According to an article by the Associated Press, AOL in conjunction with a company called Skyhook have been building a database of locations linked to AIM users. This database is now being used for a feature that allows users with Wi-Fi enabled laptops to map the current locations of people on their buddy lists.

The fact that Skyhook has this information isn't anything new. They've been driving the streets of major cities for a number of years mapping Wi-Fi access points and detecting signal strength. Apparently, they have now over 16 million access points recorded from over 2,000 cities. What's new is that they're teaming up with AOL and using that info in conjuction with AIM. This will mean that some degree of privacy and anonymity with AIM users is compromised.

The Skyhook plug-in, available as a free download, adds a new grouping to AIM's buddy list window called "Near Me." That group will feature the names of any buddies who opt to share their locations and who are within a set distance from the AIM user.

Clearly AOL thinks that this will provide them a leg up in the IM wars. Marcien Jenckes who heads up the AIM division is convinced that this is functionality that IM users really care about.

"As we build these platforms for people to connect, we find that context is very important...people think through what's the right mechanism. It might depend on how much time I have to talk or how involved I want to be in the conversation or what I'm doing. Proximity or location is another one of those factors that will play an increasing role."

Mr Jenckes may be right but there some who are voicing big concerns regarding security and privacy. In my opinion, it depends on the implementation. If AIM users have the opportunity to opt into this feature as opposed to having it included by default, it's ok by me. After all, there are all kinds of information that we choose to make public that infringe upon our anonymity or privacy but we expose the information because we deem it beneficial to do so. The point is whether we have a choice.

Posted by andreyee in Privacy/Information Theft | Permalink | Comments (0) | TrackBacks (0)

Symantec released its Internet Security Threat Report - always a worthwhile read but be forewarned, it's also a decently long document.

A few highlights in report caught my eye. The first is a trend by hackers towards the use of medium severity, gateway attacks instead of direct, frontal attacks of high severity. These "gateway attacks" are of medium severity and used to gain a foothold in a corporate network environment, upon which to launch more significant attacks.

The second trend of using malicious techniques in combination - spamming, Trojans, phishing and bot networks all used in tandem - I think, signals bigger problems for the future. I've seen some of this already.

Finally, in the Futures section of the report, hackers are noted to be moving toward "staged downloaders". It's the idea of modular malware where a small specialized Trojan could perhaps download other malware components such as worms or backdoors. It is estimated by Symantec that as much as 75% of the top 50 malware reported had some sort of staged downloader capability. Think of it as service oriented malware, if you will, but it's another wrinkle in the kind of attacks we can come to expect.

Posted by andreyee in Industry Trends | Permalink | Comments (0) | TrackBacks (0)

I have to admit - I don't understand spam. As a means of reaching buyers, it must be incredibly ineffective. Has anyone reading this ever purchased anything from spam they've received? I didn't think so.

There's been a war against all kinds of spam - stock spam, meds/viagra spam, porn spam.... Now at least with regard to stock spam, the SEC has joined the act. They are getting tough with companies that push their penny stocks through spamming. (any surprise, these are penny stocks?)

As part of Operation Spamalot, the SEC suspended trading for the securities of 35 companies that have been the subject of recent spam email campaigns. These spam campaigns will often tout these stocks, seeking to entice investors with email headings like Make Money Quick or Ready to Take Off. You can read about it in the official SEC press release here.

I'm encouraged because the answer to spam and spyware isn't just technology but also to remove the financial incentives and create financially punitive measures.

Posted by andreyee in Spam & Spyware | Permalink | Comments (0) | TrackBacks (0)

I haven't blogged for about 4 weeks and I wanted to fill you in on what I've been up to. I left Check Point at the end of Feb, having completed my part in the transition of NFR. I expect great things for Check Point as they further integrate the NFR technology. What followed for me was a two week vacation to Singapore/Malaysia to visit family - no phone, mostly no email and definitely no blogging. After getting back, I was floored with a flu bug that I must have caught yonder so it's taken me quite a bit longer to get back into the swing of things. I promise - I'll be back to posting on a more regular schedule shortly.

In the meantime, I've enjoyed reading ebizQ's other security blog, Peter Schoff's excellent Twenty Four Seven Security. In particular, his post based on the wireless security entitled Seven Steps to Safer WiFi is a great one!

There are a number of tools like Kismet that will enable someone of relatively low technical skill, the ability to sniff on wireless networks . Now, Paul Graham's company Errata Security plans on releasing a new open source sniffer called Ferret that will sniff on traffic across 25 protocols. According to Graham, the tool can help discover the kind of info we expose when we sign onto and use a wireless network

"You don't realize how much you're making public, so I wrote a tool that tells you," said Robert Graham, Errata's chief executive.

You can read all about it here, if you're interested.

Posted by andreyee in Network Security • Wireless Security | Permalink | Comments (1) | TrackBacks (0)