Schneier on Security
A blog covering security and security technology.
« The Doghouse: Drecom |
| Fear of Internet Predators Largely Unfounded »
February 26, 2008
Research on Malware Distribution
Among their conclusions are that the majority of malware distribution sites are hosted in China, and that 1.3% of Google searches return at least one link to a malicious site. The lead author, Niels Provos, wrote, 'It has been over a year and a half since we started to identify web pages that infect vulnerable hosts via drive-by downloads, i.e. web pages that attempt to exploit their visitors by installing and running malware automatically. During that time we have investigated billions of URLs and found more than three million unique URLs on over 180,000 web sites automatically installing malware. During the course of our research, we have investigated not only the prevalence of drive-by downloads but also how users are being exposed to malware and how it is being distributed.'"
Draft paper, and some data.
Posted on February 26, 2008 at 6:23 AM
• 5 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Online security would be greatly increased if there was some organized way to shun organizations that refuse to play by the rules. A blacklist--along the lines of SORBS and company in the anti-spam world--of IP blocks used to host malware would be a very good first step.
Cutting off entire countries or areas without clients or customers, however, is a little extreme. Breaking routes on a geographic basis would amount to a balkanization of the internet and be a cure far worse than the disease.
"however, is a little extreme." @No.2 !
Extreme! What is so Extreme cutting off entire countries from your network? You know, I'm just some sideline guy who is not in the IT industry but common sense tells me the MORE work you need to do the more MONEY it costs. Blocking an entire NON CUSTOMER base leads me to believe I could focus my COSTLY time on other things instead of the billion people in China trying to hack my machine. For me, by blocking China, Russia, and the Ukraine, I have elimited 99 percent of my problems.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.