2. Virus Writers Ignore Apple Macs and iPads
The iPad has only been on the market for a month, but hackers have already found a way around its security features, at least for those using the tablet in tandem with a Windows PC.
According to the BitDefender, (an anti-virus maker) "This particular threat comes in the form of an unsolicited e-mail, promising to keep iPad software updated 'for best performance, newer performance, newer features and security.' Via a conveniently provided link, the email instructs iPad users to download the latest version of iTunes to their PCs. The download page to which users are directed is a perfect imitation of the one they would use for legitimate iTunes software downloads."
Once downloaded, the code opens a backdoor into the system and attempts to read the keys and serial numbers of the software installed on the affected computer, while also logging the passwords to the victim's ICQ, Messenger, POP3 mail accounts, and protected storage.
This threat does not target Mac computers--but don't get smug, Apple fans. Macs are vulnerable to other threats. The main reason you hear less about attacks on Macs, is that hackers prefer to go for systems that have the widest possible distribution, and that means Windows. At this year's CanSecWest conference, security researcher Charlie Miller used a flaw in Safari to break into a MacBook in under 10 seconds.
3. The Amount of Malware is Waning
In fact, the threat is growing exponentially. McAfee got an ugly black eye in April when a so-called false positive by its anti-virus software crashed machines running Windows XP. But even the company's competitors were quick to acknowledge that the mishap could have happened to any of them.
The big reason: The exponential growth in malware and infected Web sites.
"We're identifying 20,000 or more signatures every day," says Zulfikar Ramzan, technology director of Symantec's security response group.
By signature, he means the footprint of a newly discovered bit of malware. Ideally, each signature goes through a quality assurance procedure that makes sure it is, in fact, malicious. In the McAfee case, the automated procedure slipped up, and wrongly identified a Window's system file as malware. And that's why XP-based PCs with that particular update crashed.
"The explosion of signatures means humans can't analyze them, so we automate," says Ramzan. "But as we add more automation, the risk of false positives increases, and so does the performance hit to machines."
Symantec, for one, has been utilizing new methods for identifying malware (including poisoned Web sites) including the use of crowdsourcing, or what the company calls reputation-based screening. Millions of Symantec customers allow their machines to send data on infected files and Web sites to the company's servers. Once the data is scrubbed of identifying information, it's used to build a database of known malware.
Sign up for Computerworld eNewsletters.