I have been using BlackBerry’s and Smart Phones for a fair few years now, and we have all heard about the theories and proof of concepts of viruses, vulnerabilities for these devices, but there has not really been anything signficant in this space.

Now Pwn2Own this month will be offering $10,000 cash prize for every vulnerability found on a mobile platform. This is surely someone to wet the appetite of people, to find and create exploits, and as the usage of these devices continues to grow so will the risk.

I wonder how long it will be before we see all vendors offering AV and other solutions to help secure these devices, as they are currently few and far between.

Pwn2Own will take place during the CanSecWest security conference between the 16th and the 20th of March in Vancouver, Canada.

On the BBC News a story gives information about a snowboarder who died in the Alps, this is obviously terrible news. However a friend who was also with him, was found thanks to his phone having GPS, and being found with the help of Google Maps.

I blogged about this a few weeks ago, and this is a good example where this application has saved a life. I still think we should ensure this feature is disabled unless you want all your friends seeing what your upto 🙂

The recent Conficker threat lead Microsoft to issue information to sys administrators on how to disable autorun to help reduce the risk of infection.

However there was a slight problem, erm…. it didnt do what it says on the tin 🙂 Especially when it came to USB storage medium which was proving to be the main method for spreading.

Well Microsoft how now resolved this, and you can read more here.

As posted on the main site, a US court case has ordered a suspect to decrypt the contents of this Hard Drive.

“In a ruling issued last month, US District Judge William Sessions in Vermont ruled criminal defendant Sebastien Boucher does not have a constitutional right to keep the files encrypted. The ruling reversed an earlier decision by a federal magistrate that said forcing Boucher to enter his password into his laptop would violate his Fifth-Amendment rights against self incrimination.”

I think this is a tricky one, because assuming this guy has been upto no good he deserves to be banged up, but how will this impact Joe Public in the future, and in countries outside the US? So we are all about best practice and encrypt and secure our data as we dont want to share it with the masses, but we can be ordered to give up this information? I am not a legal expert, but I am not sure how this applies to other similar scenarios, such as items locked in a safe or lock box, can courts demand access with a warrant.

Be interesting to see how this develops, this could be similar to having to surrender your items at US airports, and the music and film industry looking for ISPs to track and report all activity. I can see the pros and the cons, and of course we would all agree to it helping to catch the bad guys, but we dont want every bit of our lives being a free for all.

One thing is for sure, big brother exists and hes getting bigger.

I had heard about the Malicious Software Removal Tool, that is supposed to run once a month at update time to check your machine for bad stuff.
Although I had never seen it run. Turns out if you run the application MRT, you can do ad-hoc scans.

I just carried out a full scan, and no issues. This is not an AV replacement, but certainly something worth running on occasion as I am not convinced its doing it automatically, its certainly not real time.

Visit the Microsoft site to learn more.