![]() Windows operating systems largely fail to adhere to sound security design principles. The TCB's ability to enforce policy depends on the correctness of implementation. Information security practitioners have long used the concept of a Trusted Computing Base (TCB) to define the collection of components used to enforce a security policy. If the disk on which it is installed is examined with another operating system, for example, files invisible to Windows users would be clearly visible, though perhaps still not obviously named.Ģ.2 Exploits Lack of Trusted Computing Base The ability for Spector Pro to hide is dependent upon its running. A user who happens across the correct key combination would find that the software is running. No indication of Spector Pro (or Spectorsoft) is found in the process listing, host registry, or visible files.Ī particular key combination (apparently ``Control-Alt-Shift-S'' by default) on the keyboard will bring up Spector Pro's splash screen and a password dialog box. Users who do not know what processes to expect on a process listing, or believe that programs must be ``visible'' to be running, stand no chance of determining that Spector Pro is active. Competent professionals looking for Spector Pro's presence should have no difficulty finding the software.Ī cursory examination of a Windows 2000 Professional workstation with Spector Pro 3.1 confirmed some claims of the software and yielded some fairly interesting discoveries.Įffectiveness of the system's Stealth Mode depends on obfuscation. The bottom line is Spector Pro can completely compromise the privacy of a nontechnical user. This means that watching online activity from a trusted machine (including firewalls, proxies, and network intrusion detection systems) will yield evidence of Spector Pro being in use. The software requires network connectivity to operate.Any attempts to determine what is happening while the system is booted and running normally can be foiled by the software. Because the software runs on the user's computer itself, the computer cannot be trusted.The software's ``stealth mode'' is sufficiently obfuscated that typical users will have no idea that the software is active.It's advertised as ``Internet Monitoring and Surveillance'' software, which is more commonly known as ``Spyware''.Ī quick look at Spector Pro revealed several key issues: publishes a product known as Spector Professional Edition for Windows. "Write Once Run Anywhere'': Why It Matters.Creating an Environment for Reusable Software Research: A Case Study in Reusability.Analysis of Compact Disc Digital Rights Management. ![]() Snake Oil Warning Signs: Encryption Software to Avoid.National Security Action Memorandum 160.SKIPJACK and KEA Algorithm Specifications.What's Related? Everything but your privacy.Shibboleth: Private Mailing List Manager.Why Anti-Virus Software Cannot Stop the Spread of Email Worms.DoubleClick Opt Out Protocol Failure = Opt In.Getting To Know You (Intimately): Surreptitious Privacy Invasion on the E-Commerce Web.A Failure To Communicate: When a Privacy Seal Doesn't Help.Bank One Online Puts Customer Account Information at Risk.Comments on Guidelines on Securing Public Web Servers.Spector Professional Review and Commentary.Mobile Devices: Evidentiary Gold Mine or Empty Mine Shaft?.Understanding Information Assurance Services.Identity Theft: If We Didn't Dodge a Bullet.Anatomy of Online Fraud: How Thieves Targeted eBay Users But Got Stopped Instead.Electronic Evidence in Criminal Defense.The Next Twenty-Five Years in Computer Science.Using Science to Combat Data Loss: Analyzing Breaches by Type and Industry.Incident Handling: When the Breach Occurs.Protection of Data and Prevention: Advice for Chief Executive Officers, Managers, and Information Technology Staff.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |