Once a security researcher discovers a new strain of malicious software -- running a virtual machine on a test-bench -- and adds its signature to anti-virus and network monitor blacklists, it's game over. So today's malware devotes enormous energy to figuring out if it's running on a real computer, or inside one of its enemies' virtual worlds.
A presentation from UCSM's professor Giovanni Vigna (who runs the Center for CyberSecurity and Seclab), he's seeing more and more malware that keeps its head down on new infection sites, cautiously probing the operating system to try and determine if it's running on a real computer or if it's a head in a jar, deploying all kinds of tricks to get there.
Ben Rosenbaum and I wrote a Hugo-nominated novella called True Names in which duelling AI superintelligences try to run versions of each other inside virtual environments as part of their overall strategy and tactics.
Every system call is a gamble for the malware. Though the compiled binary is far harder to analyse, even when running, than its source code would be, it will still need a good excuse to begin looking up the list of its host system’s running processes – in reality seeking out the presence of known analysis tools that might be watching it. Prof. Vigna’s own Anubis malware analysis software is on the malware-writer’s ‘hit list’.
Vigna has also found malware source code that specifically seeks out the user ‘Andy’ in a new environment, as this reflects the name of one of his team in earlier VM battles with malware authors.
Some of this paranoia is contextual – looking up system processes would likely be a red flag in a freeware text editor but merely a routine and expected environment check for a defragger, which would be looking for system elements that may prevent routine system housecleaning.
The malware of the future may come bearing real gifts
[Martin Anderson/The Stack]
Guetzli is Google’s new free/open JPEG compression algorithm, which produces images that are more than a third smaller in terms of byte-size, and the resulting images are consistently rated as more attractive than traditionally compressed JPEGs. It’s something of a web holy grail: much smaller, better-looking files without having to convince people to install a […]
Nolan Lawson is burning up the free/open source web with an essay called What it feels like to be an open-source maintainer, where he describes the contradictory and negative experiences of trying to please hundreds of people who are just trying to get his code to work, where the more emotional and technical work he […]
It’s been fifteen years since the first edition of educator Rosalind Wiseman’s Queen Bees and Wannabes was published; now in its third edition — updated with current, timely material about social media and other fast-moving subjects, as well as reflections from girls who were raised on the techniques in the previous editions — the book is a compassionate, aware, and intensely practical guide to navigating the toxic, gendered lives of young girls in a diverse, politicized world.
The Lightning port has thus far resisted the cruel fate that befell the headphone jack, and despite rumors that it may be disappearing come iPhone 8, for the present and foreseeable future, Lightning cables are a hot commodity for iPhone users. As such, we must make do in this strange time in which long, glorified […]
All the filters in the world won’t save your smartphone pics from a shaky hand. To really step up your mobile photography game, you’ll need some kind of mount to hold it steady. You could buy a smartphone attachment for a conventional camera tripod, but who wants to carry that kind of gear everywhere they […]
The forced transition from analog to digital TV signals was probably met with relative indifference from people with Netflix subscriptions and the “I don’t even own a TV” snoots. But anyone living in the vast swaths of the country that don’t have guaranteed high-speed internet, broadcast TV is a perfectly valid (and 100% free) way […]