Antispyware Coalition Conference 2008

| | Comments (0)

I recently spoke at the ASC Conference in DC:

http://blog.spywareguide.com/upload/2008/02/asc081-thumb.jpg
Click to Enlarge

...and a lot of interesting issues were laid out for discussion (I should point out we didn't speak in the Capitol Building, I just like that photograph. Plus, it looks a bit more impressive than a picture of a hotel). Shall we have an obligatory shot of a board with a lot of companies listed on it? Sure:

http://blog.spywareguide.com/upload/2008/02/asc083-thumb.jpg
Click to Enlarge

That's a whole lot of companies right there! Anyway, the Conference had a lot of FTC people in attendance, and kicking things off was Ari Schwartz and FTC Commissioner Jonathan Leibowitz:

http://blog.spywareguide.com/upload/2008/02/asc085-thumb.jpg
Click to Enlarge

A repeated theme (that may or may not have been intentional) was that, to some degree, the "battle is won" - at least as far as trying to get "legit" Adware vendors to toe the line goes. Of course, there's still plenty of badness out there to contend with. The evidence from security forums and people fighting these infections on the frontline would seem to suggest PC hijacking is as rampant as ever, if not more so.

Shall we lighten the mood with some cameo shots of the antispyware big-hitters? (Click to enlarge each image)

http://blog.spywareguide.com/upload/2008/02/asc086-thumb.jpg
Alex Eckelberry!
http://blog.spywareguide.com/upload/2008/02/asc087-thumb.jpg
Bill Pytlovany!
http://blog.spywareguide.com/upload/2008/02/asc0810-thumb.jpg
John Levine!
http://blog.spywareguide.com/upload/2008/02/asc089-thumb.jpg
Lance James! (Long story..)

Stefan Savage gave a great presentation, where he looked at various elements of the underground economy of hackers - namely, what carders and data theft scammers get up to in IRC channels.

http://blog.spywareguide.com/upload/2008/02/asc0811-thumb.jpg
Click to Enlarge

My own panel featured Alex, Lance, Cindy Southworth of the awesome NNEDV and Luke Erickson of the FTC. We talked about some pretty heavy duty stuff, including how the increasing frequency of illegal pornography is actually causing some people in security to drop out of the business (because, understandably enough, they don't want that kind of material on their PCs lest the police come calling), how kids as young as twelve are happily trading credit cards and the kind of information Phishers and data stealers are collecting (the slides provided by Lance were an extremely interesting extension of what Stefan had been saying earlier on).

http://blog.spywareguide.com/upload/2008/02/asc2008128888-thumb.jpg
Click to Enlarge (Thanks to Bill P for the image!)

A lot of food for thought, and I'm hopeful the presentation I gave regarding the kids getting involved in hacking and cracking hit home with the FTC people in attendance.

At this point, I want to give a mention to NNEDV - I spent a lot of time talking with Erica Olsen of the National Network to End Domestic Violence, and it was frankly mind boggling how many anecdotal tales ended with "Yeah, she died / was killed / beaten to a pulp" etc. It seems depressingly likely that we've just scraped the tip of domestic abuse going hand in hand with monitoring software / keyloggers / all those other wonderful products sold as "surveillance tools" to "keep Junior safe online", which are in fact almost immediately used for much darker purposes.

Truth be told, the entire conference was a strange mixture of conflicting views - on the one hand, we were being told "we've won", but on the other hand, people like myself and NNEDV were showing how a lot of individuals were ending up as losers, with no hope of fixing whatever tech-related problem they happened to be in...from the comical to the life threatening.

I guess the Internet really is serious business.

Listen to the full conference (and check out the slides) here, and make your own mind up. Adware was, is, and will continue to be a problem for the foreseeable future - but beyond all the types of "ware" out there that we need to start concentrating on, we need to remember that every single time something bad gets onto a PC, a life can potentially be destroyed forever.

Now, more than ever, we need to keep fighting.

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on February 4, 2008 11:47 AM.

Do It Yourself Phishing for Social Networks And Webmail was the previous entry in this blog.

Random Observation On A Myspace Phish Drop is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.