Blog

Fake Tor application delivers badware punch

Posted on September 7, 2007 - 16:54 by egeorge

You may have received an email over the past few days with a message about online privacy - a common subject line being "You are being watched online." The messages urge the reader to download Tor, a distributed anonymity program popular as a tool to circumvent censorship. Unfortunately, the links in these messages don't lead to the actual Tor download, but to a dangerous rogue application and pages that attempt to install badware on the user's machine.

The real Tor website is located at tor.eff.org, and the real Tor software can be downloaded there. Legitimate copies of Tor are verifiable through instructions on the Tor website.

Rogue applications attempting to hijack the popularity of legitimate programs are unfortunately all too common. For example, many rogue applications purport to be anti-spyware tools but are in fact themselves damaging. It's always a good idea to check out the reputation of any software you're considering installing, and to verify that the version you're considering comes from a reputable source. Similarly, be wary when following links in emails from sources you don't know. An unsolicited link could lead to a page hosting drive-by badware downloads.

You can read more about the Tor spoof in BoingBoing and PC World.

Tags: 
drivebydownload, email, rogue, scams, tor

Hidden dangers in third party content

Posted on September 6, 2007 - 18:03 by egeorge

If you're a regular reader of this blog, by now you're probably familiar with the idea of hackers who inject code - often invisible iframes or javascript - onto otherwise innocent but poorly secured sites.

Another way that sites can be compromised is equally important but often harder to recognize: third party content. When we think about third party content, we often think about ad networks, which place outside links, text, and often graphics on participating websites. Ads aren't the only way third party content is used on today's websites, however. Many sites use hit counters that are hosted independently, as well as website "toys" and decorations such as remotely hosted images.

In many cases, third party content is perfectly fine. There are safe ads, safe counters, and safe remote image hosts. If you're a webmaster, choosing to use third party content on your site means taking responsibility to be sure that content is safe, and remains safe. Carefully screen the ad networks you choose to partner with, and ask how they prevent badware from compromising their network. Do a quick internet search and see what other users are saying about the security of that new counter you're thinking about installing. And once you're using third party content on your site, regularly check to be sure that it's still safe.

Choosing to use third party content means inviting someone else to have control over part of your website. Choose carefully, and stay vigilant, to help keep your website's visitors safe and your site secure.

Tags: 
ads, counters, hacking, security, thirdpartycontent

Zango unsuccessful in suits against anti-spyware companies

Posted on September 5, 2007 - 15:25 by egeorge

Adware company Zango has recently struck out in its lawsuits against two anti-spyware software vendors. Zango had used the suits to challenge makers of security software that labeled its products as spyware.

Zango’s suit against PC Tools was dropped last week. Zango’s corporate blog refers to the decision as a result of PC Tools’ modification of its software to warn against Zango software rather than automatically remove it. PC Tools, however, says it modified its software before Zango’s suit was ever filed, and hails Zango’s decision to drop the suit as a vindication.

One day later, a federal judge ruled against Zango in a similar case, this time against Kaspersky Lab. The ruling found that the federal Communications Decency Act, Section 230(c )(2), creates a “safe harbor†for producers of tools used to filter “objectionable content.†The judge noted that in the context of the safe harbor provision, objectionable content is not limited to content that is actually objectionable, but includes material that users and software providers consider to be objectionable. The court granted summary judgment for Kaspersky, effectively ending the case.

In affirming the rights of security software vendors to classify applications based on the vendors’ own guidelines, the Kaspersky ruling sends a clear message that software producers cannot use lawsuits or the threat of lawsuits to challenge security vendors’ decisions.

Tags: 
law, security, software, spyware

Pages