Wednesday, September 16, 2009

Recommended Security Tool - Secunia Personal Software Inspector

Malware has shifted its focus over the last few years. Today, it targets your applications much more than your operating system. As OS X, Linux, and yes even Windows have become more secure, the Bad Guys search for softer, easier targets.

Unfortunately, these are all too common. Browsers, Office, PDF readers, media players, Quicktime - these are filled with holes and are typically patched much less frequently. Your OS - even Windows - may be pretty resistant to malware, but your applications are a mess.

The problem is how to tell. It's not like there's "Patch Tuesday" for your applications - they're not just from Microsoft, they're from all over. Firefox has an excellent self-update mechanism, but not much else does. So what should you do?

Secunia is a well regarded security company that offers a free for home use tool to let you check your apps. The Personal Software Inspector looks at all your apps, cross-references them to all the vulnerabilities they know, and tells you which need to be updated.


There's even a hot-link to the update. I ran it, and (not surprisingly) Quicktime was vulnerable. Clicking on the "Solution" button started the appropriate download from apple.com. Nifty!

Highly recommended.

6 comments:

Bob said...

Nice little tool, thanks for recommending it. I notice that it runs in the background after it finishes its scan, is there any reason to let it do so?

wolfwalker said...

I got partway through the install process and got totally creeped out by the level of access it was demanding to my hard drive and its explicit statement it would be transmitting data back to its home server. Seems highly unreasonable that a program designed to find and fix security breaches would itself create a major security breach.

Sorry, not for me.

TOTWTYTR said...

I'll go with Bore Patch on this one. Which is not say that there isn't some risk, Wolfwalker. However, BP hasn't let me down in the past.

Which raises another question, and sort of a theory.

AVG, Spybot, and others have free versions of their software. Generally for personal use, from what I've seen. I've wondered why they do this, and have decided that in addition to the obvious opportunity to sell the paid version, they see some benefit to everyone using the Internet if users have security software. Sort of a pro bono thing.

Am I even close or am I completely clueless on this?

Borepatch said...

Wolfwalker, as you know it's about managing risk. You're in a lot better position to keep things up to date than many readers, and so the "what's the downside" analysis you did is spot on.

For most readers - who aren't in security, or even tech - there's a lot of value.

That said, I'd be fine with it running as a scheduled service every day or so. The Bad Guys are getting a lot better at getting exploits out quicker these days, but even that typically need 4 or 5 days after the patch is out (other than Day Zero exploits, of course). Letting me know tomorrow is not clearly worse that letting me know RIGHT. NOW.

Bob and TOTWTYTR, I wouldn't have recommended it if I didn't think it was worth while. I've recommended a couple of online virus scanners (e.g. Trend Micro's House Call), and they collect at least a little info, too.

Having worked in the security vulnerability field, there's a lot of useful information that you can get from anonymized data. Sounds like a good subject for a post ... ;-)

NotClauswitz said...

Interesting but...and not to gripe really because my own exposure and software accumulation is unique...
But it requires me/it to run Internet Explorer (WTF??) as a browser while automatically downloading Adobe Flash - for which I have a blocker in Firefox but no such flash-block is written for Exploder.
And then Adobe Flash 10 is bundled with McAfee Security Scan and encapsulated in some kind of "Adobe Download Manager" crapware, and it downloads that TOO at the same time with no recourse for stopping it. So now I have to go de-install an unwanted program.

A new Apple Quicktime - yeh, whatever, I can live with that but it takes freaking forever to download the update, AND I DO NOT WANT the latest DRM that comes with iTunes 8x and have purposely neglected to upgrade that bloatware. I never buy anything from the iStore anyhow and I hate "Genius" the meddling little app that is supposed to create its own playlists.

Who knew the innocuous OpenOffice.Org is a Level-4 threat unless it's updated? I almost never use it, so it just got picked out of the lineup. I can update it or remove the program from the computer. It's a BIG download for the whole damn v3.x thing and runs a lot faster from a CD - like the one I got from friends at SUN...
Same with Opera that typically goes unused, but it's small and won't take too long. So I download the v9 Opera upgrade and it tells me there's a whole NEW version 10 available? So now that's downloading too.

And the VLC media player itself is seemingly updated daily if not hourly. Just about every time I run it I get an update notice.

So anyhow, those are my results and
I guess I have a bunch of crap I can either get rid of or upgrade.

Anonymous said...
This comment has been removed by a blog administrator.