[ISN] The world of spyware evolves

From: InfoSec News (alerts@private)
Date: Thu Jan 31 2008 - 23:16:35 PST


http://www.gcn.com/online/vol1_no1/45763-1.html

By William Jackson
GCN.com
01/31/08

The spyware community has polarized, a panel of security experts said 
Thursday at a Washington workshop hosted by the Anti-Spyware Coalition. 
Adware distributors, under pressure from the Federal Trade Commission 
and anti-spyware technology, have mostly quit the business or are going 
legit. But the really bad players are getting worse, producing more 
stealthy and sophisticated malware.

Nuisance adware is mostly dead, said FTC Commissioner Jonathan 
Leibowitz.

Venture capital funding of companies that are paid to deliver annoying 
pop-up ads to your Web browser is largely a thing of the past, Leibowitz 
said. He pointed to several successful civil actions against major 
distributors who have since gone out of business or gone straight.

And reports of spyware infections have gone down, said Jeffrey Fox, 
technology editor for Consumer Reports. According to annual surveys, 
infections have gone from one in four respondents in 2004 to one in 11 
in 2007. In the same time, the estimated cost of spyware has dropped 
from $3.5 billion a year to $1.7 billion.

But, to quote Miracle Max in The Princess Bride, there is a big 
difference between mostly dead and completely dead.

While adware and spyware are less visible, Trojans delivering malware to 
computers are more stealthy, sophisticated, and harder to detect and 
remove.

Im here to tell you, there is some malware circulating on the Internet 
that is impossible for an automated program to remove, said Janie 
Whitty, administrator of the Lavasoft Online Support forums who works 
with malware victims.

Susannah Fox, associate director of the Pew Internet and American Life 
Project, said there is a lot of misplaced trust among users of rapidly 
evolving technology.

We are seeing a changing game, with the growth of broadband and wireless 
connectivity and more powerful portable devices, she said. It is a 
faster, more mobile and more participatory environment, and most 
Americans are jumping in without considering the implications.

Despite the FTCs legal success, Leibowitz said there is a limit to what 
civil enforcement can do. The line between what constitutes legal and 
illegal software and permissible and impermissible behavior by an 
application is not always clear, and he is reluctant for the FTC to go 
too far in defining it.

I dont know that we want to overly regulate the space, he said. Its when 
enforcement doesnt work and the market doesnt work that the agency 
should turn to rule making. Currently, we try to go after the clear and 
worst offenders, to send a message to the marketplace.

The marketplace does work. The social networking site Facebook recently 
altered a program of using information about members purchases in ads 
sent to that members network of friends. This raised concerns about 
privacy violations, and Leibowitz said he would have supported an 
investigation of Facebook if the company had not responded quickly. In 
this case, the marketplace worked, he said.

Given the limitations of enforcement in a rapidly evolving environment, 
a lot of responsibility falls on end users to protect themselves and on 
technology companies to provide the tools.

Unfortunately, anti-spyware still is a maturing technology, Jeffrey Fox 
said. Tests by Consumer Reports found that anti-spyware tools detect 
only about 75 to 80 percent of the malicious code thrown at them, 
compared with 90 percent or better for most antivirus engines.

Users also need to mature. Most Internet users are reactionary, said 
Susannah Fox, changing their online habits only after being victimized. 
And the situation is growing worse with Web 2.0, which more actively 
involves end users than passive Web browsing.

I dont think there is any expectation of privacy in Web 2.0, said David 
Marcus, security research manager for McAfee Avert labs. Certain formats 
are custom made for delivering potentially inappropriate content. You 
are going to see a lot of changes in how malicious code is delivered, 
installed and hidden.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Thu Jan 31 2008 - 23:25:18 PST