Whatis.com Solutions Directory

An independent variable is a variable that is manipulated to determine the value of a dependent variables. The dependent variable is what is being measured in an experiment or evaluated in a mathematical equation and the independent variables are the inputs to that measurement.

In a simple mathematical equation, for example:

a = b/c the independent variables, b and c, determine the value of a.

Here's a simple example:
A teacher wishes to compare the number of tardy students wearing black with the number of tardy students wearing pink. In this scenario, clothing color is the independent variable and the... More...

HP acquires automation vendor Stratavia
Hewlett-Packard's move to buy Denver-based automation vendor Stratavia aims... More...

For many IT shops, the release of a first service pack is the traditional green light for adopting a major release of a new... More...

You've done some interesting research on botnet operators and how their business works. Have you found middle-men involved?

Yes. The guarantor plays an interesting role. It's quite important to the whole botnet ecosystem and probably the ecosystems of any underground markets. If you can imagine a simple deal between two bad guys -- one has created the malware and another one owns the botnet and needs this malware. They want to make a deal, but these guys can't trust anybody when they're working for the dark side. They can't trust each other in this ecosystem. This is why this role [guarantor] appears. Both sides trust this middle-man, and then they can make a deal. Guarantors are usually respected people from hacker forums who have been there for ages. They're usually moderating hacker forums and are not going to disappear, so they are more or less reliable from the point of view of the criminals. At the same time, they don't do any illegal activities. They don't develop malware or own the botnet. All they do is verify what the seller is offering and what the buyer wants to buy.
Are these guarantors in a grey-space where they aren't doing anything that law enforcement can take action on?

That's correct. They feel safe doing what they do. These guys are playing one of the key roles in the whole ecosystem because if there were no middle-men, maybe there would be fewer deals because it's hard for the bad guys to trust each other. Right in the middle there is a botnet owner who buys malware, exploit keys or any kind of software keys from the producers through the guarantor. Then the guarantor is used again in deals between the botnet owner and the consumer of the services of the botnet. Those are spammers, people who want to conduct a distributed denial-of-service attack (DDoS) on some resource or any kind of other clients who are interested in using the botnet.
The latest Verizon Business Data Breach Report found the market is saturated for credit card numbers, causing the prices of that data to decline on the black market. Does that price fluctuation make this kind of guarantor business arrangement change over time?

No. It's just the normal flow of the market. The saturation of the market causing cheap credit card data is the result of having a really big number of credit cards stolen. The process is really easy with different automated tools developed and shared for free on the Internet. For example, the Metasploit framework is used to create malware quickly and efficiently. All of these helping technologies and frameworks are making it much easier for the bad guys to steal tons of credit card numbers. The more offers out there for stolen credit cards, the cheaper the price is.
One early prediction by Kaspersky for 2010 was that semi-legal grey market programs will be run by botnet owners. Is your research an indication that this is now true?

Actually there is an area in the dark side which is called "greyware". It's software which cannot be directly called malicious. But it was developed with an intent to do something malicious. At the same time it doesn't make any unauthorized access. A good example of "greyware" is remote administration software. It's software that can be utilized by a network administrator to control their networks and their workstations remotely and do administrative tasks. This same software can be installed and hidden from the user and utilized by the bad guys to steal information from remote workstations. This approach is migrating to other areas so the bad guys are trying to make their activities and services look more legitimate.
A hacker gave up his identity to Kaspersky to get payment for a service he created to trick malware researchers. Can you talk about what took place?

This case is not closed yet and is currently being dealt with in our legal department so I cannot share many details about it. There was an Austrian guy who developed a service called AV Tracker. The basic idea behind the service is to create malware -- special spyware -- that would be sent to the antivirus vendor laboratories to gain information. Using the stolen AV vendor data, the bad guy can track the IP addresses on the Internet where the malware was executed and he can be sure that the IP addresses that he sees belong to security companies. Then he offers an open source software module that anybody can use to make sure that any malware running at a security company will not behave as it would on the real home-user machine. That development was assisting the bad guys to make sure the malware would behave differently in our labs and we would have poor detection capabilities. We think the service was developed with malicious intent from the beginning. It seems the law is not restricting these things at the moment, but such services do not help the security community and the normal home user. It seems to be malicious.
Security researchers who develop signatures to detect malware and other insidious software are finding themselves increasingly under attack, according to Vitaly Kamluk, Kaspersky Lab's chief security expert based in Japan. Kaspersky is currently in a legal battle against a former Austrian security researcher who designed a program that can track the IP addresses of antivirus vendor malware analysis sites and ultimately make malware work differently on those security researcher systems, weakening antivirus detection. Kamluk said similar attempts to undermine signature writers and the increasing use of "greyware," software that isn't malicious, but can be used by criminals to carry out an attack, are causing problems for the security community. In this interview, Kamluk talks about the ongoing legal battle and his recent research on how botnet operators sell their services using a technique that dodges law enforcement. More...

Is embracing Microsoft's software development lifecycle processes relatively new for Adobe?

Not really. Microsoft's SDL is something they have been working on for 10 years or so. The Adobe secure product lifecycle (SPLC) has its roots in the Macromedia work that was started in January 2004. So they had somewhat of a head start. Anytime Microsoft makes documents and resources available, we always look at them with great interest, and anytime there's a great idea, we'll adopt that and put it into the way we do things.
How do you expect bug hunters to disclose bugs? What is Adobe's responsible disclosure policy?

Any time a researcher identifies a vulnerability in an Adobe product, we're thrilled to hear that research. You can contact us through psirt@adobe.com. We triage through that email list for anything that has any chance of having technical merit, and we try to initiate contact with the person who reported it to us. If we get the same results that the researcher saw, we work with our product team. The product team works on creating the patches, doing the testing to make sure the patches fix the vulnerability, and then the end result is eventually a security update that will ship. There is a small group of researchers that we have very sensitive relationships with and work with a lot, and then there's always someone who we may not have worked with before, but we may know them in the security community. Our goal is to always make sure to communicate how appreciative we are when they take the time to share this information with us, and we do everything we can to keep them up to date with what's happening.
Why not pay researchers for the bugs they find?

We spend a lot of money on external researchers helping us to improve our software. Rather than some type of bug bounty, what we've chosen to do is to look at a potential consulting engagement if someone comes forward with an idea to make our software security better. The effectiveness of the experience and skills that the researcher brings is so much higher when they are able to access the engineers who are directly working on the product and all the internal documents to help them do a full white box assessment. It's much harder to do that externally. Things are changing fast in the industry, though, so we're always paying attention to see if these other approaches [such as bug bounties] may work in our environment.
Since Adobe has gone to a quarterly patch cycle for Reader and Acrobat, you've had some out-of-band updates. Is that because those applications are targeted so much?

The quarterly updates are for things where there's no urgent need to get it out any sooner. We have to balance getting protections out as soon as we can to customers with the cost of disruption to the workflows of deploying a patch. No matter how hard we work to make it an effortless process, anything multiplied by hundreds of millions of machines is going to be really expensive. This is a really tough balance for us, because we can ship a lot of patches, which will help people defend against the latest things that have been reported, but at the same time, there is a great expense in keeping those machines up to date.
Talk about sandboxing and why it is needed.

When we looked at Reader and all the different ideas to make Reader more secure against this new type of threat we're seeing, we had to balance all of these ideas against the fact that there's hundreds of millions of people that use Reader in a particular way today. They don't want to have to change. So how can we make them safer and not change how they interact with the product? Sandboxing is one of the things that made it through the initial process. We've made a big investment to implement this. We started with this in the summer of 2009, and then we made the announcement that we are going to put sandboxing in the next major version of Adobe Reader. The first release is going to be write-only. The sandbox will run Reader in a low-rights process. If an attacker found a vulnerability that today might allow him or her to take over a computer, in the future he or she would be stuck in the sandbox.
You're addressing Reader and Acrobat, what can you do to address Flash issues?

Flash Player is installed on a lot of machines. For a couple of years now, Flash Player has opted into Internet Explorer protected mode if you are running IE7, IE8 or later, and using Windows Vista or later. Similar to what we did for Reader, Flash Player runs in low-rights and uses a broker process if you need to do something requiring higher rights. We have a lot of other things that we're working on with Flash Player as well. In the 10.1 version that just shipped, Flash Player now hooks into the privacy mode settings for the browser. If you are doing incognito mode or privacy mode, Flash Player is able to tap into that and respect those settings.
One of the announcements at Black Hat is that Adobe is joining the Microsoft Active Protections Program. Why join the program, and what does it mean for the security vendors in the program?

We've been looking for ways to get this actionable, detailed technical information out to the security vendors, so they can protect our mutual customers against these types of attacks that were possible. The feedback that we got was that the MAPP was the right way to do it. Rather than reinventing the wheel, we're working together with Microsoft so that product security information is going to get through to the participants in the MAPP program. There are 65 participants. Adobe is not becoming the 66th, but rather the second software maker that is sharing product vulnerability information.
LAS VEGAS -- Brad Arkin and Adobe Systems Inc. have had to endure a lot of ribbing at Black Hat 2010. Arkin, senior director of product security and privacy at Adobe, attended the Adobe Hater's Ball on Wednesday. The event, hosted by security vendor SourceFire Inc., was attended by security researchers who think Adobe is not doing a good job protecting its applications. But Arkin is going on the offensive, trying to make the company's security processes more transparent. At the conference, Adobe announced that it would join Microsoft's Active Protections Program, giving out early vulnerability data so security vendors can produce signatures to block attacks against flaws discovered in Adobe Reader, Acrobat and Adobe Flash. In this interview, Arkin explains Adobe vulnerability management and security strategies moving forward. More...

Smart grid is a generic label for the application of computer intelligence and networking to dumb electricity transmission and distribution systems. Smart grid initiatives seek to improve operations maintenance and planning through automation and by making sure that each component of the grid can both talk and listen.?

The United Stated Department of Energy proposes that four types of well-defined open standards will drive the advancement of smart grid technology:

? Integrated communications?

? Sensing and measurement technologies?

? Automated controls for distribution and repairs

? Improved management dashboards and decision support software

Learn more:

The Smart Grid: An Introduction?is a publication sponsored by United States Department of Energy s Office of Electricity Delivery and Energy Reliability.

The National Institute of Standards and Technology (NIST) is working to define a framework of standards for smart grid technology.

The economic stimulus package signed by President Obama in February contains $11 billion for smart grid technology.

Smart grid is a generic label for the application of computer intelligence and networking to dumb electricity transmission and distribution systems. More...

A keyboard wedge can be either a software program or an inserted hardware device that translates digital signals from a barcode reader or magnetic strip reader (MSR) into keyboard strokes for a computer. The software form of a keyboard wedge intercepts the dignal signals from the reader when they arrive at the computer and instantly translates them into keyboard strokes. The hardware form of a keyboard wedge inserts the translation device between the reader and the keyboard. Data sent through a wedge appears as if it was typed into the computer, while the keyboard itself remains fully functional. Because a computer using a keyboard wedge can't tell the difference between data that is entered by a scanning device, or data that is entered by keyboard typing, a wedge can be used to easily add barcode reading capability to an existing computer without modifying software applications. More...

Previous articles in this series on IPsec VPN configuration using Cisco routers covered building a VPN gateway and... More...