Feeds

Secret agents on fire and Microsoft feels the love

Everything's gone horribly wrong

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Letters Excuse us, but what colour is the sky out there? Is this Earth? Have we stepped through some kind of Stargate-esque parallel universe mirror? The reason we are so confused, is that so many of you have written in in support of Microsoft. Yeah. Really. Mindboggling stuff.

And what did the Beast of Redmond have to do to earn cuddly points from the usually hostile Reg readership? Add security to its operating system:

Erm excuse me, I don't _want_ software integrated with my OS at kernel level. There's plenty of ways to implement a firewall solution without having to resort to doing things at such a low level in the operating system.

Personally I feel all warm and cozy knowing that someone somewhere is doing something to make my choice of OS more secure and less susceptible to malicious activities. I actually welcome the idea that developers should be forced into implementing their solutions using OS-legal methods, maybe we'll see a noticeably reduced bug/problem count in the long run across all software titles.

Craig


Hi John, at the risk of sounding like I agree with M$ on something this seems like it would be the least they could do to make their product safer let the after-market security people do what they have to, their products are nearly always a week late and poorly engineered steaming piles of dung anyway. I have never used an anti-virus that didn't cause more problems than it solved ditto the old anti malware leaving big holes in the registry and killing already (usually) marginal machines requiring a real reinstall almost every time. Normally I am sympathetic to developers of any kind of software but these guys just seem like parasites. --Alan


I would rather not have J-Random AV software installing itself all over my system and hooking into the kernel. It's a major cause of system instability and I uninstalled the ZoneAlarm "security suite" for that reason. I don't like software that keeps running even when I explicitly quit it (ZA has to be uninstalled to really stop working!). I find the fact that all AV companies seem to be really scared of Vista a very good sign.

Nikolaus


Well, maybe not everyone was pro MS:

"rely on Microsoft and only Microsoft for Windows security"

In that case, it's time to change the slogan for Vista from "a breakthrough computing experience" to "a breakthrough hacking experience". Every time I read the words "Microsoft" and "security" without the notion of poor or lacking, I imagine black hats everywhere laughing their heads off. This is going to have them gasping for air for days on end.

Pascal.


I think what they wrote just proves a lot of ignorance on side of the developers at Agnitum. Agnitum is already using undocumented interfaces, undocumented structures - in short: hacker methods. Why are they so resilient to using it in future? Is it because they know they should have gone for the clean solution but did not because of tight deadlines and now realize they are "behind the schedule"?

BTW: Joanna Rutkowska has already announced to present a method to circumvent KPP without rebooting.

Oliver


Is the bell tolling for the big computer shows? Or was that just the sound of a death knell we heard? Either way, seems you lot hate walking around Comdex almost as much as we do:

What you say about IT shows applies to many other exhibitions too. The London Marathon Expo is absolutely enormous. It is miles from any car parking, which is of course quite extortionate at about £3 per hour. (I parked in Geneva for two hours a few weeks ago and it only cost a Euro!).

Anyone fool enough to turn up to it the day before the Marathon and walk around all afternoon buying up some very good offers will suffer the next day. I only went myself as I was requested to help out (next year, the answer will be no). I'd done the sensible thing and registered earlier in the week.

If you look at the size of the Excel centre it's evident that large exhibitions are big business.

Douglas Adams was nearly right. It wasn't shoe shops, it was exhibition centres.

John


That was so good that my legs ached in remembrance of the last few Comdex shows. :-}

The ultimate killer of the shows is really the Internet - that's what added speed to the decline of the major shows. While it isn't quite as 'real' as physically being there, the costs and time involved are orders of magnitude apart, the information is current all year, and access does not require an airplane ticket and travel time.

While I miss the shows in some minor ways, such as outside entertainment, the overall situation is better for everyone except the show outfits. Frankly, I don't feel sorry for their loss as they caused it by milking everything for large profits. Ultimately, greed and technology did them under.

Bill


I hear you. I can't remember the last time I managed to walk around an entire "big" show. Now if I could just find a way to to be seen to exhibit without actually going I'd be delighted! Ah well, back to preparing for IBC, the yearly huge broadcasting show in Amsterdam in September, just as the rain re-starts in earnest.

Cheers, Paul


Diebold and its voting machines make an appearance this week after a long absence. This is because they seem to have pioneered one button hackability. A useful feature, we are sure.

I can see it now: no matter how close the U.S. elections are (or are not) this fall, there will be someone - an "R" or a "D" - contesting the results. While it is the case that even a paper trail can be rigged or tampered with, it remains inexcusable that any voting system implementor would ever even consider designing and deploying a system that cannot bear up to manual scrutiny.

And think of the trees! If we weren't chopping them down to make rolls of receipt tapes and reams of printer/copier paper, they'd be subject to over-crowding, falling over onto each other, and rampant forest fires. Wood is good; the ultimate renewable resource.

-Del from the Pine Tree State, where we still use paper ballots


The process of voting is far too important to automate it. It is not open to public scrutiny, it involves hardware and software that can [and will] be tampered with in any number of ways.

The old-fashioned way is still the best: a piece of paper and a pencil. Just count the ballots with eyeballs attached to juries from all parties. Add them up and make sure you count all the votes. The US was unable to count all the votes, a disgrace if it would happen in a democratic country.

Compulsory voting by all citizens on paper ballots counted by real humans. It costs a bit of time and money but maybe, just maybe, it will prevent the country from going to war, an enterprise not altogether devoid of economic consequences in its own right. The vote is for the people. The sad thing is that they don't seem to understand how incredibly important it is that they actually take the time to go and do it.

Jorge


"...exploiting this shortcoming would require physically opening up the machine and a certain amount of hardware and programming skills, but that's hardly an insurmountable barrier to a sufficiently motivated hacker."

Would you use the same reasoning to suggest that bank vaults are insecure? After all, getting in would require physically opening up the door and a certain amount of hardware and ruthlessness in dealing with the guards, but that's hardly an insurmountable barrier to a sufficiently-motivated robber.

Michael

Beginner's guide to SSL certificates

More from The Register

next story
Oi, London thief. We KNOW what you're doing - our PRECRIME system warned us
Aye, shipmate, it be just like that Minority Report
WRISTJOB LOVE BONANZA: justWatch sex app promises blind date hookups
Mankind shuffles into the future, five fingers at a time
Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen
Angry Microsoftie hauls auctioneers to court over stalled Pzkw. IV 'deal'
Apple's Mr Havisham: Tim Cook says dead Steve Jobs' office has remained untouched
'I literally think about him every day' says biz baron's old friend
Cops apologise for leaving EXPLOSIVES in suitcase at airport
'Canine training exercise' SNAFU sees woman take home booming baggage
Flaming drone batteries ground commercial flight before takeoff
Passenger had Something To Declare, instead fiddled while plane burned
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.