How to run a malware ecosystem

Eweek has a nice article on the analysis of new-style malware. This is very nice, but raises some serious questions about the ‘provability’ of crimes that are using computers, e.g. the distribution of child abuse images. How can you prove which downloaded payload had what side effects?


Australia wants to protect children?

Australia will have a law in 2008 enforced by ACMA to protect minors from content that is deemed incorrect for them. Basically they ported the movie ratings to the online content providers. While I sympathize with their intentions, I think they got their wires crossed somewhere. In no way will this law help to protect the children, it will only worsen the privacy situation for all non-minors. You have to enter your credentials (credit card number and name) for each site you’re going to visit that may hold content that is deemed inappropriate.

How will this end up being implemented?

Probably badly, because the creditcard data will be stored by parties that had no dealings with it previously. That will be a great target for phishers and hackers alike.

It will be very educating for all other countries, because legislators all over the world more or less think alike. Measuring the effectiveness of this law will be quite difficult though, which makes it an immediate success. This won’t be the last we’ve heard on legislation that intends to protect minors from harmful content.

Technorati Tags:

Web 2.0 security

GNUCitizen has a nice article on the stuff that would be possible when you’re combining all the nice features offered to any enterprising young man (or woman).

The Next Line of Defence: Web2.0! You must read this!:

Do you remember my words from my Web2.0 hacking talk: Data in the Cloud, Applications on demand, but for malware! Well it is happening! And I know that a lot of security (sort of) guys out there will simply ignore many of the things we (GNUCITIZEN and others) have to say but the simple fact is that Web2.0 is the most significant development milestone of the Internet, which will bring the next generation of computing to reality and with that, the next generation of problems. With this post I would like to show you an examples of the so called Applications on Demand and dive a bit into what security implications we face when dealing with this type of technologies today and in the future.

Technorati Tags: ,