Archive for December, 2008

Good malware?

Wednesday, December 31st, 2008

I’ve always thought about the idea of “Good” malware as a solution to some of the problems out there. The idea being that you use the same techniques used to compromise systems but to change some settings to a more secure value, but using some of the subversive methods to propogate.

Some of the settings that I consider a good default to change:
* Daily checks for software updates + Auto-Install of these updates
* Disable compromising features (eg: AutoRun)

Things to perhaps change
* Disable ActiveX
* Enable firewall (w/ exception handling)
* Nuke all AutoRun items
* Nuke all MSIE malware/extensions except “safe” plugins, eg: flash, quicktime, silverlight, etc..

The natural problem with this is doing good things with these bad techniques would likely get you classified as a virus/malware, and certainly if you attempt to do some of the network-scanning activities to distribute yourself. Too bad one cannot justify such activities legally.

CSIS Releases report to the president

Thursday, December 11th, 2008

A few days late, but the CSIS released their report to the president on how to secure cyberspace. It’s a bit long but available via their website and worth a review of at least the executive summary, if not a more detailed read.