April 11, 2007 12:19 PM PDT

McAfee offers 'Sage' advice on security issues

Microsoft's Vista has improved security for Windows users, but "some of its choices still leave users vulnerable," writes David Marcus in McAfee's new semiannual journal on security matters.

Published by McAfee Avert Labs, the second issue of Sage (PDF) was released on Wednesday. The journal, which made its debut in July 2006, is available from the McAfee Threat Center.

"The constant struggle between security personnel and malware authors is an arms race," said Dan Sommer in his editor's note. Sommer is publications manager at McAfee Avert Labs.

The journal is in part an advertisement for McAfee products. But it also includes reports by employees, such as Marcus, who is security research and communications manager for McAfee Avert Labs, on the newest security threats like SPIT.

Spam over Internet telephone (SPIT) will surpass e-mail counterparts, according to the journal. Telemarketers can bypass the national do-not-call list and make thousands of free calls using VoIP (voice over Internet Protocol). Spammers can use it to forge originating numbers and exploit unsuspecting VoIP users who will not expect phishing attacks coming from, for example, their bank's own phone number.

Other security threats covered in Sage range from mobile phone spyware to spam to endangered RFID (radio frequency identification) tags. There are also sections on statistics, including the fact that "35 percent of the packaged software installed on personal computers in 2005 was illegal."

Sage also covers topics like laptop security, and security risk management plans for people in the industry.

See more CNET content tagged:
journal, McAfee Inc., RFID, VoIP, security


Join the conversation!
Add your comment
Want to stop Spam, malware, etc.?
Then use an OS that gives the good guys the advantage. Most
(almost all!) malware requires the use of Windows. No Windows, no
bots. No bots, much less spam and phishing attacks.

If you think it's just market share, read and learn:
<a class="jive-link-external" href="http://weblog.infoworld.com/venezia/archives/011187.html" target="_newWindow">http://weblog.infoworld.com/venezia/archives/011187.html</a>
Posted by Macsaresafer (802 comments )
Reply Link Flag
Want to stop tiresome posts?
It is Paul Venisia who is all wet. The man understands as little about this security stuff as you do.

That one obviously amateur hacker wrote a virus for iPods running Linux proves absolutely nothing whatsoever. To cite this one incident as proof that the Mac is not safe because of its limited market share is pathetic ? but typical of Mac fanatics who allow their fanaticism to outweigh common sense.

Equally pathetic is your obsession with posting this ?the Mac is superior because it is too hard to crack? wrong-headedness every chance you get. It simply demonstrate yet again that you know little of the Mac OS, hacking or OS security, any OS. You really need to get a life and stop posting these tiresome, nonsensical posts.
Posted by gmcaloon--2008 (72 comments )
Link Flag
Try harder
That write-up is silly. He says...

"The point here is that if it has a CPU, hackers will try to break it"

...and he is wrong. Many devices have a CPU, and many don't have a successful virus. Palm devices, PlayStations, XBoxes, Lego NXT... need I go on? The simple fact they, and the Mac, have in common is the bother isn't worth the effort. Why write a virus for the Mac when you can target 30 times more users by writing for the Windows PC?

Besides, the logic is flawed. Having zero successful and few attempted viruses doesn't prove that the Mac is more secure; it proves no one cares! Having zero successful and thousands of attempted viruses would prove that.

He also proves that he knows nothing of Windows. The number one problem with Windows security is people running in Admin when they shouldn't. Why do they do this? Because developers don't program correctly. This is the point of UAC, to encourage developers to programs as Microsoft has been asking since NT. Microsoft, unlike Apple, doesn't force people to do thing their way. They encourage, and if it doesn't work they go with the flow and try again. This is why Microsoft has 90% of the OS market share.
Posted by Siegfried Schtauffen (269 comments )
Link Flag
When Security Is An Afterthought
The fact that sender authentication was not built into VoIP, as it was not for email either, exposes legitimate VoIP users to yet another mess. When will vendors start taking security seriously instead of as an afterthought? Spam email is bad enough, realtime spam phone calls will be intolerable and will soon cripple this industry. You will need to have an unlisted VoIP number -- forget having a "Skype Me" button on your company's website.
Posted by Stating (869 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.