Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spyware for Corporate Espionage

Posted by michael on from the outlook-deemed-harmful dept.

therufus writes "Late in July, an e-mail that hit employee in-boxes at a British credit card and finance company carried a secret payload--spyware capable of recording confidential corporate data and sending it over the Net."

6 of 216 comments (clear)

  1. Re:Questions... by Samus · · Score: 4, Informative

    Why do the corporate firewalls not block out-bound traffic to all ports but a select few HTTP/SSL etc?
    I think any decent sized corporation with a firewall admin does this already. The problem starts when you have protocols designed to circumvent firewall security. SOAP is nothing really but rpc over http on port 80. You can block whatever ports you want but as long as you have an outbound port opening somebody can find a way to use it.

    What kind of idiot sys-admin would allow the corporate users , to run their PCs with admin previleges , so that any unwanted junk s/w be installed on their PCs ?

    Again it doesn't really matter. All the buffer overflow exploits that have happened recently didn't make a check to a security manager to see if they could install a piece of software. Nimda, code red etc just installed themselves.

    What kind of stupid sys-admin allows .vbs, .js , .exe, .sws attachements thru the corporate email ?
    If you haven't seen the list of attachments outlook 2003 won't let you send you'll laugh your ass off when you do. Its basically any document that you can create with a Microsoft tool with a few of their competitors thrown in for good measure(pdf!?). I still think people will find ways to socially engineer their way around that one.
    Which genius allows unrestricted access to confidential corporate data to its users ?

    Doesn't really matter. If the pc of someone who is authorized to view that data is comprimised the cracker gets the keys to the kingdom.

    --
    In Republican America phones tap you.
  2. Obligatory Spyware Blocking Software Post by unassimilatible · · Score: 2, Informative

    At least for those with Windows boxes. My two favorites:

    Spybot S&D It's free and it "innouculates." Regular updates too.

    Spywareblaster. A little reduncancy, and it has a nice Flash killing tool as well.

    Honorable mention:

    Peer Guardian. In addition to RIAA IP address killing, it prevents loading of DoubleClick ads and snoopware. Regular blocklist updates, and IP addy's may be manually added.

    --
    Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
  3. Re:Stop Spyware at the Source by mysticgoat · · Score: 2, Informative

    Funny. Microsoft is to blame for spyware issues, but Kazaa, et. al. aren't the problem when it comes to piracy.

    Love the double standard. LOVE IT.

    Sorry, but I don't see the connection that you are trying to make between these two situations. The closest I can get is that some Microsoft products have subsurface design flaws that create opportunities for lawbreakers, while Kazaa is openly designed to offer opportunities to circumvent some laws in addition to other lawful uses. But I can't tie these separate statements together the way you suggest.

    Can you more clearly point out the connection between a flawed product that is dangerous to use in non-obvious ways and a product that is well designed but might be used for obviously illegal purposes?

  4. Re:Here's our nightmare scenario in the military.. by borgboy · · Score: 3, Informative

    Are you talking about the US Millitary? Siprnet is rather closely watched, computers are audited for unauthorized applications, people get in serious trouble for installing unauthorized software on a secure network machine. It isnt connected to the internet. Ever.
    And if you're not talking about siprnet, then that machine/person/network just really isn't important enough to worry about - from a national security perspective.

    --
    meh.
  5. Security, or Intellectual Property, you pick. by emil · · Score: 2, Informative

    In the security context, Kazaa is actually much more to blame than Microsoft. Kazaa installs New.Net and other intrusive applications that compromise the privacy of their users. It is true that Microsoft Media Player and Windows Update also collect data on the habits of the userbase, but AFAIK their software isn't quite so intrusive.

    In the context of preserving intellectual property, Kazaa is to blame to some extent, but perhaps less so than Microsoft, Cisco, the phone companies and other infrastructure providers. Kazaa couldn't exist without a high-speed digital network with pervasive, ubiquitous connectivity. Kazaa is really only the "last mile" of a journey across a continent - because the infrastructure exists, destroying Napster and its derivatives simply causes the network to evolve a more rugged replacement - because the effort to evolve a new Napster is almost trivial.

    In any case, Microsoft could do some very public things to improve security:

    1. Use Mozilla Gecko (or KHTML) as the core of Internet Explorer 7 (which also solves W3C compliance issues).
    2. Hire Theo de Raadt & company to review and repair the Windows source code.
    3. Offer $100,000 for any Windows exploit that is delivered to Microsoft no less than one month before general release on the internet.

    To date, Microsoft has done nothing more than some enthusiastic chest-thumping about security. They have not seriously engaged a solution, and they are losing sales as a consequence.

  6. Gator does not make AD-Aware! by BillX · · Score: 2, Informative

    Gator does not make AD-Aware. Lavasoft makes AD-Aware.

    You might be thinking of Spyware Nuker, which was spun off of the company (Lions' Pride Enterprises) that made the "Yo Mama Osama" spyware.

    --
    Caveat Emptor is not a business model.