Language Selection

English French German Italian Portuguese Spanish

RSS, Spyware’s next frontier.

Filed under
Security

Richard Stiennon VP of Threat Research at anti-Spyware company Webroot Software, Inc earlier this year announced his predictions for 2005 in relation to security vulnerabilities and Spyware problems. Most of the predictions were fairly predictable like:

The number of new Microsoft vulnerabilities will grow.

Which isn’t a surprise to anyone in the IT industry and probably a good many people that aren’t. Other predictions like: The US and European nations will pass anti-spyware laws, and the number of different types of spyware will double to 3,000 are not exactly unexpected either.

However at least one of the predictions causes a pause for further thought. In short one prediction that RSS syndication will soon be used as a tool to distribute advertising, Spyware and other malicious code. RSS is basically just XML so the medium isn’t potentially dangerous by itself, but flaws that target specific RSS readers could conceivably result in the transfer of Spyware. RSS is already being used to distribute advertising so that one isn’t a surprise either. RSS has most of the benefits of E-mail and that means it also has most of the problems. One of those problems is that malicious parties can use social engineering tricks to get people to follow links in RSS to download malicious content, which is probably what Mr Stiennon meant. The problem with that theory is that a user must first subscribe to an RSS feed to be at risk at all, which makes it considerably less reliable a method of transferring malicious content then E-mail or web pages.

One other prediction Mr Stiennon made was that Firefox would become the target of Spyware sometime in the first half of this year. I’m not so sure about this one because it is mostly the more techie users that have become hooked on Firefox and they would not be particularly good targets for Spyware since they are also the kind of users most likely to have anti-Virus and anti-Spyware software running, if they are using Windows that is.

Source.

More in Tux Machines

2014: A Banner Year for Open Source

Open source was initially adopted for low cost and lack of vendor lock-in, but customers have found that it also results in better innovation and more flexibility. Now it is pervasive, and it is challenging proprietary incumbents across technology categories. It is not only mainstream, open source is truly leading innovation in areas like cloud, mobile, big data, the Internet of Things, and beyond. As we embark on a new year, I cannot help but reflect on the speed with which technology is changing. Rapidly delivering technology is about much more than just the technology – it is about people and culture. More than ever, this is why executives are looking at key technology companies – including Red Hat – as their partner instead of as a vendor. Read more

IsoHunt releases roll-your-own Pirate Bay

Open Source Meritocracy Is More Than a Joke

In January 2014, Github removed the rug in its office's waiting room in response to criticism of its slogan, "United Meritocracy of Github." Since then, the criticism of the idea of meritocracy has spread in free software circles. "Meritocracy is a joke," has become a slogan seen on T-shirts and constantly proclaimed, especially by feminists. Such commentary is true — so far as it goes, but it ignores the potential benefits of meritocracy as an ethos. Anyone who bothers to look can see that meritocracy is more of an ideal than a standard practice in free software. The idea that people should be valued for their contributions may seem to be a way to promote fairness, but the practice is frequently more complicated. Read more Also: Unmanagement and unleadership

Linux Kernel Developers Consider Live Kernel Patching Solution

kPatch and kGraph may soon enable live kernel updates on all Linux distributions, making it possible to apply security and other patches on the open source operating system without rebooting. Read more