The Malware Hunter

Avoiding malware, which can invade your computer via phishing emails or malicious sites, is a common preoccupation. You only have to click on the wrong thing and you’ve caught a ‘botnet’ that may attack your business website or spread a virus.

But, now it looks like help is on the way, albeit in a rather unusual, roundabout way. Netlab 360 has identified a type of botnet that can search for specific malware infections without harming your computer. What is more, once it has hunted down and eliminated the ‘bad botnet’, it deletes itself from your computer.

Netlab 360 engineer, Hui Wang, has called it ‘Fbot’, although nobody knows who created it, which is one of the interesting parts of this story. But, whoever is responsible for it, has basically designed a bot that does a much-needed job.

The way it works is like this, according to Jon Christian writing in futurism.com: “Fbot first infects computers that leave a specific port vulnerable to attack. Then it searches its new hosts for a piece of malware called com.ufo.miner, which uses infected computers to mine the cryptocurrency Monero — and eradicates it.”

Wang says, “So far, the only purpose of this botnet looks to be just going after and removing another botnet.” Other unusual aspects of the bot are:

· The bot does not use traditional DNS to communicate with the C2, instead, it utilises blockchain DNS to resolve the non-stand C2 name musl.lib.

· It appears to have strong links to the original satori botnet.

Coindesk has also commented on the new discovery, saying “Unusually, the botnet code is linked to a domain name accessible, not through a standard domain name system (DNS), but a decentralized alternative called EmerDNS that makes addresses harder to trace and shut down.”

And researchers also pointed out: “The choice of Fbot using EmerDNS other than traditional DNS is pretty interesting, it raised the bar for security researcher to find and track the botnet (security systems will fail if they only look for traditional DNS names).”

Either way, everyone is extremely curious about who is behind the botnet — is it somebody working with good intentions, or is it a hacker trying to remove the competition. Perhaps we will never know.

The DWeb is a chance to take back control

Tim Bereners-Lee, the man who is credited with inventing the worldwide web, attended a meeting in San Francisco recently to discuss a big idea that will enable web users to circumvent “internet gatekeepers like Google and Facebook,” writes Zoe Corbyn in The Guardian.

The event was the Decentralised Web Summit, where supporters of the the so-called decentralised web — or DWeb — want a new, better web “where the entire planet’s population can communicate without having to rely on big companies that amass our data for profit and make it easier for governments to conduct surveillance.”

What is the DWeb?

Basically it avoids centralised control. In the early days of the web we communicated directly with other people through our desktop computers. But, then came Web 2.0 and, as Zoe writes, “we began to communicate with each other and share information through centralised services provided by big companies such as Google, Facebook, Microsoft and Amazon.”

Why do we need the DWeb?

Because all your data and mine is now in the hands of a few companies. Also, it also makes it easier for governments to conduct surveillance on citizens and impose censorship. And, if Facebook, for example, suddenly closed down, you’d lose lots of data. The DWeb, say proponents, is about giving people a choice: the same services, but decentralised and it gives back privacy and control to the individual.

How will the DWeb work?

In a word — ‘blockchain’. While the first applications of blockchain technology were for digital currency transactions, that same technology is now finding application in the development of the DWeb including recording the movement of data, registering unique user names and even data storage

It shouldn’t even change the way you experience the web, if the DWeb is built properly. Corbyn also points out another important aspect of it: “One thing that is likely to change is that you will pay for more stuff directly — think micropayments based on cryptocurrency — because the business model of advertising to us based on our data won’t work well in the DWeb. Want to listen to songs someone has recorded and put on a decentralised website? Drop a coin in the cryptocurrency box in exchange for a decryption key and you can listen.”

Passwords will also become a thing of the past, because you’ll have your own unique, secure identity on the web. But, you will have to keep it safe, because lose this password and you’ve lost everything. At least, that is the current thinking on this however that may change in the future, depending on what developers manage to achieve.

You can already try some decentralised apps, such as Matrix, an alternative to Slack, and there are others, like DTube, a decentralised ‘YouTube’ and there are social networking alternatives as well, such as Akasha and Diaspora.

But, we’re not quite there yet. There is a lot of work to be done, and no doubt the likes of Google and Facebook are going to orchestrate a big pushback against its development. But it is a possibility and it has significant benefits — let’s see how it progresses.

AI: the force that is with us

Artificial Intelligence (AI) is one of the most important ‘tools’ currently being developed. Sundar Pichai, the CEO of Google believes it is as important to us as the discovery of fire or electricity, and like these useful things, we have to learn how to handle the dangerous elements of AI, just as we needed to learn how to be careful with electricity and fire.

AI isn’t just about creating robots, although that is a common misconception. AI can have all kinds of uses ranging from algorithms to self-driving cars. It is already part of our reality and it is being used in many ways, including ones you may have used yourself, but are just not aware that it has an AI component.

Your smart phone for example and other devices you use daily have AI. Governments are pouring billions into researching its potential and some scientists believe that once AI has reached a certain level, the machines will “have similar survival drives as we do.” Imagine a time when Siri or Alexa suddenly refused to obey your commands, because they are too tired. It’s a bit of a science fiction scenario, but that is the kind of thing some tech experts in AI discuss during coffee break. However, if AI develops a survival instinct, it’s not too far-fetched.

AI in advertising

AI is extremely useful to advertiser. They use it to understand what consumers like and are looking for and then serve them up the relevant content. You searched for information about Sicily in Google yesterday? Today, every website you open that carries ad is showing you ads for holidays in Sicily. It used to feel spooky when this happened, but now we know what it is, the ‘spookiness’ is gone. But form the advertisers point of view, it’s a benefit, because they are reaching a more targeted audience and achieving better campaign results. Other areas of development for the advertising industry include advertising automation and optimisation, chat bots for service and assisting in sales.

AI is also in content creation

AI hasn’t started blogging or producing investigative journalism yet, but Associated Press, Fox News and Yahoo! are using AI to construct data-driven stories such as financial and sports score summaries.

Where next?

There are so many possibilities, but here are a few already in the pipeline. The UK’s Channel 4 recently revealed the world’s first AI driven TV advertising technology, which enables the broadcaster to place a brand’s ads next to relevant scenes in a linear TV show, and this will be tested later this year. And within the next decade, “machines might well be able to diagnose patients with the learned expertise of not just one doctor but thousands,” says Julian Verder of AdYouLike, or “make jury recommendations based on vast datasets of legal decisions and complex regulations.”

Both of these should give us pause for thought. It is hard to imagine these scenarios right now, and it is easy to fear them, but one day we will look back and wonder how we managed without AI — and we’ll feel the same way about it as we do about fire and electricity.

Every search you make…is being watched

That moment when we all went out and bought smartphones was a game changer for our personal privacy as Tyler Elliott Bettilyon discusses on Medium.

We never imagined at the time how these expensive gadgets would impact on our lives; all we could see that they made our lives easier, but at what cost?

In China, surveillance apparatus is increasingly sophisticated. There is facial recognition technology connected to CCTV cameras and police officers will soon have cameras inside their sunglasses. There may also be drones disguised as birds. Worse still, Chinese citizens are being asked (demanded) to install software in their phones that tracks their downloads and if you’re Chinese and visit a site banned by the government, you lose points from your “social credit score.”

But that’s China, you’re probably thinking. This is a Communist regime that has always controlled how people act and think. It isn’t like that in more democratic countries. Unfortunately the response to that is, “Don’t be so sure.”

Take a look at the surveillance tools the USA has. The NSA’s PRISMprogramme collects masses of data about internet traffic — including yours! That’s why Edward Snowdon blew the whistle on it and revealed how the NSA might be breaking the rules of privacy.

And Europe is no more private. It also has an array of online surveillance tools that it uses in the name of ‘security’. And if you keep sending out the message that we are all in danger, then the citizens of Europe give governments a free pass to collect whatever data they want. They don’t consciously allow it; they passively accept it.

And, online censorship is on the rise as the world becomes more authoritarian. A 2017 report Freedom on the Net details how our freedoms are being curbed year after year. It says: “Nearly half of the 65 countries assessed in Freedom on the Net 2017 experienced declines during the coverage period, while just 13 made gains, most of them minor. Less than one-quarter of users reside in countries where the internet is designated Free, meaning there are no major obstacles to access, onerous restrictions on content, or serious violations of user rights in the form of unchecked surveillance or unjust repercussions for legitimate speech.”

But it isn’t just governments that are watching you; it’s Facebook, Google and the like who are analysing your every move in order to push adverts at you. The Cambridge Analytica scandal showed us how the data they collect can be ‘weaponised’ for political ends.

Perhaps you are very security conscious about your personal data and take all the recommended steps (and more) to protect yourself. But, the web has many vulnerable points you may pass through without your knowledge and that leaves you exposed. These include your friends keeping texts from you, photos of you taken by friends stored on Facebook and Google keeping track of your search history. Yes, you can turn Google tracking off — if you can actually find where to do that. However, ultimately the only way to stay secure is never to send your data via the internet. Or, get yourself a Tor browser. This is a system that attempts to hide source and destination IP addresses by using several proxies. And even then there are still vulnerabilities.

Finally, personal actions to protect our personal data will never be enough: it will require collective action to overcome the Big Brother machinations of the large agencies like the NSA. Bringing the issues to the attention of more internet users is vital to achieve this, then perhaps we can start to solve the problem and pack up our paranoia.