“Internet Security Systems has published a report which shows that hackers and cyber criminals are developing malicious codes to exploit known vulnerabilities much faster than before. The X-Force Threat Insight Quarterly highlights that the number of vulnerabilities in 2005 has increased by over 33% over 2004. Analysts from X-Force, the research and development team at ISS evaluated 4472 vulnerabilities in both hardware and software during 2005. From the public announcement of the vulnerability on the internet, the report highlights that 3.13% of threats discovered had malicious code that surfaced within 24 hours, whereas 9.38% had code that surfaced within 48 hours.”
“Internet Security Systems has published a report which shows that crackers and cyber criminals are developing…”
*sigh*
“Internet Security Systems has published a report which shows that crackers and cyber criminals are developing…”
*sigh*
Oh for crying out loud, stop beating that utterly dead and abused horse. Learn to deal with the fact the two terms got contaminated. It’s not as if there aren’t any real issues in the world to deal with.
Sorry for the lash out.
I’d mod this up if i could.
Languages evolve, words change meaning or get multiple meanings. It Happens. As long as it doesn’t create confusion, there is no problem.
“As long as it doesn’t create confusion,”
I think in this case it does. When you tell Average Joe that you’re a hacker and your intended meaning is that you’re a proficient programmer who got that title from another, they usually think you’re the malicious kind. I’d call that confusion.
“I’d call that confusion.”
Perhaps you should simply not use that term in that way around the “Average Joe”
Problem solved.
so…this is good news right? Wouldnt that force software writers to write better code so that their work don’t get trashed? I am talking about yes yes even MS as well. I mean can you guys even remember how horrible XP was before SP1 and even after SP1?!
so…this is good news right? Wouldnt that force software writers to write better code so that their work don’t get trashed? I am talking about yes yes even MS as well. I mean can you guys even remember how horrible XP was before SP1 and even after SP1?!
In an ideal world, the coders would write better code in the first place without waiting for vulnerabilities as an incentive.
From the article:
“We are seeing an increase in “zero-day exploits’ from hackers appearing at the same time the vulnerability is published,” said Gunter Ollman, Director of X-Force at Internet Security Systems. “This does not allow product developers the time to test and issue the necessary patches needed by the end-users and enterprise administrators. Therefore users without pro-active protection are quite often without protection against threats for several days or even weeks.”
So in the real world, this is good news for the security companies like ISS, who just happens to produce very capable software and pro-active protection that can effectively block vulnerabilities from getting into the network, giving admins time to test and deliver patches. Certainly there’s some value there, but I think it’s a double-edged sword.
See, as long as the security vendors are stepping in with an ever increasing plethora of A/V, IPS and firewall applications, why bother writing secure code, right? No need to strengthen your core when you can just rely on others to build a stronger wall around it.
There’s no doubt some factual truth in there, but most of the time new bulletins from X-Force are thinly-veiled marketing announcements for ISS, or will shortly become so.
Ok, maybe I’m just cynical, but if you’d dealt with ISS for as long as I have, you would be too…
edit fixed the quotation from the article, quotation marks didn’t translate correctly
Edited 2006-03-07 18:11
What is proactive anyway? As for me, I run a anti-virus, firewall, don’t use Internet Explorer, and practice just a little bit of common sense (eg – don’t open email attachments that promis nude pics of Paris Hilton). That is about as proactive as my security gets.
How many of these vunerabilities in the past 5 years could have affected me? The only one I can think of right off hand is the WMF flaw that was patched recently.
It would be nice if I could get notified of only those vunerabilities that would affect those of us using ‘proactive’ security measures. Hearing about the latest Windows Worm of the Week is usually just a waste of my time. It’s good when they get patched, just that I don’t need to know about them personally.
Edited 2006-03-07 18:38
What is proactive anyway? As for me, I run a anti-virus, firewall, don’t use Internet Explorer, and practice just a little bit of common sense (eg – don’t open email attachments that promis nude pics of Paris Hilton). That is about as proactive as my security gets.
How many of these vunerabilities in the past 5 years could have affected me? The only one I can think of right off hand is the WMF flaw that was patched recently.
Not many of them would impact you, but ISS targets corporate users, and that’s who they’re directing these “bulletins” to. An ISS solution for a large company can cost serious dough, up to several hundreds of thousands of dollars, they need to justify it somehow. Their stuff does a much higher level of data inspection on network traffic and can identify and block malicious or potentially malicious traffic, exploits etc. before it gets into the network and becomes a problem. It gives you the ability to block known vulnerabilities by recognizing malicious payloads rather than waiting for app vendors to patch their products or wait for an exploit to be developed so you can map a signature to an A/V database.
SQL Slammer is a good example, many networks protected by high-end software from companies like ISS were protected from it based on the vulnerability itself being identified so that by the time it was turned into an exploit, it was neutralized at the boundary whether the servers were patched or not. That’s a pro-active approach, a reactive approach would have involved waiting for A/V signatures to be developed, which can’t happen until the exploits are already in existence, or for patches to be developed and deployed and gamble that an exploit wouldn’t surface before then.
You’re running about as secure as a home user can hope to nowadays, because you have the most critical element to a personal security infrastructure: common sense. It’s sadly lacking for many people.
Corporate networks, on the other hand, can’t count on common sense for their users and need to spend big money to accomodate for that.
You do bring up a good point that the signal to noise ratio is very high when it comes to weeding relevant information out of the multitude of security bulletins, but then again remaining educated is a key part of the common sense approach to keeping your PC safe. Your best takeaway from this is to just keep doing what you’re doing.
You do bring up a good point that the signal to noise ratio is very high when it comes to weeding relevant information out of the multitude of security bulletins, but then again remaining educated is a key part of the common sense approach to keeping your PC safe. Your best takeaway from this is to just keep doing what you’re doing.
Maybe there should exist a new list (if there isn’t one already) where the only notices you get are for the really nasty vunerabilities that might have the ability to penerate normal defenses.
Edited 2006-03-07 23:10
I use IE with Maxthon on it. I dont use anti viruses and I use Outlook Express but only for my one IMAP private account and so far I dont ahve any any problems with malware and so on. A bit of smart surfing is all one needs. But pre SP2 even this was not possible.
I also keep the system up to date as much as possible in terms of MS patches and fixes. And I think this is the most effective way to go about keeping XP running smooth.
Cracker – A person who engages in security or software cracking, circumventing computer security systems; also known as a black hat hacker.
Hacker – In computer security, a hacker is a person able to exploit a system or gain unauthorized access through skill and tactics.
jeez
Hah, “Cracker”, defined obviously by someone who has never visited the southern USA.
Shoot, let me log into my Wikipedia account and change that right now. LOL!