Saturday, February 2, 2013

Ars Technica's Useful Article:
The Basics On Malware

--

February 1, 2013, Jon Bordkin of Ars Technica posted a useful article about malware, well worth reading. It is entitled:

Viruses, Trojans, and worms, oh my: The basics on malware
Mobile malware may be trendy, but PC malware is still the big problem.

Here are my notes relating to the article:


A) Backups: Note how the #1 Rule of Computing: Make-A-Backup, saves your hide in nearly all cases of malware infection. That's why I also call it The #1 Rule Of Computer Security. I especially enjoy the ability to access a backup in the case of ransomware. Some malware rat is holding your computer hostage! And you don't care! You've got backups.


B) Multi-Malware: Note how viruses (as a form of malware) are essentially defunct in our modern era. They're old sentimental tech. Instead, everything else is being used in a variety of mix-and-match combinations. It is increasingly harder to define malware as just one form or another.


C) Social Engineering: Note how Social Engineering is being tied into just about all malware infection strategies. This is because the single least secure part of ANY system involving humans is: Humans. It's The LUSER Factor upon which the malware rats are depending. You get fooled, the rats PWN you. Therefore, software solutions are no longer enough. These days, training computer users is MORE important. That's one reason I write this blog.


D) ECMAScript: I take exception with the chart that lists "HTML/JavaScript". The conclusions of the chart are correct, except this specific malware vector is mislabeled.
  1. There is no such thing as HTML malware. HTML is entirely benign and hopefully will stay that way. It's the other code embedded inside the HTML that's dangerous, NOT the HTML.
  2. 'JavaScript' is a quaint misnomer these days. It is now adequately referred to only as ECMAScript. Actual JavaScript, that inanely named web scripting language created by Netscape, is only one part of ECMAScript. The two other major components are ActionScript, perpetrated by Macromedia (now Adobe), and JScript, perpetrated by Microsoft. ECMAScript is continuing to expand and include other forms of Internet scripting as well. The term 'JavaScript' isn't disappearing. But keep in mind that it is an outdated and inadequate term that actually refers to ECMAScript.
Therefore, the chart term "HTML/JavaScript" actually refers to ECMAScript.


E) Malware Rats: Replace the phrase "cat-and-mouse game" with "cat-and-rat game". Mice are too cute to refer to malware perpetrators.
;-)


F) FUD Alert! Replace the ignorant phrase "Apple's Mac computers, long seen as safe havens because of their low market share..." with "Apple's Mac computers, long seen as safe havens because of their superior UNIX OS security...". That's the fact of the matter.

Jon Bordkin is sadly only reciting disproven mythological FUD. I have personally disproved 'Security Through Obscurity' FUD, as applied to Macs, on several occasions. You'll find I did so years back on this blog. You won't ever find anyone proving the Mac STS FUD to have any basis in fact because there aren't any supporting facts. Instead, you will find that all BSD based UNIX OSes are consistently found to be the most secure operating systems available, as determined by both reputation and testing. That includes OS X, which is certified UNIX.

If anyone would like me to rip the ignorant 'Security Through Obscurity' bullshit to shreds again with contemporary data, just let me know. I'll even let you provide the data, as long as its factual and current. That's a dare. (^_^)


G) Bad Code: My personal phrase about modern software development is: Modern code development is well beyond the comprehension of any one human being. This unfortunate fact is proven every day.

One fun ramification of this problem is that if we ever do create an actual 'Artificial Intelligence' (AI) system, we can be certain that it will be severely deranged. IOW: SkyNet would be buggy-as-hell and extremely self-destructive. Whether SkyNet would be capable of cleaning up its own coding bugs is another matter. ;-)


H) Rootkits: OS X hasn't had any rootkits worth noting. However, there IS anti-rootkit software available for OS X, if you're interested! Rootkits may well be worth our attention in time. Here is where you can read about and download the latest version of RootKit Hunter:

http://rkhunter.sourceforge.net

If rootkits become of concern to Mac users, expect me to provide articles about how to install, use and interpret RootKit Hunter. For now, my writing about rootkits would only add unnecessary concern and confusion.

~~~~~~~~~~~~~

Also of interest:

Andrew Cunningham at Ars Technica has written an earlier companion article, also worth reading. It is entitled:

Keep it secret, keep it safe: A beginner's guide to Web safety
Understanding encryption is key to protecting yourself on the Web.

If readers are interested in me writing about encryption software for Macs, please let me know.

:-Derek



No comments:

Post a Comment