Più sotto c’è un indice dei contenuti (in Italiano) che possiamo utilizzare come traccia per lo sviluppo dei contenuti. Vai in fondo alla pagina.

Malware considered superharmful

Viri, trojans, worms and other kinds of malwares are nothing new: they are here
since decades and everyone knows basically what they are.

What we aim to say is that their importance is greatly increasing and that they
can be considered the number one security menace.

Why?

That’s a complex question. We’ll analyze what the other kind of interception
were missing. Let’s remember what they are:

We argue that malware have considerable advantages over each one of these
techniques

wiretapping is more and more defated by network encryption

While the CA system is rotten and certainly exploitable by a powerful attacker, wiretapping is harder than before; the most important enemy of network wiretapping is certificate pinning.
Certificate pinning is certainly nothing new, but mobile devices make heavy use of it, and that’s certainly a big advantage of the app-centric model.

Wiretapping is not enough

You cannot intercept what is not on the wire; and a wise internet user will not send sensitive data over the wire. Also, wiretapping only collects data handled after the investigations; for some crimes, this is non-sense.

This problems ask for a more powerful technique of evidence collection; a typical solution is disk seizure.

seizure makes investigations over

Seizure is powerful, because it is relatively easy to do, and lot of data can be gathered which have never been on the wire, or from years ago.
But when a computer is seized, the person under investigation know about the investigation, and this can make it more careful about his movements.

Seizure must be the very last attempt.

disk encryption defeats seizure

Disk encryption is very easy to use and, while it’s worth nothing against wiretapping, it seems to be really effective against disk seizure: for the major disk encryption tools, there is just no way to break it without forcing the owner to reveal the passphrase.

seizure is hard on embedded devices

seizure is (sometimes) not enough


Indice dei contenuti da sviluppare: