Report

Ben Edelman, Harvard privacy researcher and guru has revisited the features of Google Toolbar and was appalled to discover that disabling it doesn’t really disable it. He is recommending that all users uninstall it. In a long, thorough and well-written piece on his blog Edelman discusses how he monitored the Toolbar’s behavior with a network sniffer and documented the transmission of data back to Google (to toolbarqueries.google.com). Not only does it track a user’s Google searches, but it also phones home information about searches done in other search engines. ...

The Danwei web site (Chinese media, advertising, and urban life) is carrying a rippingly funny blog piece by Alice Xin Liu about a recent Chinese government program that would have China Mobile monitor mobile telephone text transmissions for conversations of a sexual nature. Offenders’ (messaging) service would be cut off until they wrote a “self-criticism.” Xin Lilu said bloggers in China are having a ball with the idea that the government is trying to censor dirty jokes, which apparently are a significant part of the culture of Chinese people (as if they were any different than the rest of us). ...

Virgin Media, the UK telecommunications giant that supplies TV, phone and Internet services, has begun to use deep packet inspection determine if its Internet customers are sharing music or films. The monitoring system will check transmitted data against a database of copyrighted music and video to spot illegal file sharing. Virgin Media said the system isn’t keeping track of IP addresses of the transmissions and the technology isn’t designed to catch illegal downloaders, but it could. ...

The European Network and Information Security Agency (ENISA) has released a report that says 95 percent of all email is now spam. The report was based on surveying last year of email traffic by about 100 service providers in 30 countries. ENISA Executive Director Dr. Udo Helmbrecht said: “Spam remains an unnecessary, time consuming and costly burden for Europe. Given the number of spam messages observed, I can only conclude more dedicated efforts must be undertaken. _ _ “Email providers should be better at monitoring spam and identifying the source. Policy-makers and regulatory authorities should clarify the conflicts between spam-filtering, privacy, and obligation to deliver.” ...

Facebook recently rolled out new privacy settings that provides additional publishing controls. For example, Facebook users can now publish a photo to a selected list of friends. Clicking the “lock” icon opens the Custom Privacy settings. Once a photo is selected and the privacy options are set, the next step is to Share. As you can see, the default setting is set for Only Friends and this particular post is set for Only Me. ...

Notable highlights this month include the shift of the regions of message origin, and changes in the average size of spam messages. In recent months, APJ and South America have been taking the spam share away from the traditional leaders of North America and EMEA. However, North America and EMEA together sent 57 percent of spam messages in December 2009, compared with 50 percent in November 2009. With respect to the average size of the messages, the 2kb – 5kb message size category increased by seven percent, while the 5kb – 10kb message size category decreased by six percent in December 2009. With respect to all spam categories, health and product spam have increased and now account for 52 percent of all spam messages. Click here to download the January 2010 State of Spam Report, which highlights the following trends: ...

Researchers at McAfee labs monitor Koobface activities 24/7 via custom honeypots and while reviewing one such update we noticed a variant that had debug/log features. Unlike the traditional captcha breaking technique to create new accounts, this variant of the worm converts the infected machine to a bot. When we analysed the malware trapped in our botnet, we found that this variant of Koobface has a special feature for logging all activities carried out during the infection process in a log file . Log file is created under system root with date and time stamp for eg, C:\fb_reg20090612.log. ...

With the holiday season behind us, cyber scammers and spammers will now be looking towards the upcoming events and worldwide happenings that they can leverage to form the next waves of online trickery. The noteworthy ones on the horizon include Valentine’s Day, tax-filing season, and the FIFA World Cup – all of which will, in all likelihood, produce their own variety of social engineering techniques, online fraud, malware, fake websites, phishing, and spam. ...

InfoSecurity, a great site for computer security news, just put up a story asking the very old question: “Why don’t AV vendors name malcode consistently.” The lead on the piece was: “…Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn’t match up, leading to an admission that users will inevitably be confused by the results.” Great observation, sort of. ...

Following the addition of Win32/Hamweq to the MSRT last month, MMPC will continue cleaning PCs in 2010 by adding another prevalent worm, Win32/Rimecud, to this month’s removal tool. This is due not only to Win32/Rimecud’s high detection numbers, which immediately follow those of Win32/Hamweq, but also to the similarities the two families share with each other. In fact, as part of its payload, Win32/Hamweq may download Win32/Rimecud, contributing to Rimecud’s suitability as the next target for MSRT. ...