* Posts by David Harley

15 posts • joined 1 Oct 2007

NHS XP patch scratch leaves patient records wide open to HACKERS

David Harley

Re: Disappointing

The quote was part of an email conversation, and as far as I can remember it's accurate. It's far from being all I said, but I'm used to that. However, I was very careful not to make assumptions about what XP machines might be used for...

As for open source... Well, a 'best practices' approach is always desirable, but converting to open source, while it might be economically advantageous in the long run, would be an initially expensive exercise to do properly, and UK governments have a patchy record in terms of resourcing (and outsourcing) major IT projects. If done on the cheap, it could have all sorts of undesirable effects.

0
0
David Harley

Disappointing

I'm disappointed to find myself quoted in an article with such a sensationalist, misleading, NHS-bashing title. It's not, of course, impossible that patient records are exposed to hacker activity (or will be when support runs out), but to the best of my knowledge, there is no evidence that this is the case with any of the Trusts cited here. I was asked for and commented regarding hypothetical scenarios, and am not happy to find that my comments have been used to support the assertion that patient records are at risk. The fact is, I don't know if that's the case, and I suspect The Register doesn't either...

0
0

British garbage worms survive in space without human help

David Harley

The worms are turning

Wot, the worms wrote a paper for the Royal Society? Looks as if they're well on the way to being masters of the universe.

0
0

Yemeni assassin hits York man with spam death threat

David Harley

Sounds like a 419

Not one of the most common 419 gambits, but sounds like one I've been seeing from time to time for many years.

David Harley, ESET Sr. Research Fellow

1
0

Phantom app risk used to bait scareware trap

David Harley

The app that dare not speak its name

Since I posted my ESET blog, I've one or two people have claimed that they've deleted unknown app and still have Boxes in their profile, so Boxes is probably not the only culprit.

Two points I'd make (and have made) in response: while Unnamed App may in some instances refer to something malicious, that doesn’t mean that “Unnamed App is a virus”. The second and more important point is that Googling for Unnamed App undoubtedly -will- turn up some malicious sites because of the SEO poisoning that's taken place, and that's something I -have- seen for myself.

0
0

Malware cleans out jailbroken iPhones

David Harley

Sigh...

iPwned: why didn't I think of that? :)

David Harley

0
0

Stallman calls on EU to set MySQL free

David Harley

Go down Moses....

...let MySQL go...

I just wanted to say that first.

0
0

Fake ATM scam rumbled by Defcon hackers

David Harley

A forensic thought

Have Defcon or Blackhat ever featured in an episode of CSI? And if not, why not?

0
0

No investigation after malware is found on parliamentary PC

David Harley

DIY (detect it yourself)

Actually, ed, the article doesn't say that Michael installed anything, only that he detected and removed the malware himself. But I find it curious that you assume that what I presume to be a networked parliamentary PC would not have antivirus protection by default. Is that prior knowledge, or a perfectly understandable cynicism? Alan Michael made some far stranger assumptions, though. However, I think I'll save that thought for the ESET research blog. :)

David Harley

0
0

For sale: Six European virtual strip machines

David Harley

A passage to India?

When I was in India last month, security at the entrances of hotels and public buildings had escalated to levels we normally associate with international airports. Furthermore, if the Indian media were anything to go by, the public mood seems to be in favour of more rather than less security to a degree many countries would find unacceptably draconian. There has to be a market there...

0
0

Apple anti-virus advice was nothing new

David Harley

Apple oops...

I'm afraid that whether or not the tech document cited by Krebs represents a change of stance, Apple clearly regret it being so widely publicised. The document has been pulled and, according to the BBC, have said that it was inaccurate because "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box." It looks to me as if they've decided to put marketing ahead of customer security. Not that Mac users face anything like the volume of threats that Windows users do, but the assertion that Macs are intrinsically secure out-of-the-box is at best debatable.

0
0

Malware authors target Mac emerging markets

David Harley

re: Wait a Second

Unfortunately, it's not a difference at all. Most current Windows malware is reliant on social engineering. So unless you believe that Mac users are automatically brighter than you are...

0
0
David Harley

No Mac virus since 1992?!?

I guess I can expect the usual stream of abuse for daring to suggest that any Mac was ever affected by any form of malware whatsoever, but, leaving aside the period in the mid-90s when Mac users became Typhoid Macro Mary, has Tony Smith never heard of AutoStart or SevenDust? AutoStart in particular did a great deal of damage in the late 1990s, and to suggest that no malware, viral or otherwise, has had any impact on any Mac OS version since System 7 is, to put it politely, poorly researched. Mac users may never be at risk to the same extent as Windows users are now, but to rewrite history (or, perhaps even worse, be unaware of history) does no-one any favours.

0
0

Anti-virus protection gets worse

David Harley

Antivirus, ethics and competence

Is it ever ethical to create viruses? Obviously not for Dr Bontchev, or for many other people in the industry. Equally obviously, a lot of people outside the industry disagree, and a short comment here probably isn't going to change the mind of anyone who thinks that the industry is populated entirely by crooks and incompetents. So let's try a slightly different set of questions.

* Is it ethical to conduct a misleading test?

* Ethics aside, is this a competent test? Is it based on sound methodology? (Hint: if you don't have a pretty good idea of exactly how it was done, that's a bad sign.)

* Is it ethical to conduct a test with the intention of proving the AV industry is incompetent by using methods that you are fully aware are considered by that industry to be inappropriate, not only ethically but technically?

* Is it rational to judge the competence of a test by the degree to which it winds up the anti-virus industry?

* If testing is so easy that everyone knows more about it than the antimalware industry or the people who do regular, professional testing, why does every test outside those groups come up with an entirely different result?

0
0

NSA writes more potent malware than hacker

David Harley

Ethics and security

Actually, not everyone in the AV industry believes that creating replicative malware for restricted purposes under controlled conditions is automatically unethical, and the fact that some researchers decline to do so doesn't give you the right to assume that they couldn't if they considered it appropriate. Here, though, the point that's -already- been made very clearly is that there is no absolute technical reason why this particular test had to be carried out using replicative software.

The actual nature of the ethical objections comprise one of the many issues that the industry hasn't succeeded in communicating very well, though individuals have tried, strenuously, many times. But is it worth it right now, given the anti-AV prejudices on display here?

0
0

Forums