Internet Security update 0636
Internet Security update 0636
Spyware Detection and ClassificationYou've probably heard by now that Microsoft is, or was, interested in
making a deal to acquire Clariaa company known for its personal-
information-tracking software. Formerly known as Gator, Claria is for
the most part considered to be a propagator (no pun intended) of
spyware that's bundled with many popular software packages such as the
Kazaa peer-to-peer file-sharing application.
Last I heard, Microsoft scrapped its plans to acquire the company,
although I'm not sure if that's true. Nevertheless, Microsoft caught
some additional heat last week because it downgraded the severity
rating of Claria's software in Windows AntiSpyware. The severity rating
of similar software from other companies, such as WhenU and 180solutions,
was reported to have also been downgraded.
In an open letter published at its Web site (see the URL below), Microsoft
said it made no exceptions for Claria and that the company "decided that
adjustments should be made to the classification of Claria software in
order to be fair and consistent with how Windows AntiSpyware (Beta)
handles similar software from other vendors."
The letter goes on to say that "Today, anti-spyware vendors use different
approaches, definitions, and types of criteria for identifying and
categorizing spyware and other potentially unwanted software. This
has limited the industry's ability to have a broad, coordinated impact in
addressing the problem. That is a key reason Microsoft is a founding member
of the Anti-Spyware Coalition, a group of technology companies and anti-
spyware companies working alongside public interest groups to address key
spyware issues."
The Anti-Spyware Coalition (first URL below) was actually convened by the
Center for Democracy and Technology earlier this year. Microsoft was one
of over a dozen entities that took part in the initial meeting. The
coalition recently published the first draft of its "Anti-Spyware
Coalition Definitions and Supporting Documents" (second URL below),
which is now open for a 30-day public comment period.
The definitions outline a number of different types of spyware and
describe the underlying technology and why it might or might not be
useful. Microsoft and numerous other companies undoubtedly use these
definitions as part of their guidelines for classifying software in
their respective antispyware solutions. So reading the documents might
help you get a better understanding of what spyware is from the
perspective of various vendors.
Another interesting part of the documents is the outline for vendor
dispute and false positive resolution. I'd guess that Claria and other
vendors have used that, or a similar process, to have Microsoft review
its software more closely, resulting in changes in software's severity
rating in Windows AntiSpyware.
If you're interested in learning more and helping shape the way
coalition members handle spyware detection and classification, be sure
to read the first draft and send any comments you might have to the
coalition before the end of the public comment period, August 12. After
that time, the coalition will work to publish a final release sometime
in the fall.
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities.
VeriSign Buys iDEFENSE
VeriSign announced that it acquired security research firm iDEFENSE
for $40 million in cash. iDEFENSE provides security-related information to
companies around the world.
Firefox 1.0.5 Fixes a Dozen Security Problems
Mozilla Foundation released Firefox 1.0.5, which fixes a dozen security
problems and improves stability. While Firefox 1.0.5 does represent an
improvement over previous versions, it has some known issues, so be sure to
read about those for any caveats that might apply to your particular
systems.
IIS Application Isolation
From time to time, you're probably called on to deploy a Web application
that traffics sensitive information. That application might also reside
on an IIS server that hosts other applications. What questions and
considerations do you think about as you devise your plan for implementing
the highest degree of application isolation you can manage?
All High-Availability Solutions Are not Created EqualHow Does Yours
Measure Up?
In this free Web seminar, you'll get the tools you need to ensure your
systems aren't going down. You'll discover the various categories of
high-availability and disaster-recovery solutions available and the
pros and cons of each. You'll learn what solutions help you take
preemptive, corrective action without resorting to a full system failover,
or in extreme cases, that perform a non-disruptive, automatic switchover
to a secondary server.
Antispam product not working?
Many email administrators are experiencing increased frustration
with their current antispam products as they battle new and more dangerous
email threats. In-house software, appliances, and even some services may
no longer work effectively, require too much IT staff time to update and
maintain or satisfy the needs of different users. In this free Web
seminar, learn how you can search for a better way to protect your email
systems and users.
Integrate Fax Services with Business Applications for Big ROI
In this free eBook, you'll discover all you need to know about fax
technology! You'll learn how to improve business processes by
minimizing manual faxing and integrating faxing into your business
workflow for improved ROI. The eBook will also look at the how-to of the
desktop fax client, fax automation, faxing hardware and software
technologies, and the future of faxing. Let this important guide help
you stay on top of fax server technology within your business
environment.
Influencers: Thriving In The Face Of Regulation: How to Accommodate
the New Corporate Governance Regime and Achieve Optimum Financial
Performance
Join Arthur Levitt, former chairman of the SEC, Arnold Hanish, and Scott
Mitchell as they discuss the most important management challenge facing
businesses todayWednesday.
Poll
Results of Previous Poll: Does your network firewall provide stateful
application-layer inspection in addition to the traditional stateful
packet inspection?
The voting has closed in this Windows IT Pro Security Hot Topic
nonscientific Instant Poll. Here are the results from the 10 votes.
- 50% Yes
- 50% No
New Instant Poll: Do you regularly scan your external network IP
addresses for open ports on your network and compare the results
against a known good baseline?
Go to the Security Hot Topic and submit your vote for
- Yes, I regularly scan my network and compare against a baseline.
- Yes, I periodically scan but merely review the results.
- No, I don't scan, but I think I should.
- No, I don't think scanning is useful.
Featured Paper
Do You Know If Your Network Is At Risk Of A Trojan Attack?
Discover the various methods available for controlled Internet access
and how to use them to increase security and decrease legal exposure.
Security Forum Featured Thread: Changing a Password Without Logging In
A forum participant wants to know whether there is a way for users to
change their passwords themselves without logging on to the domain.
Vote for the Next MCP Hall of Famer
Help decide who the most valuable member of the MCP community is. Take
the time to reward excellence to those that deserve it and to make yourself a
part of the first ever MCP Hall of Fame. Voting only takes a few seconds,
so cast your vote now for Round 5.
New and Improved
PC Protection
Privacyware offers the Total Endpoint Protection Suite, which
combines the company's Privatefirewall 4.0 and SafeEnd's USB Port
Protector in a package that's currently priced at $39.99 per seat
(with a 50-seat minimum). Privatefirewall is a firewall and
Intrusion Detection System (IDS). You can select from versions of
Privatefirewall that add Computer Associates' eTrust PestPatrol
Anti-Spyware software only or that add both CA's PestPatrol and
eTrust EZ Antivirus software. USB Port Protector lets only pre-
authorized devices connect through a USB port.
