In response to Supercookies and Evercookies: Resistance is Futile, I received the following comment, privately:
What privacy watchdog groups? Who determines what privacy is? Law enforcement?-Is it the S.S.? (or K.G.B., etc.) Who's going to make legislation? What is a 'blatant violation'? We must be very, nay, extremely careful in determining who makes/carries out the rules.
While this is a topic that varies dramatically, depending on where you live, in the United States, at least, I support the Electronic Frontier Foundation for exactly this purpose. They're perhaps the largest watchdog organization when it comes to online issues, most especially concerning privacy. Fight for the Future is another. And of course there's the American Civil Liberties Union (ACLU), though they're busy with many issues of late that more than transcend technology.
Ultimately it's your government that sets the rules, and its up to the various entities to then follow those rules. Organizations like the EFF and others attempt to hold all the players accountable.
I encourage you to, in turn, support those organizations that align with your concerns and values.
The very nature of "zero day" exploits is that your virus scanner would show that you were clean both before and after being infected.
It's not until your anti-virus software provider updates their virus databases and you take that update that your scanner knows what to look for.
Yes, that means you may still be infected.
Let's go through the timeline that got you here.
There are security vulnerabilities in Windows (and all operating systems) that have not yet been discovered.
If no one knows about them, then it's not an immediate threat — hackers can't exploit things they don't know about.
Not infrequently, a "good guy" will discover a vulnerability, but keep it a secret so malware authors don't find out about it and start to exploit it. Instead, the "good guy" contacts Microsoft and tells them about the issue, so a fix can be made available before the vulnerability becomes general knowledge.
Quite often, as a not-so-subtle form of encouragement to fix the problem, the reporter will indicate that he or she will make the details public within a certain amount of time. For example, Microsoft might be given 90 days to release a fix for the vulnerability.
That's if one of the good guys finds it first.
If a malware author discovers the problem and releases malware that exploits it, then systems can become infected before anti-virus software providers can update their databases and release the update to their users.
If malware exploiting a specific vulnerability is discovered "in the wild" before a fix for that vulnerability is available, then Microsoft has zero days to fix the problem. Hence, it's called a "zero day" exploit, vulnerability, or attack.
The zero-day timeline
Let's look at the timeline a little more closely.
Vulnerability Introduced: 99 times out of 100, this is a simple programming error or oversight that could quite literally have happened years ago. The problem could have existed the entire time, but again, if no one knows about it, there's no one to exploit it, so it remains benign.
Vulnerability Discovered by Hackers: once discovered, the race is on. Hackers try to keep the nature of the issue to themselves for as long as possible, so as to delay any fix.
This begins what I'm calling the Window of Complete Vulnerability: there's a bug, there is malware that exploits it, anti-malware software does not yet detect it, and there is no fix for it. There's little you can do.
Malware Exploiting Vulnerability Discovered: at some point, the existence of the problem becomes public knowledge, usually by finding and reverse engineering malware that exploits it.
Anti-malware Detection Updated: as new malware is discovered, anti-malware tool vendors add information to detect it to their databases. This is why it's so critical you keep your anti-malware databases as up to date as possible. Without the latest updates, your scanners will not know how to detect the latest threats.
This begins what I call the period of Partial Vulnerability. Some of the malware making use of the exploit can now be detected and blocked by anti-malware tools. This is only partial safety: the vulnerability still exists, and there is no fix for it. New malware will be written making use of the same vulnerability, attempting to stay one step ahead of the anti-malware vendors.
Vulnerability Fixed: at some point, Microsoft releases a patch that fixes the problem. Systems updated to include the fix are now safe. Malware that attempts to exploit the vulnerability on those systems will fail. This is why it's so important to make sure your operating system is updated regularly, in addition to keeping your anti-malware databases up to date.
Like I said, it's a race. In the best cases, Microsoft has some time to release a patch to prevent a vulnerability from being exploited.
Unfortunately, it's all too common that they have zero days to do so.
If you find yourself in the situation described by our questioner, I have some suggestions:
- Restore your computer to a backup image taken prior to the infection.
- If you don't have a backup, try a system restore to a point prior to the infection. This isn't guaranteed, but depending on the specific malware involved, it might help.
- Check with your anti-malware tool vendor immediately, or at least force an update of the database and perform a full anti-malware scan. Keep updating that database regularly — I recommend daily.
- If you can figure out what it was that caused the infection … well, don't do that again.
It's all about the race between anti-malware tools, hackers, and software vendors.
Occasionally, it's we who lose.
Related Links & Comments: What's a "Zero-Day" Attack?
Logitech HD Pro Webcam C920
I actually have two of these - the current C920 as well as the previous C910 model. They're perfect for both making videos (some of my "talking head" videos were made using this simple webcam), as well as video chat like Skype (when I feel like being seen, of course).
Full HD on any of my Macs or PCs. It even comes with a convenient flip-down lens cover to protect your privacy.
If you don't yet have a webcam, or are unhappy with the quality of the webcam built into your laptop, as I am, then the C920 is a very cost-effective cam to consider.
Yes, it's true.
But before you focus on that too much, there are two things to keep in mind:
First, it's not really easy for the average consumer.
Second, there are easier alternatives to monitoring your router.
Let me explain what I mean and what you can do to protect yourself… if, indeed, you can protect yourself at all.
Continue Reading: Can Everything I Do Online Be Monitored at My Router?
There are several possible scenarios going on here. The good news is, most of them are completely benign and relatively easy to fix.
The bad news is, the one that's not benign is pretty serious — as in, "I hope you have a backup" serious.
Continue Reading: How Do I Fix "Invalid System Disk" Error?
A feature exclusively available to Ask Leo! Patrons Bronze level & above.
- Tip of the Day: Sign Out!
- Tip of the Day: Tracert
- Tip of the Day: DON'T YELL!
- Tip of the Day: Tell Google What Not to Include
- Tip of the Day: Windows File Explorer Search
- Tip of the Day: Horizontal Scroll with the Mouse Wheel
- Tip of the Day: Think Twice (or more) Before Sharing a Password
More Ask Leo!
Something random from my personal blog that I think many can relate to: Surprise! It Worked!
Leo's Other Projects....HeroicStories Since 1999, HeroicStories brings diverse, international voices to the world ' reminding us that people are good, that individuals and individual action matter. Stories - new and old - are published twice a week.
Not All News Is Bad - Each day I look for one story in the current news of the day with a positive bent. Just one. And I share it.
leo.notenboom.org - My personal blog. Part writing exercise, part ranting platform, it's where I write about anything and everything and nothing at all.
Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at https://newsletter.askleo.com for their own FREE subscription!
Newsletter contents Copyright © 2017,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC