Ahearn helps find people for a living. He says he helps them vanish, too.  He says he helped identify Monica Lewinsky as the intern dallying with President Bill Clinton. And he says he helped locate  — and hide from a sure-fire media circus — the  hotel clerk who was on the receiving end of a Russel Crowe tantrum.

And now Ahearn has written a book about disappearing. Interestingly, Ahearn’s treatise  contains some valuable tips you can use to reclaim some of the privacy you’ve relinquished, knowingly or not,  by using Google, Facebook, Yahoo and most other popular Internet-enabled services.

Ahearn’s book, with co-author Eileen C. Horan, is titled “How To Disappear: Erase Your Digital Footprint, Leave False Trails, And Vanish Without A Trace.” LastWatchdog interviewed him this week:

LW: Was there a specific incident or event that compelled you to write this book?

Ahearn: I was getting a tremendous amount of emails (about this topic) and was considering shutting down my website. However, my partner Eileen suggested we write a book. I was hesitant and did not want write a how-to book. After thinking hard on it, I decided to move forward as long as I could be honest about my personal philosophy.

LW: Can you succinctly state why a book like this ought to resonate in the digital age we live in?

Ahearn: I do not think people really think about where their information ends up. There seems to be a trend to hate the identity thieves since they steal our information. However, we are being tuned to love companies who give us ten percent off and track our purchases. We are also being tuned to love social media and guided to put our information online never knowing where it will end up, or even knowing if it will ever disappear.

LW: Google CEO Eric Schmidt has said that you should not go online if you have anything to hide. What do you think about that?

Ahearn: I think Schmidt needs to think before he speaks. He is a profiteer, raking in millions and providing the gateway to peoples information. We all have something to hide, be it that stupid drunk photo from the office Christmas party, the DUI, the foreclosed home; we have all made mistakes.

LW: Schmidt, too, do you suppose?

Ahearn: It would be interesting if Schmidt’s skeletons leaked. Would Goggle censor it? What he says makes no sense since most information online is put up by others. He also made some absurd statement about how people will be able to get new identities in the future because of past internet indiscretions.

LW: Facebook CEO Mark Zuckerberg claims the age of privacy is over. What do you think about that?

Ahearn: It’s not over. We need to rethink what privacy actually is in the digital age. We need to be more aware of our surroundings and accept the fact that if we do something stupid in public it can be on YouTube in five minutes and viewed by the world. However, I think this will make us realize that true privacy is something one defines themselves; it should not be defined by a law or by technology.

LW: If privacy-minded citizens follow your guidance, can they effectively mitigate the privacy-eroding mechanisms used by Google, Facebook and others?

Ahearn: That’s a tough question since technology constantly changes. However, I think reading the book offers insight from the perspective of a social engineer and develops a new sense of awareness in the reader. That awareness will deliver tools that one could use in many situations, be it digital or personal.

LW: Will privacy-minded individuals still be able to use the beneficial aspects of the Internet?

Ahearn: Yes, they can use those aspects of the Internet. But they should really begin to question if various forms of social media are truly that important.

By Byron Acohido

By Fran Maier

In the past few years the Internet has spread beyond the desktop to phones, cars, cameras, utility meters, even home appliances, or what I refer to as “The Internet of Things.”

A personal story of mine is instructive: while in Germany earlier this year my brand new digital camera went missing. A month later the camera began wirelessly uploading photos to my  Eye-Fi account.

The photos came from an unsuspecting German family who had used my camera without realizing I had previously synced it to upload photos to Eye-Fi. Moreover, the photos were embedded with geo-tags, so I could identify with GPS-precision where this German family had taken the photos.

In this new world of the Internet of Things, a family photo can be much more than that. It may be a sensitive piece of personal data inadvertently shared with a stranger because of insufficient privacy safeguards.

An auto-loaded, geo-tagged photo shows who had Maier's camera

Connecting our everyday devices to the Internet promises greater efficiencies, lower costs and bigger tech profits. Yet, consumer privacy is potentially at stake as the scope of this ecosystem grows. Without a sound privacy framework, sensitive consumer information collected and processed by these Internet-enabled things can put consumers’ reputation and safety at risk.

An individual’s real-time location — collected by a GPS-enabled car or camera for example — could be dangerous information in the hands of someone who wishes to do the individual harm. Data relating to an individual’s electricity consumption could result in a bombardment of advertisements from an overzealous marketer.

Privacy is poised to become even more important as the “Internet of Things” grows and data about the more traditionally “private” part of our lives becomes part of shared or public domains.

Consumers care about privacy. A recent study found that 57 percent of adult Internet users check their reputation on search engines and another study found that 86 percent of adults believe third parties should get permission before uploading photos or videos of them online.

Maintaining privacy in an increasingly public world is possible. Designers and suppliers of these new devices and services must incorporate transparency, accountability and choice into their products.

Transparency means letting consumers know what’s going on behind the scenes with their information. Accountability means being responsible in the event of misuse or compromise. Choice means giving individuals meaningful and timely decisions to make about how their personal information is used.

Implementation of these three principles will require tailoring according to the individual device and its capabilities. The power of these principles will only grow as more and more devices become connected to the Internet.

Michael Sutton, Vice President of Security Research at Zscaler Labs, outlines in this blog post how a feature, called WebScan, that’s enabled by default on countless HP all-in-one printers, can be activated remotely to transmit copies of a scanned document over the Internet. Since Sutton’s blog description is rather technical, LastWatchdog interviewed him to get the full context. understanding:

Sutton

LW: Can you clarify how a bad guy might take advantage of this remote scanning capability?

Sutton: A rogue employee could identify the existence of HP scanners on his company’s network. Using the WebScan functionality, he could write a script to regularly run the scanner remotely, retrieving an image of anything that has been left on the scanner.

LW: So this type of attack will only get a copy of something that happens to be left on the scanner after a scan. Don’t most people scan, then take their docs with them?

Sutton: In general, the attack would require that a document be left on the scanner. The hacker would most likely create a script that runs the scanner say every five minutes, and thus catch anything that may have been left on the scanner.

LW: Why did HP include the WebScan functionality if it’s so easy to exploit.

Sutton: To be perfectly honest, I see the WebScan functionality as more of a marketing gimmick. While WebScan does provide a convenient means of obtaining a digital copy of a scanned document, this same goal could certainly be accomplished without exposing the scanner to anyone in the office.

LW: Do you have an estimate for how many HP all-in-one printers with this weakness are out in the field?

Sutton: As far as I know, most all-in-one HP Photosmart and Officejet printers sold in the last several years have some variant of the WebScan functionality. Given that fact, there are quite likely millions of devices deployed throughout enterprises that have a remote scanning capability exposed.

TL: Is this a problem with other brands of printer/scanners?

Sutton: At this point, I have only researched HP scanners.

LW: What’s the systemic security weakness?

Sutton: The weakness exists because remote scanning is embedded in HP scanners and the functionality is turned on by default, without any security in place. What’s more concerning is the fact that most companies likely have no idea that the WebScan feature even exists, much less that it is not secured.

LW: How might this be resolved?

Sutton: It would be very simple for HP to address this for new scanners – the WebScan functionality should be disabled by default or at a minimum force an administrative password to be applied before it becomes functional. Unfortunately, that will do little to assist the millions of owners that have already deployed an HP scanner which is remotely accessible.

By Byron Acohido

Consider that  iTune hijackers and online banking cyberrobbers both rely on a ready supply of illicitly-obtained usernames and passwords to log into your various Internet accounts.

They typically obtain your account credentials from phishers, who direct you to faked web sites, where they  dupe you into typing your account logons; or from data thieves, who infest the web with tainted web links, spring-loaded to install keystroke loggers and other malicious programs on your harddrive.

Traditional antivirus protection works by watching for and blocking known phishing websites and malicious downloads. But the bad guys slightly alter their attacks moment- to-moment, invariably staying a step ahead.

Novel approach: consumer-focused IDS

CEO Gassewitz

Now along comes Kindsight with a novel new approach — monitoring the traffic emanating from your machine for any signs of infection. More on this shortly.

Kindsight is a distinctive security startup. It’s funding and founding executives come from telecom equipment maker Alcatel-Lucent, home of the renowned Bell Labs.

Since 2008, Kindsight has been working feverishly to develop an Intrusion Detection System service for consumers. IDS has been around for about a decade, used mostly by banks and government agencies to detect and block malicious Internet traffic hitting their networks. Back in 2004, I wrote this story about a smaller ISP, Cable Bahamas, that took a progressive approach by setting up an IDS system earmarked to protect it’s home subscribers.

Back then, TippingPoint, and other heavyweight IDS suppliers projected a huge future in getting ISPs to fold IDS into their consumer services. But it never happened.

Since then, the threat landscape certainly has intensified –  to the point where Kindsight’s  new approach has compelling merit. Consumers and small business owners finally are beginning to gain a deeper appreciation about how risky the Internet has become.

Consumer consternation rising

Kindsight recently surveyed 1,200 consumers, aged 18 to 55, and found  81 percent of respondents had experienced a computer infections, including  29 percent having been infected by a virus in the last three months. Only 59 percent of respondents  updated their antivirus software and only 53 percent enabled a firewall on their home router and/or computers.

Additional survey findings:

• 34 percent identified a phishing attack intended to steal personal information as one of their top two concerns
• 29 percent identified Trojan viruses that hijack their computers for the distribution of spam, infections, or child pornography to other computers and users as one of their top two concerns
• 25 percent were concerned with having their computer’s performance compromised by viruses
• 14 percent were concerned about viruses corrupting their personal photos, videos and other memories

“The results of our survey shed light on the public’s concerns toward ID theft and online protection,” says Kindsight CEO Mike  Gassewitz. “In recent years, online hackers have advanced to a new class of sophisticated cyber criminals. Methodical in planning their attacks to make them more lucrative, these criminals are skilled at identifying potential security holes in a consumer’s home network.”

PC smoke detector

Kindsight wants to deliver IDS technology to consumers — and flip it around so that it detects any malicious traffic emitting from a consumer’s infected PC. That’s a sure sign that your PC is a bot, controlled by an intruder who’s stealing your data, hacking into your accounts and using your PC to spread more attacks.

“We’re like a smoke detector,” says Gassewitz. “When we see something, we’ll trigger an alert and remediate.”

Kindsight is working with major ISPs to deliver this service at nominal cost to consumers. The technology would run as part of the ISP’s infracture, so there’s no need to install a performance-zapping client on the consumer’s PC.

Upon detecting a PC reaching out to a known phishing web site, or communicating with a known botnet command-and-control server, Kindsight issues an alert to the consumer. This is accomplished  via an interstitial browser page — if the ISP has that capability — or via a phone text message.

The user would then navigate to his or her Kindsight account in the Internet cloud and run a clean up tool.

Advertising-supported protection

Subscribers would pay around $4 a month. Alternatively, they could get the service free, if they agree to let Kindsight do some limited tracking of their web habits in support of a separate behavior-targeting advertising service.

Users of the free, ad-supported service probably wouldn’t notice much, says Gassewitz. Display ads customized to their profile would simply appear the next time they surf to a major portal or media site that has a business relationship with Kindsight.

“Generally speaking, the concept is similar to Google tracking what you do online,” says Gassewitz. “From a privacy perspective, we’ve set a much higher standard than Google. First, we get your consent to do the monitoring. And we make it abundantly clear specifically what you’re signing up for. It’s completely opt-in.”

Gassewitz concedes that it will be a challenge to convey the power of this new approach both to ISPs, not to mention consumers. He says Alcatel-Lucent has been very supportive — and patient. “They see the opportunity and they understand that the adaption cycle for a new type of service requires patience and stamina,” Gassewitz says.

By Byron Acohido

At issue is iTunes, the payment hub for Apple’s online sales of music, video and apps for iPods, iPhones and iPads. Turns out that hijacking an iTunes account is very straight forward. For at least the past year, iTunes hijackers have been buying stolen usernames and passwords from phishers and data thieves.

They then log on, test a few $1 purchases, and, if they clear, move on to larger transactions.  They most often purchase iTunes gift card codes, usually in $50 to $200 amounts, says Kurt Baumgartner, Senior Security Researcher, Kaspersky Lab.

They then sell the iTunes gift cards codes — which can be used like cash to buy music and videos directly from Apple — at a steep discount. Discounted iTunes gift cards are openly sold onlinie.

Updated gift card scam

These  iTunes gift card scams mirror the analogue gift-card scam made infamous by Miamians Albert Gonzalez and Irving Escobar, bit players in the TJX/Wal-Mart capers. Gonzalez, you may recall, was a key operative in the ring that hacked retail giant TJX and stole 94 million credit card transaction records. (Initially reported as only 45.7 million.)

The stolen credit card numbers were transferred to the magnetic strips on the backs of batches of counterfeit Visa cards. The faked credit cards were then distributed to street toughs, like Escobar, who used them to buy $400 Wal-Mart gift cards, en masse.

iTunes hijackers can bypass several of those steps, thanks to the way Apple has integrated gift cards into iTunes. They simply log on, buy gift-card “codes” using the default payment mechanism, then put the freshly purchased gift-card codes up for sale online.

They’ve also begun experimenting with using hijacked accounts to purchase large quantities of $5 apps sold by co-conspirators who set up and run “app farms.” Keep in mind these app farms sell  iPhone and iPad  applications approved for sale by Apple, which tightly controls such things, and profits from all sales.

Jobs’ boast spells opportunity

“The marketplace for these scams is fairly well developed – it seems that there are multiple levels of specialists at work within each scam,” says Baumgartner. “For example, most of the discounted gift cards seem to be sold by individuals that are buying them from suppliers, the same goes for the app farm scams.”

Illicit iTunes transactions accelerated this summer after Apple CEO Steve Jobs boasted at a June developers’ conference that  iTunes supports 150 million users.

“Of that number we can assume a majority have a credit card or PayPal account set up with it,” says Baumgartner. “Yes, the underground find these numbers impressive and an opportunity.”

Some iTunes users are becoming fed up. Jeremy Schwartz, a 24-year-old tech contractor from Maumee, Ohio, recently had to scramble to get his bank to reimburse $87.

Easy pickings

An intruder logged into Schwartz’s  iTunes account and used his debit card account number, stored by Apple, to buy an iTunes gift card and other items. Schwartz promptly shut down the account. He also launched this Facebook discussion page where a couple of hundred other  angry iTunes hijack victims have been venting their ire.

One recent Facebook wall poster reports that a hijacker got into his iTunes account  last Friday and made 27 purchases of $160.86, each of the same product, totaling  $4,343.22. “May I suggest that Apple take some responsibility and be proactive in helping the customer with unauthorized purchases,” writes the poster. “Better yet would be some sort of fraud monitoring that flags suspicious activity such as this.”

Schwartz is miffed, as well. “I refuse to buy from a company that can’t even admit there’s a problem when the problem is pretty big and it’s been going on for quite some time, from what I can gather,” Schwartz told LastWatchdog. “If I were to buy any of their products, and that’s a big if now, I’ll probably be getting it from a local Best Buy or some other store. I certainly wouldn’t put my debit card info on their site again.”

Tried-and-true scams

iTunes hijackers are doing nothing more than adapting variants of scams that work well broadly across the Internet, and fine-tuning them to exploit weaknesses in the iTunes set-up. Obtaining logons is a cinch. Ready sources include e-mail phishers expert at tricking you into typing your credentials at spoofed web sites, and malware specialists who spread computer infections via tainted web links.

Bad URLs have come to infest the Internet. Click on one and you risk losing  control of your PC to botnet command-and-control operator. The attacker will routinely install a keystroke logger that captures your usernames and passwords as you type them.

iTunes accounts evidently are set up so that once a hijacker logs in, it’s a simple matter to make purchases with whatever  credit or debit card, checking account, or PayPal account happens to be set-up as the default payment mechanism.

“When you have a consolidation of personally identifiable information and financial information it is very attractive to cybercriminals,” says says Randy Abrams, education director for antivirus firm ESET. ” The most secure option is to do things the old fashioned way and provide billing details for each purchase, and demand that companies not keep your billing information online.”

Deflecting responsibility

Schwartz is lucky; he got his $87 back from Huntington Bank. Many others haven’t been as fortunate.

LaToya Irby, a credit management expert at About.com, says a common complaint among iTunes hijack victims is that financial institutions and Apple often both deny responsibility, leaving the consumer to eat the loss.

Lately, banks and PayPal have been more receptive to reimbursing victims, says Irby. For its part, Apple has consistently declined to reimburse anybody. The lion’s share of the more than 100 commenters to Irby’s July 2 post on this topic complained about Apple’s refusal to assist hijack victims.

“I think Apple should really be more willing to work with their users to refund those charges,” says Irby.

Apple earlier this week issued a statement to allthingsd.com suggesting that consumers rightly bear the burden for protecting their financial data:

ITunes is always working to prevent fraud and enhance password security for all of our users. But if your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and/or issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately.

Consumers obviously should keep antivirus protection and all software updates current, change passwords often, avoid disclosing personal information and surf the web judiciously. See LastWatchdog’s recent story about new tools designed to help consumers do this.

“Ultimately, it is up to the users to safeguard themselves,” says Sean-Paul Correll, threat researcher at Panda Labs. Apple, he says, could stand to advance to better fraud detection technology, more like what banks use.

“Apple could alleviate the situation by implementing fraudulent activity checking mechanisms, similar to what most banks use to detect unauthorized activity,” opines Correll.

Kaspersky’s Baumgarnter says he understands — but doesn’t necessarily agree with — Apple’s lack of transparency and lack of compassion for iTune customers –  on this issue:

Apple’s denial of the existence of malware for their platform didn’t do their customers any favors, so there seems to be a history of this hardball approach. It also seems to be a result of their customer support business model and the outsourcing that they do. It also is similar to the way the banks originally dealt with effective phishing and MiTM attacks and other fraud. Pushing all of the burden for the various scams fully onto their customers while blocking any transparency into the issues may be common operating procedure for Apple, and is unfortunate for everyone involved. For the victims, the complete uncertainty of what happened to them, how or why, can be very stressful to deal with.

By Byron Acohido

By Tim Harvey

A need for renewed focus on risk management and compliance in business is one with which few would disagree. But putting that focus into action is creating a tremendous hidden cost that will affect nearly every company in the United States as we exit the Great Recession. A crushing burden of new regulations is creating compliance and cost challenges from Wall Street’s behemoths to Main Street’s entrepreneurs.

According to AMR Research, governance, risk and compliance spending will reach $29.8 billion this year alone, and that’s only going to increase. Much of that money will be spent on information security: programs and systems for monitoring and protecting corporate and customer data.

Several compliance regulations, such as GLBA (Gramm-Leach-Bliley Act) for financial services companies and HIPAA (Healthcare Information Portability and Accountability Act) for healthcare and medical organizations, have been in place for over a decade. But in the last several years there has been a flurry of requirements that impact nearly every company in the U.S.

New compliance regimes

There are also relatively new regimes, many driven by technology’s rapidly growing influence on customer transactions. Compliance with the PCI-DSS (the Payment Card Industry Data Security Standard) is required for any company that accepts credit cards. Data breach disclosure and notification laws now exist in 46 states with new national legislation being proposed within the senate this month which includes requirements for comprehensive information security programs.

The Red Flags Rule, introduced in 2008, is designed to curb the explosion of identity theft but is not even being enforced yet as Congress redefines the broad scope of businesses that must comply. And lest a company consider any shortcuts, FRCP (Federal Rules of Civil Procedure) has been updated with requirements that impact all businesses in the U.S.

Of course, this already-long list doesn’t include other specific industry regulations, state regulations, or those that regulate government agencies.

Many businesses are just now becoming aware of the avalanche of regulation, with little in the way of knowledge and preparation. However, while many don’t yet understand all the rules, the risks of non-compliance are clear as a bell: anything from fines to businesses being shut down. So, what’s a business owner, or a regional bank, or a hospital, to do to comply in a way that best protects their businesses and their customers?

Back to basics

When faced with complexity, it’s often best to start with the basics and begin to prepare your organization from there. Here are a few simple steps:

• Understand the regulations and requirements you now face, and create a strategy that protects you and your customers. Regulatory compliance can be a millstone around the neck of your organization or can be used as a map to achieve best practices that lead to greater security for your company and customers. Map your current policies, procedures and risk mitigation strategies to the regulations affecting your business. Then, identify the gaps that exist in your current security program and look for solutions that are best suited to fill these gaps.
• Don’t be afraid to look at replacing solutions that have been in place for some time with newer systems that that offer the necessary insight and value. In times of external change, companies need to be open to change too. New systems can ease compliance and result in lower cost of ownership over time. For example, you can now replace your separate firewall, intrusion detection systems, web content filtering, anti-virus, and virtual private network appliances with a single “unified threat management” (UTM) device that does it all and much more.
• Consider using an outsourced information security and compliance provider. Many companies are beginning to realize that they can save a substantial amount of money by outsourcing those elements of their information security program that are human resource-intensive. Few businesses are expert at maintaining a 24×7 security operation center, and for small businesses trying to create a comprehensive information security program, having “round the clock” monitoring isn’t even an option. Be sure to engage with a partner that can offer tools, reports, and other resources that make your regulatory compliance easy to manage.
• Don’t forget the ongoing testing. Once changes have been made to your overall security and compliance program remember to follow up with testing and reviews. Use outside help if needed, and look for solutions to fill remaining gaps until you’re in compliance are comfortable with your exposure.

In today’s technology-driven world there is no such thing as being 100 percent secure and you can never eliminate all of your risk. But clearly regulators are going to great lengths to ensure that organizations are at least meeting a minimum of smart IT security and risk mitigation. The success of your business depends on achieving and maintaining a good information security foundation based in best practices, one that meets an evermore complex web of regulatory compliance requirements while not choking your bottom line.

About the author: Tim Harvey joined Perimeter E-Security as CEO in October 2009, coming over from the CEO post at XAware. Before that he served as S1 Corporation’s Senior Vice President of Sales, Marketing and Product Management. He graduated from the University of Florida with a BSBA in Finance and served four years as an officer in the United States Marine Corps.

Packed with vacationers,   Spanair Flight JK5022 smashed into the ground shortly after takeoff from Madrid’s Barajas international airport, bound for the Canary Islands. The Aug. 20, 2008 tragedy killed 154 of 172 souls on board the Boeing MD-80 jetliner.

El Pais cites a 12,000-page investigative report that outlines how a computer infection, spread via an infected USB thumb drive, may have been a contributing factor. A malicious program precipitated failures in a fail safe monitoring system at the airline’s headquarters in Palma de Mallorca. The system was slow in sending out alerts that might have led to delaying or canceling the departure.

Click here to see a PDF copy of the 96-page CIAIAC crash report summary; it’s in Spanish.

Instead, the jet took off with flaps and slats retracted, instead of extended to boost the lifting surface of the wing. The pilots also should have detected something amiss during pre-flight checks, and internal cockpit warnings should have triggered.

Rick Wanner, threat expert at the SANS Institute’s Internet Storm Center, says the revelation show how disruptive malicious programs can be to the controls of any complex network at any big organization. “I am not a pilot, so I cannot speak with authority on how to fly a passenger airliner, but it seems clear to me that this accident was caused by the failure of a number of controls leading to a disastrous outcome,” says Wanner in this blog post.

Hot attack vector

Infectious USB thumb drives helped spread the infamous Conficker worm, and more recently, helped elite attackers launch the Stuxnet worm, which pioneered a new way to corrupt Siemens’ SCADA (supervisory control and data acquisition) systems used to run power plants and industrial factories.

Jose Nazario, senior manager of security research at Arbor Networks, notes that USB thumb drive attacks take advantage of security weaknesses in Windows autorun, a basic component built into the Windows operating system. Microsoft added autorun to Windows 95 to make it easier for you to install programs from CD disks, and now from thumb drives, as well.

Nazario says there is an extensive family of malicious programs designed to “take advantage advantage of the autorun functionality when a USB stick is inserted.”

Autorun easy to attack

He says it’s not very difficult to mount an autorun attack. Online discussions are widespread. Bad guys are able to bypass firewalls, intrusion detection systems and other external-facing defenses and load a malicious program from a machine inside the soft, gooey innards of an organization’s network.

Several other tech security experts LastWatchdog interviewed at the Black Hat cybersecurity conference and Defcon hackers event last month in Las Vegas, said the are wary of using randomly-acquired USB sticks.

Narario says they are the equivalent of reusing dirty hypodermic needles. At conferences, it has become routine participant to exchange slide shows, press kits and what have you via USB sticks. The rapid spread of autorun triggered viruses suggests the bad guys are just as routinely slipping infected USB sticks into the mix. Says Nazario:

Think about how many USB sticks you have, you’re probably undercounting. Everyone does. I just found one in my bag I didn’t realize was there. Iget them at a lot of conferences I go to. Now think about how many sticks in the past month your laptop has had used with it, and think about how many other systems you have used your USB sticks on. This is like those classic HIV commercials, where you’re with everyone that person has been with before.

By Byron Acohido

In 2003, DeWalt, then CEO of Documentum, sold the content management firm to EMC, for $1.9 billion, at a share price that translated into a 29% premium, says Daniel Ives, tech industry analyst at FBR Capital Markets.

“Dave DeWalt has the magic touch, in regards to building an organization that shows growth, and also highlighting its potential,” says Ives. “This is the second time he’s done it.”

To polish up Documentum for sale, DeWalt led the company through nine consecuritve quarters of growth, including four acquisitions. He then went to work for EMC, leading its content management and archiving software division. He left EMC in 2007 to take the reins as CEO of then-struggling McAfee.

Again he steered a course of growth through acquisitions and aggressive salesmanship; in negotiating with Intel, he was able to boast that he had turned around McAfee into a double-digit annual growth company with nearly 80 percent gross profit margin.

Fair acquisition price

Andrew Jaquith, tech security industry analyst at Forrester, notes in this post that the $7.7 billion Intel will pay for McAfee, when the deal closes, translates into roughly five times the last trailing four quarters’ revenues, about typical for M&A deals in the security industry.

“The price is not so high that it makes Intel look like Daddy Warbucks, but not so low that it looks like McAfee was desperate to sell,” observes Jaquith.

DeWalt’s new boss, Renee James, Intel’s senior vice president of software and services, has assigned him to run McAfee pretty much as is: fast-growing, highly-profitable, wholly-owned subsidiary.

In a LastWatchdog interview, James declined to give much detail about longer range plans to infuse McAfee’s security expertise into Intel’s struggling Atom chip for Internet-connected mobile devices. “It’s true in mobile solutions that we will have more enhanced security hardware,” said James. “It is an accurate assumption that in the mobile devices market we will be doing integration into the chip.”

Exactly what security features Intel embeds into its Atom chip — and whether a robust market emerges for a security-enhanced mobile-devices chip — remain to be seen.

But there is no question mobility, in general, has a big future in tech. Internet-connected smartphones, netbooks, e-readers and tablets are increasing in usage. All big tech and media companies want to ride the wave. Yet, at this juncture, neither Intel nor McAfee are serious players in the mobility market, says Jacquith.

“This deal doesn’t improve their prospects,” he says. “In the mobile market, Intel has had its lunch eaten by ARM Holdings, a company whose energy-effiicient designs have underpinned the chips of choice on mobile devices like Apple’s iPad.”

For McAfee’s part, DeWalt’s recent acquisitions of mobile security companies Trust Digital, tenCube and Solidcore look prescient, and certainly added to his sales pitch to Intel. But the revenue those firms bring to the table is small potatoes. “McAfee deserves credit for thinking outside the PC box, but its execution in this area is, at best, in the early stages,” says Jacquith.

Concocting and executing a viable strategy to somehow boost Intel’s Atom chip for mobile devices by tying in a McAfee security contribution will be a big challenge for DeWalt.

Shifting consumer AV market

But even before he tackles security for the Atom chip, DeWalt must prove that the shiny apple he sold Intel is, indeed, as tasty as it looks on paper.

McAfee reported net revenue from its consumer security market increased $32.0 million, or 9%, to $381.0 million in the six months ended June 30, 2010. That accounts for nearly 40% of its revenue, a major factor in the price Intel agreed to pay for McAfee.

But the long-lucrative consumer PC antivirus market is mature, portending slow growth. Yet it remains highly competitive. And it is also in flux. More and more PC users are content to use free basic antivirus protection from AVG, Avira, Panda Security, Immunet and others. These suppliers make money by upselling trial users to paid versions.

And a new wild card in this “free” protection segment is Microsoft Windows Essentials, which is completely free; Microsoft has nothing to upsell.

McAfee, Symantec and Trend Micro sell to consumers primarily by cutting deals with Dell, H-P, Acer, Lenovo and Sony to install free trial versions on new Windows 7 PCs.

Oliver Friedrichs, CEO of startup Immunet, who has made career stops at McAfee and Symantec, contends that suppliers offering free basic protection tied to upselling will inevitably overtake the giants who market free-trial versions on new PCs.

“The antivirus industry is seeing significant deterioration due to the free antivirus software market,” says Friedrichs, adding that usage of free basic antivirus by U.S. computer users is approaching 50% . “This has not only taken away opportunity for (free-trial) antivirus vendors, but it is deteriorating existing market share as well.”

How well DeWalt navigates this shifting of the consumer market remains to be seen. Financial services firm UBS expects McAfee to become less aggressive on pricing under Intel. That should benefit its arch rival Symantec, whose share price is trading near its two-year low. UBS is even projecting that unless Symantec takes advantage and breathes life into its share price it could become an acquisition target of the likes of Oracle, IBM , Cisco or Hewlett-Packard.

Clashing cultures

Meanwhile, DeWalt almost certainly will also have to deal with a clash of corporate cultures. Gartner tech security industry analyst Peter Firstbrook points out that the marriage of a hard-charging software sales company an entrenched chip manufacturer lacks any intrinsic synergy.

“Chip vendors work on long-term, well-planned cycles, while security companies have to be much more reactive to market conditions,” says Firstbrook. “Intel is a dominant player in their market and driven by staid engineering culture while McAfee is a scrappy west coast sales-driven company.”

DeWalt, who is a University of Delaware Hall of Fame champion collegiate wrestler, told LastWatchdog that he is pumped up to grapple with all of these challenges:

I stayed for along time afterward with EMC, making it successful with Documentum, and I’m going to do the same thing here with Intel, making this successful for them. Our visions are very similar, the strategies are similar, it’s going to be a pleasure to really help bring security benefits to the world. I think this is just a great combination, I can’t tell you how excited my employees are. And, clearly, all of our partners are excited, because they can make more money, and do more things together too. So there are lots of very positive aspects to this.

By Byron Acohido

Roaming the Black Hat cybersecurity conference in Las Vegas last month, LastWatchdog ran across several powerful new tools recently and/or soon to be made available to consumers to help them better protect themselves online. This is another small step forward. Here is my report published today in 1.8 million copies of USA TODAY circulating in newsstands, newsracks and hotel rooms across the land.

By Byron Acohido, USA TODAY, 18 Aug 2010, P. 3B

It’s riskier than ever to get on the Internet. Cybercriminals use tricks to get you to click on infectious Web links in e-mail, social-network postings and even search engine results.

Simply navigating to a well-known, legitimate website can result in what’s known as a “drive-by download,” the stealthy installing of a computer infection onto your PC’s hard drive.

The endgame for cybercriminals: take full control of your PC and use it to help carry out online thefts and scams. It’s essential to keep your anti-virus protection current and to regularly install all Microsoft, Adobe, Apple and Java security patches.

But that’s not nearly enough to stop many of the latest infections. The good news: There are new software tools that can help you clean up and repel the latest cyberattacks. Many of them are free. Most require patience to learn how to use. Be prepared to sacrifice convenience for added security, as using these tools will add steps to your ongoing use of the Internet. Here are four of the newest tools:

SlimWare Utilities

What it does: SlimComputer and SlimCleaner work together to boost overall computer health and performance. “We can help identify malicious programs that are hooked into your operating system that you may have picked up over time,” says Chris Cope, SlimWare founder and CEO.

How it works: SlimWare keeps track of your applications. It makes special note of apps configured to launch on start-up and run in the background, as well as programs set to run in your Web browser. It then guides you through deciding whether to disable each program.

What you gain: Disabling browser toolbars, instant-messaging programs and unnecessary software updaters (apps that periodically prompt you to update or upgrade games, media players and the like) can dramatically boost PC performance, says Cope. SlimWare also helps identify and eradicate apps that are clearly criminal, including banking Trojans used to steal from your online banking account.

Availability: Free consumer beta test version now available at www.slimwareutilities.com.

Qualys BrowserCheck

What it does: BrowserCheck monitors your Web browser, as well as popular browser plug-ins and add-ons, to make sure you’re running versions containing the latest security patches. “The cybercriminals know that many consumers are not aware that using out-of-date browser plug-ins can make them vulnerable to attacks,” says Wolfgang Kandek, chief technical officer at Qualys.

How it works: BrowserCheck verifies and, if necessary, guides you to update security patches for Windows service packs, Internet Explorer, Firefox, Chrome, Adobe Flash Player, Adobe Reader, Adobe Shockwave Player, Apple QuickTime, BEA JRockit, Microsoft Silverlight, Microsoft Windows Media Player, RealPlayer, Sun Java and Windows Presentation Foundation plug-in for Mozilla browsers.

What you gain: Hackers use automated tools to sequentially check each of these browser components for unpatched security holes. So if you’re behind on patching any one of them, they will find the flaw. Running BrowserCheck once a week and installing the recommended updates will help keep your browser locked down.

Availability: Free tool available at browsercheck.qualys.com.

Cloudmark DesktopOne

What it does: DesktopOne blocks nuisance and malicious e-mail and can serve as an added layer of protection, even if you already use a spam filter. “It will protect you from anything e-mail-borne that’s malicious or unwanted,” says Kris Politopoulos, director of customer support at Cloudmark.

How it works: Once installed, DesktopOne filters e-mail continuously, even if your e-mail program is not open, or if you happen to be accessing e-mail via a browser or from a remote computer. A basic free version allows you to protect a single e-mail account. A pro version enables you to manage protection for several accounts and includes more features.

What you gain: It will quarantine messages carrying spam, phishing scams, tainted Web links and viral attachments. The pro version lets you manually scan message folders, designate trusted contacts and automatically delete old spam messages.

Availability: Free and pro version, priced at $19.95 for a one-year subscription, available at www.cloudmarkdesktop.com.

Invincea Browser Protection

What it does: Browser Protection launches a virtual browser that runs completely detached from the Windows operating system. It watches for suspicious programs being launched in the browser. Upon detecting an attack, it takes steps to shut down, then relaunch another virtual browser in a known clean state.

How it works: If you click on a Web link pointing to an infected site, the virtual browser will detect the infection as the attack code tries to take control. It will prompt you to terminate the browser session, or it will automatically restore in a short period of time. This cuts off the installation of malicious code, protecting your PC.

What you gain: Tech systems integration company CACI has been testing this for about a year with promising results, says Zal Azmi, senior vice president of cybersecurity solutions. “By itself this technology is incredible,” says Azmi. “Right now it’s at an infancy stage. But the virtual browser could be a big asset to the novice.”

Availability: Invincea founder Anup Ghosh anticipates having a consumer version ready by early 2011. The company is currently deploying Browser Protection to corporations and government agencies, including the Department of Defense.

Earlier this month, Sophos published its mid-year 2010 Security Threat Report, revealing some alarming attitudes in support of escalating cyber espionage. In this LastWatchdog guest post, Chet Wisniewski, Sophos senior security advisor, expresses his concerns about such attitudes.

By Chester Wisniewski

In the first half of 2010 two notable incidents raised awareness of cyber-war and cyber-espionage among computer users. Google and other companies were compromised during the “Operation Aurora” attacks and Google pointed a finger at China, insisting the attack was politically motivated and the work of the Chinese government.

We also recently saw a new zero-day exploit in Windows used in an attempt to compromise critical infrastructure, the level of sophistication of which implies government sponsorship. All of this has sparked a debate among users about whether governments should engage in this activity.

Scary attitudes

In a poll of 1077 computer users, 63% said they believe that it is acceptable for their country to spy on other nations by installing malware or by hacking. Seven percent of those polled think that using crippling denial of service attacks against another country’s communications or financial infrastructure is acceptable during peacetime.

This attitude scares me. We seem to be reacting out of panic to a perceived threat in a way that will only cause the problem to escalate. I prefer the views of my colleague Paul Ducklin, who suggested we hijack this idea of cyber-warfare and turn it into cyber-victory. We should come together to better secure our computers for the sake of more secure nations.

You may differentiate between cyber-espionage and directly attacking another nation’s infrastructure to cause harm or denial of service, but we should not enter the 21st century with either cold-war style spy tactics or stockpiles of virtual weapons.

Productive discussions

Unfortunately SophosLabs are now processing more than 60,000 new malware samples per day, a 50% increase since this time last year. This is a daunting figure and shows that the pace of innovation among criminals shows no sign of slowing. Prompting our governments to accelerate this arms race will not result in any winners.

The good news is that we are seeing users engaging in intelligent, productive discussions about what we can and should do to stem the tide. People are using social networking to reach out to one another and lend a helping hand. If we intend on creating a more secure internet, it is going to require cooperation and a sense of community. I hope we can report progress on this front when we publish the next edition of the Sophos Security Threat Report.