Proxies pose a problem for kids

computer_networkI was approached by BBC Radio 1 about a piece they were pulling together on proxy servers. The angle they were exploring was that proxies were being used by kids, to defeat, the blocking filters used by their Schools. The link to the story can be found here.

It is an interesting subject. Undoubtedly, kids are using proxies as a way to get to web sites that are being blocked by their Schools. It really is a game of cat-and-mouse, with the Schools struggling to keep pace with the proxies and trying to black-list them. I think it an almost impossible task and it requires a different approach. I think there is a role for a better dialogue with the kids, in School, to better understand the sites that they really want to access. The School needs to take a view as to the educational or social worth of the sites requested. Having that dialogue, being seen to allow sites on the basis of merit, would then act as positive statement to all.

What the BBC Radio 1 piece also brings to the fore is that, the kids, are blissfully unaware that they can be putting themselves and the School in harm’s way. Many of these proxies sites are harbouring malware or potentially unwanted applications. In using the proxy, they are not aware that other things can be happening in the background. The proxy site could be a staging post for a key-logger, that could then provide details of the passwords and logins to stuff that kids care about: social networking sites and gaming sites (with their associated credentials etc). Once the kids were made aware of this, then their attitude to freely using proxies changes.

December 22, 2009 | Filed Under Security | Leave a Comment 

A gathering storm in the clouds?

This past week saw news that the ‘Cloud’ had fallen victim to the bot-herders. Use this link to see the coverage of it on CNET.  Security researchers found that a variant of the infamous password stealing Zeus Trojan had found its way onto a server, hosted on Amazon’s Elastic Computing Cloud (EC2) and they had used as their command and control point.

This news, I am sure, helped provoke a severe case of ‘I told you so’ from the cloud ‘nay-sayers’. However, whether the server site was in the cloud, or on plain boring terra firma, the cause of the hack, was not something new or revelatory. It was in all probability, something more prosaic. A hole in a particular application may have opened the door, or other instances of Zeus could have captured log-in credentials, which were then used to access the necessary services hosted on EC2.

It requires site owners to ensure that they lock-down access to the server and that they update and patch the software used to mitigate any vulnerabilities. The rush to cloud based services and infrastructure is gathering pace. What this incident should remind us is that the same rules, controls and requirements need to be applied to sites hosted in the cloud, as anywhere else.

December 14, 2009 | Filed Under Security, Technology | Leave a Comment 

UK Council for Child Internet Safety

When talking about Norton to people, I outline to them that or job, or mission, or whatever you want to call it, has changed significantly. Most people understand us as being the company that helps protect your PC and stops all those ‘viruses and stuff’ messing with them. I explain that we still do that, but really the focus is now how we can also protect your identity that resides with the PC. However, it is actually even bigger than that. For those of you who are parents, we have to protect everyone in your family who has access to and uses the internet.

Symantec sits on two of the working groups within the Council for Child Internet Safety and was delighted to attend the summit where Gordon Brown MP, Ed Balls MP and child psychologist Professor Tanya Byron officially launched the new internet safety campaign, Click Clever, Click Safe, and the accompanying internet safety code “Zip It, Block It, Flag It”.

We really like the campaign and are looking forward to the launch in February next year –it’s particularly good for us to see as we’ve been involved with the UK Council since before it was even formed, even consulting with Professor Byron as she was researching her report for the government.

It’s part of our remit as an internet security company to keep families and children safe online so we’ll be working with the council to help them promote the code when the campaign launches next year.

December 12, 2009 | Filed Under Family Online Safety, Security, Uncategorized | Leave a Comment