Malware Statistics on Social Networking Sites

Huge traffic aggregators such as the majority of social networking sites,attract not only huge percentage of the Internet's population on a regular basis, but also malware authors taking advantage of the medium as an infection vector -- and why not as a propagation one as well?

ScanSafe just came up with some nice stats on the average number of social networking pages hosting malware - based on five billion web requests, there's one piece of malware hosted in 600 social networking pages :

"According to an analysis of more than five billion Web requests in July, ScanSafe found that on average, up to one in 600 profile pages on social-networking sites hosted some form of malware. The company also reported that the use of social-networking sites, often assumed to be popular only with teens, accounted for approximately 1 percent of all Web use in the workplace. “Social-networking sites have been newsworthy because of the concern over our children’s safety, but beyond unsafe contact with harmful adults, these sites are an emerging and potentially ripe threat vector that can expose children to harmful software,” said Eldar Tuvey, CEO and co-founder, ScanSafe. “Users are frequently subject to unwanted spyware and adware that can compromise their PCs, track online behavior and degrade PC performance.”

SpiDynamics recent research into Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript , Hacking RSS and Atom Feed Implementations, and the countless web application vulnerabilities in popular portals turn this into a malware author's wet dream come true. You can also go through my key points on web application malware I made at the beginning of 2006, the "best" is yet to come.

Related resources and posts:
Malware
Malware Targets Social Networks - podcast
The Current State of Web Application Worms
Web Application Email Harvesting Worm

Analyzing the Intelligence Analysts' Factors of Productivity

Outstanding perspective, given the author is an ex-CIA analyst himself. Controversial to the common wisdom of a Project Manhattan type of departamental seperation -- everyone's working to achieve the same goal, whereas no one knows what the others are doing -- there's a growing trend of better analyzing and responding to an intelligence analyst's productivity needs. Watchin' the Analysts greatly descibes the Intelligence Community's efforts to sense and respond to these growing trends of collaboration, in between figuring out how to balance the possible security implications. Great reading, especially the infamous news headline on how the CIA got "hacked" through an internal unofficial communication chat room, one that they were unaware of by the time. The paper discusses LinkedIn, Del.icio.us, Blogs, and highlights the basic truth that "Anything You Can Do, I Can Do Meta..", an excerpt :

"Analysts interact among themselves, as a complex community web of knowledge. Analysis of those sorts of networks would be worthwhile, and is being done in the commercial sector, through a variety of tools. In the fall of 2000, the CIA shut down a so-called “chat room” operating unofficially over Agency networks; four employees lost their jobs, with other employees and contractors given reprimands. I had left the Agency in 1994, but numerous of those involved were friends and former colleagues. My impression was that what occurred was more embarrassing than threatening, and that agency management ought to understand how and why such virtual communities form—whether they’re facilitated or frustrated by the “official” infrastructure—and appreciate their value. Various network visualization tools would have readily revealed anomalous (at least as far as official business was concerned) traffic, but analysts will want and need an environment that fosters creativity and community, and ought to be given one."

However, there's a certain degree of internal censorship going on, the way employers often have strict guidelines on employees blogging activities, the CIA recently fired an analyst over an internal blog posting related to the Geneva Convention and torture. Risk management solutions, besides visualization are, of course, taking place as well.

Related resources and posts:
Intelligence
Visualization, Intelligence and the Starlight Project
"IM me" a strike order
Covert Competitive Intelligence
India's Espionage Leaks
Japan's Reliance on U.S Spy Satellites and Early Warning Missile Systems

AOL's Search Leak User 4417749 Identified

A Chief Privacy Officer and basic common sense anyone?

As you all know, during the weekend 20M search queries of 650,000 AOL users leaked, and are all over the Internet available for download. It's simple unbeliavable that the only measure to ensure the privacy of the data was the "unique ID", and how often does the excuse of improving search results pop out. No need for subpoenas this time, but basic use of filtering techniques.

Seems like AOL searcher 4417749 has been identified by a NYtimes reporter :

"Buried in a list of 20 million Web search queries collected by AOL and recently released on the Internet is user No. 4417749. The number was assigned by the company to protect the searcher’s anonymity, but it was not much of a shield. No. 4417749 conducted hundreds of searches over a three-month period on topics ranging from “numb fingers” to “60 single men” to “dog that urinates on everything.” And search by search, click by click, the identity of AOL user No. 4417749 became easier to discern. There are queries for “landscapers in Lilburn, Ga,” several people with the last name Arnold and “homes sold in shadow lake subdivision gwinnett county georgia.” It did not take much investigating to follow that data trail to Thelma Arnold, a 62-year-old widow who lives in Lilburn, Ga., frequently researches her friends’ medical ailments and loves her three dogs. “Those are my searches,” she said, after a reporter read part of the list to her."

Hope AOL gets to win the Big Brother Awards, nominated for sure.

Related resources and posts:
Privacy
Still worry about your search history and BigBrother?
The Feds, Google, MSN's reaction, and how you got "bigbrothered"?
What search engines know, or may find out about us?
Security vs Privacy or what's left from it
Snooping on Historical Click Streams
Brace Yourself - AOL to Enter Security Business