tag:blogger.com,1999:blog-606282676955748155.post2855756195086773413..comments2024-02-28T04:06:30.612+01:00Comments on Blaze's Security Blog: Malware: the blame gameBarthttp://www.blogger.com/profile/18326761248866196755noreply@blogger.comBlogger34125tag:blogger.com,1999:blog-606282676955748155.post-89478849101779577942014-03-28T13:12:47.910+01:002014-03-28T13:12:47.910+01:00Excellent comment Thomas and thanks for your input...Excellent comment Thomas and thanks for your input!<br /><br />You are absolutely right: we should all improve. I believe better cooperation is key here. "Responsibility" might have been a better word here, but I choose "blame" on purpose so people would find it easier to identify themselves with the situation. (like: "hey, my friend/boss/whoever does that!)<br /><br />Your examples are hitting the nail on the head, for sure. We should ask how to improve to protect the system and the user. Unfortunately, this is mostly only AFTER there has been an incident. (but better late than never, right?)<br /><br />Thanks a lot for your feedback!<br /><br />Cheers,<br />BartBarthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-7780118542419350332014-03-27T18:08:57.664+01:002014-03-27T18:08:57.664+01:00I have to admit that i not agree 100%. First i hav...I have to admit that i not agree 100%. First i have to say that im not a native English speaker so maybe my interpretation of words is wrong.<br />I would rather say "Fault" or "responsible" then "blame", because then its easier to give the right answer: the malware.<br />But if you show steps how everyone can improve the situation (and i agree with your ideas; for corporate users you should add CEOs) that means IMHO the situation before wasnt optimal. And without blaming everyone should ask him-/herself if he/she could have done things differently. Again: not for the reasdon of "blaming" (that doesnt help anyone) but to find out where everyone can improve themselves.<br /><br />Examples:<br /><br />- as a vendor: if you cant give 100% protection, dont promise that<br /><br />- as a consultant: was the suggested solution for the client the best solution for me or for the client?<br /><br />- as a vendor: if i implement a new function, do i think also about security?<br /><br />- as a user: could different behaviour have prevented what had happened? Do i know where to look for help when something goes wrong?<br /><br />- as a company: how can i help my users?<br /><br />- as an IT pro: how can i help to improve IT security for friends/neighbours/everyone?<br /><br />The problem (IMHO) is that too often some one asks the question "why did that happen" only to have someone to blame. But we shouldnt care if someone could have prevented this, we should *only* ask "how can we improve to protect the system better in the future". But very often companies stop after finding someone to blame but never improve. <br /><br />And yes, you could have compress this blog entyr into one line;-)<br /><br />Talk more, not less!<br /><br />PS: we (as part of Security industry) should not blame the users for not listening to us, we should ask ourselves why people dont listen to us.<br /><br />If you want to change the world, start with yourself.Thomas Wallutishttp://www.wallutis.de/blognoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-627434467669226032014-03-27T17:40:01.560+01:002014-03-27T17:40:01.560+01:00Excellent post Rob, I agree with you 100%. Especia...Excellent post Rob, I agree with you 100%. Especially your last paragraph makes a lot of sense: almost everyone is on the internet right now, without too much knowledge of the dangers that lurk there.<br /><br />A basic knowledge about the hidden dangers should at least be known to the users, especially with all the social networks out there, they can be easily exploited.<br /><br />Cheers!<br />BartBarthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-86741097209134244642014-03-27T17:37:59.947+01:002014-03-27T17:37:59.947+01:00My pleasure! And thanks for the comment :-)My pleasure! And thanks for the comment :-)Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-37880809533565620562014-03-27T13:43:29.572+01:002014-03-27T13:43:29.572+01:00@Bart you have touched very interesting points in ...@Bart you have touched very interesting points in your article. I totally agree with you. The real point is that our enemy is the malware, not the security software, there are a lot of comments like "Antivirus A sucks", "Antivirus B is bad", "Antivirus A is betetr than B", etc. but the real question should be who damaged our computer ? The Antivirus or the malware ? The malware. Who has or tried to bypass the security software ? The malware. Don't forget that is always the malware that try to infect your system, and don't forget that when there is a door, there is always the 0000000.1% for the malware to find a hole and enter in the room, including social engineering attacks, MITM attacks, etc. This should be taked into consideration from both users and security software vendors. But again, the malware is the author of the intrusion. It is really hard to handle and detect all types of malware, but we should not forget that the malware remains our enemy, not the security software, so we should always blame the malware, why ? Because it is the intruder, that tried to bypass the security software, install in the system, steal sensitive information, hijack security software, etc. The user should also understand how to correctly and safely browse the web, that it is not safe to install unknown software without prior checks, to not open every attachments on emails, to not buy everything that is cheap from online shops (counterfeits), to not trust everyone, etc. For sure security software should better cooperate with each other to take down the malware domains, C&C, botnets, and more easily share information. I think there should be less comparison-propaganda and more sharing-cooperation motivations. In my personal experience is very hard to shutdown a botnet, especially big botnets, instead it should be at least easier, when there are enough proof of botnets, the domain registrar and/or the IP owner should immediately take the needed actions, without too delays and/or very long silence. Domain registrars should handle somehow a blacklist of specific email addresses used to frequently register C&C domains and malware domains, there should be more monitoring from the domain registrars, probably. I also believe there should be more information coming from TVs and schools, the WWW is going to be used by almost every user on the world soon, and the social networks are becoming extremely popular too, without the correct information and without the "you-should-not-do-this" or with the "you-can-do-this-if" propaganda there may be always caos, that may benefit the malware, because even with a basic knowledge the user itself can reduce a lot the percentage of infection, just following some recommended steps to stay, at least a bit, safe online.Robnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-8951951594701434242013-10-27T18:57:40.889+01:002013-10-27T18:57:40.889+01:00Thanks for share knowledge .it will be helpful for...Thanks for share knowledge .it will be helpful for us. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-88692394522144319122013-09-22T14:13:49.315+02:002013-09-22T14:13:49.315+02:00Thanks.Thanks.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-80378569088879760392013-09-20T04:23:30.469+02:002013-09-20T04:23:30.469+02:00I found this information on the "forum malwar...I found this information on the "forum malwarebytes.org" and was very impressed to your post.AnakSEO.comhttp://www.anakseo.comnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-21991673539995569612013-09-19T11:00:06.667+02:002013-09-19T11:00:06.667+02:00Thanks Txerra!Thanks Txerra!Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-21344446565032012392013-09-18T13:13:02.176+02:002013-09-18T13:13:02.176+02:00Good post Bart, finally the target is clear... mor...Good post Bart, finally the target is clear... more cooperation is needed.Anonymoushttps://www.blogger.com/profile/16490705755539680622noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-45181835706714600672013-09-18T11:03:24.010+02:002013-09-18T11:03:24.010+02:00I did improve the blog a bit, glad you noticed! Th...I did improve the blog a bit, glad you noticed! Thanks for your feedback! Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-18353667591739920772013-09-18T10:58:30.513+02:002013-09-18T10:58:30.513+02:00Thanks! Thanks! Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-78860146571059319212013-09-18T10:50:06.443+02:002013-09-18T10:50:06.443+02:00Thanks! I can only imagine what a nightmare it wou...Thanks! I can only imagine what a nightmare it would be to have your bank account cleared or being impersonated for example.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-26056683947807789622013-09-18T10:49:12.207+02:002013-09-18T10:49:12.207+02:00Hi Silva, thanks for your reply.
Correct indeed! ...Hi Silva, thanks for your reply.<br /><br />Correct indeed! Realization of the possible dangers on the web is a first good step for users. <br /><br />I'm not saying blaming helps anything, but that is also a step in the good direction - transferring our focus onto the bad guys. Exactly right, through cooperation we can succeed!Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-29159158316610609592013-09-18T10:30:14.938+02:002013-09-18T10:30:14.938+02:00Very true, Patrick!
"and it will take a con...Very true, Patrick! <br /><br />"and it will take a consolidated effort of all parties concerned to try and limit its impact om both our professional and private lives."<br />This is the essence of my blog post, a consolidated effort of all parties is necessary to counter these threats.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-69690422609314839652013-09-17T16:13:16.295+02:002013-09-17T16:13:16.295+02:00Nice pleasant to read with the new background! I&#...Nice pleasant to read with the new background! I'm waiting for more nice articles! I hope more CEO's and System administrators read this blog. More cooperation is needed.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-87978324705797096832013-09-17T15:54:16.528+02:002013-09-17T15:54:16.528+02:00this post is appreciable, I really like it!this post is appreciable, I really like it!madhuhttp://madhu.google.comnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-24509914893909936552013-09-16T19:47:11.213+02:002013-09-16T19:47:11.213+02:00well written and you make some valid points, well ...well written and you make some valid points, well done! you're right when saying not too many info is available after your bank account has been cleared out, never had it before luckily :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-57215031796245875812013-09-16T12:25:45.273+02:002013-09-16T12:25:45.273+02:00You've raised a lot of points here, Bart, and ...You've raised a lot of points here, Bart, and I tend to generally agree with them :) I'm not much into finger-pointing, although I see that everyday, but I personally believe that all of us involved in security--yes, that includes users, too--have a certain responsibility to keep. The bad guys, more often than not, never bothers to take any sort of responsibility for what they did. If there is any "positive help" they can give us is that they make us realize that we made the wrong choice of leaving our systems not as secure as they should be. Acting on this realization is very important.<br /><br />We can blame the bad guys all we want, too, but at the end of the day, we, the potential victims, get to be responsible for keeping our systems as secure are possible and our computing habits as worthy of emulation as possible. What we see out there right now may seem like a dirty job, but it should not just be the job of one I believe.silvahttp://silvakreuz.blogspot.co.uk/noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-1698312678366540442013-09-15T09:51:41.912+02:002013-09-15T09:51:41.912+02:00Altough I think that the issue of "blame"...Altough I think that the issue of "blame" is valid and important, in view of the current developments and the trend of "BYOD" in a professional environment the issue of prevention and failing that, damage control, is the most important. Cybercrime like any other form of crminality has become a part of our day to day functioning, and it will take a consolidated effort of all parties concerned to try and limit its impact om both our professional and private lives.<br /><br />We should also realize that even people who are not using this kind of applications themselves are affected by the consequences of them. The money involved in fighting this are affecting everyone, not just the people using the system actively.<br /><br /> Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-72665300811803357442013-09-13T17:58:07.542+02:002013-09-13T17:58:07.542+02:00Good points! Although I do agree that many securit...Good points! Although I do agree that many security problems are flawed by design, I do not agree on the point that an @abuse contact would be ineffective. There should at least be a way to be able to make contact, right?<br /><br />That advice is indeed very old, and I'm afraid it's correct most of the times. Interesting that you note Microsoft gave this advice themselves though.<br /><br />I totally agree! Just buy a mysterious box and let it sit there - it will do all the work for you. IT isn't voodoo (well not always), so it should be made more accessible for everyone who even has the slightest interest. Also, the person who buys a box should understand there's simply more to it than that.<br /><br />And yes, luck plays a part in here, it depends on who is targeting you. (state-sponsored malware anyone? ;-))<br /><br />Thanks for your feedback!Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-77346183513746526752013-09-13T17:27:32.706+02:002013-09-13T17:27:32.706+02:00In this specific aspect of the article I decided t...In this specific aspect of the article I decided to state that free or paid antivirus do not matter, as long as there's an active protection on the machine (AV + FW). <br /><br />The debate about free versus paid antivirus is an entirely different one and I might take it on my plate someday as well ;-) . <br /><br />Of course! The standard reply would be "test X or Y antivirus and see what best suits your needs". If users come to us with questions, we'll answer them and point them in the right direction, but I see no need in "holding their hand" the entire time when they browse the web. <br /><br />This is why all the parties need to realize there's a need for change. And of course the 3 C's which I mentioned in the conclusion.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-36485695568242715392013-09-13T17:24:29.324+02:002013-09-13T17:24:29.324+02:00Thanks for your feedback! You make some valid poin...Thanks for your feedback! You make some valid points. <br /><br />However, realizing the malware writers are the only ones to blame is a good start... It won't help much but the main intention of this article was to basically stop the finger-pointing to other parties who have helped protect your machine(s) in the past and suddenly get the blame.<br /><br />Everyone needs to improve, everyone needs to step up their game and take their responsibilities. The bad guys will (unfortunately) not disappear into thin air, which is why we need to work together - not only all the technical parties, but users as well.<br /><br />Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-83428823487429934012013-09-13T17:05:45.868+02:002013-09-13T17:05:45.868+02:00Thanks!
While marketing plays quite a role (ie. c...Thanks!<br /><br />While marketing plays quite a role (ie. communication about new threats to media), it's not always fully FUD, but I do understand your point.<br /><br />The most important part however is that users learn something from antivirus' vendors blog posts, rather than get the full load of FUD over them.<br />Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-10259891431253417202013-09-13T17:00:44.841+02:002013-09-13T17:00:44.841+02:00Thanks! Each to his or her own writing style I gue...Thanks! Each to his or her own writing style I guess ;-) . <br />I did make the site lighter and easier accessible, but of course there's always room for improvement.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.com