- Anti-Spyware Coalition 2007: Harvard University, Cambridge
Yes, it's been a week or two since the event took place but a combination of factors (investigating this virus, a problem with uploading pictures via my camera and the slightly ropey RealPlayer stream for the conference footage) all caused numerous issues that made me want to cry, or at least complain a bit.
Still, here we are and now everything is working again - sort of - so let's get right down to business.
First of all, we had a Keynote from GRC supremo Steve Gibson who didn't really tell us anything new, but then that wasn't the point of his talk anyway. He gave us a brief rundown of how he got into this industry and the quality of his anecdotes was more important than him jumping up and dazzling us all with some new exploit or something. For your viewing pleasure, might I present a slightly blurry photograph of the man himself:
...yeah, about those photos. See, the lighting in the room where the conference took place was dreadful, at least as far as grabbing decent photographs went. As you'll see later, I was sitting about five feet away from Alex Eckelberry (President of Sunbelt Software) and the pictures STILL came out blurry. So apologies in advance for any conference related pictures that sort of suck.
If I remember correctly - and I probably don't - Steve put up an image of a desktop overwhelmed by what looked like hundreds of items in the taskbar, reaching up past the halfway point on the screen. I cant recall if he mentioned in his talk that he asked users on his GRC site to assist with creating the image, but they did. I thought it was real, so that was sort of disappointing. Bah.
The first talk of the Conference was "Technical Discussion of Spyware", but if I'm being honest, I sort of lost interest in this one when they started going on about servers and databases and stuff. A number of panelists got shuffled round due to last minute cancellations, and I think this was one of the ones affected so that probably didn't help much, but thankfully here's a writeup covering what went down so that's okay.
A quick break, and it was time to get onstage for my contribution to "Internationalisation of Spyware". I found it sort of humorous that a panel dealing with "international" spyware spelt "Internationalisation" with a "z", but then silly things like that amuse me. I must admit, this panel seemed to go a lot better than the one I spoke at for the first ASC Conference in 2006. After I did my introductory ramble, the rest of the event seemed to consist of people from the FTC debating US-centric policies and laws which were completely irrelevant to the subject at hand.
This time round, the whole thing rocked and we really did talk about the subject at hand.
That's me, that is. And I'm showing the audience a shot of what I like to call our map thingy, which lists Adware vendors plugged into our database. I talked about how a lot of the new US-based laws are coming in to specifically tackle these guys, even though the Adware boat in America has (for the most part) sailed stuffed with lots of money and it's not coming back. Put simply, I don't think those guys are the ones we have to worry about much anymore. The real danger comes from those wonderful entities lurking overseas who think nothing of handing you a web browser that serves go-to-jail inducing pornography:
...or installing their own web browser without permission via an Instant Messaging Hijack:
....and (just to prove I fling my arms around while talking) here's me showing the crowd a fairly large install of numerous pieces of Ad/Spy/Mal-ware from a Chinese hijack (roughly a Gig of software installed):
Okay, so my arm isn't waving around as much as I thought but whatever.
Here's a flurry of notes on the Stop Badware Blog related to our talk. I'd say these were my key points:
Chris - A lot of stuff is quite generic (the code itself, old stuff that's been around). Chinese hijacks aren't just whackamole games with password stealers. A lot of the code is old, but what they do with it is new. Middle East, quite sophisticated root kits.
Chris - UK High Tech division crime squad. Impossible to get a hold of people. Tracking down law enforcement is useless. Accessibility of law enforcement would help.
Chris - Ministry of Media Affairs have created software (malware), that installed from various Chinese websites. You can support your government by hijacking PCs. Folks are trying to sue the government with spectacularly bad results. A lot of this stuff comes from Chinese domains where the url is random letters and numbers. but some of them are legitimate in China. There's no way to contact these domain owners. Is it malicious or has the site been hijacked?
I've talked about this kind of thing at length elsewhere, so I won't go into it here. But seeing as I'm on the subject, read this.
The third talk was Public Policy and Legislation, and this one stumped me for two reasons.
1) I missed the first 20 minutes due to having to cool down - standing around for an hour dressed head to toe in black on one of the hottest days anywhere, ever, was sort of a pain.
2) This was was (for obvious reasons) very US-centric and so a lot of the points raised meant pretty much nothing to me. All I can say is, watch the recording and make your own mind up (yes, we'll get to those links shortly).
The final talk was New Market Trends in Responding to Spyware, and the sparks flew as numerous disagreements spilled out into the car park. Not really, but one or two people got faintly grumpy which is always enjoyable at an event like this.
Eventually, things rumbled to a close and so ended the Third ASC Conference. A lot of people met up afterwards - specifically, those involved in the Julie Amero case:
Here's the obligatory rollcall - the people in this picture are (left to right) standing:
Chad Loeven of Sunbelt, me, Joe Scalia, Ari Schwartz (CDT), Eric Howes of Sunbelt, Alissa Cooper (CDT), and Eric Davis of Google. Seated: Herb Horner, Alex Eckelberry, Julie Amero, Wes Volle, and Judy and Chip Neville.
With the meal done and dusted, I waved farewell to the Sunbelt crew and flew back home the day after. At this point, I guess you want to see the already mentioned RealPlayer footage of the conference, right? Well, all of the links can be found below:
You'll need Real 10 Player to play the recordings (free download available here). I'd much prefer a regular movie file, but oh well. My talk is on Part 1, in case you were wondering. I'd like to tell you when it kicks in, but it kept crashing on me so much I'm lucky I even got to see it once.
If so inclined, you can see a large collection of photographs from the trip here. That's pretty much everything from me with regards the conference, so I'll leave you with the following thought - who stole my underwear?
