Larry Seltzer

There was a time, it must have been at least five years ago, when we would tell users (at least unofficially) that if you were running an old version of an antivirus program with no update subscription, you were better off than with nothing, In fact, you would still block almost all of the threats […]

Microsoft has been moving slowly, and lately more steadily, towards an approach of having users run, by default, with restricted privileges. The tools for letting users run in less-privileged accounts have for many years been better for domain-based managed networks, especially those with Active Directory, and the potential is there for far more power. A […]

When a term like “rootkit” gets enough buzz that the local Sunday paper mentions it you just have to expect vendors to blurt out that they have a solution for it, whether they do or not. I think this is what happened with Intels recent announcement that they are working on anti-rootkit hardware, a magical […]

In a recent panel discussion I was on it was suggested that spending on the conventional threat mitigation aspects of security was headed for a leveling off, and that the real growth was in compliance issues. This may very well be true. I dont know as much as I should about compliance issues, but when […]

You dont often get warning about a malware outbreak, let alone a month in advance. But according to iDefense, a security consulting firm owned by Verisign, on Jan. 5, 2006, there will be a substantial outbreak of the Sober worm. Its a Friday, so you might want to plan a three-day weekend. Ill probably be […]

Last week a serious vulnerability was revealed to relatively little attention from the press, or even from security circles. I think its a real nasty one, especially in as much as it will go widely unpatched. The program at issue is the ubiquitous Perl programming language. Perl is a scripting language, which means a lot […]

Trend Micros David Sancho paints a scary picture of a future with ubiquitous RSS capability that will come with the deployment of Internet Explorer 7. History has shown that it often makes sense to assume the worst in computer security, but not every assertion is reasonable. Sanchos paper discusses several potential developments in “bot worms,” […]

Youre out on the road. Suddenly you get a sharp chest pain, radiating to your arm. You can fight the pain just enough to dial 911 on your cell phone, but thats all you can do, and you sure as hell cant speak. If you were on a land line phone (other than maybe a […]

I only partly agree with Bruce Schneier when he criticizes the anti-virus industry for not finding the Sony rootkit for all the months before it was discovered by Sysinternals Mark Russinovich. Most of Schneiers criticism actually relates to the sloth they exhibited in adding detection once the threat was exposed, and the fact that they […]

Although the legal trouble for Sony may be only starting, I think the technical discovery phase has wound down. But there are some interesting lessons to learn from the whole rootkit DRM affair beyond the obvious stuff thats been in the news. Remember that Mark Russinovich installed the rootkit on his system unknowingly, just by […]