Tuesday, August 16, 2016

One year ago: cheese with holes

We sometimes think that cybersecurity has more holes than Gruyere cheese. In fact, when we look back, we see that it is a reality and it has been like this.  In this Special Summer Issue, every Monday we look back on one year ago, we remember middle of August 2015. That month was more prone to give us tasting cheese news. Note: don't forget we are talking about only one year ago.


We would have to award  Lenovo with the prize for "The cheese with the most hidden hole". An researcher discovered a serious vulnerability that had been circulating in dozens of models of  PC oriented to final consumer, some of them with great commercial success. The new forced Lenovo to publish a note explaining the origin and scope of the bug and, of course, to produce a patch to remedy the problem

The holes of the cheese is related with the release of gasses at the end of the ripening process. In spite of this, there are holes that have a suspicious shape and Kaspersky was at the forefront of one of these holes. Two engineers that had worked for the brand claimed that the Russian brand dedicated its time to declare as malignant some files from the competence just to dominate the market. Kaspersky, of course, denied the facts. If we search on the Internet for Kaspersky antivirus tricks we find more tutorials to enjoy the product without an activation code than news related to kasperskygate
A cheese with imperceptible holes: online advertising. A year ago we addressed one of the most intense malvertising campaign that we had seen. That worked like this: a programmer published an ad on an, apparently, legitimate site with millions of visits. Visitors that were served that ad were redirected to an exploit.  Nowadays it is not enough to clic carefully: you have to be updated with the sites with more malvertising attempts.

But if we talk about cheeses with holes consumed on a very large scale we need to talk about BitTorrent. A year ago we discovered that some of its well known applications as uTorrent, Vuze or Mainline presented an important security hole that allowed DDoS attacks. Downloads were not an innocent task but far away to be an premeditated attack.

From hole to hole we arrive at the most relevant sector over the next few years: health care. A video showed us one year ago how to hacker a medicine dispenser.  As if this were not enough, The New york Times published some Edward Snowden' statements that declared that AT&T (telephone company) had been working with NSA since the 80s, recording all telephone conversations.

If you have ever felt like a mouse maybe it was a moment of lucidity. After all, you are in a world full of cheese. With holes.


Post a Comment