Since yesterday evening, the users of Skype for Windows who installed the EXTRAS features, have started to receive software automatically.

The software comes from EasyBits Media, a company from Oslo, Norway.

The Skype users have started to complain  yesterday afternoon and the drama seems to continue, without Skype officials to comment on this. The entire thread is here: http://forum.skype.com/index.php?showtopic=821491&st=0

A user writes in the Forum:

I clicked “deny” when skype asked for permission to install this on my computer, but it still went ahead and installed anyway. Can somebody from Skype confirm ASAP if this is a virus which has gotten into the Skype network or if this is something they have pushed out with a very dubious installer. Not impressed.

 

 

One and a half hours later, the user called EasyBitsMedia has posted a copy/paste from their website mentioned above:

EasyBits Media is dedicated to providing a world class Game channel to the expanding global Skype community.

In 2006, in collaboration with Skype, EasyBits Media created the Skype Extras framework – one of the world’s first ever Apps store.

Skype Extras are Apps that allow users to extend Skype functionality. For example, our Skype Extra is called “Play Games” which is bundled with the Skype client for Windows and installed on over 100 million PCs. It allows users to play a host of free classic and cutting edge games with friends and family through Skype.

Over 30% of Skype Extras users play games. Given the popularity of our Skype Game channel, EasyBits Media is currently expanding this service by launching the GO Games platform which will add more features and games to satisfy the growing demand of our gaming community!

To learn more, please visit http://www.easybitsmedia.com

Currently, it is unknown if this software is malicious or not.

Apparently, an uninstallation is not possible, according to the affected users and here .

On the website of EasyBits Media, there is a link to an uninstaller of EasyGames Pro: http://www.easybitsmedia.com/support/RemoveGO.exe

However, how good it is can’t be estimated at this time.

I will update here if there is something new.

Description:

This program changes various computer settings.

Advice:

This software is typically benign when it runs on your computer, unless it was installed without your knowledge. If you’re not sure whether to permit it, review the alert details or check if you recognize and trust the publisher of the software.

Category:

Tool

Clicking on the link in the dialog gets you here where it is explained that it is actually a Research Tool.

Tool:Win32/EICAR_Test_File (?) Encyclopedia entry Published: Mar 08, 2007 Aliases Not available Alert Level (?) Severe Antimalware protection details Microsoft recommends that you download the latest definitions to get protected. Detection initially created: Definition: 1.45.287.0 Released: Oct 07, 2008 Summary This potentially unwanted software is detected by the Microsoft antispyware engine. Technical details are not currently available.

Five Apple Security Myths — and the Disturbing Truths

Five hard lessons

With that in mind, here are five Apple security myths — and the brutal truth behind each:

Myth: I don’t need antivirus and spam protection because I work on a Mac.

Truth: The Mac OS X operating system is targeted less frequently by malware only because it’s not as widespread as Windows. It’s no more secure than any other operating system, said Sorin Mustaca, data security expert at Germany-based Avira.

As for phishing attacks, said Mustaca, “the biggest problem in this case is not the computer itself, but rather it’s the user.”

Myth: I can’t be infected by any malicious software because I get my applications exclusively from the iTunes App Store.

Truth: “We’ve seen a couple of times already that the App Store is not such a secure fortress as one might have hoped,” said Mustaca. “It is extremely difficult to check every single application that is inserted there.”

Myth: Mac OS X is inherently more secure than Windows.

Truth: Apple’s brand-new products are being hacked almost immediately upon arrival. For example, “jailbreaking” your iPhone is as easy as browsing to a specific website.

“For a while, it was easier to write exploits for Mac OS X systems than it was for Windows, but now they’re relatively equal,” said Core Security technical specialist Dan Crowley. “Bugs seem to be just as easy — if not easier — to find in Mac OS versus Windows.”

Myth: Apple’s Safari browser is more secure than Microsoft’s Internet Explorer.

Truth: Safari had more than twice the number of reported vulnerabilities in 2009 (94) than did Internet Explorer (41), according to Symantec’s Global Internet Security Threat Report.

Myth: iPad users are not susceptible to the same sorts of attacks that Windows users experience.

Truth: According to Anup Ghosh, founder and chief scientist of Fairfax, Va.-based Invincea, Apple released the iOS 3.2.2 software update for the iPad specifically to fix a critical vulnerability in Adobe Reader that can be exploited by malicious PDF files.

So what can you do to make your Apple device more secure? First of all, never open an e-mail attachment you’re not expecting, even if it’s from someone you know.

Always check the URL — the long string of characters that begins with “http” — in your browser address window when surfing the Web, even on an iPhone or iPod Touch. Be very careful about using free Wi-Fi hotspots in coffeeshops, libraries or airports — it’s safer to just use your cellular carrier’s data service.

1. Our highest priority is to satisfy the customer through early and continuous delivery of valuable software.
2. Welcome changing requirements, even late in development. Agile processes harness change for the customer’s competitive advantage.
3. Deliver working software frequently, from a couple of weeks to a couple of months, with a preference to the shorter timescale.
4. Business people and developers must work together daily throughout the project.
5. Build projects around motivated individuals. Give them the environment and support they need, and trust them to get the job done.
6. The most efficient and effective method of conveying information to and within a development team is face-to-face conversation.
7. Working software is the primary measure of progress.
8. Agile processes promote sustainable development. The sponsors, developers, and users should be able to maintain a constant pace indefinitely.
9. Continuous attention to technical excellence and good design enhances agility.
10. Simplicity–the art of maximizing the amount of work not done–is essential.
11. The best architectures, requirements, and designs emerge from self-organizing teams.
12. At regular intervals, the team reflects on how to become more effective, then tunes and adjusts its behavior accordingly.

I was curious about how the DE-Cleaner of Symantec works, so I downloaded the software and give it a closer look.
I did not dissemble it or anything similar… I simply performed a little black box testing.

So, I started it without any internet connection. The result was: no scanning was possible. DE-Cleaner requires an Internet connection.
This is an indication that the software is an in-the-cloud scanner. After seeing this, I searched on the website botfrei.de more details.
And I found them… yes, indeed the Symantec De-Cleaner needs an Internet connection. This is why the file has the size of only 6 MB – because it contains no signatures.

After allowing it to connect to the Internet through the Avira Firewall, I let it scan a folder.
And the results were: MANY FALSE POSITIVES which should have been easily skipped.

Let’s take one of them, which is the software I bought for preparing myself for the exam CompTIA Project+ which I took in July.

I don’t know how you see it, but I find not enough infos to say that the software is suspicious.

I think that the guys from Symantec have still a lot of work ahead to do with their in the cloud solution based on file reputation.

Another interesting issue I’ve found is the fact that the cleaner scans only executable files. This is normal for a file reputation scanner. Any other solution which scans for signatures will unpack archives and scan inside container files for malware. This tool only searches the signatures.
I wonder how they scan for rootkits

I totally agree with this blog post of Larry.Walsh (seen on from CompTIA).

Source: http://blog.comptia.org/2010/10/13/security-idea-recall-the-internet/
Author: Larry.Walsh

Microsoft’s Scott Charney says we should treat malware-infected PCs in the same manner as 19th century public health officials treated victims of typhoid, tuberculosis and cholera: quarantine. Yes, the head of Microsoft’s Trustworthy Computing believes malware infections are so pervasive and destructive that isolation is the only means for protecting the greater good. Perhaps, but I have a better idea: recall.

First, let’s review Charney’s idea – quarantine.

“Governments, industry and consumers should support cyber-security efforts modeled on efforts to address human illnesses. For a society to be healthy, its members must be aware of basic health risks and be educated on how to avoid them,” Charney said at the International Security Solutions Europe (ISSE) Conference in Berlin this weekend.

Charney, who worked at the Department of Justice prior to joining Microsoft, is essentially correct. In the past three years, the world has seen an explosion of malware – more than 5 million new samples. Just one of the past three years has produced more malware than in 20 years prior to 2007. Each year, malware costs individuals and businesses millions of dollars in damages to equipment, destroyed data, disrupted commerce and communications, and the cost of prevention and remediation.

So Charney would have us treat every infected PC as Typhoid Mary. We would isolate them in some quarantine area, like a remote hospital on some island in the middle of the New York City harbor. Charney wants governments and Internet service providers (ISPs) to lock out these contaminated computers until such time as they are certified as clean and fit for return to digital society.

Let’s set aside the obvious arguments of how ISPs and governments would identify and isolate tainted PCs. Charney’s idea is ludicrous on the surface because it blames the victim – the PC owner. If software were any other product – car, toaster, radio, cribs, etc. – the government would compel a recall and the manufacturer would be liable for correcting the defect or compensating the customer.

Faulty operating systems and software requires complex security applications and infrastructure to give it even a minimal amount of protection. Spending on security technologies and services tops $40 billion annually – a massive amount of money that’s greater than 107 countries’ gross domestic product. If end-users didn’t have to pay for expense security software, hardware and managed services, they could apply valuable capital toward investment, growth and jobs.

OK, let’s accept that all software is faulty. Why are PCs infected in the first place? They’re connecting to the Internet. Within 40 seconds of connecting, PCs are scanned, probed and attacked. And the conduit for attack is the ISPs, which people and businesses pay good money for their high-speed connections. The Internet is often compared to the public highway system because of the speed and ubiquitous connections. But this is about as far as the comparison carries. The Internet is not a public network since it requires contracts and payments with private entities. Shouldn’t they provide clean pipes for transmission and receipt of data? Isn’t that what we’re paying for?

Internet threats are a boon for the IT industry and the channel. Solution providers earn billions of dollars each year providing security assessments, equipment, professional consulting, management and remediation services. Despite what anyone says about making the Internet a safer place, no one wants to see the threats go away. It’s like politicians saying that they hope cigarette taxes lead to a decline in smoking; they don’t really mean it because it would cost them revenue.

But whose fault is it that threats exist? It’s not the users’ or businesses’ fault that their machines get infected. It’s the criminals fault for creating the malware. Blaming the victims isn’t the solution. The real solution is fixing the products and infrastructure that costs businesses hundreds of billions of dollars annually.

Everybody knows about this acquisition.

Now, why did Intel (chip produced) needs a Software Security company ?

There are some possible reasons:

1. To enter in a multi-billion market which needs fresh ideas and technologies

2.  To produce better security software which makes use of their multi-core processors

3. Both

4. Add AV in the CPU (or on the board) directly(with some help from the “cloud”)

5. Create an AntiVirus Chip -> move from software to hardware (which they know better)

Of course, I vote for 3… Both.

But also 4 isn’t so bad

Why ?

Well, because there is what the so called “Moore’s Law“. And, Intel is preparing for the point when it will stop being valid.

So, if they can’t produce better hardware, they would better adapt the software that runs on it so that it works much, much better.

Intel is already a major player in the software industry. They produce a lot of good software ranging from drivers and software for the hardware, compilers, code analyzers and integrated development environment.

So, what the AV world is missing is software that runs optimized on those cores. We all try to implement our code in such a way that

it uses those cores, but many things in AV can be only done in one thread. Or … maybe I’m wrong…

4. to build AV protection in the CPU directly…

This is not new, but also I haven’t seen anything which runs correctly and is integrated in the motherboard or something.

5. AntiVirus Chip … now that would really be something.

Practically you don’t have to install an AV ever again. Uhhhh… Ugly thought.

We’ll see what the future brings us.

I was prompted today to update the Java framework on my laptop.
I said, yes, update it and then I’ve seen the picture below:

So, I ask, what the hack has Yahoo to do with Sun ?
Why a stupid, useless and nerving toolbar is being installed with the Java framework ?

Did Sun buy Yahoo or Yahoo did buy Sun ?
No

So why ?
Of course, I am an ideologist and don’t accept the obvious answer: for money which Yahoo paid to Sun.

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

Read more here:

mitre.org: http://cwe.mitre.org/top25/
PDF: http://cwe.mitre.org/top25/archive/2010/2010_cwe_sans_top25.pdf

The 1st place:
Failure to Preserve Web Page Structure (‘Cross-site Scripting’)
The 2nd place:
Sanitization of Special Elements used in an SQL Command (‘SQL Injection’)
The 3rd place:
Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)

My personal opinion:

I am astonished that is ONLY on place 3. I would set it on place 1.

I usually do not start with a conclusion… But now I will.
Simply stay away from this dreadful software… !!!
It is simply buggy !

Outlook 2007 crashes almost at every signed email that this crappy software tries to display.

STAY AWAY FROM http://www.gpg4win.org/ at least until they fix these crashes !!!