Wednesday, November 30, 2011

What is an Independent Antivirus Tester?

  With all the talk about Comodo and AV-C lately many people are requesting that products are tested from an Independent Antivirus Testing corp. However what is an independent antivirus testing group? AV-C "claims" to be an Independent Antivirus testing group, is it really independent?

  First we must define was an independent company is. I did a quick search online and the definitions I found where the following: 1. not influenced or controlled by others in matters of opinion, conduct, etc

  So how can a antivirus testing group be independent and how does it compare to antivirus testers such as av-c. First off I believe the test should not be commissioned or sponsored by an Antivirus vendor. The vendor should not be able to pick who is going to be up against or provide samples for them to be testing against. Avast wrote a blog post about it a while ago saying how they could hire a company and have them test their product against 10 samples and they could have an 100 percent detection using some randomly named "independent" testing company.

 Now let's compare this to AV-C. With AV-C you do not get to give them the samples to test against you, you don't get to pick who you were testing against, and no AV vendor sponsors the test. Everyone pays to get in but no one pays more then another. Plus the price to get in does not give you an advantage. Pbust said it best here on Wilders Security Forum:


"Paying testers is not the problem as long as all vendors pay the same fee structure and all get the same information, options for configuration and the facts are disclosed. Its a leveled playing field." -Pbust @ Panda Security

  The problems occur when payment is different from one vendor to the rest. Like for example sponsored tests where the sponsoring vendor chooses or provides the methodology, tested vendors, defines cases which should be tested and even goes as far as providing the samples. If you want to complain about non-independent tests then go after the sponsored tests. Those sponsored tests are the easiest to manipulate so that they say exactly what you want them to say.

  Now as you can see I mentioned a price to get in. This is the big debate for an independent AV testing group, how should they be able to get funds? However it goes beyond that how should any AV testing group get funded? Yeah I know many of you are thinking "if they are independent why should they get paid at all?" well I want to ask you is if the vendor is not paying a set amount how else can a tester get fairly funded? Every tester has to get funded some way or another. Magazine testers make money from advertising sales, some testing groups get paid to test a product a certain way, how can a AV testing group be 100 cash independent yet still have enough cash to do a lot of advance testing?

 Another big question is how do you hold a AV testing group accountable and know they are being truthful? Do you force them to turn over each sample they test with? Personally I can't see one simple way something can be put into place to make sure the results are truthful. Sometimes you just have to have trust in the tester.

  So to close I want to ask you, how should AV testing be done "fairly" in your opinion? Leave your thoughts in the comment section below.

Tuesday, November 29, 2011

Comodo vs AV-C part 2

 Well Comodo's CEO has put out a second blog post about AV-C, so far this has became a pretty popular topic among the computer security discussion websites. Popular computer security forum Wilders security has a topic full of discussion and so does Malwaretips, I recommend you keep an eye and both for the latest news.

 So as I continue to watch this unfold somethings continue to stick out to me. First off it seems like both sides were not native English speakers and the email may have been quickly put together. Taking a look at this quote "We are waiting for a response, if not, we may post our reply on" AV-C was saying they may have to post a public response about the incorrect AV-C Information. So it first all comes down to if you think that was a threat or not.

 The next thing it really comes down to you if they think someone is going to do something unethical to you do you do something unethical back? As they say fight fire with fire and someone is going to get burned.

 So what do you think about the whole issue? Leave you thoughts in the comment section below.

Monday, November 28, 2011

Facebook Christmas Tree App

WARNING!!!!!! ..... Do not use the Christmas tree app. on Facebook. Please be advised it will crash your computer. Geek squad says its one of the WORST trojan-viruses there is, and it is spreading quickly... Re-post and let your friends know!!
  You may have seen that message as you checked your Facebook lately and wondered what it was all about. Well it is important to know that GeekSquad (http://www.geeksquad.com/intelligence/blog/security-alert-facebook-%E2%80%9Cchristmas-tree%E2%80%9D-application/) was not the one who started this message and has never found a Christmas tree virus. ESET researchers have also not found proof that the infection is real and is once again claiming that its a hoax like it was last year.
  If you see a friend posting this on their social network accounts inform them that the alert is most likely a hoax and the Christmas Tree app at the moment does not exist.
 

Sunday, November 27, 2011

AV-C vs Comodo

 For those of you who enjoy reading up on Antivirus news and vendors blogs you may have seen this post from Comodos CEO about AV-C Antivirus testing method and their behavior. If you have not read this post I recommend you read it because it does contain some interesting details about Comodo. Once you have read that I recommend you read AV-C response to that post.

 First off in my opinion I really don't think this should have ever gone public. The emails that were private really should not have been posted. However it's all going to come down to do you trust Comodo or do you trust AV-C? However you can keep up with thoughts from around the web from Comodos own forum here or a topic about it on Wilders Security forum here.

 Another point this brings up is "How much do you trust your friends or family to correctly answer a security program alert"?  While most other vendors are pushing silent sandboxes and other security software Comodo is still pretty talkative. Do you trust people will correctly answer most of the alerts correctly?

 So how do you feel about vendors paying to get their product tested? In my opinion I feel as long as they are all being charged equally then it is fair. Share in the comment section below how you feel on this whole issue.

Friday, November 25, 2011

Update your parents browser day

 So after you ate all your turkey and went shopping like it was the end of the world what else can be done? How about taking part of a movement to help make the web a safer place? Today is update your parents browser day, a movement with a goal to rid the world of all out dated browsers. According to recent stats from W3 Schools 1.3 percent of IE users are still using IE 6. Yes this is the internet explorer version that was released in August 2001. According to Stat Counter IE 6 was the 10th most popular browser version this month on sites with the Stat Counter plugin installed.. Also according to that same chart Firefox 3.6 is the 6th most popular browser this month. Though not as outdated as IE 6 I always recommend having the latest version of your internet browser installed.

 So what are the the risks of running an old web browser? First computers with out dated web browsers are open to more security vulnerabilities due to unpatched security holes. In fact according to Secunia Internet Explorer 6 in its life time had 260 vulnerabilities and 155 Secunia advisory's. Lets compare that to Internet Explorer 7 which has 186 vulnerabilities and 58 Secunia advisories, Internet Explorer 8 has 112 vulnerabilities and 26 advisories, and Internet Explorer 9 which so far has only had 26 vulnerabilities and 4 advisories. As you can see with that trend the latest browsers are much safer then an out dated one.

  However if you are going to take the time to do this for your parents I recommend taking it one step beyond. Secure your whole parents machine and give it a tune up. Make sure they have the latest AV version install and it has the latest malware database loaded. Make sure you don't see any malware their AV may have missed. Also remove old programs they no longer use so their hard drive is cleaned up. Then run Windows Update and make sure they have the latest patched downloaded and installed.

Monday, November 21, 2011

Mobile Viruses, Malware, Scams?

 You may or have may not seen Chris DiBona's post on Google+ about the security of mobile smartphone (mainly Andoird) but I do encourage you to read it. However I do have some concerns I want to share about some of the views posted.

 All the major vendors have app markets, and all the major vendors have apps that do bad things, are discovered, and are dropped from the markets.

 Yes that is true but all it takes is one thing to get passed to have someone get their personal information stolen. Sophos has found both SpyEye and Zeus trojan kits for Android Mobile OS. It's not just Android that researchers have found trojan kits for: Symbian, Windows Mobile, and Blackberry baking trojans have also been found. The number of mobile banking malware trojans will most likely continue to rise as more and more people start to do online banking through their smartphone.

No major cell phone has a 'virus' problem in the traditional sense that windows and some mac machines have seen. There have been some little things, but they haven't gotten very far due to the user sandboxing models and the nature of the underlying kernels. 

  They may not have virus problems but they may have malware problems. The term malware and virus seems to have blended into one lately.

No Linux desktop has a real virus problem.
  In my opinion is has no real malware problem because not many people use it. I have yet to see a Linux Desktop in use for personal computer use. Koobface has been able to infect a Linux machine, however doing that may have been an accident on the malware writers part.

Yes, virus companies are playing on your fears to try to sell you  protection sofwareare for Android, RIM and IOS. They are charlatans and scammers. IF you work for a company selling virus protection for android, rim or IOS you should be ashamed of yourself.

 This part I really disagree with. So instead of working ahead and building security software now all of the "small malware" infections that are out there should just be ignored? I mean even Geeks To Go already has a section setup for mobile malware removal in-case mobile malware really takes off. It does not hurt to be prepared.

Friday, November 18, 2011

Daily Social Scam Report (11-18-2011)

 It's time for today's social scam report. Its the part of the blog where we inform you have the latest social scams and spam spreading across the social network:

 Casey Anthony adopting another child:

    This is false, this fake news story has been spreading quickly around the social network making people wonder if it is true. This news is false so please inform anyone you see posting it that it is not true.

 Free Iphone 5! As Christmas is coming Apple has decided to give away free Iphone 5s!

 No Apple is not giving a phone that does not exist yet away for the holidays. So you can ignore all the posts that say this and inform your friends that they are all a scam.

 Find out who your profile stalker is!

 Once again a scam and it's still spreading. In fact this is one of the first scam topics we have wrote about on the IGL-Security blog.

The Facebook Virus

 So November 5th has passed up by but the news of a Facebook virus keeps picking up. Bitdefender has got some more information upon the virus. According to what they have found Anonymous has finished their beta testing of the virus. This information could match up with the big spam wave that just went through Facebook recently. However Facebook responding saying it was due to a Self-XSS vulnerability. So once again please remember do not copy and paste code into your browser bar this is a very dangerous thing to do. Also keep a look out for news relating to this possible Facebook Virus you you can be aware and prepared if it does indeed strike. 

Worst passwords of 2011

 Do you have one of the worst passwords of 2011? Well its time to check and see if your password made the list of worst passwords of the year. Splash Data has came out with their list of passwords you should "avoid" for they are the worst of the year.

 Coming in first place for the worst password if the year is......"password". Yes that is right even with all the press saying not to set your password as password people are still doing that. Followed by passwords such as 1234 and 12345, and so on. Some other passwords that made it on the list were sports (Baseball, Football) so when coming up with a password its a good idea to avoid sports. Another password which seems to be lacking in creativity is "monkey" for it seems a lot more people are using this simple password. Why I don't know but it seems people just love typing the word Monkey.

 When coming up with a password you random words, and symbols (if possible) to help create a stronger password. Make sure you never use the same password at different sites for all it takes is one site to be hacked for hackers to gain access to all your personal sites.

Tuesday, November 15, 2011

Lavasoft: Innocent until proven guilty

 Lavasoft at one point was the most popular AntiSpyware program. It has been one of CNET's top downloads for a while but what is going on with the company now. Lets put some of the part articles and some of the recent articles together and get a glimpse of what is going on:

 Back in May 2011 (source) it was announced that Lavasoft has been acquired by Solaria Fund. Doing a quick Yahoo Search shows the top results of the fund were just news articles about acquiring Lavasoft. A few months later on that some blog article a comment appeared on the SecurityGarden blog saying:

 FYI: After the "secret" acquisition (which, by the way, everyone was told that nothing will change), they fired a whole bunch of people in two strokes, the second being in May 2011.

Two weeks ago (Week 32), the remaining 15 or so employees were told that the Swedish offices will close (the date is not yet as yet).

Lulu have a satellite office in Ukraine where the programming will be done; I guess their "marketing" (for want of a better word) will be driven from Canada.

The end of an era.

  Now a few weeks after being announced is was acquired by the fund it was found that Lavasoft was running under LuLu Software. Now LuLu Software has a bad reputation on WOT which has many reports of their registry cleaning software being a rouge. Now the president of LuLu Software is Eric Gareau which is the former president of Interactive Brands. Back in 2008 Interactive Brands was cybersquatting security vendor urls.

 The Register recently took a look at the contact address for Lavasoft and noticed it matched up with the register address for some InterActive Brand sites and connected with risk sites such according to some vendors such as McAfee which has this report they referenced (McAfee report)

  Now make of this as you wish. Some people may lose trust because of what the new heads of Lavasoft have done in the past. However Lavasoft has not done anything wrong yet since they have been acquired by LuLu Soft. Even though popular online download site MajorGeeks issued a waring saying they would not download it. In my opinion I think its still to early to tell. We will all just have to wait and see what is going on there and if they post a press release on the Lavasoft site. As they say in America innocent until proven guilty.

Sunday, November 13, 2011

Anonymous to release Facebook malware? Is it real?

 Anonymous did not take down the social network a few days ago like some thought, however it seems they may be changing their plan. A few days ago people noticed that they posted a video message saying they were going to invade Facebook with a highly sophisticated piece of malware that would spread through the social network. BitDefender has also detected (via SafeGo) a piece of malware that matches some of the description that is talked about in the video.

 So is this malware actually from Anonymous or is it a hoax? Why would Anonymous decide to start spreading malware instead of its normal actions? Is the malware that BitDefender detected the malware that Anonymous was talking about or is it something else? We will have to wait and see what happens. If more info becomes available I will post about it.

Thursday, November 10, 2011

Steam Hacked

 Gamers this is an important announcement for you: Steam has been hacked. Yes Steam the popular computer gaming service (which even I use) has had their database hacked into. According to reports it was at first thought the hack was just on the forums but it has been found the hack possibly went deeper then what was first thought. Hopefully all of you use Steam Guard which provides an extra layer of security to your Steam account. Something I have personally found very helpful to prevent others from accessing my account from a machine that is not mine.

 Once again this hack is a greater risk to those who use the same password at more then one site. So please use different passwords at different sites. Never share your password with anyone. Also if you hear news about a hack at a site you are a member on change the password as soon as possible on that site.

 If I get more info I will report it here as soon as possible.

Monday, November 7, 2011

Parents continue to lie to get kids Facebook

 So do you help your kids get past the Facebook age rule or not? According to a new study it seems parents have joined the "help my kids lie" side of the argument. Now if you have read this blog for a while you may know my view on the topic: I believe its wrong to be helping kids get around the age limit. Lets take a look at some of the stories across the web: TheNextWeb has posted that Facebook kicks off about 20,000 underage users a day. The NY Times has an article with many different people talking about letting their kids bypass the age limit. However I want to know why? What are they missing out on by not having a Facebook? They would be seeing their friends every day at school. With the age kids are getting cell phones now they most likely can text their friends.

 Now lets take a look at some of the things that the report tells us. The first thing I noticed is that in the survey only 20% of the people responded saying they want the government to try to take action to protect minors account. A majority of them would rather the gov just be like the movie board and provide recommended age. This could work but what about parents who don't pay attention to things like these? In fact I recently (can't seem to find it now) saw a report about someone who was suing Facebook because their underage child made an account. 

 So like always I recommend you having your kids wait till they hit 13 (the official age limit) to get your kids a Facebook. The older they get they should be more mature and should be better at handling a Facebook 

Thursday, November 3, 2011

November 5th is coming up, will Facebook go down?

 Lets go back to last Augest, it was being threatened (see here) that Anonymous was going to take down Facebook. Some people made a big deal about it, others ignored it. However now the date that they said they would take the site down is quickly approaching. As of recently news reports have been more focused on their plans to released information about Mexican Drug Cartels rather then their plans to take down Facebook. Mashable had a short little article about it. The Anonymous twitter page about the plan has not been used since October. Anonymous has also said they are planning to take down the Fox News website on November 5th. So what is going to happen on November 5th? We are just going to have to wait and see if any action takes place.