft has RSS feeds setup I predict that most people will chose to use the tab feature to check for updates or get a real RSS reader. Maybe this is Microsoft’s plan to destroy RSS feeds since they can’t control them.

I also have some reservations about RSS feeds being directly tied to the browser knowing Microsoft’s track record with active x and other browser active components. Time will tell on this issue but I will bet that security issues will arise with RSS being a component of the browser. I can see the real possibility of active components getting through to the browser hidden in an RSS feed and being allowed to run on the system.

Microsoft is taking one direct security measure that is long over due by adding better protection against Phishing by adding a filter to help warn people about questionable sites. (The only down side is that this feature is currently only in the XP version of Internet Explorer version 7.) Even more interesting is the fact that the filter will also be able to check against a data base to block known Phishing sites. Sounds like a good idea lets hope it works as advertised. What we don’t need is people thinking that this filter is protecting them when it isn’t.

So what’s the verdict?

Well all in all it seems to be a good program. It’s got enough improvements in security and features to make it worth going to the trouble to update to Internet Explorer version 7 if Internet Explorer is still your choice in browsers. I just wish that it was also being offered to those who are still using Win98 and ME.

Many may wonder if Microsoft’s failure to make Internet Explorer 7 only run on XP or Vista is one more attempt to force people to update. I just hope that Microsoft remembers that most people who are running Win95/98 and many running ME can’t update because of hardware limitations. People using these older systems are often those who are on the fringes of computer use anyway. To use security to try to force people into updates to their OS isn’t something that Microsoft or anyone else should be doing.

Of course you could do what I’ve done and just install Firefox and get all the features that Internet Explorer version 7 will have except the Phishing filter and not have to wait. Firefox is here and available now with tabbed browsing, proven security and it’s not dependent on Microsoft.

It will also run on all versions of Windows from the older Windows 98 to Windows XP as well as Linux. That’s especially nice when you run a network with mixed operating systems and only want to have to support one browser. So if what you want in a browser is security, versitality, and features you don’t have to wait on Internet Explorer to update you can get Firefox today.

If you want to check out Firefox just head to their homepage;
http://www.mozilla.org/products/firefox/

Saturday, August 27, 2005

Microsoft’s Vista is on the Right Track but there’s Still Much to do.

Microsoft released their much anticipated updated beta of Vista on July 27th and I’ve finally gotten a chance to really set down and check it out. Even with the stupid name it looks like it will address a lot of the security problems that have plagued Win XP.

So after two days of really putting it through its paces I’ve got some initial personal reactions about it to share with you.

The General Look and Feel

First, as usual, Vista includes the usual superficial bells and whistles that Microsoft loves to put in its OSs. It has sharper graphics (With the price of needing a much more powerful graphics card.) and a different look to the windows frames called “aero glass”. Aero glass gives a cool see-through effect to the window frame boarder.

The sharper graphics seem nice and the over all draw and opening time of windows programs seems faster and crisper. (Of course with the powerful graphics card this OS requires to display “aero glass” and other such graphics enhancements they should be.) So when it comes to cool looks Vista is on track. And while this is certainly nice it’s hardly a major reason to run out and buy Vista.

I did also find “aero glass” makes some actions harder. Dragging and dropping and other similar actions are trickier since you can’t easily tell just where the edge of the window frame is located since they have a semi transparent look with edges that fade into the background.

Much more impressive to me are the graphics icons that the system uses to represent files and folders. Now a document or folder will be represented by a graphical representation of the actual document or file not the stored, stylized, generic graphics used in XP. Now just like all of your program shortcuts your file and folder icons will use distinctive representational icons.

They have also changed the look of the standard application menu bar that contains the file, edit, view, insert, and other such function menus in windows. Now they have either eliminated it or moved it to the bottom of the window. I’ve not decided what I think of this change yet. It will take some time for me to decide on this one as I fail to see a reason to change this except to try to look different from XP and the other windows flavors.

I was also disappointed to find that Vista doesn’t seem to boot up or shut down with out taking all day to get it done just like XP and all the other versions of windows before it. It has always amazed my how long it takes to turn off Windows. What can it possibly be doing that takes it sooooo long to get it over with.

Search and moving around within Vista is also one of its bright notes. Everywhere you look you can find a search box or an icon to help you find a file or move to another location. It’s just too bad that this comes almost too late since so many search tools (many free to boot) are becoming available that do the job even better. I guess it’s just like many of the other features found in Windows. Use what comes with Windows if you don’t need a full set of features for the job but if you need a complete solution then get a third party solution.

As to the many other features like virtual folders and such I didn’t really look at them since it seems that they it will be a much later before they are fully implemented (If they aren’t dropped like the new file system Microsoft promised but like so many of their promised “features” not delivered.)

Under the Hood

But the real changes we’re all looking for relate to improvements in the basic underlying security and stability of Vista. On this issue the jury is still out since the final features that will be in the “finished” product are hard if not impossible to predict yet.

The ability to easily use programs in Vista at a reduced rights level rather than always needing to be logged on with Administrator rights promises to be one great security addition that will most definitely be implemented. It still is a little rough around the edges in this version but it seems likely that Microsoft will work out most of the problems by its release. Being able to use programs like internet explorer at reduced user rights really improves a user’s ability to protect against malware. It only remains to wonder why Microsoft took so long to do this for internet explorer.

Microsoft is also promising other safety security features but they are harder to see or substantiate since some of them aren’t in this beta and others seem to work poorly. An example is their claim that the OS will have the ability to detect imminent component failure (hard drives, video cards, DVD’s and such) and suggest data backup and other protective actions before these problems strike.

In an attempt to prove if that feature works or not I installed a hard drive I had which had gone bad sometime ago. This drive had developed a loud squealing noise (Bad bearings I guess.) and wouldn’t always let windows boot due to read problems on some sectors. Luckily I’m one of those guys that always hangs on to such junk so I had what I needed to test Microsoft’s claims on this one.

Well after three tries the system booted and I was able to install Vista on to this hard drive with out any real problem except for listening to the noise of the drive grind and screech away. (Really I ducked out and only checked in once in a while because I just couldn’t stand to hear this drive trying to self destruct.)

As a testament to Western Digital though the drive made it through the install and I allowed it to run for over an hour while rebooting it two or three times. After all that not once did Vista ever complain. This is not a scientifically controlled test but since the drive was so bad it was a real disappointment that Vista didn’t complain even a little bit.

Vista is also suppose to be able to detect whether a system has been tampered with and know what files have been changed. This should make it much easer to prevent malware and viruses from changing anything in the system files and folders with out detection. I’m betting that this feature will work and work well in the final release but I didn’t try to test it since the question shouldn’t be if this feature works or not. The question should be why has it taken so long to get it as a feature. Up to now Microsoft’s attempt to detect or detour intrusions to the critical systems files has been worse that poor it’s been totally lacking. Much of the real problem with security and Windows is that everything is just too open. With lots of sharing of everything from dll’s and services to drivers it’s surprising that there aren’t more security problems.

So to sum it up the jury is still out but it seems that Vista is headed in the right direction but it will be interesting to see how long it takes to live up to it’s promises. It has take XP until service pack 2 to have the features and security that it should have had right out of the box! I’ll bet Vista will take a year or two to really deliver on its potential. That means that most likely a rush to up grade isn’t necessary.

Tomorrow we’ll look at Internet Explorer’s update beta that shipped with Vista and see if it is really ready for prime time and ready to fight Foxfire’s growing popularity.

Thursday, August 25, 2005

Windows 95's Birthday Passes Quietly

Yes yesterday the 25th of August was Windows 95’s 10th birthday. It passed quietly with no comment by Microsoft. There was no party, no balloons, and no excitement shown by Bill Gates or Microsoft.

This is unfortunate as a comment should have been made.

Come on Bill Windows 95 was your baby and it is why your company continues to dominate the OS markets to this day. I could easier see a Disney with out Mickey Mouse than a Microsoft with out Windows 95. (Yes I know some people see a resemblance to Mickey Mouse in your software anyway but that’s another story.)

Without Windows 95 the Mac OS would now be the leader in OS software and you and Microsoft would be a distant 2nd.

So if you won’t praise your baby I’ll take a moment to say a word or two.

Windows 95 was a mile stone in computer software development and for better or worse started the "modern" era of easy computer use. While Windows 3.1 was the first real Windows it was so unstable and resource intensive that it only hinted at what was to come. (Yes I know that Windows 95 wasn’t all that stable either. But it was so much better than Windows 3.1 that there was no comparison.)

No one software release has made computers more open to the general population than Windows 95. With a common look and feel across all programs, a simple development environment, and common drivers for all programs even the newbie could handle a computer. And with that change computer use took off and grew in ways never imagined by anyone.

In just 10 years the computer has made inroads into daily life that it’s hard to imagine. Much of that would not have happened the way it did without Windows 95.

Anyway HAPPY 10th BIRTHDAY WINDOWS 95!!!!!

PS It’s also interesting to note that I still have two computers that I and others in the family use occasionally that run on Windows 95 and they still do the basic tasks that I use a computer for just fine. (Some days I wonder if NT, 2000, ME, and XP are really worth the extra trouble and cost.)

(Look Mac users don't take this article personally. Mac is a great system and is in many, many ways better than Windows. But it just has never been as popular and for that reason hasn't had the effect that Windows 95 has had on general computing. Just stay cool Mac users because with Mac’s new OS and move to Intel chips Windows may not win in the end after all. I see a new Mac on a lot of desktops with in the next few years.)

PC World’s Article “The Web of Crime” is a Must Read!!

PC World is currently running a great 5 part series about computer crime called “The Web of Crime”. It’s a short well written series covering crime on the internet and how it’s changed from humble beginnings into the major criminal activity it is today.

Taking us from the early days of computer crime and the independent hackers who were behind it we are lead to the modern professional criminal of today’s internet.

For a such a short article it weaves a spell binding account of crime on the internet. Its story about the company that produces the PC Tools utilities and their attack by on line criminal extortionists is intriguing and very informative. It shows that even moderate sized companies doing business on line today are targets of attack.

If nothing else this series of articles will forever change how you think about computer crime on the internet.

So if you want to read what I think is one of the best stories so far this year about crime and the internet today this is one series of articles you shouldn’t miss. I guarantee you’ll read it from beginning to end without stop.

The series can be found here at PC world’s web site;

http://www.pcworld.com/news/article/0,aid,122240,00.asp

Tuesday, August 23, 2005

The Latest Report on Malicious Software on the Internet.

Webroot recently released there quarterly report on malicious software on the internet and it wasn’t encouraging.

After scanning almost 60,000 computers at approximately 20,000 companies they found a large increase in the number of Spyware and Adware programs infecting these systems. This is most worrisome since corporate enterprise systems have available the most resources to protect themselves. They have the manpower and the budgets to implement the software and practices that should be preventing such infections. If corporate America isn’t getting the job done then you can bet that the problem is much, much worse for individual users.

Webroot found that 80 percent of the enterprise computers they scanned are infected with some kind of Spyware/ Adware program. The average number of such programs found per computer increased to 27 up a whopping 20 percent from the previous quarter.

This increase comes at a time when awareness of Spyware, Adware, and other malicious software is at an all time high and in a sector which potentially has the resources available to it to fight against these kinds of problems. That means that companies are losing their battle with malicious software writers.

Even more troubling is the fact that infection by the worst of the malicious programs, mainly Trojan Horses and key loggers, stayed about the same. These programs are a much greater risk to the security of any system than the Spyware/Adware programs we’ve known in the past. They result in identity and data theft which is much costlier and more destructive than spam and pop up ads ever will be.

This increasing trend toward developing Trojans and key loggers shows that the malicious software writers are changing from a pay-per-click advertising theme to an identity data theft model. Their attacks are more and more exploiting these much more profitable crimes. It also seems to indicate that organized crime is involved since these programs are more intricate and require a lot of group involvement.

It isn’t the juvenile hacker who’s the problem anymore. It’s the well funded technological savvy criminal that we all need to fear. These guys aren’t interested in where you go on the internet. They aren’t trying to show you ads and popups. They are after your credit card and bank account numbers so they can rob you of all the money they can get. They want to get into your eBay account and would love to get your PayPal password. They’re after cold hard cash and they will do what ever is necessary to get it.

Using new advanced methods and stealth technology they are creating programs that are circumventing the safeguards that we have came to rely on. That means that we all must adapt to these new threats and increase our efforts if we are to protect ourselves. Just remember that even though there are dangers out there it is possible to be on line and be reasonable safe. It just takes awareness and the right tools and procedures to make it happen.

So while it’s gotten tougher it isn’t impossible to protect ourselves we just need to work smarter and harder to get it done. With that in mind I’ll be covering what we can all be doing to properly protect ourselves in a series of up coming articles so stay tuned.

Resources

Read an excerpt from Webroot’s report with links to the complete report here;
http://www.webroot.com/land/stateofspyware_excerpt.php

(The complete Webroot report in PDF format is about 9megs and to download it you are required to give them you name and address. The excerpt is however is available with out any information required and will provide a good overview of the complete report. Besides unless you love this stuff you don’t want that much information anyway. Trust me I’ve read the complete report and it will put you to sleep.)

You can read eWeek’s article about Webroot’s report here;
http://www.eweek.com/article2/0,1759,1850937,00.asp?kc=EWRSS03129TX1K0000614

Monday, August 22, 2005

It’s So Long to CardSystems Solutions, I Hope!

Well another story about CardSystems Solutions has hit the wire services. Again attention is being drawn to the whole credit card clearing house problem. The lack of enforcement of security rules on card processors used by the major card issuers has been an underlying security problem for sometime.

Larry Loeb writing in eWeek expresses the opinion that CardSystems Solutions will have problems surviving in the long term. I can only hope he's right but as I said awhile back I doubt it.

I know that for what CardSystems Solutions did shutting them down is too being to easy on them. I think that someone needs to spend some time in jail where they can be left alone to study computer security.

Anyway on the surface the card companies are pushing their new heightened security standard for the press and to parade before Congress in the up coming hearings on credit card customer security. I think it's more for show than for true change. With Congress and the news media sniffing around the credit card companies are trying to do a white wash job.

I say we need to do what the Queen in Alice in Wonderland wanted to do, “Off with their heads!!!!”

Anyway you can read Larry’s article on the subject in eWeek here;

http://www.eweek.com/article2/0,1759,1839515,00.asp?kc

Microsoft to the Rescue???

Well the "old dog" Microsoft is trying to get into yet another area of internet services that of providing outsourced email handling. They are purchasing FrontBridge a secure email hosting company. It is only one of many moves Microsoft has been making in the area of email and email security for the last year or more. It shows just how important email security, management, and storage have become that Microsoft would look to enter this market.

While the jury is still out on the question of if Microsoft can get any security matter right let’s hope that this time is different. With all of the issues surrounding email in the workplace right now email is in need some big, big changes if it is to survive. Of course the real issues facing email today go beyond any Microsoft’s entry into the managed email market can solve. They go to the root of email and how it’s sent and managed over the internet. Email is so vital to modern business that it must be protected from all of the possible catastrophic events that might happen. From power outages and natural disasters to internet sabotage nothing must be allowed to stop or destroy a company’s email.

That comes on top of the problems of viruses, pfishing, and Spyware. Problems we all know effect email and aren’t going to go away any time soon. But it's even more complicated than that. We are now seeing Sarbanes Oxley’s rules and regulations going into effect requiring businesses to monitor, store, and provide email in ways that are hard for a company to manage and enforce internally. Having a disinterested party provide these services through a managed email service will end up being the most common way it's handled for medium to small companies in the future.

Let’s just hope that Microsoft’s entry into this market signals a movement toward change that will really result in email being safer and more protected for everyone on the internet wither they use a security mail provider or not. At least it shows that some of the well know big players are beginning to move into a market that has been dominated by large but lesser know companies for sometime now. Maybe Microsoft’s entry will bring an awareness and competition that will result in improved email for everyone. We can only hope so.

But one way or the other email needs to be saved just because it has become too vital to modern business. We all rely on it too much to see it completely fail and I predict that some how it will be salvaged. We need things to change lets just hope I’m right and it’s not already too late.

Read a related article on eWeek;
With a Name Like Microsoft�