Google has acquired GreenBorder, a web security company that also based in Mountain View, California, where Google is also headquartered. GreenBorder is a startup that offers temporary, virtual sessions each time a computer users surfs the Web, then discards the resulting data once the user is finished surfing. And thus, insulate corporate networks so that malicious code hidden inside email, instant messages or websites is automatically detected and contained. In technological setting, GreenBorder has a strong presence in web security for corporate world by using its own “virtualization” technology, according to Reuters. The beauty of their Pro software is it does not require to be updated, though initially as a sandbox for Internet Explorer, but now the software also supports Firefox. More details about their features can be found on this post.

Moreover, I embeded a video about the brief overview of GreenBorder that I found on YouTube in the below:

MySpace has launched a new copyright protection software for video contents that prevents users from re-posting the video clips that have been removed previously at MySpace based on the request of the copyright owners. This new software was called “Take Down Stay Down” is based on the Audible Magic technology, operated in a way that a video content was removed from the copyright owner, this technology will ensures that the video content will forever stay down and not be reposted by anyone in the future. This technology will also integrate with MySpace’s “Content Take Down Tool”, that most people acknowledged that these tools will enhanced the efforts in copyright protection that promised by MySpace.

MySpace “Take Down Stay Down” is the newest copyright protection tools that offered by them, besides the aforesaid “Content Take Down Tool.” Prior to this, they have released the “video filtering” in early this year, as well as the “audio filtering” that released in last fall.

An issue arise here, how is this “Take Down Stay Down” enforced? For the copyright protection policy, a company can either hire people and watch the contents 24 hours a day, but MySpace choose for the tools that helped them to do notice and take down. Albeit that it’s a do-able system, but eventually they also rely on the users, and of course the copyright owners to spot the new videos that they think that those are inappropriate. First go through the people, the Take Down Stay Down indeed is the second step. Just because it’s a tool, it will not able to conduct human reviews.

Does Windows Vista is that secure and that’s no way for the hackers invade into it? Just came across an interesting blog post by a security researcher Joanna Rutkowska, that talked about the new ways to invade Windows platform and Vista x64 particularly and this include rootkit techniques and ways to defeat BitLocker drive encryption. She said in her post:

we will also present some new kernel attacks against latest Vista x64 builds. These attacks, of course, work on the fly and do not require system reboot and are not afraid of the TPM/Bitlocker protection.

The presentation she took part with her colleague is a training session that called “Understanding Stealth Malware”, one of the sessions included in the Black Hat USA 2007 Briefings and Training event in Las Vegas, which runs from 28 July to 2 August.

BitLocker drive encryption represented the data security issues addressed by Microsoft in designing the latest operating system, i.e. Windows Vista. And this data protection feature is the biggest selling point for Microsoft in attracting the users to upgrade their Windows XP to Windows Vista Ultimate. However, it is not arguably that like any technology, BitLocker also has its own avenues of attack.

Kaspersky, a Russian security vendor has claimed that they have found the world’s first iPod virus, according to their virus news. The virus name is called Podloso and indeed, do not pose any threat to the iPod. However, to avoid confusion, this virus will only function if the user install the Linux operating system to the iPod instead of the Apple operating system. By this logic, I wonder any iPod users would like to have Linux as the main operating system on their iPod and the main point here is: this virus not an iPod virus, but a Linux virus that designed to infect the iPod player.

Since the first inception in 1997, Kaspersky has won several awards including the prestigious Computer Shopper Five-Star Award. Its Anti-Virus software also received Virus Bulletin 100% on Microsoft’s latest operating system, i.e. Windows Vista and has been successfully spotted the first worm, i.e. Cabir that designed to infect Bluetooth-enabled mobile phones three years ago.

There is a succinct list of reasons why competitors sometimes can work together and this is a real example that just happened in China. Taobao, an online auction firm owned by Alibaba has joint force with eBay China in preventing the Internet fraud. Their objectives are to curb the illegal trade of Internet accounts over both auction websites particularly. The agreement for the above mentioned cooperation is mutual, reported by Reuters.

Perhaps this can be considered as a trade-off. A trade-off in between the need for technical support in preventing the illegal Internet trading and the desire of local access to the accounts. This is a short-term cooperation as the goals have been achieved by both parties, I wonder the relationships between Taobao and eBay China will go back to the old days. And most recently, the competition of online auction in China is still very intense, the issue of cooperation is a noncore activity and thus, would not have any significant implications to their long-term relationships in Internet’s auction market.

Microsoft has acquired Secured Dimensions this month, a software company that based in Israel. This software company is expertise in coding security practices. Secured Dimensions, formerly known as LionShield, has developed a technology, i.e. SecureLM.net that helped software vendors or developers to protect their .NET-based applications. On the main page, I particularly impressed by all the features of their technology, such as reverse engineering protection, hacking and cracking protection, piracy elimination, just to name a few, all these would definitely safeguard the numerous works and efforts a developer puts in at writing all the source codes. Apparently, this technology will meet the demands for most of the .NET developers. But I wonder it’s true when they made a claim that this SecureLM.Net code protection is the only solution available that safeguards .NET code on their “Why Private Permutation?” web page.

It is not surprise to know that Microsoft has interested in the third-party software company that provides solution in .NET framework. I’ve been told numerous times at the Microsoft seminars that Microsoft has put their source code as their most important asset in the company, the acquisition of Secured Dimensions seems to be a right move for them. I just finished reading a working paper published by the Microsoft Research this month, this working paper entitled, “Securing the .NET Programming Model” has further instilled their commitment to the developer community that Microsoft is really taking actions in source code protection, produce a better design patterns, coding guidelines, and etc.

There are several articles pertaining to Oracle security issues, unsurprisingly, you will come across an article entitled, “Oracle has more flaws than SQL Server”, or “Oracle databases four times worse than Microsoft” and similar type of articles on the web. I just came across an research paper, entitled, “Dangling Cursor Snarfing: A New Class of Attack in Oracle” (pdf). Some excerpts:

we’ll now execute it as a low privileged user - but when we do so we’ll cause an exception in it by passing it too long a string:

The session now has a dangling cursor which can be snarfed by an attacker. Note from the output of PWD_COMPARE that the cursor has a value of 3 in this case. Incidentally,
even without seeing it’s 3 an attacker can still “guess” the value for the dangling cursor by going from 1 to n in a loop until they find it. When the attacker finds the dangling cursor, they can then recycle it – in other words they can rebind the username associated with the query and this time use SYS if they so choose.

My sense is that the above research study pessimistically stated the attack based on the two following assumptions below:

1) The database administrator (DBA) and security managers didn’t do their job and hence, allow an attacker a manner to steal the confidential data.

2) Users’ own problems. They failed to or improperly close the cursors that they created or failed to clean up the open cursors. Thus, we need to educate the users in using Oracle database properly.

In such above analysis, why we need to blame Oracle? If we regularly patch and secure the database’s configuration, we will be reasonably protected from the above attack.

Meanwhile, Oracle hits back at the above security critics by wrote a blog posting in response to the above security issues. Some excerpts:

Because software engineering is a complex discipline, the absence of security flaws in released software cannot be fully guaranteed. Such flaws may be detected during internal testing, or may be discovered externally by customers and security researchers. Regardless of who discovers these issues, Oracle’s top priority is to efficiently fix those flaws across all supported platforms in order to allow customers to maintain their security posture. This means that Oracle prioritizes those security flaws in order of severity, regardless of how they were discovered, in order to produce the appropriate fix. This also means that we acknowledge all of the vulnerabilities at the time of the issuance of the appropriate fix (for example, at the time of the Critical Patch Update) and we credit security researchers for any vulnerability they discovered in the Critical Patch Update documentation.

However, we do not credit security researchers who disclose the existence of vulnerabilities before a fix is available. We consider such practices, including disclosing “zero day” exploits, to be irresponsible as they can result in needlessly exposing customers to risk of attack.

My view is it is too early to say Oracle do not care about fixing their bugs, it is just the customers that dissatisfied with the Oracle’s security record. On the other hand, I really believed Oracle are getting better in manage the vulnerabilities in their products. If there are reports that stated bug found in Oracle’s products, whom have we to find fault with? The researchers that should bear the social responsibility? Or Oracle that did not release the most updated security patch? Or the customers that are not patch and secure their configuration in their databases? Moreover, if there has been a large scale attack targeting Oracle databases, we definitely been heard the Oracle customers switching to the competing products in the market.