Anti-Virus Is Dead. Long-Live Behavioural Analysis …

 Computing, Security  No Responses »
Jul 142016
 

One of the throw-away statistics I tripped over recently was that there are 5 new malware releases every second.  Now many of those new releases are variations on a theme – there are pieces of software designed to distort a piece of malware into a new piece of malware with the same functionality. This is done deliberately to evade anti-virus software.

And it works. Every so often I feed some strange mail attachments into virustotal to find out how widely it is recognised. It is not uncommon to find that only 2-3 will recognise it as malware out of 50-odd virus checkers on that site. So if you happen to be dumb enough to download and activate the attachment, your anti-virus checker has a roughly 5% chance of protecting you.

Not exactly what you should expect.

I recently sat through a sales pitch for a not-so-new corporate product that does anti-malware protection very differently. Of course it is also insanely expensive, so I will not mention the actual product, but it does offer something new. Protection against malware by checking and blocking behaviour.

Whilst they add all sorts of clever data analysis tricks, fundamentally anti-virus products recognise malware because they recognise the data that makes up the malware. If they don’t recognise the signature of the malware, then they do not know it is malware; so they have an incredibly difficult time recognising new malware releases.

But recognising malware based on behaviour is far more likely to successfully recognise malware – for example by recognising an attempt to make itself persistent in a way that an ordinary application does not do, and blocking it. Which is a far more practicable method of blocking malware (if it works!).

It is also something that should probably be built into operating systems, which to a certain extent already has been.

The New Defence

The New Defence

 

 

Hospital Sick Days Greater Than Public Sector Average

 General, Humour  No Responses »
Jul 142016
 

You do surprise me. Who would have thought it? If you go to work in a place with zillions of sick people each of whom gets a stream of visitors, you get sick more frequently than other jobs?

The accountants have been at work and decided that the NHS could save up to 2 billion by “doing something” about the sick days. Perhaps they should consider banning sick people going to hospital.

B84V1827t1-elderley-man-past-gravestones

Life Should Mean Life

 General  No Responses »
Jul 142016
 

… and it pretty much does.

The “lock ’em up and throw away the key” crowd are keen on pointing out that life should mean life. Meaning that those sentenced to life imprisonment should be inside for the rest of their lives.

Everyone “knows” that murderers sentenced to life are often freed after 10-25 years or so.

What is less well known is that when someone sentenced to life is released, they are released “on license”, and are definitely not free in the normal sense of the word.

For a start, lifers do not get released until they have convinced the relevant authorities that they are no longer a risk to society (in theory). When you come down to it, there is no point keeping a murderer in prison after 20 years if the circumstances have sufficiently changed that they are no longer likely to murder anyone – that 60-year old woman who went berserk and killed her children when she was 40 isn’t likely to have more children.

Bear in mind that keeping murderers in prison is expensive and the expense of the big TV and playstation a lifer gets in their cell is irrelevant compared with the cost of the bare cell.

Even when lifers are released, they are released on license, and monitored (although I dare say there are not enough resources allocated to monitoring). And if the lifer gets up to anything that makes their monitor feel uncertain, they’ll find themselves back inside without going through court. There have been lifers who have found themselves back inside because they were drinking too much.

So, no a murderer is never truly free.

B84V1827t1-elderley-man-past-gravestones

World War I: Not About Freedom

 History, Politics  No Responses »
Jul 012016
 

It’s the 100-year anniversary of the Battle of the Somme this morning, and there are those commemorating the event by claiming they all died for our freedom. Well that may have been what they thought they were fighting for, but that’s arguably not what the war was about. At least for the British, there were no real risk of invasion at the beginning of the war.

There is still arguments to be had over the causes of World War 1, but a very high level view indicates military adventurism by the Austria-Hungary empire in the powder-keg of Europe (the Balkans), combined with interlocking defence treaties that amounted to the mutually-assured destruction of the 19th century. To a great extent, Britain was fighting because France was fighting, and they were fighting because Russia was fighting who were fighting because Austria-Hungary were invading their allies in the Balkans – Serbia. Germany was pulled into the mess because of it’s alliance with Austria-Hungary.

If that sounds like a confusing mess, you don’t know the half of it. Not least because I have not mentioned Belgium.

Why does this matter? Particularly since I am implying that the sacrifice of the WW1 casualties was not for a particularly noble cause.

The first reason for remembering, is that those who thought they were fighting for a noble cause deserve to be remembered.

Secondly we need to remember just how stupid war is, and particularly that people are still arguing over exactly how and why it started. There may be justifiable wars – even wars that are not strictly defensive. But if you are not entirely sure why the war is being fought, it is definitely a war you should not be in.

thiepval-memorial

EU: Give It A Rest Already …

 Politics  No Responses »
Jun 292016
 

Having said give it a rest already, this is where I rant a bit about the dumbest decision England has made since following the direction of the pope and invading Ireland back in the 13th century.

So it turns out that crowd-sourcing decisions can sometimes result in the dumbest possible result. If you think about it a bit, you realise that the decision is effectively not a decision at all. The result (52% for exit, 48% for remain) indicates that half the country wants to leave and half the country wants to remain. We’re effectively undecided.

Parliament could ignore the result and decide to remain within the EU; the referendum is not legally binding. That probably isn’t going to happen, and a second referendum is even less likely – I cannot see the politicians wanting to spend that much money on democracy.

The amusing thing is that there are people out there who voted to leave as a protest vote, and didn’t really want to leave at all. Which strikes me as possibly the dumbest method of protesting you can possibly come up with. Mooning number 10 Downing Street is more sensible than voting for something you do not want.

But what do those of us who want to remain part of the EU do? Probably the most sensible thing is to keep quiet, let things go through their course, and in about 5 years time start campaigning to re-join the EU. Five years is about long enough to demonstrate just how dumb this move was, and will also shift all those under-18 remain fans get old enough to start voting.

B84V1827t1-elderley-man-past-gravestones

 Older Entries  Newer Entries