Gallery

Keep it simple, stupid

Posted on 16 May 2005 at 10:58

Davey Winder looks at cutting the spam reaching his BlackBerry, while thinking about laptop legs and compromising situations

I highlight these particular figures because they suggest that security needs to be taken more seriously to prevent confidential data from being compromised. Indeed, last year I happened to visit the Symantec threat labs in Santa Monica, California, and was told that its 'infection benchmark' time for a sterile PC connected to the Internet without any anti-virus and firewall protection is now just ten minutes. It is not as if I was given privileged information here: although this ten-minute time bomb may shock some, it is fairly common knowledge that unless you take a proactive role in defending your data from attack then it will be compromised sooner. This means not only ensuring that anti-virus, firewall and spyware solutions are up to date, but also that your system OS and application software are. The Java exploit I mentioned earlier was patched and sorted within days by Sun Microsystems, yet I suspect I will be finding non-patched machines that have been infected as a direct result for years to come.

If proof were needed, beyond the state of the computers I come across at prospective client sites across the country when carrying out initial security sweeps, Symantec reports that 'old news' exploits are still causing most problems. There is Slammer (or the Microsoft SQL Server Resolution Service Stack Overflow Attack if we are being formal), still used by 22 per cent of all attackers in the period, and the TCP SYN Flood Denial-of-Service launched by 12 per cent. Yet both are easy enough to close down, so why aren't we doing so? Because the attackers aren't as slow to respond as the attacked: the report reveals that the time between some new vulnerability being disclosed and code being released to exploit it is now just 6.4 days. With some 1,403 new vulnerabilities during that six months, up by 13 per cent, this is a statistic we should all worry about.

At the risk of being greeted by cries of 'now he's spreading the Firefox FUD' (which I most certainly am not), when I say 'all' I mean 'all'. In the last half of 2004, there were 13 new vulnerabilities affecting IE, compared to just six for Opera and - sorry folks - 21 for the Mozilla family. And if you want even more to worry about, the report predicts an increase in both the number and severity of mobile device attacks. It is known that Bluetooth vulnerabilities are being actively researched by those who would do us harm, and smartphone-driven worms will likely not remain the stuff of science-fiction for much longer. Expect to see an increase in client-side attacks that use worms to propagate, along with threats that are hidden inside audio and image content files. As Symantec says, 'this is worrisome because image files are ubiquitous, almost universally trusted, and an integral part of modern day computing.'