Monday, June 29, 2009

Symantec Internet Security Threat Report available for download

Symantec has released its Internet Security Threat Report Volume XIV: April, 2009. This report details some trends that have been noticed ,by this security giant, that are used by hackers to compromise computers. Also, it details some of the incentives that are driving such attacks, for instance credit card numbers that are harvested are sold in the underground community, open email relays are used for spamming, botnets can be used to carry out distributed denial of service (dDOS) attacks.

You can download this document for free at http://www4.symantec.com/Vrt/wl?tu_id=gCGG123913789453640802

To visit the Symantec Threat Report webpage follow this link http://www.symantec.com/business/theme.jsp?themeid=threatreport

Sunday, June 28, 2009

New trends in computer usage means new methods for computer security

As you all are aware, computers nowadays don't serve the same functionalities they did 10 years back. If you were to go down memory lane, a decade ago, internet was still in its infancy and pretty much everything you used on the computer was installed on it.

Nowadays, with the big push towards Software-As-A-Service (SaaS) or Cloud Computing (as most of you might know it), pretty much everything that you use now (or will use in the next decade) is run inside a browser. Some predict that this is the stepping stone towards WebOs (as google has envisioned it some years back). This method has got some great benefits yet some fallacies as well.

The benefits are that all you need to run your applications now is a browser (provided you have got a vendor that is giving you the application over the cloud). You do not have to worry about backups etc since these will all be taken care of by the vendor. You do not even need a powerful computer. Trends show that people nowadays use their computer mostly to browse the internet and to check their email. The hard core users use theirs for playing games etc but the general population can be satisfied with a low end computer. This is the basis of the netbook era, where these machines are less powerful than a laptop that is 5 years old, but is portable and most of them have great battery life. They are not powerful enough to run cpu intensive applications but provide a good means of surfing the web and checking emails.

The disadvantage is that your browser has become the most important application on your computer. With the vulnerabilities that are discovered everyday, it is important to keep your browser secure. I recommend the following referenced whitepaper as a light read to securing your browser. There are two methods descrived in it. The first is that of using sandboxing (refer to my post about sandboxie). The second is virtualising the browser using utilities like ThinApp from Vmware.

The whitepaper can be accessed at http://www.sans.org/reading_room/whitepapers/hsoffice/rss/a_virtually_secure_browser_33124