DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
July 03, 2008
Ignore Malware? Some Leaders Imply Yes
Recent reports says huge numbers of home PCs connected to the Internet are infested with malware. What strategies should we be using to deal with this situation? Some technology CEOs and other leaders imply that we need to move on ...
In an interesting interview with SC Magazine UK back in May, Shlomo Kramer - CEO of the Year, one of the founders of Checkpoint and the current CEO of Imperva, said some very interesting things on this topic. Much of his wisdom was conventional, but how about this quote from the article:
He (Kramer) reveals that he is an investor in a company called Trusteer, which turns accepted anti-malware practice on its head. Instead of trying to clean up your computer from viruses and malware you just don't bother. "There are simply too many of them, it's unmanageable. You're just piling additional negative logic onto negative logic; it's not going anywhere," he states. "So, there's a new approach that says: 'we'll assume your computer is contaminated, it has bad stuff on it and, even though it does, we will enable you to do secure transactions using that computer.' This then is the positive logic that ensures you work securely."
When questioned on whether this is throwing in the towel and admitting defeat, Kramer jumped back in with this, "But this is a secure channel, it's almost like SSL, somebody can try to tap the network and eavesdrop, but I have a secure channel that is encrypted and nobody can penetrate that. So I've got this secure channel between me and my online banking application, so even if there is malware on the computer it can't penetrate that channel," he says.
This debate is not just about one company's solutions. Fellow CSO blogger Jeff Bardin debated Dan Geer on the sentence: "Online providers should assume that customer PCs are already compromised" in the July issue of SC Magazine US. (Jeff argued against the statement.)
Dan Geer stated that our answer is to "insulate and isolate your client-side code, whatever yours is, from the client side operating system." Geer equates this to "fighting fire with fire," or "mimicking the methods of the attackers."
I'm not there (yet), which I guess puts me with Bardin on this issue. But as more botnets and malware spread freely - and my neighbors don't seem to even know about it much less care about malware at home - I'm starting to be won over to new ideas and approaches.
Source: CSO Online Blogs
All news for October, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
