Contact Us
Mental Health
Financial advice
Youth Matters
Techno Corner

Arun Marballi

Net Neutrality – a term that we will hear a lot about in days to come is the Web equivalent of equal opportunity for all Internet users. It means that no organization or institution will act as a gatekeeper to restrict the devices attached, types of data transmitted and Web sites accessed by any Web user. At the heart of this concept is the desire by a school of thought that there are some users of the Internet that derive an undue benefit from this infrastructure compared to other Web users and so they should in fact be made to pay more for the benefit so obtained. Needless to say, this has caused much deliberation in the corridors of power and is one of the issues that will be debated during the forthcoming Presidential elections.

Regardless of how the Net Neutrality concept shakes out, malware pushers on the Web certainly appear to live by it. They differentiate no one and attack all with equal opportunity. Last month, I had identified one threat that was likely to surface this year – compromised trusted Web sites.

I know that almost sounds like an oxymoron, but that is precisely what has happened in the case of an anti-virus software firm from India, AVsoft Technologies. The firm’s Web site was compromised by a hack attack that seeded its software download page with a variant of the Virut virus. Any visitor of this page with an insufficiently updated Windows PC became a victim of this virus.

Last month, I also indicated that smart phones such as the iPhone crossed over into the realm of computers and this year we could start seeing malware targeted at them. Well, it did not take long for this to come true. According to the security journal, “The Register,” a Trojan malware targeted for the iPhone made its appearance in the form of an “important system update” required prior to upgrading the phone’s firmware to version 1.1.3. Although this “iPhone firmware 1.1.3 prep” package did not appear to pack a malicious punch, it could very well be a harbinger for more potent stuff down the road. iPhone users – beware!

Consistent with the increasing sophistication of malware that I had prognosticated last month, the Anti-Spyware Coalition Panel Workshop 2008 noted that spyware of the hitherto traditional pop-up genre is dying out and is being replaced with harder to detect, Trojan-delivered malware distributed with increasingly malicious purposes in mind.

Further, according to a report from the Yankee Group, the increase in highly customized malware is forcing security vendors to change gears and pursue the possibility of enlisting end-user’s computers as the initial line for threat detection. In essence, this technique draws on the principles of “white-listing” wherein security vendors maintain a “white list” of Web sites and software that have been scrutinized and identified to be safe.

In using the client’s computer as a collector of threat information, security vendors seek to establish a virtual network, by leveraging on the existing “always-on” connectivity, in which every client computer will communicate with the centralized server before executing any unknown or new piece of software to verify that this object or its variant has been scrutinized elsewhere on the security network. This pro-active mode of operation has been nicknamed “herd intelligence,” which brings to mind the Borg in the Star Trek series.

By its nature, this method of dealing with unknown threats brings with it some downside in the form of privacy concerns for the security vendors’ clients, creation of a data-glut from the assimilation of volumes of telemetric data gathered from the client computers and the possibility of false positives (good software being identified as nefarious; or missed malware). Buoyed by increasing processing power, broadband connectivity, cheaper and faster data storage systems, and driven by the need to effectively deal with increasingly sophisticated miscreants, this proactive approach provides hope going forward.

What do you think about the privacy issues that such a security network poses and would you consider signing up for such a service? Please feel free to send your thoughts.

Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail


Contact Information
The Editor:
Send mail to with questions or comments about this web site. Copyright © 2004 Khaas Baat.

Anything that appears in Khaas Baat cannot be reproduced, whether wholly or in part, without permission. Opinions expressed by Khaas Baat contributors are their own and do not reflect the publisher's opinion.

Khaas Baat reserves the right to edit and/or reject any advertising. Khaas Baat is not responsible for errors in advertising or for the validity of any claims made by its advertisers. Khaas Baat is published by Khaas Baat Communications.