Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] [Rival] Authorities Take Wrong Approach to Combat Windows Zombie PCs

  • Subject: [News] [Rival] Authorities Take Wrong Approach to Combat Windows Zombie PCs
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Fri, 21 Dec 2007 20:52:44 +0000
  • Newsgroups: comp.os.linux.advocacy
  • Organization: Netscape / schestowitz.com
  • User-agent: KNode/0.10.4
Russians Close to Prosecuting 'Pinch' Trojan Authors

,----[ Quote ]
| Pinch could also be customized to have the victimized computer join a botnet, 
| or a network of computers set up to hide other malicious activity by the 
| hacker. Botnets are often used to send spam or mount other hacking attacks.  
`----

http://www.pcworld.com/article/id,140757-c,trojanhorses/article.html

How about fixing Windows or finding the thousands of script kiddies that grab
millions of Windows PCs? This is just as stupid as the FBI's 'solution'.


Related:

In zombies we trust

,----[ Quote ]
| A little over a year ago, I wrote an editorial where in back-of-the-envelope 
| style (.pdf) I estimated that perhaps 15-30% of all privately owned computers 
| were no longer under the sole control of their owner. In the intervening 
| months, I received a certain amount of hate mail but in those intervening 
| months Vint Cert guessed 20-40%, Microsoft said 2/3rds, and IDC suggested 
| 3/4ths. It is thus a conservative risk position to assume that any random 
| counterparty stands a fair chance of being already compromised.      
`----

http://blogs.zdnet.com/security/?p=661


Over 50% of corporate desktops infected with malware: IronPort

,----[ Quote ]
| The report also reveals that more than 50% of corporate desktops
| worldwide are infected with some type of spyware with the rate of
| infection as high as 70% in the United States. Trojans or malicious
| system monitors represented over 7% of the infections. Rootkits and
| trick loaders, which reinstall spyware and other obfuscation techniques,
| make remediation very difficult thus prevention is the key to stopping
| these threats.
`----

http://www.crn-india.com/breakingnews/stories/66870.html


Botnet 'pandemic' threatens to strangle the net

,----[ Quote ]
| Cerf estimated that between 100 million and 150 million of the
| 600 million PCs on the internet are under the control of hackers,
| the BBC reports. 
`----

http://www.theregister.co.uk/2007/01/26/botnet_threat/


NSA Builds Security Access Into Windows

,----[ Quote ]
| A careless mistake by Microsoft programmers has shown that special access
| codes for use by the U.S. National Security Agency (NSA) have been secretly
| built into all versions of the Windows operating system.
`----

http://www.techweb.com/wire/story/TWB19990903S0014


FBI ‘Bot Roast II: 1 million infected PCs, $20 million in losses and 8
indictments

,----[ Quote ]
| In June the Department of Justice and FBI announced Operation Bot Roast and 
| at that time said  ongoing investigations have identified over 1 million 
| botnet crime victims.   
`----

http://www.networkworld.com/community/node/22413


FBI ducks questions about its remotely installed spyware

,----[ Quote ]
| There are plenty of unanswered questions about the FBI spyware that, as we 
| reported earlier this week, can be delivered over the Internet and implanted  
| in a suspect's computer remotely. 
`----

http://news.com.com/8301-10784_3-9747666-7.html


Cybercrime Poses Challenges for Government, Industry Says Report

,----[ Quote
| Botnet – A network of remotely controlled systems used to coordinate attacks 
| and distribute malware, spam, and phishing scams. Bots (short for “robots”) 
| are programs that are covertly installed on a targeted system allowing an 
| unauthorized user to remotely control the compromised computer for a variety 
| of malicious purposes.    
`----

http://www.linuxelectrons.com/news/general/10857/cybercrime-poses-challenges-government-industry-says-report


Chip Design Flaw Could Subvert Encryption

,----[ Quote ]
| Shamir said that if an intelligence organization discovered such a flaw, 
| security software on a computer with a compromised chip could be "trivially 
| broken with a single chosen message." The attacker would send a "poisoned" 
| encrypted message to a protected computer, he wrote. It would then be 
| possible to compute the value of the secret key used by the targeted system.    
| 
| Trouble with Design Secrets
| 
| "Millions of PCs can be attacked simultaneously, without having to manipulate 
| the operating environment of each one of them individually," Shamir wrote.  
`----

http://www.crm-daily.com/story.xhtml?story_id=11200BH5USIO


"Trusted" Computing

,----[ Quote ]
| Do you imagine that any US Linux distributor would say no to the
| US government if they were requested (politely, of course) to add
| a back-door to the binary Linux images shipped as part of their
| products ? Who amongst us actually uses the source code so helpfully
| given to us on the extra CDs to compile our own version ? With
| Windows of course there are already so many back-doors known and
| unknown that the US government might not have even bothered to 
| ask Microsoft, they may have just found their own, ready to
| exploit at will. What about Intel or AMD and the microcode on
| the processor itself ?
`----

http://tuxdeluxe.org/node/164


Who do You Trust with Your Computing?

,----[ Quote ]
| Helios was speaking out against trusted computing (TC) and Digital
| Rights Management (DRM) that is humming softly at the hardware and
| software level inside YOUR computer right now. That's right! Chances
| are, it's already made it on a chip on your and my motherboards...but
| it's there. Soon, if what can happen does happen...we'll all be so
| very unhappy at being told how we can and can't operate our PCs.
| 
| Some of you may be asking, "what the heck are you talking about?
| They can't tell me how I can use my computer inside my own home".
| Unfortunately, that statement is false. DRM chips are already on a
| majority of motherboards and even built into some processors (viiv 
| anyone?). All it takes is a flip of the switch and you'll do what
| Microsoft or any other company that wants to manage your rights
| for you tells you to do whether you like it or not. That is, ofc
| ourse, unless you use Linux :)  Linux has always been about
| choice...we choose to compute in ways WE want to...not ways
| that are defined for us.
`----

http://linux-blog.org/index.php?/archives/176-Who-do-You-Trust-with-Your-Computing.html


Microsoft exec calls XP hack 'frightening'

,----[ Quote ]
| "You can download attack tools from the Internet, and even script kiddies can 
| use this one," said Mick. 
| 
| Mick found the IP address of his own computer by using the XP Wireless 
| Network Connection Status dialog box. He deduced the IP address of Andy's 
| computer by typing different numerically adjacent addresses in that IP range 
| into the attack tool, then scanning the addresses to see if they belonged to 
| a vulnerable machine.    
| 
| Using a different attack tool, he produced a security report detailing the 
| vulnerabilities found on the system. Mick decided to exploit one of them. 
| Using the attack tool, Mick built a piece of malware in MS-DOS, giving it a
| payload that would exploit the flaw within a couple of minutes.   
`----

http://news.zdnet.com/2100-1009_22-6218238.html


Duh! Windows Encryption Hacked Via Random Number Generator

,----[ Quote ]
| GeneralMount Carmel, Haifa – A group of researchers headed by Dr. Benny 
| Pinkas from the Department of Computer Science at the University of Haifa 
| succeeded in finding a security vulnerability in Microsoft's "Windows 2000" 
| operating system. The significance of the loophole: emails, passwords, credit 
| card numbers, if they were typed into the computer, and actually all 
| correspondence that emanated from a computer using "Windows 2000" is 
| susceptible to tracking. "This is not a theoretical discovery. Anyone who 
| exploits this security loophole can definitely access this information on 
| other computers," remarked Dr. Pinkas.        
| 
| Editors Note:  I believe this "loophole" is part of the Patriot Act, it is 
| designed for foreign governments.  Seriously, if you care about security, 
| privacy, data, trojans, spyware, etc., one does not run Windows, you run 
| Linux.   
`----

http://www.linuxelectrons.com/news/general/14365/duh-windows-encryption-hacked-via-random-number-generator


Did NSA Put a Secret Backdoor in New Encryption Standard?

,----[ Quote ] 
| Which is why you should worry about a new random-number standard that 
| includes an algorithm that is slow, badly designed and just might contain a 
| backdoor for the National Security Agency.  
`----

http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115


,----[ Quote ]
| "Is this a good idea or not? For the first time, the giant software maker 
| is acknowledging the help of the secretive agency, better known for
| eavesdropping on foreign officials and, more recently, U.S. citizens as 
| part of the Bush..."
`----

http://www.schneier.com/blog/archives/2007/01/nsa_helps_micro_1.html


Microsoft could be teaching police to hack Vista

,----[ Quote ]
| Microsoft may begin training the police in ways to break the
| encryption built into its forthcoming Vista operating system.
`----

http://www.vnunet.com/vnunet/news/2150555/microsoft-teaching-police-hack


UK holds Microsoft security talks

,----[ Quote ]
| "UK officials are talking to Microsoft over fears the new version of 
| Windows could make it harder for police to read suspects' computer files."
`----

http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index