Open source, the new target of malware

It is now a known fact that no operating system is immune to malware
attacks.

But, for a few years, users could seek refuge in Open Source, as it was
a somewhat unpopular target for virus/trojan writers and hackers!

Recent reports regarding worms created to attack OpenOffice (the open
source answer to Microsoft Office) are a clear indication that days of
safety are long gone and that open-source software is becoming more
attractive to malware creators.

Simply, open source applications and operating systems are growing in
popularity, and where users go - malware goes!

The OpenOffice macro-based worm is quite sophisticated. It affects
OpenOffice users on several platforms including Windows, Linux and the
Mac. No escape, apperantly.

Some open source believers are pretending the OpenOffice worm is an
isolated incident, especially as very few cases have been reported; or
in ‘anti-virus talk’, the worm’s presence in the wild is very low.

But, Symantec say that’s only because of coding errors in the worm that
limit its ability to spread.

Watch out for better engineered worms soon, as hackers pay more
unwelcome attention to the platform!

OpenOffice has been downloaded over 80 million times, which represents
very fertile ground for an attack. It’s a new avenue to exploit, to
spread their worms and Trojans, and the home-user sector is a
particularly attractive target.

In fact, and according to Symantec’s latest Internet Security Threat
report, 98 percent of all targeted attacks are aimed at consumers.
Open-source software, in itself, is not necessarily more vulnerable to
attacks compared to proprietary software from Microsoft, for example.

But if ‘closed source’ software from multi-million dollar companies
claiming secure systems has flaws, imagine what ‘open’ software would be
like!

On the other hand, open source enthusiasts are saying that it’s already
very popular, yet the attacks are few. Is that as sign open source
software is more secure? Probably not, it just means hackers and virus
writers haven’t paid enough attention to it yet.

In our region, open source is just starting to pick up pace.
Unfortunately, widespread adoption could coincide with the emergence of
viruses.

Think of it in terms of ‘economies of scale’. If malware developers can
create something that will work reliably across Windows, Linux and Mac,
then it will give them ‘more bang for their buck’.
Malware creators are, after all, organized criminals selling their
services to phishers and spammers.

If there’s a a potential to profit, you will see malware creators
entering a platform. It’s just the simple law of digital evolution.

zanasser@gmail.com

Google scores low in privacy rankings

Again, the issue of privacy on the Internet is being debated by governments across the world, and Google is at the center of this discussion.

Regrettably, reports actually show that the world’s biggest ‘information gatherer’ hasn’t done enough to ensure its user’s privacy!

A recent report into corporate surveillance of customers has attacked the approach to privacy of Google and other major players.

The report goes as far as saying that Google's attitude towards privacy puts it “at the bottom" as far as standards of corporate surveillance are concerned.

The search giant's attitude was attacked as being "hostile" and "ambivalent", following a six-month investigation by Privacy International into the privacy practices of more than 20 internet-based companies.

Google came bottom of the privacy rankings, which included other internet heavyweights such as Apple, eBay, Microsoft and YouTube.

The report, A Race to the Bottom: Privacy Ranking of Internet Service Companies, said Google was ranked last partly due to its "aggressive use of invasive or potentially invasive technologies", market dominance and the size of its product range.

Google gathers and retains large quantities of information about its users and their activities.

A Google spokesman said Privacy International's report is based on "numerous inaccuracies and misunderstandings" about Google's services and the company stands by its record for protecting user-privacy and offering products that are transparent about what information is collected.

Google was the only company to earn the bottom ranking for "comprehensive consumer surveillance and entrenched hostility to privacy" but none of the companies featured in the report got the highest "privacy friendly" ranking.

The report said the overall privacy standard of the key internet players is "appalling" with some companies demonstrating "mindless disregard" for the privacy rights of their customers. It’s strange that all of these issues are being discussed in the US and Europe and we don’t hear a single complaint from a governmental or ‘watch-dog’ body in the Middle East!

Don’t we deserve privacy too? Or are we just depending on the high involvement of our European and American counterparts to sort it out, and then we’ll benefit from whatever standards they implement?

Surely, we’re putting as much information about ourselves onto Google services (search, email, calendar... etc).

Is it possible that Google and other could have two sets of privacy standards? One for the countries that require stringent standards, and another one for the rest of us?I hope not!

zanasser@gmail.com

What’s next for Facebook, MySpace & others

The supposedly simple answer is finding a way to make money for the site owners- to sustain and develop the service- and for users- along the lines of Google Adsense and other profitable tools used by bloggers.

Why? Because holding a user’s interest in this age of cluttered media and hundreds of similar websites must come down to superior services and money making!

To quote a report by the Washington Post: “In the three years since networking sites like Facebook and MySpace exploded on the scene, they have revolutionized the way people interact online. MySpace had 67 million visitors last month, and Facebook, appealing heavily to college and high school students, had 23 million, according to ComScore. But even as the two sites combined add several hundred thousand members daily, the buzz can no longer mask questions about their business model.”

MySpace, which was bought two years ago by Rupert Murdoch’s Fox Interactive Media and then last year signed a $900 million advertising-and-search deal with Google, has yet to post a profit. In a recent study by In-Stat research, covering firm of 400 social-networking sites, very few had successfully answered that question.

Facebook have come with an answer, announced last week, with a program that allows other parties to introduce Facebook features, which would promote revenue sharing. A Facebook member could add a feature that compiles the songs he listens to on his iPod and then informs everyone in the network of these favorite tunes. Others in his network could do the same, and this could automatically create a list of favorites reflecting the member’s entire social network.

The Washington Post, for example, is contributing a feature called “Political Compass” that allows users to determine their position on the political spectrum, based on answers to a short online questionnaire, and share that with other Facebook members.

These approaches would permit site’s members to add new, interactive features to their Facebook pages and share them with others in their online network.

The idea is for social-networking sites to make themselves more “media rich” to attract new members and retain old ones. This is particularly important because young Internet users tend to be fickle.

The next wave could come from smaller, limited community sites in which members have a common interest. This would be on the other side of the ‘social networking divide’ compared to the tens of millions of users on Facebook and MySpace. In the US, already, sites are popping up for people with spouses in the military, or moms who want to quit smoking or fans of “Grey’s Anatomy” and so on.

It’s a new trend called “Social networking with a Purpose”. It could result in a situation whereby mature users are on these specialized and limited networks, while their children and younger people stick with the ‘millions of dating and entertainement’ possibilities offered by Facebook and MySpace.

It should be interesting to see how these trends evolve. So, the answer to “what’s next” is not so simple after all!

zanasser@gmail.com