“From the floor of VB 2006, pt 2″
Saturday October 14, 2006 at 4:34 am CST
Posted by Joe Telafici
Well, more accurately from my hotel room here in Montreal, because the floor is full of people moving chairs and taking down booths . Rob Lemos asked me yesterday why so much of the data presented here at VB seems dated, which is not really surprising as papers are due months before the show for editing and printing, etc. That being said, there is a certain amount of self-censoring that goes on - you don’t want to show all your cards to either the competition or the malware authors. But I thought today was a fascinating display of just how relevant the conference was this year.
This morning, Infoworld’s Paul Roberts (http://weblog.infoworld.com/techwatch/archives/cat_security.html) reported on a notice sent from the UK Metropolitan Police (responding to information discovered by Avert staff in Europe) to 3000 British citizens informing them that their computers had been compromised including passwords, credit card numbers, etc. The show today ended with a panel discussion on fighting cybercrime that included representatives from the FBI, several security vendors and a large corporate customer. While most agreed that the trend is getting worse, everyone was in favor both of more information-sharing between vendors and law enforcement, but also more reporting from affected corporations and individuals to law enforcement. While cybercrime is a significant priority at the FBI (after counter-terrorism and counter-intelligence), the more data that law enforcement has, the better their funding opportunities.The real goal here is to increase the risk:reward ratio. Right now cybercrime is so lucrative, so cheap to carry out, and incurs such a low risk of capture (much less of significant penalties depending on the jurisdiction), that it is neither surprising nor unexpected that it is growing.
The other somewhat surreal coincidence was between Randy Abrams’ presentation on Microsoft and competition with the AV industry, and the announcement that MS will be making changes in Vista to reduce EU and Korean concerns over competitive or antitrust issues (http://biz.yahoo.com/rb/061013/microsoft_eu.html?.v=7). Randy’s conclusions, based on his having worked at MS and an AV vendor, was that Microsoft is essentially playing fairly on a technical level, but that their mere presence will affect large AV vendors, like McAfee and Symantec more than the smaller players. He also believes that Microsoft’s success will be largely dependent on the quality of the software and support provided by OneCare and ForeFront. Having watched a number of markets go away after Microsoft’s entry, I am more cynical, and would expect both their sheer ownership of the platform and integration points, if not their access to technical information, to have some non-trivial effect. It sounds like the EU and Korea agree, but time will tell I guess. What is not up for debate is that there is another kid on the block and he’s bigger than all of us put together.
January 29th, 2007 at 6:16 pm
[…] Trackback This last week I was among those at the “secretive conference” of security folks, ISPs and law-enforcement agents to discuss bots. Much like at last year’s VB conference, there was much discussion about the need for more cooperation and information-sharing between bot-fighters. Not just within the three groups but within each of the individual disciplines. People within all of the three groups were clear that none of us have all the pieces of the puzzle, and that in order for us to truly make a dent in the growth of bots and botnets, we need to share more of our information with each other. […]