If you’re wondering why this blog has been rather quiet for the last several weeks, it’s a combination of a heavy workload and travel schedule recently. I went to DC to attend the ASC Workshop and then went to the RSA Conference in San Jose.
I’m not much into doing essays ala “what I did this summer”, but I hope to incorporate what I’ve learned and observed over the past two weeks into future postings.
At the Antispwyare Coalition workshop, an issue for me was the bifurcation of spyware downloads. Illegal driveby downloads are down by the larger adware vendors (180solutions, Direct Revenue, etc.), whereas the nasty boys are getting nastier, using exploit after exploit to install software. We’re seeing the standard “exploit trio” now, where an illegal driveby download is attempted first through an old CHM exploit, then a Javascript exploit, then the WMF exploit (example).
Other issues that I was concerned about while there:
-The legal difficulties of going after slimeballs overseas.
-The fact that certain ISPs continue to be friendly to spyware scum, whereas as Dave Methvin (PC Pitstop) pointed out, you hit these guys with a notice that a page is in violation of the DMCA, and they jump all over it.
-The third party ad networks, which help fund spyware (more on that later).
At the RSA conference, I was in business mode all the way. We have a number of software development toolkits that we are marketing to other software and hardware vendors, and it was meeting after meeting after meeting, as well as meetings with the press. It was a good show for us.
We did spend a fair amount of time with the Microsoft security folks. Microsoft seems to be doing a lot of outreach to the security community and there were a number of events, such as a function for the SecureIT Alliance (which we are part of), a reception with MS Security Vp Mike Nash and a really pleasant luncheon put on by MS security guru Stephen “Stepto” Toulouse for bloggers. Two of our products were also finalists in the SC Mag Reader Trust awards and Carol, our biz dev VP, did the hard work of going to the awards banquet (it was a black tie event, which to me is ludicrous in laid-back California, requiring people flying in to pack a tux or a suit. I managed to back out gracefully).
Both the ASC and RSA events were a LOT of fun. It’s great to be with other people who are all in the security community. Everyone is on the same page and there are lots of really smart people around.
Anyway, I’m back now and thankful to be in my own bed.
Alex Eckelberry