ByteCrusher Blog

Busy busy and some introductions

2008-08-28T08:46:17-07:00

It's been a busy time at ByteCrusher. So busy that we've ignored our blog for a looooong time. But that's all about to change. A couple of new things going on:

1. We've got two new products we're about to launch that should help our customers improve their PC performance and security baselines.

2. We've got a brand new site design we're about to roll out.

And that's just step 1. Over the next couple of months we'll be rolling out even more products that we've been hard at work developing and even more site features. Stay tuned!

I'd also like to take the opportunity to introduce two members of the ByteCrusher team that will be posting from time-to-time on this blog: Rex and Prasad. Both of them, along with the rest of the team, have been working very hard on the new site and new products.

It's an exciting time around ByteCrusher. Thanks for everyone for their kind words and their business.

-Allen

Vacation, GreenBorder, and the value of non-signature based anti-malware protection

2007-05-31T09:55:45-07:00

Wow, I go on vacation, take a couple of business trips, and all of a sudden it's been 6 weeks since I posted something. Things are busy around ByteCrusher Labs.

When I talk to partners and customers I always talk about the ever-growing importance of alternative, non-signature based anti-malware protection. Now I have some proof that it's not just me and my echo chamber. On Monday the Google Operating System blog revealed that Google had acquired GreenBorder, maker of GreenBorder Pro, a "sand box" style non-signature based security application. No price details have yet come out, unfortunately. Google's acquisition ups the stakes in the security space. The traditional security players may come looking for other technologies...

In related news, Erik Larkin mentioned the acquisition and us together in his blog. We're looking forward to his review of WindowZones coming soon!

-AllenN

ANI exploits getting you down?

2007-04-06T17:38:16-07:00

In my last post on Microsoft's patch schedule I noted with surprise that Microsoft apparently didn't have any vulnerabilities it felt were worth fixing for March. Maybe that wasn't totally true, as one week prior to the April scheduled patch an out-of-band patch for a GDI vulnerability (MS07-017) was released. We at ByteCrusher Labs recommend all of our customers keep up-to-date with all Microsoft operating system and application security patches.

But just in case they don't issue a needed patch until AFTER it is being actively and publicly exploited, as appears to be the case here, we also recommend everyone have some sort of non-signature-based, alternative security software such as WindowZones to help protect them from the unknown unknowns.

We've verified through independent testing that using WindowZones to run your browser in the Safe Zone will protect you against administrative exploits of this newly public Windows GDI vulnerability. Don't let any exploits, but particularly ANI exploits, get you down.

-AllenN

No Windows patches and the peril of no Windows patches

2007-03-19T12:53:01-07:00

Last week it became public that a Kernel GDI privilege escalation bug in Windows, found during the Month of Kernel Bugs effort, had spawned a successful exploit and that exploit is public (though in "controlled" distribution through security company Immunity's partner program). Why is this interesting? Two reasons. First, Microsoft has known about this bug for over 2 years and has yet to issue a patch for it. The US Federal Government organization that tracks bugs has given it a "high" rating. Second, for the month of February, Microsoft has not published any security fixes. I guess this vulnerability and exploit aren't bad enough to make Microsoft's list.

Just goes to show, keeping up-to-date on your security fixes from the vendors of your software isn't enough. Don't get me wrong, it's very important, but it still remains one arrow in your security quiver.

-AllenN

Flaw revealed in Vista's UAC

2007-02-28T10:16:32-08:00

The details of an apparent flaw in Windows Vista's UAC functionality were revealed yesterday. The flaw was found by eEye and originally reported to Microsoft on January 19th. With Vista's User Account Control feature, Windows users have limited system privileges by default. In order to get system, or administrator, level privileges, a user must provide appropriate credentials. The vulnerability allows a local user to permanently increase their privileges to the admin level. As of today, Microsoft has not issued a patch. But maybe this is not a security flaw in Vista at all. "What?!?", you say?

Well, Microsoft Technical Fellow Mark Russinovich says that flaws in UAC can't be considered security flaws. Whoa, maybe he's been taking verbiage lessons from former President Clinton; e.g. "it depends on what your definition of security is."

We certainly think of UAC as a security measure. In our own WindowZones product, we assume, as does Microsoft's own Group VP Jim Allchin, that most users of Windows XP use a logon account that is an administrator account. WindowZones allows you to strip away from Internet-facing applications all of the administrator rights, which substantially reduces your exposure and any resulting impact from Internet threats - especially new ones known as "zero-day" attacks.

It will be interesting to see what the future holds for UAC in Windows Vista.

-AllenN

Firefox fixes flaws, Internet Explorer does not

2007-02-26T08:54:38-08:00

The rallying cry for some time has been to dump Microsoft's Internet Explorer in favor of an alternate browser, such as Firefox, and in doing so dramatically improve your Internet Security. The solution is it's not quite so simple, and while Firefox seems to be under a recent stream of attacks, at least they're actively patching.

Stefan Esser, who writes for a the Hardened-PHP Project, detailed a vulnerability in Firefox (recently patched), IE, and Opera (neither patched) that opens the three browsers up to all the UTF-7 XSS vulnerabilities. The rub here is that Firefox was thought to be imune to these vulnerabilities. Unfortunately when the malicious code is injected through an iframe, Firefox is still exposed.

As of this date, Mozilla has patched Firefox however neither Opera nor Microsoft has patched their browsers.

-Allen

Home router locked, key left in door

2007-02-19T18:17:29-08:00

It seems basic, but lots of folks never change the default password on their home routers. If you're reading this and you don't know if you changed your default password, LOG IN TO YOUR ROUTER AND CHANGE IT NOW.

There is lots of focus on getting home network users to secure their wireless connections, but probably not enough on simply securing the router itself. And now the bad guys are targeting home routers in the payloads of their malware. Indiana University and Symantec have published a paper describing attacks on home routers executing from malicious web sites using JavaScript.

The default password for home routers is often blank or "admin" - easy to guess. If the number of users who turn off updates of their anti-virus software is any indication, the number of users who fail to change their default router passwords are probably quite large.

Did I mention you should change the default password on your home router? It should be the very next step you do after you turn the router on for the first time. I say, after you buy a house, you of course have the locks changed, right? Right?

-AllenN

ByteCrusher Blog Begins

2007-02-15T15:23:08-08:00

It seems fitting that we launch our blog 12 years to the day that Kevin Mitnick was arrested by the FBI in first high-profile cracking case. Tony Long at Wired News gives a brief run-down of it.

A lot has changed since then but a lot has also stayed the same. Here at ByteCrusher Labs we're motivated to bring PC users innovative security software that helps protect them when they're on-line. Our first product, WindowZones, prevents viruses and other malware from getting admin rights on Windows XP PCs. This is applicable to almost every single Windows XP user given that when you setup or install Windows XP, the default user accounts are created as admin accounts, and most users never change this setting.

So I'll talk here about our existing and upcoming products, the PC security space, and whatever else I find interesting in computing. Until next time!

-AllenN