PhoenixDzine

Facebook has started offering a new profile*. What’s unique about this is that they offered it. In the past they had always forcibly changed it and added privacy changes, much to the chagrin of their user community and privacy advocates.

The way that this change developed was either clever marketing or social engineering, though I hesitate to have a debate on the difference between the two. When logging into Facebook, users were greeted with the news that some friends were using the “New Profile”.

This clever bit of information was there to notify the users that there is an alternative. It adds an idea of exclusivity. There is something else, and your friends are using it, but you’re not. Are you missing out? The message was then repeated as friends adopted the new profile.

Facebook has been heavily criticized in the past for forcibly changing settings and reducing their user’s privacy. Let’s not forget that Facebook is a company that sells things. It is not their main intention to ensure you make contact with old friends from school. They are there to make a profit and selling user information is one way they do that. However if users lock down all their privacy they won’t have much to sell.

Facebook has overcome this by using an opt-in strategy this time. First, they offer a new profile. The new profile is more of a personal showcase. Not entirely different, but the layout has moved around. They are quick to notify you that your privacy settings have not changed. The most interesting part is the addition of personal information links on top of the new profile:

These entice the users to add more personal data, showing more about you as a person. They also override the privacy settings in the profile management area, because hey, you changed it yourself. Did it work? I would say yes. I saw more and more friends adding birthdates, home towns, work information, and more. All of this is very sellable information to advertising companies looking to “profile” their users.

It seems Facebook has learned its lesson about forcing changes on users, and even used it to its advantage to gain more information about them. Be wary of putting too much personal information online. A lot of the info you might post on Facebook could be used for malicious purposes, such as guessing your password reset hints for other sites or targeted attacks on the company you work for. If you’re not sure, best keep it to yourself.

*not everybody is convinced about the new profile just yet

In early December, Kaspersky Lab experts detected samples of the malicious program TDL4 (a new modification of TDSS) which uses a 0-day vulnerability for privilege escalation under Windows 7/2008 x86/x64 (Windows Task Scheduler Privilege Escalation, CVE: 2010-3888). The use of this vulnerability was originally detected when analyzing Stuxnet.

Using an exploit for this vulnerability allows the rootkit TDL4 to install itself on the system without any notification from the UAC security tools. UAC is enabled by default in all the latest versions of Windows.

After the Trojan launches in the system, e.g. in Windows 7, its process receives the filtered token (UAC in operation) with the regular user privileges. An attempt to inject into the print spooler process terminates with an error (ERROR_ACCESS_DENIED).

Every company has its basis, the community, which greatly helps to improve the products by giving feedback and input. Kaspersky Lab can count itself lucky to have very diligent people which honorary moderate our official Kaspersky Lab forums, test our beta versions to find bugs before new products hit the market and create community projects.

This week we finally met some of our friends in person since they visited our German office in Ingolstadt to exchange ideas and discuss possibilities to improve our cooperation. Colleagues from retail support, the localization and testing team as well as virus analysts attended the meeting from our side.

We learned about community projects and what role Kaspersky Lab could play in it to support the undertakings. We discussed our products and my colleague Stefan Ortloff demonstrated how to reverse malware.

Looks like Moscow, but it isn’t. Winter has now officially started off in Germany.

Overall, this was a very fruitful event. Thank you all for visiting us despite the adverse weather conditions. And an additional BIG thank you to all the active people in the community, your help is greatly appreciated!

This was the first meeting of this kind in Germany, but certainly not the last!

Earlier tonight I was on my balcony and noticed a very rare phenomenon, at least when it comes to seeing it from Moscow: the Aurora. It was so beautiful, especially since it was the first time for me to see it. I decided to write about it on Twitter and then decided to search for “северное сияние” (Aurora in Russian) to see if others have noticed it too.

I saw a number of tweets from people in Moscow who also saw the Aurora. Then, I noticed “Morgan Freeman” listed in the Twitter Trends.

Thinking that something has happened to him I checked the tag and found a number of suspicious messages. After checking the URL I found they were malicious – a new attack being carried through Twitter right now, live.