Friday, August 28, 2015

Trick or treat?

RIP Flash. With only two words we can summarize the future of this Adobe technology. In a movement that maybe joins many interests, Google advances Halloween and announces its "trick or treat": from the next Monday September the 1st the not essential contents in Flash could only be seen by user request. In other words, when we use Chrome browser we'll see a grey block instead of these contents. Mozilla, Whatsapp and Kaspersky are the three names of the rest of this halloweenian day of August.

Performance, corporatism or security? From Mountain View say that the block of Flash contents will try to improve the performance of Chrome, affected when it has to show two or more contents from Adobe. This also means, as the more critic point, that a good proportion of advertisers will have to change their advertising model to HTML5 standards, or change to Google Adwords, in what we can summarize as a "if you're not in the Google advertisment network forget about appearing in Chrome". Anyway, what's true is that a big part of the malvertising we were talking about yesterday as a cybercrime tendence, will have more difficulties to infect us. Trick or treat?

This is not the only new about browsers we have today. Mozilla has also updated Firefox to fight against two vulnerabilities, one of them qualified as critical, which allows to execute random code with the privileges of the attacked user, from the rescaling of canvas elements. The second hole in security solved is related to the possibility of redirect to malware installations without the user approval, making the most of the possibilities of access to unusual contents through a direct browsing (that means, with the URL directly in the browsing bar). Two tricks left for the bad guys.

Now a real trick. Can a swindler use the WhatsApp groups to achieve big money? Yes, he can. In fact he could do it from Wall Street itself. The expert Cathal McDied explains in Net Security one of the last techniques of fraud which consists on create whatsapp groups which change every time the names and members, with the objective of achieving market investments one day at an hour in a specific firm. Doing it this way, the value of a firm increases its value in minutes, a moment when the swindler sells his participations and goes to another thing.

And talking about tricks and treats, in the blog of Eleven Paths, we have to posts dedicated to a complex topic: the dirty war among antivirus companies and the suspicions about Kaspersky, for being the firm which promoted the creation of false positives, bypassing the competence. The analysis by the author, Sergio de los Santos, concludes that there was a dirty war, but without real proofs or serious reasons, to confirm those suspicions against Kaspersky: "they have a good media reputation and they look economically healthy. Why they have to use these tricks?"

Maybe everyone of us do our own tricks. Maybe we have a part of trick and a part of treat. But what's for sure is that if we pay attention to some tricks, there will be more possibilities of reaching good treats in the management of our risks. 


Post a Comment