Friday, March 31, 2006

March's Security Streams

A quick summary of March's Security Streams ( January, February ). It was an unbelievably busy month, and while I'm multitasking and diversifying on a daily basis, I'm certain you've enjoyed this month's streams, thanks for all the feedback you've been sending, it's a small world if you just let yourself realize it!



1. "DVD of the (past) weekend" The Lawnmower man -- God made him simple, Science made him God!



2. "February's Security Streams" a summary of all the posts during February



3. "Anti Phishing toolbars - can you trust them?" Recent phishing trends and the usefulness of anti-phishing toolbars discussed -- at the bottom line the complexity of the relatively simple concepts seems to ruin the whole effect, but wish phishing was that simple!



4. "Data mining, terrorism and security" Commentary on NSA's data mining interests and the still active Total Information Awareness program. Data mining is a very popular trend towards fighting terrorism -- and too ambitious, whereas storage of someone's life in a digital form is getting even cheaper, making sense of it all in a timely fashion still remains the biggest problem



5. "5 things Microsoft can do to secure the Internet, and why it wouldn't?" That's the second most popular post this month, right after "Where's my Oday, please?". Basically, it gives an overview of key points Microsoft can execute in order to secure the insecure by default Internet, and why it wouldn't. The post isn't biased at all, it's just the fact that their QA procedures open up the most easily exploited windows of vulnerability ever -- client side attacks on the IE browser. As a matter of fact, Fortune's latest issue has interviewed Steve Balmer in their QuestionAuthority column -- important fact MS's investors should keep in mind in respect to the future competitiveness of the company is how Balmer's kids are forbidden from using iPods and Google, which is very sad



6. "The Future of Privacy = don't over-empower the watchers!" We sacrifice our privacy, or have it abused on a daily basis in order to function in today's digital society, whereas there's nothing groundbreaking as a future trend besides giving too much power to the Watchers ensuring our "Security vs Privacy or what's left left from it"



7. "Where's my 0day, please?" Introducing the International Exploits Shop and providing relevant comments on the current state of the market for software vulnerabilities -- I wonder are the informediaries already talking/realizing the potential for an 0bay auction model as given the growing number of both sellers and buyers, such a model would sooner or later emerge. If it does not, you will continue comming across or digging for sites offering fresh 0day exploits that have the capacity to keep the media echo for yet another several weeks. CERT is totally out of the question, end users doesn't know what is going on, and everyone is trying to cash for being a vulnerability digger, not a researcher!



8. "DVD of the Weekend - The Immortals" Forget entertainment and enjoy this visionary adaptation of Enki Bilal's Nikopol Trilogy



9. "Security vs Privacy or what's left from it" Sacrifices drive success to a certain extend, whereas Security shouldn't be sacrifices for Privacy, at any cost!



10. "Old physical security threats still working" The old physical security trick of abusing a CD/DVD's autostart feature by installing malware on the PC seems to be fully working even today, which isn't a big suprise at all. Physical security threats have greatly change on the other hand as employers themselves have realized the possibility for insider abuse. And while you might be a little more secure from threats like these, at the end of they day you'll probably have your boss snooping around to find out where's that abnormal P2P traffic coming from :)



11. "Getting paid for getting hacked" Cyber insurance seems very attractive, and it really is, have your company's databases stolen, you'll get premium for it, receive a DDoS extortion letter, get it paid with a smile on the herder's face. Moreover, considering the big picture, I feel you'd rather have a security vendor take care of the consultation process, with the idea that their revenues will be at least spend on R&D security investments compared to an insurance company, or that's how at least I see it



12."Successful" communication" Dilbert rocks my world, my most important point on commercializing vulnerability research is how it's happening in exactly the worst moment ever. The immature concept of reporting vulnerabilities and the economics of the process itself didn't really need money in between. In the eyes of these vendors, which as a matter of fact go through my posts, I am a naysayer, and I'm not. I'm just trying to keep up a constructive discussion, and the results of it will soon be posted in here



13. "Weekend Vibes - Psychedelic/Goa Trance" My music evolution went through Rainbow, Deep Purple, started getting "hard" with Metallica, Off Spring, Guano Apes, to today's mix of alternative, classic rock and psychedelic/goa trance. No matter how your taste changes, don't forget where you've started from



14. "Is a Space Warfare arms race really coming?" Yes, it is and the more awareness is build on this issue, the higher the public discussion and hopefully, transparency of the activities. I find Secrecy a double-edged sword for an intelligence/military agency, as sometimes you just need to hear an average person's opinion on your megalomaniac ambitions. But given you are sincerelly backed up by a couple of billion dollars budget, your purchasing power becomes a bad habit of yours



15. "The Practical Complexities of Adware Advertising" Advertising players simply cannot periodically evaluate the maliciousness of their members as they will lose the scale necessary to keep the revenues growing. The participants on the other hand, are indeed getting ads and paid for displaying them, and of course, questionable content from time to time. Seaching around the IAB's site however, you wouldn't find any info on the idea of spyware/adware in today's booming online advertising market



16."Privacy issues related to mobile and wireless Internet access" Both end users and companies are "going mobile" and thefore the possibilities for privacy violations/physical security location are getting even more relevant



17."DVD of the Weekend - War Games" A little something on the movie and the recent "yet another Microsoft IE 0day" in the wild case



18."Are cyber criminals or bureaucrats the industry's top performer?" Paper tigers have an unprecedented effect on the loss of productivity and a society's progress -- the worst thing is how much they actually enjoy it! A very resourceful post that covers some important issues to keep in mind



19."Visualization in the Security and New Media world" or why a picture is worth a thousand packets?



UPDATE : Here are the unique and returning visitor graphs for the last several months, the outcome? Learn to understand your readers and how to retain them, thank you all for expressing your comments, contacting me, and keeping the discussion going!




Technorati tags :
,
-
Tags: , , , , , ,

Visualization in the Security and New Media world

Information visualization seems to be a growing trend in today's knowledge driven, and information-overloaded society. The following represents a URL tree graph of the Security Mind Streams blog -- looks resourceful! Want to freely graph your site/blog? Take advantage of Texone's tree, just make sure you don't forget to press the ESC key at a certain point.



In my first post related to "Visialization, intelligence and the Starlight project" I introduced you a fully realistic and feasible solution to filtering important indicators whatever the reason. Moreover, I also came across a great visualization of malware activity in another post summarizing malware trends around February. What I'm truly enjoying, is the research efforts put in the concept by both, security/IT professionals, and new media companies realizing that the current state of the mature text-based Web.



Ever wanted to see how noisy connect() scans actually are? In early stage of its development, people are already experimenting with the idea, find more about while going through "Passive Visual Fingerprinting of Network Attack Tools" paper.


Things are getting much more quantitative and in-depth in another recommended reading on the topic "Real-Time Visualization of Network Attacks on High-Speed Links" whose purpose is to "show that malicious traffic flows such as denial-of-service attacks and various scanning activities can be visualized in an intuitive manner. A simple but novel idea of plotting a packet using its source IP address, destination IP address, and the destination port in a 3-dimensional space graphically reveals ongoing attacks. Leveraging this property, combined with the fact that only three header fields per each packet need to be examined, a fast attack detection and classification algorithm can be devised."



Presented at this year's BlackHat con "Malware Cinema, a Picture is Worth a Thousand Packets" will provide with much more fancy visualization concepts related to malware. Originally presented by Gregory Conti, you can also download the associated resources, and keep an eye on the audio in case you didn't attend the con.



As far as new media is concerned, I'm so impatient to witness more developments given how boring I find any of the browsers I've used so far -- and there're a lot of developments going on as always! Virtual worlds have the potential to change the face of the Web, the text/image based one the way we know it.



Remember how the federal agents were chatting face-in-face with the malicious attacker through the innovative and programmed for the masses browser, in NetForce? Hive7 is the alternative in 2006, and if you spend some with it, you'll be impressed by its potential -- say goodbye to the good old IRC?



UPDATE : LinuxSecurity.com picked up the post "Visualization in the Security and New Media world"



More resources can also be found at :

CAIDA Visualization Tools
NAV - Network Analysis Visualization
Digital Genome Mapping - Advanced Binary Malware Analysis
A Visualization Methodology for Characterization of Network Scans
NVisionIP : An Interactive Network Flow Visualization Tool for Security
Exploring Three-dimensional Visualization of Intrusion Detection Alerts and Network Statistics
Attacking Information Visualization System Usability Overloading and Deceiving the Human
Security Event Visualization and Analysis - courtesy of CoreLabs
A Visualization Paradigm for Network Intrusion Detection
FireViz: A Personal Firewall Visualizing Tool - the FireViz project



Technorati tags:
, , , , ,
-
Tags: , , , , , ,
Subscribe to: Posts (Atom)