CloudFlare buys StopTheHacker, wants to do anti-malware at scale

Website performance and security startup CloudFlare has acquired an anti-malware startup called StopTheHacker. The deal makes the popular CloudFlare that much more useful and also gives the company a new business to take advantage of the global infrastructure it’s building out. CEO Matthew Prince recently suggested it would get into the anti-malware space because it often has spare computing capacity that could be put to work scanning networks rather than sitting idle. Although it plans to integrate the two services more tightly, CloudFlare says it will continue operating and investing in the StopTheHacker service.

Avast takes fresh private equity investment at $1B valuation

The Czech security firm Avast, which provides popular consumer antivirus software, has taken an investment from European private equity outfit CVC. The amount has not been disclosed, but Avast says it puts a billion-dollar valuation on the company (perhaps it’s preparing to shop itself around). The company says it will use the cash to beef up its mobile security products and push further into the U.S. and Asian markets in particular. Globally speaking, Avast’s 200 million users give it an antivirus market share just above 15 percent, putting it in second place behind Microsoft(s msft).

6 ways to keep your data safe in the cloud

These suggestions might seem like common sense, but the more we use cloud services, the more we put ourselves at risk of identity theft and other negative effects of cybercrime. Here are six ways to at least make it more difficult to steal your data.

Sourcefire brings big security data to IT departments

Security-software company Sourcefire is trying to help large-enterprise IT teams leverage big data analytics in fighting malware. A new product, called FireAMP, utilizes a cloud-based analytics approach to let IT teams dig deep to find out the hows, wheres and whys of their malware problems.

Check Out That Suspicious File With VirusTotal

If you have a file that you want to ensure is clear of viruses, trojans, spyware and other malware, you should check out VirusTotal. It’s a free web app that allows you to upload files which are then scanned using antivirus engines from 39 different vendors.

Antivirus Software On Your Mac: Yes or No?

Just over a year ago, Mac users began to feel a bit more Windows-like after a major Mac trojan horse was discovered in the wild. Of course, you’d get it only if you obtained copies of pirated software. While there had been a few scattered OS X virus reports, this trojan had the most destructive potential to date.

Since that rumble last year, the Mac security front has been relatively quiet. This begs the question that has been on many people’s minds and one I get asked on a daily basis: “Why don’t Macs get viruses?”

Of course, we know the question isn’t valid. Macs can be attacked as evidenced earlier. Even Apple suggests running some kind of antivirus software on your Mac and included one with a .Mac subscription. Additionally, numerous security flaws are found and Apple releases regular security updates to patch them up. ¬†So, a better question might be “Why don’t Mac users have to worry about malware like Windows users do?” I suspect a relatively small number of readers have active antivirus software running on their Mac, despite Apple’s recommendation. For purposes of simplicity, we’ll lump viruses, worms, spyware, malware, and trojans under the common term of “viruses.” Here are the common responses given and my take on them.

Macs Aren’t Popular

Why do people rob banks? That’s where the money is! (Sutton’s Law). Because Windows-based computers represent around 90 percent of the market, virus writers get more bang for their buck. Not only does a Windows virus spread farther and faster due to its numbers, but the people writing viruses are more likely to have Windows machines upon which to code. And the banks are running Windows as well, so Windows is where the money is.

Of course, when Apple introduced Intel-based computers, some were concerned that Macs would get PC viruses because they were running the same chips. The chip switch was a legitimate concern, but for a different reason. If cheap PCs could be turned into Macs, the enemy could use that to their advantage and begin diversifying. Hacking the Mac OS to run on a PC would provide an easy way for malware writers to explore the MacOS.

However, as the Mac’s popularity has increased, we haven’t seen a rise in viruses for the Mac. Popularity is a weak rationale.

Macs Don’t Maintain¬†Backward Compatibility

Since 1984, Apple has made multiple shifts in its operating system strategy. First there was the shift from 68K processors to PowerPC, and then the shift from Classic to OS X, and then finally the shift from PowerPC to Intel based processors. That old copy of MacWrite or NetTrek won’t run on your new MacBook without major emulation and other chicanery. On the other hand, WordPerfect 5.1 for DOS runs great on a Windows 7 PC with just a minor tweak.

Microsoft, in order to maintain compatibility with older products, has never fully excised old code and flaws in its operating system. Apple has been willing on at least three occasions to completely abandon old software and start from scratch. Because Apple controls the hardware and the software and has a much smaller installed base, it is better positioned to make these drastic moves.

Ironically, Macs used to get tons of viruses in the System 7 days. I fondly remember “Disinfectant,” and countless viruses spread via floppy disk. As the Classic OS evolved, less and less viruses worked until finally OS X rewrote the OS book. Which leads to the final reason for the dearth of Mac nasties.

Macs Were Designed with Security in Mind

Since Apple knew about Mac viruses, it was able to redesign the operating system with safeguards in place to prevent malware outbreaks. The proper use of the Administrator account and password was the most important key in preventing the spread of any Mac viruses. For those unfamiliar, on a Windows XP PC, programs can install automatically without an administrator name and password. While Vista and Windows 7 ask permission sometimes, you can still easily install programs (and therefore viruses) without intervention from a user.

Alternatively, Mac programs requires someone with Administrator privileges in order to install most software. In my day job as a computer repair tech, countless Mac clients can’t even remember their own password, so they are extremely unlikely to accidentally install some software. Windows PCs are usually infected by clicking on some kind of link followed by Windows automatically installing a virus in the background without user consent or intervention. This idea is as foreign to Mac users as a .dll file.

Because Apple has a quicker schedule in updating and patching its operating system, any flaw that is found and acknowledged by Apple can easily be patched via an update or the next operating system. Getting Apple to acknowledge some of these flaws is a different story, though Snow Leopard provided protection against the trojans discovered last year.

[polldaddy poll=2649759]

Should You Run Mac Antivirus Software?

Good question. Apple said at one time it recommended antivirus software (though later it recanted), yet most Mac users don’t. The risks of a virus on your Mac are slim and protection software is perceived as slowing down computers and being generally buggy. Unlike most other software, virus protection requires a yearly fee to keep protection active. If you stay away from the red light district on the Internet, you are much less likely to get a virus. Make sure your system password is a good one and hard to guess. Be wary of any software you download and check the source. That’s why you get the warning now whenever you download a program from the Internet. Common sense is your first line of defense.

Personally, at home, I have ClamXav installed. It’s a free program that will scan your Mac to determine if you have a virus, but won’t pre-emptively protect you from getting one. It’s an “on-demand” versus an active scanner. I update and run it every so often after I hear of some new threat.

For my work computer, I have Intego VirusBarrier installed. The program is unobtrusive and has little or no impact on the performance of my Mac mini. Because I work with a large number of clients, I can’t always guarantee that they haven’t downloaded an Internet Nasty and I don’t want to catch what they have on their computer.

The choice is yours whether to run antivirus software. The reasons why Macs don’t get many viruses are as much based on luck and market conditions, as they are on inherent security. At the very least, besides a good administrative password, a Mac on the Internet should have a copy of ClamXAV on it that can be run at the first sign of trouble and updated after a suspected outbreak. Furthermore, remember that “social engineering” threats, like phishing emails that attempt to steal your passwords can affect Mac and Windows users equally. Stay on your toes and never respond to unexpected emails that try to scare you into visiting a website that requires your password or other personal information.

AVG Antivirus Update Targets iTunes

AVG

It seems Windows users are not only at risk from software viruses, but also from antivirus software.

Over the weekend antivirus software giant AVG pushed a virus definitions database update to its users that mistakenly identified the library for the Windows version of iTunes as a Trojan and placed its contents in quarantine. AppleInsider reports today that users affected by the blunder lodged complaints on both the Apple (s aapl) Support and AVG Support forums.
The botched update wrongly identified existing iTunes .dll files as infected with the Small.BOG Trojan virus. By placing the files in quarantine, AVG effectively disabled iTunes, preventing it from launching. Read More about AVG Antivirus Update Targets iTunes