Here are some security-related posts I found interesting this week.
- Schneier on Security: Dual_EC_DRBG Added to Windows Vista - Yes, despite known flaws and a "possible" NSA backdoor, Microsoft has chosen to include the dual_ED-DRBG random-number generator to Vista in its upcoming SP1 release. More: Controversial random number generator in Vista Service Pack 1 - heise Security and Backdoor suspected in encryption standard - heise Security
- Using leak tests to evaluate firewall effectiveness - Donna's SecurityFlash links on to how leaktests can be used to probe and test a firewall. Not really groundbreaking as Matousec, Firewall Leak Tester, and PC Flank have been spearheading this for a while.
- Sunbelt Blog: Another security company succumbs to temptation - Seems ZoneAlarm is now bundling a toolbar sponsored by ASK.com in their products. The benefit of this is that it can act as a blocker for malicious websites/code while browsing. Might be handy, but then, toolbars tend to have a bit of a cloud of shame hanging over them in the malware fighting cloud. Form your own opinion if this is a good thing or no.
- The truth about Sony's rootkit disaster - Tech.co.uk examines the going's on behind the Sony rootkit fiasco. Interesting post-mortem.
- Pushdo - Analysis of a Modern Malware Distribution System - SecureWorks takes a fascinating look into how one anti-malware program works it's evil.
- Pushdo - Web Based Malware as Usual - Dancho Danchev takes the Pushdo assessment a bit deeper in this add-on post.