1. Home
  2. Anti-virus industry"s best kept secret

Anti-virus industry"s best kept secret

[email protected] (New York Times)
January 7, 2013

antivirus

Consumers and businesses spend billions of dollars every year on anti-virus software. But these programs rarely, if ever, block freshly minted computer viruses, experts say, because the virus creators move too quickly. “The bad guys are always trying to be a step ahead,” said Matthew D Howard, a venture capitalist at Norwest Venture Partners. “And it doesn"t take a lot to be a step ahead.”

Computer viruses used to be the domain of digital mischief makers. But in the mid-2000s, when criminals discovered that malicious software could be profitable, the number of new viruses began to grow exponentially.

The anti-virus industry has grown as well, but experts say it is falling behind. By the time its products are able to block new viruses, it is often too late. The bad guys have already had their fun, siphoning out a company"s trade secrets, erasing data or emptying a consumer"s bank account.

A new study by Imperva, a data security firm in Redwood City, California, and students from the Technion-Israel Institute of Technology is the latest confirmation of this. Amichai Shulman, Imperva"s chief technology officer, and a group of researchers collected and analysed 82 new computer viruses and put them up against more than 40 anti-virus products, made by top companies like Microsoft, Symantec, McAfee and Kaspersky Lab. They found that the initial detection rate was less than 5 percent.

On average, it took almost a month for anti-virus products to update their detection mechanisms and spot the new viruses. And two of the products with the best detection rates — Avast and Emsisoft — are available free; users are encouraged to pay for additional features. This despite the fact that consumers and businesses spent a combined $7.4 billion on anti-virus software last year — nearly half of the $17.7 billion spent on security software in 2011, according to Gartner.

“Existing methodologies we"ve been protecting ourselves with have lost their efficacy,” said Ted Schlein, a security-focused investment partner at Kleiner Perkins Caufield & Byers.

Part of the problem is that anti-virus products are inherently reactive. Just as medical researchers have to study a virus before they can create a vaccine, anti-virus makers must capture a computer virus, take it apart and identify its “signature” — unique signs in its code — before they can write a program that removes it.

That process can take as little as a few hours or as long as several years. In May, researchers at Kaspersky Lab discovered Flame, a complex piece of malware that had been stealing data from computers for an estimated five years.

Mikko H Hypponen, chief researcher at F-Secure, called Flame “a spectacular failure” for the anti-virus industry. “We really should have been able to do better,” he wrote in an essay for Wired.com after Flame"s discovery.

Symantec and McAfee, which built their businesses on anti-virus products, have begun to acknowledge their limitations and to try new approaches. The word “anti-virus” does not appear once on their home pages. Symantec rebranded its popular anti-virus packages: its consumer product is now called Norton Internet Security, and its corporate offering is now Symantec Endpoint Protection.

“Nobody is saying anti-virus is enough,” said Kevin Haley, Symantec"s director of security response. Haley said Symantec"s anti-virus products included a handful of new technologies, like behaviour-based blocking, which looks at some 30 characteristics of a file, including when it was created and where else it has been installed, before allowing it to run. “In over two-thirds of cases, malware is detected by one of these other technologies,” he said.

Imperva, which sponsored the anti-virus study, has a horse in this race. Its Web application and data security software are part of a wave of products that look at security in a new way. Instead of simply blocking what is bad, as anti-virus programs and perimeter firewalls are designed to do, Imperva monitors access to servers, databases and files for suspicious activity.

“The game has changed from the attacker"s standpoint,” said Phil Hochmuth, a Web security analyst at the research firm International Data Corporation. “The traditional signature-based method of detecting malware is not keeping up.”

Investors are backing a new crop of start-ups that turn the whole notion of security on its head. If it is no longer possible to block everything that is bad, the thinking goes, then the security companies of the future will be the ones whose software can spot unusual behaviour and clean up systems once they have been breached.

The hottest security start-ups today are companies like Bit9, Bromium, FireEye and Seculert that monitor Internet traffic, and companies like Mandiant and CrowdStrike that have expertise in cleaning up after an attack. Bit9 uses an approach known as whitelisting, allowing only traffic that the system knows is innocuous.

McAfee acquired Solidcore, a whitelisting start-up, in 2009, and Symantec"s products now include its Insight technology, which is similar in that it does not let any unknown files run on a machine.

McAfee"s former chief executive, David G DeWalt, was rumoured to be a contender for the top job at Intel, which acquired McAfee in 2010. Instead, he joined FireEye, a start-up with a system that isolates a company"s applications in virtual containers, then looks for suspicious activity in a sort of digital petri dish before deciding whether to let traffic through. Two McAfee executives, George Kurtz and Dmitri Alperovitch, left to start CrowdStrike, a start-up that offers a similar forensics service.

Seculert, an Israeli start-up, approaches the problem somewhat differently. It looks at where threats are coming from — the command and control centers used to coordinate attacks — to give governments and businesses an early warning system.

As the number of prominent online attacks rises, analysts and venture capitalists are betting that corporate spending patterns will change. “Technologies that once were only used by very sensitive industries like finance are moving into the mainstream,” Hochmuth said. “Very soon, if you are not running these technologies and you"re a security professional, your colleagues and counterparts will start to look at you funny.”

Companies have started working from the assumption that they will be hacked, Hochmuth said, and that when they are, they will need top-notch cleanup crews. If and when anti-virus makers are able to fortify desktop computers, chances are the criminals will have already moved on to smartphones.

In October, the FBI warned that a number of malicious apps were compromising Android devices. And in July, Kaspersky Lab discovered the first malicious app in Apple"s app store.

McAfee, Symantec and others are working on solutions, and Lookout, a start-up whose products scan apps for malware and viruses, recently raised funding that valued it at $1 billion.

“The bad guys are getting worse,” Howard of Norwest said. “Anti-virus helps filter down the problem, but the next big security company will be the one that offers a comprehensive solution.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 12,2020

Washington D.C., Jan 12: A recent study has claimed that people end up wasting almost an entire day when they take a vacation.

This can happen while standing in a queue or searching for places to visit, people do not keep a count of the time they have actually utilised during the trip. As a result, they end up doing much lesser activities than they originally had planned.

According to a recent report in Fox News, the study has also shared the fact that people try to justify time waste with planning and scheduling activities whereas the truth is that these things can be done well ahead to save time during the trip.

The average time waste according to the study commissioned by Sykes Holiday Cottages also said the people taking a seven days' trip waste a minimum of 17-and-a-half hours to figure out various factors.

But there are other causes involved as well. When one visits any crowded location, the real-time spent to enjoy the location is lesser than the time spent on reaching and trying to get involved. For instance, if one visits an amusement park, the activities take lesser time than the preparatory and other phases.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
May 31,2020

Cape Canaveral, May 31: SpaceX, the private rocket company of billionaire entrepreneur Elon Musk, launched two Americans into orbit from Florida on Saturday in a landmark mission marking the first spaceflight of NASA astronauts from U.S. soil in nine years.

A SpaceX Falcon 9 rocket lifted off from the Kennedy Space Center at 3:22 p.m. EDT (19:22 GMT), launching Doug Hurley and Bob Behnken on a 19-hour ride aboard the company’s newly designed Crew Dragon capsule bound for the International Space Station.

Just before liftoff, Hurley said, “SpaceX, we’re go for launch. Let’s light this candle,” paraphrasing the famous comment uttered on the launch pad in 1961 by Alan Shepard, the first American flown into space.

Minutes after launch, the first-stage booster rocket of the Falcon 9 separated from the upper second-stage rocket and flew itself back to Earth to descend safely onto a landing platform floating in the Atlantic.

High above the Earth, the Crew Dragon jettisoned moments later from the second-stage rocket, sending the capsule on its way to the space station.

The exhilarating spectacle of the rocket soaring flawlessly into the heavens came as a welcome triumph for a nation gripped by racially-charged civil unrest as well as ongoing fear and economic upheaval from the coronavirus pandemic.

The Falcon 9 took off from the same launch pad used by NASA’s final space shuttle flight, piloted by Hurley, in 2011. Since then, NASA astronauts have had to hitch rides into orbit aboard Russia’s Soyuz spacecraft.

“It’s incredible, the power, the technology,” said U.S. President Donald Trump, who was at Kennedy Space Center at Cape Canaveral in Florida for the launch. “That was a beautiful sight to see.”

The mission’s first launch attempt on Wednesday was called off with less than 17 minutes remaining on the countdown clock. Weather again threatened Saturday’s launch, but cleared in time to proceed with the mission.

SPACEFLIGHT MILESTONES

NASA chief Jim Bridenstine has said resuming launches of American astronauts on American-made rockets from U.S. soil is the space agency’s top priority.

“I’m breathing a sigh of relief, but I will also tell you I’m not gonna celebrate until Bob and Doug are home safely.” Bridenstine said.

For Musk, the launch represents another milestone for the reusable rockets his company pioneered to make spaceflight less costly and more frequent. And it marks the first time commercially developed space vehicles - owned and operated by a private entity rather than NASA - have carried Americans into orbit.

The last time NASA launched astronauts into space aboard a brand new vehicle was 40 years ago at the start of the space shuttle program.

Musk, the South African-born high-tech entrepreneur who made his fortune in Silicon Valley, is also chief executive of electric carmaker and battery manufacturer Tesla Inc. He founded Hawthorne, California-based SpaceX, formally known as Space Exploration Technologies, in 2002.

Hurley, 53, and Behnken, 49, NASA employees under contract to fly with SpaceX, are expected to remain at the space station for several weeks, assisting a short-handed crew aboard the orbital laboratory.

Boeing Co, producing its own launch system in competition with SpaceX, is expected to fly its CST-100 Starliner vehicle with astronauts aboard for the first time next year. NASA has awarded nearly $8 billion combined to SpaceX and Boeing for development of their rival rockets.

Trump also hailed the launch as a major advance toward the goal of eventually sending humans to Mars.

He was joined at the viewing by Musk, as well as Vice President Mike Pence, Commerce Secretary Wilbur Ross, Education Secretary Betsy DeVos, Florida congressman Matt Gaetz and Senator Rick Scott.

Earlier on Saturday, the crew bid goodbye to their families. Prior to climbing into a specially designed Tesla automobile for the ride to the launch site, Behnken told his young son, “Be good for mom. Make her life easy.”

During the drive, Behnken and Hurley passed former astronaut Garrett Reisman who held a sign saying, “Take me with you.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
February 23,2020

Google has indexed invite links to private WhatsApp group chats, meaning anyone can join various private chat groups (including several porn-sharing groups) with a simple search.

According to a report in Motherboard, invitations to WhatsApp group chats were being indexed by Google.

The team found private groups using specific Google searches and even joined a group intended for NGOs accredited by the UN and had access to all the participants and their phone numbers.

Journalist Jordan Wildon said on Twitter that he discovered that WhatsApp's "Invite to Group Link" feature lets Google index groups, making them available across the internet since the links are being shared outside of WhatsApp's secure private messaging service.

"Your WhatsApp groups may not be as secure as you think they are," Wildon tweeted on Friday, adding that using particular Google searches, people can discover links to the chats.

According to app reverse-engineer Jane Wong, Google has around 470,000 results for a simple search of "chat.whatsapp.com", part of the URL that makes up invites to WhatsApp groups.

WhatsApp spokesperson Alison Bonny said: "Like all content that is shared in searchable public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users."

"The links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website," Bonny told The Verge.

Danny Sullivan, Google's public search liaison, tweeted: "Search engines like Google & others list pages from the open web. That's what's happening here. It's no different than any case where a site allows URLs to be publicly listed. We do offer tools allowing sites to block content being listed in our results."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.