Windows is an attractive platform for the malware writers, in part, because of the sheer number of users. As Microsoft creep towards making their offerings more secure, applications are increasingly becoming the focus for vulnerability exploitation.
Like Windows, Adobe products are a default software choice for most users. The bad guys know this and realise that its profitable to scrutinise their applications for exploitable vulnerabilities and create malware to take advantage of the fact.
In case you missed this bit of security news last week, according to Heise Security ...
"A team of researchers from Bonn University and RWTH Aachen University have analysed the notorious Storm Worm botnet, and concluded it certainly isn't as invulnerable as it once seemed."
As people move an increasing part of their lives into global and local networks, the development of privacy intrusion techniques and technologies faces exponential growth. The will to eavesdrop on other's private communication is reaching new heights. As this occurs, the concept of privacy is being obliterated. Privacy is under attack, giving birth to the current situation where consumer's private information is commonly considered to be an approved target. The constantly increasing demand to acquire personal and confidential information has boosted the supply of eavesdropping techniques and technology.
The FRA, Swedish National Defense Radio Establishment, that recently was approved to start their extended surveillance activity targeting wire-based Internet traffic and traffic in the mobile networks, may intercept personal e-mails between local Danish vicars and Danish people in their search for a cure of the souls. How is this possible, you ask? The e-mail of the Danish church is handled via servers placed in Sweden, and FRA is allowed to intercept communications as they pass the Swedish border, according to the newly adopted FRA law.
We are disappointed to announce that the FRA-law that we discussed in yesterdays blog was actually accepted as law by the Swedish Riksdag (national government) yesterday. The number of delegates voting for the new law was 143 and the number of delegates voting against the law was 138. The number of delegates that were absent, and therefore did not vote, was 67. Only one delegate refused to vote on the matter. Apparently, there was "no time" to wait for a proper investigation of the entire proposal and the addendum, and the decision was to accept the law quickly and then wait for an extra addendum proposal this autumn. The fast process was highly criticized but the directive was to come to a resolution before the summer holidays.
There is an ongoing debate about whether FRA, the Swedish National Defense Radio Establishment, should be allowed to extend their surveillance activities to include the surveillance of wire-based Internet traffic and phone conversations that pass the Swedish borders.
The proposed law was first discussed in 2007, and a decision was tabled during this past year. The proposal has resurfaced with the same vague wording as in the original proposal presented a year ago, and there are few clear rules for when such extended surveillance activities should or should not be allowed. There is also a big question mark regarding the authorization of the wire-based surveillance activities as well as the storage and the destruction of sensitive surveillance data.
The Foundation for Information Policy Research have published two excellent documents regarding technical aspects and legal concerns surrounding the Phorm "Webwise" system. Dr Richard Clayton and Nicholas Bohm's documents and an open letter to the Home Office can be found at the link below.
http://www.fipr.org/press/080423phorm.html
For those of us who don't have access to BBC Breakfast tv, BT have publicly responded to some questions about Phorm. Check out the reponse at The Register:
http://www.theregister.co.uk/2008/04/03/bt_phorm_interview/
Have a look at the Channel 4 interview linked at the bottom of the page and also the comments section, which is full of some extremely interesting opinion.
For those who have missed it, Phorm, Inc have trialled and are proposing to roll out a new system in the UK that helps advertisers target advertising more precisely at participating internet users. Their goal is, according to their homepage at www.phorm.com is "to make online advertising more relevant, rewarding and valuable.". The basic principle is to gather information based on your internet browsing behaviour and use that information to target so called 'relevant ads'.
