[shameless showoff plug]
I work for an insurance company that handles large ammounts of personal data who, contrary to the current trend actually cares about data security on our laptops.
I am absolutely an advocate of holding companies responsible for data theft, particularly given the options available to safeguard against it. We recently implemented hard drive encryptions software, and the implementation start to finsh took less than 2 months. It was a rediculously easy step to add a solid layer of security in the event that a laptop is stolen. The fact that this is not more widely adopted points to laziness and indifference on the part of corporate America.
[/shameless showoff plug]
What disturbs me as much as the frequency in which this "data loss" happens is the growing attitude that people should react to this merely by putting a hold on their credit and waiting it out. For the love of God people, when this happens to you STOP DOING BUSINESS WITH THESE INSTITUTIONS. By simply waiting it out, you are sending the message that security of personal data really isn't that important. Where's the benefit for profit-churning corporations to change their security model if loss of data does hurt them in any way? Now, if people started fleeing from companies that lost their data, then the message to rich execs would change to "Hey, if you customer data gets stolen, you will lose market share." That is guaranteed to produce a reaction.
Pass the laws, avoid companies that don't secure their data, and we may actually be able to change something here.
A solid product, though I dislike the fact that the application layers are stored locally. When you step back and look at it, all that you're really getting with this product is the ability to create a custumized install package that can repair itself, which in my mind sounds remarkably similar to an MSI package and Windows installer. The only difference really is that Altiris SVS (I believe it's called) provides a more reliable uninstall method and gives you more control over repairs.
When you have a moment, take a look at the solution from Softricity. We recently had a vendor demo of the product, and it really is the more advanced of the 2 tools and is probably a better fit for larger enterprises. It stores the layers on the network, and provides the ability to download only the necessary components of the application locally. Their online demo shows MS Word running with something around 30% of the application loaded locally. Interesting stuff, I'm looking forward to getting my hands on it.
Either way, you are correct, software virtualization is coming. I look forward to the day when we can deploy PC's to our users with nothing but a clean image, and knowing that it will stay clean.
Agreed. I've been chasing this down on our corporate network all week.
I installed this virus on a test network last night. It was ugly to say the least. The test network was comprised of 5 clients, 1 DC, and 1 file server. When I ran the email attachment on a client, it immediately froze, consistent with the description on F-Secure. Upon rebooting with monitoring on, it launched numerous processes, and disabled Symantec immediately. Within 4 hours it had infected the other 4 clients & the file server.
We then flipped the switch on the DC & set the date to 2/3/06. Update.exe launched half an hour after login, and within 4 hours all.docs,.xls,.mdb files etc were corrupt on the local machines and the file servers.
Note that this test was performed with out-of-date virus defs as a test.
Here's an idea for those in a corporate environment. Create a software restriction policy for the executables associated with the virus: %systemroot%\system32\scanregw.exe %systemroot%\system32\update.exe winzip quick pick.exe winzip_tmp.exe
We did this in our test environment and it halted the virus completely.
Slashdot Mirror
[shameless showoff plug] I work for an insurance company that handles large ammounts of personal data who, contrary to the current trend actually cares about data security on our laptops. I am absolutely an advocate of holding companies responsible for data theft, particularly given the options available to safeguard against it. We recently implemented hard drive encryptions software, and the implementation start to finsh took less than 2 months. It was a rediculously easy step to add a solid layer of security in the event that a laptop is stolen. The fact that this is not more widely adopted points to laziness and indifference on the part of corporate America. [/shameless showoff plug] What disturbs me as much as the frequency in which this "data loss" happens is the growing attitude that people should react to this merely by putting a hold on their credit and waiting it out. For the love of God people, when this happens to you STOP DOING BUSINESS WITH THESE INSTITUTIONS. By simply waiting it out, you are sending the message that security of personal data really isn't that important. Where's the benefit for profit-churning corporations to change their security model if loss of data does hurt them in any way? Now, if people started fleeing from companies that lost their data, then the message to rich execs would change to "Hey, if you customer data gets stolen, you will lose market share." That is guaranteed to produce a reaction. Pass the laws, avoid companies that don't secure their data, and we may actually be able to change something here.
I've been testing this recently as well.
A solid product, though I dislike the fact that the application layers are stored locally. When you step back and look at it, all that you're really getting with this product is the ability to create a custumized install package that can repair itself, which in my mind sounds remarkably similar to an MSI package and Windows installer. The only difference really is that Altiris SVS (I believe it's called) provides a more reliable uninstall method and gives you more control over repairs.
When you have a moment, take a look at the solution from Softricity. We recently had a vendor demo of the product, and it really is the more advanced of the 2 tools and is probably a better fit for larger enterprises. It stores the layers on the network, and provides the ability to download only the necessary components of the application locally. Their online demo shows MS Word running with something around 30% of the application loaded locally. Interesting stuff, I'm looking forward to getting my hands on it.
Either way, you are correct, software virtualization is coming. I look forward to the day when we can deploy PC's to our users with nothing but a clean image, and knowing that it will stay clean.
Nope.
.zip & .rar.
Nyxem/Blackmal/Kama Sutra hits
http://www.f-secure.com/v-descs/nyxem_e.shtml
Agreed. I've been chasing this down on our corporate network all week.
.docs, .xls, .mdb files etc were corrupt on the local machines and the file servers.
I installed this virus on a test network last night. It was ugly to say the least. The test network was comprised of 5 clients, 1 DC, and 1 file server. When I ran the email attachment on a client, it immediately froze, consistent with the description on F-Secure. Upon rebooting with monitoring on, it launched numerous processes, and disabled Symantec immediately. Within 4 hours it had infected the other 4 clients & the file server.
We then flipped the switch on the DC & set the date to 2/3/06. Update.exe launched half an hour after login, and within 4 hours all
Note that this test was performed with out-of-date virus defs as a test.
Here's an idea for those in a corporate environment. Create a software restriction policy for the executables associated with the virus:
%systemroot%\system32\scanregw.exe
%systemroot%\system32\update.exe
winzip quick pick.exe
winzip_tmp.exe
We did this in our test environment and it halted the virus completely.