crankygeek_tech_notes

By Gregg Keizer,

TechWeb Technology News MessageLabs on Friday fingered a pair of Trojans for pushing up spam rates, and said the duo use techniques that make it difficult for anti-virus vendors to keep up.

According to the U.K.-based security provider, the sharp increase in spam — a jump to 72.9 percent of all mail in October from the previous month’s 64.4 percent — was largely caused by two zealous Trojan downloaders that have been infecting PCs, then using them to spew huge amounts of junk mail.

“The Warezov Trojan is the most aggressive we’ve seen in quite a while,” said Paul Wood, a senior analyst with MessageLabs. “Once on a system, it downloads the next stage or component, but as it does, it changes a few bytes in the code and essentially releases a new version. That makes it very difficult for anti-virus systems to identify.”

By mutating its own code — done automatically, MessageLabs researchers suspect, though they haven’t found final proof — Warezov, aka “Stration,” expands the attack window. “If anti-virus companies take five to six hours to create a signature, the Trojan extends that time even further with these new versions,” said Wood.

story here

The torrent in spam that started in October may slow slightly after the first of the year, but users should expect more junk mail than ever in 2007, a messaging security company predicted Thursday. Spam volume is up 73% in the last three months, Postini reported, thanks to a one-two-three punch of a huge increase in the number of spam botnets and a major jump in the use of both image- and document-based spam. For the year, spam quantity is up 143%.

“It’s a triple threat, a perfect storm,” says Dan Druker, a Postini executive VP. “Spammers are using much more difficult [to stop] techniques than in the past, and the botnets are much bigger.” Some days in November, Postini, which offers enterprises managed antispam services, counted a million different IP addresses bound to incoming junk mail. full story here

What if you could rig it so that competing with your flagship product was against the law? Under 1998’s Digital Millennium Copyright Act, breaking an anti-copying system is illegal, even if you’re breaking it for a legal reason. For example, it’s against the law to compete head-on with the iPod by making a device that plays Apple’s proprietary music, or by making an iPod add-on that plays your own proprietary music. Nice deal for Apple.

Microsoft gets the same deal, courtesy of something called “Information Rights Management,” a use-restriction system for Office files, such as Word documents, PowerPoint presentations, and Excel spreadsheets.

We’ve had access control for documents for years, through traditional cryptography. Using PGP or a similar product, you can encrypt your files so that only people who have the keys can read them.

But Information Rights Management (IRM), first introduced in Office 2003, goes further — it doesn’t just control who can open the document, it also controls what they can do with it afterwards. Crypto is like an ATM that only lets you get money after you authenticate yourself with your card and PIN. IRM is like some kind of nefarious goon hired by the bank to follow you around after you get your money out, controlling how you spend it. story here