Friday, May 26, 2006

How to analyze a virus or my virus autobiography

Virus analysis is something I find interesting even though I have no idea of how this exactly takes place. Virus analysis is to me a mysterious thing. This idea started to become interesting a couple of months ago but I absolutely had not got the slightest idea about how to start something like this. Virus analysis is a riddle.

Two years ago, viruses where a complete mystery to me. For a long time I wondered what viruses actually are and could not imagine their essense. I thought they were a magical enemy of the computer. Then one day I discovered that viruses are nothing else but a single file! Yes! Viruses are normal files which are dangerous when executed (=ran or =double clicked).

This was one of the greatest shocks of my life. The magical and invisible viruses suddenly became visible and lost their strength in front of my eyes. Viruses are like programs and can even be seen through the task manager, a windows program that shows the active processes and applications running in windows. Viruses are usually also very small files in size.

The second shock I had was when I found out that viruses need to be executed in order to infect a pc. In the past I thought that as soon as you download a virus you are infected! But that is not the case. The virus has got to be executed to run just like any other program on the pc. These are things I learned while hanging around the antivir forum for 2 years. I remember how proud I was when I had my first virus on my pc without being infected. I started to like handling viruses gently through my folder system without double clicking on them. Virus became so small and insignificant, just like their number of bytes in front of this new great knowledge I got!

Time passed and I started to dwell more on what types of viruses there are and ways of removal. I discovered that almost all my friends had infected computers and I liked to clean them. Unfortunately I have had to fight only with spyware, troyans, backdoors and dialers. All other kinds of viruses, like worms and real viruses that infect exe files are unknown to me and I had no experience with them. I have started to think that they dont write these anymore! If I found a suspicious file online I would send it to an antivirus company for analysis and they would reply whether the file contains a virus or not. Kaspersky has been the fasted in responce so far, although I have only sent viruses to kaspersky and antivir. This was something I admired. How can that russian guy know whether that file is a virus within an hour? What do they do with those files? How do they analyse them? Those were questions that started to slowly form within my mind. It has only been a few weeks since I typed in google "how to analyze a virus". Unfortunately I did not get any results with instructions for beginners. It seemed that virus analysis needs programming knowledge which I do not have. It is all so very technical. Disappointed I gave it up.

Today I read in the F-secure weblog about the "T2'06 Reverse Engineering Challenge". Its like a competition that challenges people to analyse a program. I imagined that it takes the same skills needed for virus analysis. The magical words "reverse engineering" produced great results in google and this might be a good time to start researching on this. It might take me a few years to learn how to do this but unfortunately only the first person who solves the riddle gets a prize!

Thursday, May 25, 2006

2nd INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND INFORMATION SYSTEMS

I just found out that there is an international conference on computer science and information systems in Athens next month. Unfortunately I cannot attend it. I would like to go just to have a look and get a general idea about what such conferences are about. I assume that it would be too technical for me too understand, but I would also like to see what kind of people attend such meetings. Here is the official site, and the list of papers to be presented.

Only 4 would be of any interest to me:

1. Revising the Concept of Electronic Commerce.

2. The Organizational and Motivational Aspects in IT Training.

3. A Web-Based Instant Messenger System

4. Using Human Computer Interaction Concepts to Design Interfaces for the Brain Injured

Monday, May 22, 2006

Cyber Criminality defeats Internet Security or Thoughts on Combating Spam

Spam is one the greatest problems and challenges that the internet nowadays faces. What makes it so great is the inability of the internet security industry to provide with a reliable solution. A lot of different efforts have been made, different solutions have been presented, spam filters, anti-spam programs, security tips etc. In the end we have to admit that spammers are almost unbeatable. We just cannot stop spam.

But what are the obstacles, why cant we stop spam and what is that, which sustains spam in the first place?

The answers to these questions might even be the solution to the global problem of spam.

Recent denial of service attacks on the website of an anti-spam organization resulted in its closing down and withdrawing from the war against spam. This is another proof of the weakness of the anti-spam community and its lack of organization when confronted with the extremely well organised cyber-crime. Spammers managed to put an end to the anti-spam scheme Blue Frog and force Blue Security (anti-spam organisation) to give it up.

Spam is not only annoying, it is to most internet users a pure nightmare. Spam and spammers have caused the intense anger, hatred and contempt of the internet community. Spam also interferes with the stability of networks and the internet itself as it is being sent out massively to millions of emails. There is no doubt that spam is a great problem and that there is an equally great necessity for a solution. Known spammers that have been arrested have been sentenced to prison from 18 months to 9 years! Spam is a big deal and spam is illegal.

The sad thing is that governments and even individuals, do not realise the importance and the gravity of the spam problem. Nations do not seem to be co-operating to end the spam problem, laws are not being followed, the bottom line is that nobody cares.

I have sent abuse emails and more abuse emails. I know the ISPs and domain providers of a certain group of spammers and I know that they are simply ignoring the problem. If I had the financial possibility I would pursue them through the law, but that is not something a student and even a normal person can afford. This is another example where the law fails dramatically and injustice prevails.

According to this lecture I heard last night by Mikko Hypponen (F-Secure) Spam exists due to a very simple reason: there is a market for it. A market preconditions a group of consumers that actually make use of the services provided by spammers. People buy products from sites advertised through unsolicited emails. These people, naive or uninformed ones, might represent a very small percentage compared to the amount of emails sent out, but it seems big enough to sustain the spamming business.

The obvious solutions to the problem of spam would be two: firstly to inform the public and secondly to strengthen the anti-spam laws.

Informing the wider public and preventing it from buying from spammers would close up the spamming business. No demand means no offer, which results into the elimination of spam. Sounds very easy but is unfortunately not. There are far too many uneducated internet users compared to the ones who are security aware. Education should be an obligation of the state and there are numerous ways this could occur. For example one could launch anti-spam campaigns by making use of all the current marketing techniques to reach the targeted audience. We could fight spam by using its own weapon: advertising in a legal way though. The targeted audience is anyone who is not accustomed to the internet technology, especially older people who might even have developed a fear against technology. We could bombard people with anti-spam advertisements through television and any other popular medium, and slowly create an awareness for it that would decrease the success of spam a lot. And even if this does not succeed completely, we can reach future generations through educating children and teenagers at school into the basics of Information Technology, Internet and Internet security. Computer science is equally important to any other science but it is unfortunately in many countries not treated as such one. Technological unalphabetism is already a present problem which will magnify itself in the future that is bound to be dominated by technology. Technologically illiterate people will not be able to function properly in the society.

The second solution to the problem consists merely in improving the current system of justice and creating truly efficient anti-spam laws. The increase of the global security awareness, including internet and non-internet users, will automatically lead to a better application of the law. There has also got to be a better international communication and co-operation because cyber criminality is present in the internet which is accessible from any country. It is irrational to have different laws for different websites that reside in different countries since the internet is one. Maybe an international internet constitution would solve this problem. Had the project of Blue Security received government support against the spammers it might have had a chance of continuing its success.

Spam is a problem of the modern internet and our current technological and social era. It seems that we have reasons to visualize a near future entirely free from the troubles of spam. Whether other kinds of problems will arise by its elimination or not, that is not for me to predict.

Wednesday, May 17, 2006

In love with a computer?

"Is it possible for a hard-working, generally bug-free Web server, and a beautiful Web surfer to find love, in this crazy, mixed-up world?"

Here is the answer.

Monday, May 15, 2006

Saturday, May 13, 2006

Censorship in Wikipedia and an imaginary scenario

I actually wish there was some censorship in wikipedia. The reason why I left was because there was no "censorship". What others call censorship I call moderation and it is the only way an online community can exist.

The new wikipedia scandal about "Censorship against censorship" revealed by Wikitruth is very interesting and at the same time funny and sad as well. The problems of wikipedia will never end.

Wikipedia seems to me a little like the political movement of communism. Just like the soviet union did, wikipedia is going to collapse. In its present state anyone who gets involved with it eventually ruins his own personal peace by sacrificing all his spare time in pointless debates and arguments. And the funny thing is that no matter how much you engage into it you can never be sure that your voice will be heard. Sure, in democracy the majority decides. And yet the elections and votes are conducted in a much more fair way. Eventually power is given to few representatives of the people. Wikipedia claims to give power to everyone. This is bound to fail.

A scenario: How wikipedia gets killed by its own power

All wikipedians suddenly come to their senses and realize the futility of the project. The spent some time wondering whether wikipedia should be kept as a work of knowledge and soon decide that it is not objective enough. "Half knowledge is worse than ignorance". Wikipedias realize that the way wiki funtions it will never meet high quality standards and recognition from the academic communities. So they decide to use the power granted to them by wiki and they all simultaneously attack the wikipedia sites. All users delete every page they can find causing chaos and havoc in the wikipedia servers. The system crashes and for a few days wikipedia is not accessible. Backups saved an amount of the pages but when it comes online again the same global attack takes place. Until the owners of wikipedia decide to claim the content as their own and start a private and non-free encyclopedia.

Thursday, May 04, 2006

Sites down

Unfortunately all my sites are down, since a day, due to a problem of the webserver they are hosted on. There seem to have occured some complications while maintaning the disk that might lead to complete dataloss. I have backups for most of the sites apart from my ballet forum database. I hope they save it somehow.

Wednesday, May 03, 2006

Internet Addiction Test

Again not completely reliable but fun to take. Some questions do not reflect the possible addiction grade for example:

9. How often do you become defensive or secretive when anyone asks you what you do on-line?

One does not necesserily have to be secretive or feel guilty about one's internet habits.

OR

18. How often do you try to hide how long you've been on-line?

I have spent more than 10 hours online but did not hide that from anyone. When people ask me I let them know. This is an example of feeling proud about an internet addiction!
-------------------
The internet is a tool and can be used for creative or non-creative activities. It all depends on how one uses it. That is why spending a lot of time researching or learning or even just chilling out when that is neccessary, does not mean that one is enslaved to the internet. Rather the internet is enslaved to us. ;) Well at least sometimes!

Some facts about Lyme Disease

Many people are not familiar with the disease that infected ticks can trasmit to humans and it may actually sound like a science fiction scenario. I lived in country (Austria) with infected ticks, however, and was forced to become aware of this situation. I would like to tramsit this awareness through this posting. What reminded me of infected ticks was this:

Tick Bite and Lyme Disease Prevention.

Lyme Disease can be a very serious condition. Back in 2001 we were all vaccinated against Lyme Disease and I only now got to know that the vaccine was removed from the market because "of concerns that it may produce a mild form of the disease or arthritis disorders. The infection can be serious if it is not treated early."

Sadly, I never wanted to to this strange vaccine but I was sort of forced to in the ballet academy I was studying. I never went for the second and third part of it, so that is something! I did develope a sort of arthritis during that time but it was most likely due to the intensive ballet training and not due to the vaccine. Or so I hope.

What is a Wikipedian?

Wikitruth :: the truth was there three revisions ago..

Sad and cruel but how true...

Monday, May 01, 2006

Featured Blog "The Vegan Diet"

"The Vegan Diet" is a blog about living healthy through taking advantage of the pharmacy of nature. It will be featured in my blog for only one week and you can visit it through the menu on the right.

I am especially proud to have this blog here because I have been a lacto-vegetarian myself for 16 years, with great interest in the ways that everything we eat influences our physical and mental health. There are many arguments about why a vegetarian diet is so beneficial. However, I am aware of how fanatical one can become with subjects like food habits so I will only say that the best way to be convinced is through having first hand experience.