Today in Security

P2P software maker had been accused by music industry of enabling massive piracy

by Jaikumar Vijayan

Oct 26, 2010 07:15 pm | Computerworld

In a major victory for the music industry, a New York federal judge has ordered embattled P2P software maker LimeWire to immediately and permanently stop distributing and supporting its file-sharing software.

In a 17-page injunction (PDF document) issued on Tuesday, Judge Kimba Wood of the U.S. District Court for the Southern District of New York ordered LimeWire to cease the searching, downloading, uploading, file trading and file distribution functionality of LimeWire’s P2P file-sharing software.

The injunction instructed LimeWire to immediately communicate the court’s decision to all users of the software and to all of the company’s employees, principals and other stakeholders. It gave the company 14 days to report back to the court on the steps LimeWire has taken to comply with the order.

A spokeswoman for the company today stressed that the court’s order does not mean that LimeWire is shutting down and said that it only prevents LimeWire from distributing or supporting its P2P software.

It does not prohibit the company from going ahead with its previously announced plans to launch a subscription based music service and neither does it prohibit the company from operating its online store, the LimeWire spokeswoman said.

“While this is not our ideal path, we hope to work with the music industry in moving forward,” the spokeswoman said by e-mail. “We look forward to embracing necessary changes and collaborating with the entire music industry in the future.”

The court injunction is a huge victory for the Recording Industry Association of America (RIAA), which has been trying to get the court to shut down LimeWire for quite some time.

The RIAA and the music labels it represents have accused LimeWire and its chief executive, Mark Gorton, of willfully enabling widespread copyright infringement.

For more, visit Computerworld.com

• Date: October 25th, 2010
• Author: Michael Kassner

Thanks to the Internet, financial transactions and purchasing have never been easier. But, that convenience comes at a cost. We have to divulge personal financial information. And that becomes a problem if our banking credentials get into the wrong hands.

One way that happens is through malware that employs keylogging applications. In fact, that’s what financial malware is all about. Type in your credit-card information, the keylogger records it, sends it to the attacker, and well you know the rest. Thankfully, there is an answer.

Fight back

There are two approaches that help thwart keylogging applications. Anti-malware programs by design will remove malware including keylogging apps. We all have our favorite anti-malware program. Just make sure it is effective against keylogging malcode.

Keystroke encryption is the second approach. It uses a different methodology. It doesn’t care whether a keylogging app is installed or not. The keystrokes are encrypted and all the keylogger records is gibberish.

I have tried several keystroke encryption programs and settled on KeyScrambler byQFX Software. Qian Wang developed KeyScrambler and is the President and CEO of QFX Software. Here are Qian Wang’s credentials:

“Qian has been a programmer since age 12 and has had experience working on cutting edge projects at both the M.I.T. Media Lab and the M.I.T. Laboratory for Computer Science. Qian holds a B.S. and a Master’s in Electrical Engineering and Computer Science from M.I.T.”

Questions about KeyScrambler

Before I ran my tests on KeyScrambler I wanted to understand it better. I contacted Qian Wang and he obliged me by answering the following questions:

TechRepublic: Preventing keystrokes from being logged, stopping screen and clipboard captures, and keylogging software removal are some of the capabilities including in anti-keylogging programs. What features are included in KeyScrambler?

Qian Wang: KeyScrambler, as the name implies, focuses on preventing keystroke logging by encrypting the user’s keystrokes. At QFX Software, we are big believers in “Do one thing, and do it well”, so we are currently concentrating on providing the best possible protection for the users’ keystrokes.

TechRepublic: The web site mentions says,  “KeyScrambler encrypts keystrokes at the keyboard driver level, deep in the operating system, to defeat existing and future keyloggers.” Could you go into more detail on how that is accomplished?

Qian Wang: To understand how KeyScrambler works, it helps to look briefly at how an operating system like Windows actually processes keystroke data. When you type on your keyboard, it looks like the keystrokes are directly sent to the application you’re working on. In reality, they have to go through quite a long path to get there.

The keystrokes first arrive at a hardware controller on the computer’s motherboard, which forwards them to the Windows kernel’s keyboard input stack. They are then processed by the windowing system’s input manager, which sends them to a queue belonging to the application window that currently has input focus.

The application then retrieves the keystrokes from the queue and interprets them according to its own context, and finally the user sees the result of the keys that are pressed. This is a simplified view of what happens, without considering such complex issues as inputting non-English languages.

Many places along this path, there are ways to intercept the keystroke data. Any of these points can be used to perform keylogging, which is why it’s such a thorny problem.

What KeyScrambler does is to try to get to the keystrokes as early as possible in the Windows kernel using our encryption module. That way, as they get passed along the different layers of the OS, it won’t matter if they get logged, because the keystrokes are completely indecipherable.

When these encrypted keystrokes finally arrive at the intended application, the decryption component of KeyScrambler goes to work and turns them back into the keys the user originally typed.

If you are familiar with how SSL/TLS work to encrypt network traffic, this is basically the same principal applied to your keystrokes. And because KeyScrambler isn’t focused on defeating any particular technique or scanning for any particular signature, it doesn’t matter if a keylogger is well-known or brand new.

TechRepublic: As KeyScrambler’s developer, what do you feel makes it unique?

Qian Wang: As far as I’m aware, when we released KeyScrambler in 2006, it was the first widely available keystroke-encryption product on the market. So for a while we were unique simply by being first.

More importantly, KeyScrambler is a new approach in dealing with the problem of keylogging. What we did was to look at keyloggers specifically, find out what data they’re after, and how they worked to get it. Then we thought about how to protect the data instead. In a sense, KeyScrambler isn’t so much focused on anti-keylogging as it is on keystroke-data protection.

Another feature is the display of the live encrypted stream of keystrokes. I think all too often security software take a “Trust us” stance and only bothers the users when something goes wrong. KeyScrambler tries to show both when and how it’s working.

TechRepublic: We mentioned the two types of anti-keylogger applications used against software keyloggers. Why did you choose the encryption route?

Qian Wang: The “scan and remove” method is the traditional way. It’s the way most anti-malware programs work. The limitations of this approach, such as the length of time it takes to deal with new threats and the potential for false-positives are pretty well known.

Still, such software continues to be useful. In fact, we recommend it as a baseline even when you use KeyScrambler. Most of our users do have a general purpose “scan and remove” type product installed on their computers.

Having the same type of program specifically aimed at keyloggers doesn’t buy you anything new, and it’ll have the same limitations. KeyScrambler complements traditional defenses by providing an additional layer of security.

For the rest of this article, visit TechRepublic.com

IT managers are being put in the awkward position of monitoring fellow employees.

By Tam Harbert – October 11, 2010 06:00 AM ET

Computerworld - It’s 9:00 in the morning, or 3:00 in the afternoon, or even 10:00 at night. Do you know what your users are up to? More than ever, IT managers can answer, “Oh, yes.”

As corporate functions, including voice and video, converge onto IP-based networks, more employee infractions are happening online. Employees leak intellectual property or trade secrets, either on purpose or inadvertently; violate laws against sexual harassment or child pornography; and waste time while looking like they’re hard at work.

In response — spurred in part by the need to comply with stricter rules and regulations — organizations are not only filtering and blocking Web sites and scanning e-mail. Many are also watching what employees post on social networks and blogs.

They’re collecting and retaining mobile phone calls and text messages. They can even track employees’ physical locations using the GPS feature on smartphones.

More often that not, IT workers are the ones asked to do the digital dirty work, primarily because they’re the people with the technical know-how to get the job done, says Nancy Flynn, executive director of The ePolicy Institute, a Columbus, Ohio-based consultancy that helps companies establish Internet and computer usage policies.

Statistics are hard to come by, but Flynn and other industry observers agree that monitoring and surveillance are becoming a bigger part of IT’s job.

Michael Workman, an associate professor at the Florida Institute of Technology who studies corporate IT security and employee behavior, estimates that monitoring responsibilities take up at least 20% of the average IT manager’s time.

Yet most IT professionals never expected they’d be asked to police their colleagues and co-workers in quite this way. So, how do they feel about this growing responsibility?

For the rest of this article, visit Computerworld.com