In Updates We Trust.

Remember my recent post on Application Control?

Well, after its publication I was flooded with all sorts of e-mails with comments thereon. Of particular interest were several cynical messages claiming something like, “The application control idea is sooo simple, there’s no need for any highfalutin special “Application Control” feature. It can be dealt with on-the-fly as applications are installed and updated.”

Yeah, right. The devil’s always in the details, my cynical friends! Try it on the fly – and you’ll only fail. To get application control done properly – with by far the best results – you need three things besides that “it’s easy” attitude: lots of time, lots of resources, and lots of work going into implementation of a practical solution. Let me show you why they’re needed…

On the surface, it’s true, it could seem Application Control was a cakewalk to develop. We create a domain, populate it with users, establish a policy of limited access to programs, create an MD5 database of trusted/forbidden applications, and that appears to be it. But “appears” here is exactly the right word: the first time some software updates itself (and ooohhh how software today loves to update itself often – you noticed?) the sysadmin has to write the database all over again! And only when that’s completed will the updated programs work. Can you imagine the number of angry calls and e-mails in the meantime? The number of irate bosses? And so it would continue, with every update into the future…

To the rescue here comes running a mostly unnoticeable but mega-useful feature of our Application Control – the Trusted Updater. It not only (1) automatically updates installed programs while simultaneously bringing the database of trusted software up to date, it also (2) keeps track of inheritances of “powers of attorney” attracted to the updating process. The former is fairly straightforward and clear, I think. The second… let me explain it a bit.

Let’s take an example. While performing an update, some software launches, let’s say, a browser (for example in order to show the user’s agreement), and transfers to it its access rights. But what happens when the update is completed? Are you twigging what I’m getting at here?… Yes – in some products the browser keeps the inherited rights until it’s restarted! So until then it could perform an action that is actually forbidden according to the security policy – for example, to download something from the Internet, and, more importantly – to run it. What’s more, the browser gets the ability to call on other programs and give them the enhanced rights of the updater. Oht-Oh!

Turns out a single update could bring down the whole security system through incorrect access rights’ management during the update process. Scariest of all is that this isn’t a bug, it’s a feature!

Anyway, back to our Trusted Updater. What it does is take full control over the update: as soon as the process has finished, it restores the rights back to what they were before the update – for the whole chain of affected programs. Another handy trick is its knowing beforehand which updaters can be trusted – there’s a special category for them in our Whitelist database. And should a sysadmin want to, he or she can add other updaters to this category with minimal effort but with a good addition to the level of the network’s overall protection from all sorts of sly backdoors.

Application Control

More: The four scenarios of implementing for controlling software updates…

Shanghai – Slow Trains, Fast Cars.

Ni hao, all!

Shanghai – what a place. It’s really quite something. I mean in terms of its size (massive), the quantity of skyscrapers (plenty), the size of two of its airports (huge), and the number of stack interchanges and double-decker highways that crisscross the city (it contains probably several hundred miles of eight-lane roads – incredible). Blade Runner-esque Tokyo – move over! But I’m never lucky with the weather when I visit. This time Shanghai was once again covered with a haze so thick I could only see a few miles into the distance.

Tokyo

More: Maglev experience and F1 Shanghai-style

Cherry Blossoms – ver. 2012

Hi everyone!

Time for some catch-up. Been getting behind on my blogging duties. And that’s down to my suffering a bit of late due to an overloaded schedule. Four cities in a week (not including Moscow) – it’s become quite tough. Before I could manage – no worries. What’s with me? Just need some rest and relaxation, I guess.

Anyway – enough moaning, and back to it! Oki-doki…

And so, there we are again – in Tokyo! Japan – a unique country that can be compared with no other; and Tokyo, its capital – a crazy, magical metropolis that just blows the mind. It’s a place you really need to see in the flesh – photos only go so far in giving you an adequate impression. Therefore, to anyone who still hasn’t had the chance of visiting Japan – get there as soon as the opportunity arises! I wholeheartedly recommend it.

Japan

More: Cherry blossoms, business, and Blade Runner …

Enter your email address to subscribe to this blog
(Required)

Apple – Listen to Us, Before It’s Too Late!

Which is better – Mac or PC?

By now the eternal debate will have come on to the radars of even the most non-geeky types, and those who still don’t have a position on it – normally a passionate and unwavering one – are fast becoming extinct. Last week of course the ongoing debate was seriously influenced by news of the Flashfake botnet for Mac OS X. It seems that cybercriminals are now joining the large numbers of users migrating from PC to Mac…

More: Why/what/who/how? Read on…

Oman? – Yeh’ Man! Or – From Moscow Snow to the Arabian Heat.

Salam alaykom, everyone!

Next up on my spring globetrotting tour with T.T. – Muscat, the capital of Oman, for the Cyber Defense Summit. Here under the chandeliers were gathered together ministers and other government representatives, bosses of top corporations, the FBI and other legal enforcement bodies, and so on. The event was a closed one – as in, not open to the press. Ooh – secrecy! All the same I managed to fit in eight interviews.

Cyber Defense SummitA ceiling to be admired – just ask the gent in the orange head dress

More: Now for a few facts about the Sultanate of Oman

The World’s Gone Virtual – So Have We.

Why and How We Decided to Protect the Virtual Environment.

Over the last dozen years in the IT industry all sorts has gone on, but in the main what happened was the blowing up, bursting, and blowing up again of bubbles. Thankfully, against this depressing backdrop there are several examples of how things should be done – stories of technologies passing through all the stages from conception to industrial mainstream. One of the most interesting examples of this is virtualization.

Virtualize Cartoon

To start, as per tradition in these tech-themed posts, let me go over the basics. For those who already know the basics of the topic, you can skip this by clicking here.

More: Agent-less malware protection vs Disadvantages of virtualization security…

We Just Keep Picking Winners: Not Only Ferrari, but Also a Centurion!

As I’ve mentioned here before, tearing up the rulebook is an internal slogan of our marketing department. Sometimes the proverbial tearing up of the rules occurs in explosive fashion (for example when we recently arranged for a Japanese Awa Odori dance to be performed at the Barcelona Carnival); other times, the ripping up takes place at a calmer pace and over a longer term. Incidentally, there’s a completely separate format – that of our philanthropic initiatives; but we tend not to harp on about these too much.

Anyway, let me tell you about another rulebook-shredder of the calmer, longer-term kind…

For several years our “face” in the Asia-Pacific region (APAC) was Jackie Chan. Everyone was pleased with this set-up, me included of course, and so we decided to continue in the same vein, but with a slightly different – Indian – slant, especially since KL’s prospects in this country are looking nothing less than spectacular. So in September 2011 we gladly announced that Sachin Tendulkar – the international cricketing legend – became our Brand Ambassador.

Brand Ambassador

More: So, what’s all the fuss about?

Cassandra Complex… Not for Much Longer.

Top o’ the day to ye!

It’s fair to say I’m a bit of an IT-paranoiac, and most of you will know by now I’m not one to hold my tongue about my fears of possible future Internet catastrophes, or the greed and degeneracy of cyber-wretches – plus the massive size of the threat they represent – and so on.

Because of this tendency for speaking openly and plainly I constantly get accused of purposefully frightening everyone (and in my own self-interest). But I don’t mind, even though it’s nonsense. So I’ll keep on calling a spade a spade – telling people what I think is right – regardless!

The evolution of cyber-Armageddon is moving in the predicted trajectory (proof it’s not just a matter of my frightening folk just for the sake of it); this is the bad news. The good news is that the big-wigs have at last begun to understand – to the extent that often in discussions on this topic are heard my horror stories of old practically word-for-word. Looks like the Cassandra metaphor I’ve been battling for more than a decade is losing its mojo – people are listening to the warnings, not dismissing and/or disbelieving them.

More: Five main problems for IT security …