Wednesday, February 20, 2008

Friendly worms, oh no not again?!

The New Scientist article on the Microsoft research "friendly worms" paper excited more annoyance than admiration everywhere in the research community and far abroad. It gives you a completely different dimension however when you really read the actual paper which can be found at MS. While it does refer to malware from time to time to illustrate distribution models, it’s several levels of abstraction away from the self-distributing patch mechanism that New Scientist seems to think it’s about. Of course I don’t know what the researchers in question said directly to New Scientist. So to my opinion this is all a little bit too exagerated ... something like a storm in a teacup. Or maybe the New Scientist journalists were hungry to use a flashy 'headline' because it attracts people ... well at least they succeeded in that way. The article is being (mis)used everywhere in the world maybe even by this Blog.

Of course the industry including myself hates the idea of unnecessary replicative code with a passion. While a self-replicating program can, in principle, do anything a non-replicating program can do, no-one has yet found a job that has to be done by a worm. The history of malware is littered with replicative programs that caused more damage than the writer ever intended because he failed to take into account every possible scenario that could arise.

An interesting read is definitely Vesselin Botchev's paper.
I really love this paper and it blows away everything. ;-)

To my opinion there is no such thing as a good worm, all malware in general are bad and it's the task from the security industry to protect you against it and not to write them .... pffff, and this was not the first time I've said this ... you will see that this problem or let me say this 'misunderstanding' will pop up again in the future unfortunately.

Kaspersky Lab appoints Eddy Willems as Security Evangelist

As promised the press release with below some interesting press articles after the release ...

" ’s-Hertogenbosch, February 12 2008 - Kaspersky Lab, a leading developer of secure content Management solutions, has employed Eddy Willems as Security Evangelist on February 1st 2008.

Eddy Willems is assigned to the virus analysts of Kaspersky Lab Worldwide however he will concentrate specifically on the Benelux. Together with several other external experts he will be globally responsible for a good communication and also for giving a statement of the contemporary and future security related problems to the press, distributors, resellers and end users.

Willems takes an active part in the IT-security business for more than 18 years and that’s why he gained experience and established an excellent reputation for himself in this branch. So he was employed as an Anti-Malware Technology Expert at NOXS Belgium, a Westcon Group Company, he also is well-known for being co-founder and Director Information and Press of the EICAR organization (European Institute for Computer Anti-Virus Research). In addition to his work as a Senior Consultant with large companies he was active as an antivirus researcher, Wildlist reporter, security trainer and speaker during various international security conferences. Also the Belgian government has several times made an appeal to his expertise. One of his recent projects included a good attempt at introducing ‘safe ICT-behaviour and application’, within primary education, so computer crime will be driven back.

Eddy Willems about his recent position: “Kaspersky Lab can be defined as a strong dynamic company with high standard and innovative technical solutions. With present IT threats and the explosion of new malware these characteristics are of great significance for an outstanding Anti-Virus and Internet Security Vendor. What appeals to me is the fact that Kaspersky will absolutely be committed to stay focussed on the content security market and will not buy at random and fix solutions by sticking, but will remain experts in Secure Content Threat Management (SCTM). Solutions are being reinforced with global and efficient infrastructure of support for both the channel and the end users”.

Dick Geheniau, Managing Director of Kaspersky Lab Benelux agrees with Willems: “For the last couple of years we notice a strong increase in our turnover in commercial as well as governmental business. Our Certified Partners are well trained for this purpose and yet at any time they can make an appeal to experts like Eddy Willems and Roel Schouwenberg. Companies and institutions who will get off to a good start with Kaspersky Security solution will immediately get access to the unique ‘Early Alert Service’ and access to Kaspersky’s global team of experts”."

See the press articles at my press page:
Datanews, It Professional, VNU net, Channelweb, etc ...

Tuesday, February 12, 2008

A new job, a new life or not?

Two weeks without nothing on my blog is nearly impossible but this time I had to stay on the side ... however just when the press release about my move to my new job was nearly ready, the press itself arrived at my frontdoor to do an interview with me about the exponential growth of the malware we saw the last months. The newspaper 'Het Nieuwsblad/Gentenaar' published this at their frontpage yesterday.
If you want you can find the full article here.
I got some radio interviews (4Fm,Qmusic and Radio 2)in the early mornings about this problem as well... with my early morning voice (more later at my press page).

And oh yes .... I'm working now for Kaspersky Lab Benelux as Security Evangelist and will be working together with the analyst team from Kaspersky Lab worldwide to spread the security 'word', if you know what I mean. Of course my focus will be on the Benelux market.
I will publish one of the next days the press release here, so you can read the official words about it yourself.

BTW did you know that I started my first day in Moscow with me doing already a presentation in front of my new colleagues. I can assure you this gives you special vibes. :-)