Taking a cue from Morgan Spurlock who lived on fast food for 30 days in the Super Size Me documentary, McAfee gathered volunteers from around the world who would, for one hour a day, surf the Internet, signing up for various newsletters, filling in various forms. As they did so, the participants were asked to blog about their experiences.
On Tuesday, McAfee released the results of the experiment it called S.P.A.M., or Spammed Persistently All Month.
Over the course of the month, McAfee's test subjects accumulated 104,000 spam messages, or roughly 70 per day per recipient. Put another way, 87 percent of all the e-mail captured on the test laptops was considered to be spam. That isn't too surprising.
What is surprising, according to Dave Marcus, director of security research and communications for McAfee Avert Labs, is the amount of foreign language spam, with Germany and France having the highest percentage of local language spam.
Other findings include:
Men received more spam than women (76.6 per day vs. 60.6 per day).
The United States received more total spam, followed by Brazil and Italy.
Nigerian scam e-mails are more popular in the United Kingdom than in the United States.
What's also interesting, at least to me, is that the McAfee results were similar to results released by Symantec. McAfee used about 50 real-world participants while Symantec used its DeepThreat Network of thousands of computers worldwide.
You can hear more of Dave Marcus' observations on the McAfee results in this week's Security Bite's podcast.
A new contest to be held at this year's DefCon in Las Vegas in August hopes to prove that signature-based antivirus is dead, a move that one leading antivirus researcher says is "not a good idea."
The goal of the Race to Zero is simple: obfuscate a malicious code so that it evades well-known antivirus engines.
Contestants will be given a sample set of viruses and malicious code that they must modify and then upload through the contest portal. Once accepted, the sample will be sent through a number of leading antivirus engines (perhaps using VirusTotal.com to provide real time test results). The first team or individual who manages to evade all the antivirus engines wins that round. The organizers promise that each round will increase in complexity.
On the contest site, organizers list six reasons for hosting this event:
- Reverse engineering and code analysis is fun.
- Not all antivirus is equal and poorly performing antivirus vendors should be called out.
- Signature-based antivirus products can be easily circumvented.
- It's easier to modify malicious software than it is to write signature protection for it.
- Signature-based antivirus is dead.
- Antivirus is just part of the larger picture, you need patching, firewalling and sound security policies to remain virus free.
But Dave Marcus, security research and communications manager at McAfee Avert Labs, said: "Encouraging research that results in better evasion techniques for malware writers is not a good idea. How many identities will be lost and how much data will be stolen from users as a result of the new techniques and evasions that are created? Security research should center around bettering detection not evasion."
DefCon 16 will be held August 8-10 at the Riviera Hotel in Las Vegas.
- prev
- 1
- next
