By Jeff Horne
On December 11, 2009, users of Twitter submitted questions to Webroot’s Director of Threat Research, Jeff Horne, as part of a live Q&A session. Webroot’s Twitter followers asked questions about connecting safely to the Internet while traveling during the holidays. A variety of questions came in live, with some others through direct messages in advance, and one non-twitter user asked a question via Webroot’s Facebook page. The interview was tracked using the #webroot hashtag, which has been omitted from the tweets to make them easier to read. We’ve posted a transcript of the Q&A on the following page.
webroot: Twitterview starting now! We’ll start with some of the Questions that were sent to us earlier.
(direct message): Question 1: Is connecting from the airport’s wifi while waiting for my flight going to infect my computer?
webroot: A: Make sure the ntwk has encryption WEP/WPA & dont connect 2 an Ad-Hoc network. When searching 4 wifi look 4 the encryption icon
(direct message) Q: How do you propose to spread the knowledge to every home user about roguewares and, how legit they might look?
webroot: A: An increased initiative on R Webroot Threat Blog. We chronicle the latest rogueware & threats we find.
MillerMosaicLLC: @webroot How do you know if the network has encryption WEP/WPA ?
webroot: A: In windows, in mange wireless ntrks, the security tab will list wht type of encryption the ntwrk is using @MillerMosaicLLC
webroot: A: Here’s an image of what 2 look 4 when U R in the manage networks screen @MillerMosaicLLC
(direct message): Question: What is your opinion of how 3DSecure / verified by visa impacts security for users, merchants, banks and CC companies?
webroot: A: Holding companies liable & any sort of extended validation is going 2 help the consumer as well as assuring merchant trust
cyberdad: Rogue antispyware r a still a real problem, unless there is a builtin mech 2 prevent them they remain a threat – do u 4c implmntng?
cyberdad: @webroot is conducting an online Q & A right now participate by searching 4or adding the tag to a question
webroot: A: Extending heuristic detection of rougeware is a solution. Utilizing Windows security controls provides an addt’l tool @cyberdad
(direct message): Q: What according to you would be the future of Anti-analysis and anti-debugging techniques?
webroot: A: I C the future of debugging malware coming from extending automated assembly differential analysis & scriptable prgrm emulation.
XPOBob: Can I get a virus from “safe” sites like CNN, Amazon or ESPN?
webroot: A: Its always a possibility but unlikely given the addt’l security on these “safe” sites. Even more unlikely w/ updated AV @XPOBob
webroot: Great questions so far. I’m going to try and answer a few more before the hours up.
(direct message): Q: I have an open wireless network at home what is my risk?
webroot: A: Open wireless networks leave U vulnerable 2 unauthorized access, privacy & information stealing such as logins & passwords.
(direct message): Q: I usually use my sister’s PC when visiting and its always very slow. Is there a chance its infected with a virus?
webroot: A: Anytime U R using a machine w/out or w/ outdated AV security software U R at adt’l risk. U shld always scan a cmputr B4 using it
webroot: A: If there’s no AV software on your sis’s computer you can scan it for free w/ our free scanner.
(from Facebook): Last Question: Do I need this software if I’m using a Apple IMac? Or do they have there own software that I get updates on?
webroot: A: Yes. Due to the weaknesses in OSX’s ASLR implementation & Macs continued market penetration I forsee Mac malware on the rise