MaS is about computer security, malware and spam issues in general.

2007/11/28

Spam like a pirate


Ok, usually I don't read my spam, but this caught my eye:

Subject: in waiting

Ooh u, bonny varmint. ya do have eyes for a gratis French stuff, I know it. But damn, who do not. Visit me and ball off on my pictures, my dear.

and then the web site, replacing the dots with spaces to foil spam filters and some very unusual junk words. I'm not sure how it got through the filters (and I'm not really that concerned. But, at least it was kind of poetic.

[Picture credits: http://flickr.com/photos/earlg/ used under the creative commons license]

2007/11/27

Going shopping with someone else' fingerprint


From Germany, Heise reports on an experiment that the German TV station ARD did with the Chaos Computer Club to see if someone could use another's fingerprints to go shopping in the Edeka supermarket chains that have implemented payment by fingerprint ID. Next time I'm over in Germany I'll have to look at the setup, but it sounds like they are using the fingerprint for both identification as well as authentication. With this sort of set up, even using the fingerprint just for authentication would be a mistake, but this would be criminal if it is the case. Fingerprints are at best indicative of an individual and this fact has been made to good (and usually correct use) in criminal investigations where other evidence already exists to narrow down the suspects. However a lot of the recent applications are trying to misuse fingerprints for identification and that is a big mistake born of a lack of understanding of the technology.

Security software quality and a more complete solution

This article is mainly critical about the quality of existing security software, which may or may not be justified. People have a higher expectation of quality when it comes to security software and there have been a number of incidents recently that have been very disillusioning. OTOH, at least AV software tends to mutate fairly rapidly compared with regular software and that reduces the usable attack surface somewhat.

More relevant to me would be that the concept of these pieces of security software being isolated solutions is becoming problematic. While I cant see any meaningful movement in this direction, I do believe that security software will have to become an ecology: each component piece will have to work with the other pieces in a concerted way to defend the network in a far more autonomous fashion than currently is the case.