Inability to Authenticate hits us right where it hurts - security!
You might have heard about XP Antivirus 2008 and XP Antivirus 2009, fake security products which are actually malware, infecting unsuspecting victims!
The irony here is that our inability to Authenticate what is legitimate what is not is hitting us right where it hurts! Our security! Its one thing to be able to validate whether you belong to a “tunnel digger association” or not and its another to believe that an application is a security software and install it, but only to realise its actually a malware!
This is a very poignant point that demonstrates Authentication not only enables but also protects!
Melih
Service to human race or fame seeking selfishness?
And this is directed at anyone who claims to be testing Anti Virus products!
Somebody asked me once: Hey Melih, how many percent of the viruses do your Anti Virus product detect?
My answer was: 100% of the ones we know of! If we have the malware then we simply create a signature for it and update our db!
So all this AV testing means is that the AV tester “might” have malware that the AV provider doesn’t. (I say “might” because noone can validate if they actually have real malware or not either!)
Actually there is no single entity that exists that can claim to have all the malware out there. All these companies, individuals, AV testers have only a subset of all the malware out there!
So what service is this AV Testers providing to end users, apart from saying, Ha Ha, look I have something you don’t to AV companies and claiming this is a test?
Wouldn’t these AV testers be helping the users more if they provided all the malware they know of to AV companies so that they all can start protecting their users better? Are they choosing fame over user security?
Wouldn’t it be better to provide all the malware they have to all AV companies and then test those AV products to see if have the “capability” to detect and remove those malware? Or test the speed of AV companies from being aware of a virus to detection?
Isn’t this like saying: Na, na na naaaa, I know a burglar in my street that you don’t Mr Police!? Why are you not protecting your neighbours by providing the details AV testers?
Ask yourselves AV Testers: Are users really benefiting from your actions? Or would they benefit better if you provided all your malware samples to Anti Virus companies let them detect all these malware you provided and then do a test to see which AVs don’t!
I urge all AV Testing organisations to adopt new and better ways to serve the users better!
Melih
Technology will turn photos and Videos into liars!
Hey, come on.. I have seen your video!!! You were there! Are you pulling my leg?
The surveillance camera got you! You should have smiled 
Technologies we take for granted as a trusted source of truth will soon start lying to us!
Check this footage……
http://technology.timesonline.co.uk/tol/news/tech_and_web/article4557935.ece
Soon you might see yourself on TV confessing to a crime that you did not commit along with your footage of a surveillance camera clearly showing you committing the crime, but you know you didn’t!
Soon you might see the President declaring war on TV, but in fact he didn’t!
Soon you might see the information we are being fed can no longer be trusted!
Well, we know we can’t trust what we read unless we can verify, but now, we can’t trust what we see/watch either!
Who/what can you trust? How can you verify? The role of Authentication!!!…..its only the beginning!!!
PS: Does this mean its the end of movie stars?
Melih
Comodo (Melih) Manifesto
Human potential unleashed through a Trusted Internet.
Communications has advanced the human race through the ages because it helped us retain and share vital information and behaviors. The first cave paintings and written scrolls evolved to printing presses and books, which then, exponentially, ignited scores of other revolutionary developments. In just 100 years, for instance, we learned how to traverse vast distances in jet planes what would have taken weeks on horseback! This is why believe communications advances human potential.
Now the Internet has become the central communications engine of our time, expanding our reach more broadly than ever before. With this tremendous reach however, the Internet has yet to achieve its full potential as a Trusted Internet. Today, we must contend with an Internet fraught with fraudsters as we singularly contend with challenges of trying to figure out who and what to trust online. We go online but we do so knowing that not all sites are equally trustworthy or that we probably shouldn’t trust most online sites with our very identities.
This is why we, at Comodo, have committed our hearts, minds and resources to the vision of a Trusted Internet. This is where every digital interaction, every online interaction will include a new layer of security and trust enabled by an entire infrastructure designed to help us create mutual and real time trust. In a Trusted Internet, we can find what we want online without wasting our time with untrustworthy merchants. We can shop far more efficiently because we can verify the site’s credibility and business practices – immediately.
And with a Trusted Internet, we will be able to do things we can’t even try to do today. With a Trusted Internet, our PCs will automatically be able to find products or information we want from reputable, authenticated merchants and “subject matter experts”. Our computers will be able to vigorously and proactively defend our identities ensuring, in real time, that our information is safe and has not been compromised. But most fundamentally it means that we will all able to connect with each other with full confidence that we can create trust online when and where we need it.
And for it to benefit everyone, it must be delivered as a right to everyone; not as a luxury or a privilege dependent on a person’s ability to pay! To reach this state, we intend to change behavior and help people move from not using PC security because they can’t afford it to using PC security because we give away it away for free. We intend to change people’s low expectation of not being able to authenticate anything online to being able to authenticate everything online – identities, content and even a site’s legitimacy.
This will be how the Internet and the power of communications intersect, unleashing new ways for us to communicate, collaborate and exchange ideas that advance us all. And this is why Comodo believes that creating trust online is a mission that inspires us forward towards our vision of a Trusted Internet!
Thanks
Melih
The “Trouble Triangle” for the Music and Video industry!
People often come to me and say, hey Melih why don’t you protect Music and Videos, look at the piracy they suffer from etc. So I thought I should write this blog to explain the issues involved.
Content, whether Audio or Video is not difficult to protect! Honestly, the technology has been around for a long time.
However, what is difficult is to implement a practical solution that will work ubiquitously in the industry! There are divided interests and the dreaded big “Trouble Triangle” that stops it from happening!
Now, the Publishers (the people who make money from selling Content, like Music and Videos) want to, and rightly so, protect their interests against piracy. Of course the triangle is 3 fold. We have a publisher who creates the content, we have a hardware manufacturer who builds the hardware to play this music or video and we have the Users who has the hardware and the content (music/video).
Now, to achieve a secured/controlled distribution to mitigate piracy you need to convince at least 2 of the 3 parties in that triangle! Any 2 and you have a controlled/secured distribution!
Publishers: it is obvious as to why they would want to secure their content.
Hardware Manufacturers: Some might want to do deals with major content providers in return for some market share, but Hardware manufacturers do not want to limit their markets by limiting who can buy their products.
Users: They just want content! Its fair to say that in general they don’t care about security or control of distribution channels (yes yes, i hear some of you saying that they should.. but lets get realistic here.)
while distribution is getting easier (Internet and downloads, compared to records and CDs of 70s and 80s) unless 2 of the 3 parties (has to be ubiquitous and just having one hardware provider won’t do) are interested in pushing security and control, I find it difficult to see how security and control can be established.
However, saying that, this could represent a new opportunity and a new business model for content providers turning this lemon into a lemonade by adopting a new business model by piggy backing on this new distribution era.
Thanks
Melih
A Door, A Burglar Alarm and Insurance - All you need for Computer Security!
A DOOR!
To help prevent intruders from coming in: PREVENTION
A BURGLAR ALARM!
To detect if someone has got in: DETECTION
AND
AN INSURANCE POLICY!
If everything else fails-insurance to rebuild everything back: CURE
Sounds simple right… We all have doors, majority of us have burglar alarms and insurance. This is the way we protect ourselves, our families and our belongings! We first PREVENT, we then DETECT and if all fails, we have the last resort CURE
Is there a house without a door but Burglar alarm? Of course not! And insurance usually would require you to have a burglar alarm! So the process and order of protection goes like this:
PREVENT
DETECT
CURE
I know, I know tell you something you don’t know, right!..
How about maybe I ask you a question
Why the hell don’t you have a door on your PC???!!!!
You have a Burglar Alarm… called Anti Virus product… but no Door?
What gives?
What do you mean ask another question but make it easy???
No I will stick with this question if you don’t mind! So go on then.. 
You see, Layered Security is the way forward, we should have all 3 layers in the way we secure our PCs, yet today we only have a burglar alarm! And our burglar alarm only goes off if and only IF it recognises the burglar! If the burglar is not in the list of recognised burglars, then tough… let him waltz in! Because your Anti Virus can alert you to a virus it knows. Any new ones that it does not recognise can walk right into your PC!
So, I am still waiting for your answer!
Bad isn’t it! Time to change the way you secure your PC and your Online Presence! Time to deploy “PREVENTION” as your first line of defense, and its time to make sure “CURE” is a part of the solution you are given! Because nothing is 100% fool proof! Yes Comodo comes close but nothing can ever be 100% secure (and anyone claiming 100% security is known as snake oil).
Its time for a change!
Comodo has built the most holistic and comprehensive security that does utilise Prevention, Detection and Cure as a methodology and provide all 3 in package!
You have no reason not to be secure!
Thanks
Melih
Machine vs Human - A War Underway!
————————————————————————————————————————
Self Replication:
Self-replication is any process by which a thing might make a copy of itself or something similar to original.
Creater:
God, as far as any creation is concerned!
Initiator/Releaser:
Somebody/something that releases a creation with self-replication capability
Self awareness:
Self-awareness is the explicit understanding that one exists.
————————————————————————————————————————
The above are some simple terminology that will help us with the following story.
The question is what is a Machine? A simple answer would be: Any human created mechanical/electronic device. So a Computer would classify as a machine.
Thanks god that the Terminator like self aware machines are still yet tomaterialise! However, this does not mean that we are not fighting the war against machines!!! Machines don’t have to be self-aware to fight humans!
They just need to be programmed!!! Just like the DNA that gives us our code about what us humans should do, programs tell machines what they should do! One of the most sophisticated machines that we interact with today is a PC. Also as it happens it is one of the most connected ones! Which means infection can occur very easily between PCs. Just like organic viruses/bacteria use Air, blood or other method to infect other humans, Computer Viruses use the connectivity (Internet, email, wireless, shared storage devices etc) that we have been building for them! Now computers are more connected than ever, and this connectivity will only increase. These complex machines that we call PCs are being infected and turned against us! Not by other machines but by humans! Machines are being used, manipulated for ill gains! People are writing programs/codes to turn your home computer against you! To steal your information to benefit its Creator or its Initiator/Releasor. We have been fighting the very machines we paid $$$ for! And we have been loosing that war!! Now, there are more computer viruses out there than ever and the techniques used today are at best outdated! Computer Viruses (malware) are Self-replicating. Which means they go to a machine and infect it, then find ways in which it can use that very “host” it has taken over to infect the other victims it can find.
Sure they are not killing us, sure they are not demolishing our houses, the reason for that is today they are limited to our PCs! Their universe is our PC. But hang on.. don’t get so comfortable your life and house maybe safe but they can and they do steal your bank account details, they can and they do delete your valuable data, they can and they do use your machine to attack others! They are already fighting you! Yes its humans behind them, yes these Computer Viruses(malware) are not self aware, but do they need to be to cause you a damage? They are self replicating and they can mutate to avoid detection! Once released, their creator/releaser usually has no control of the damage they will create! If humans were files on PCs then these Viruses (malware) would be the worst AIDS virus that is airborne! Yep nasty stuff for poor files!
So the war has already began! We are already fighting this war one Computer at a time! Because today’s security is ridiculously inadequate.
We have created “Preventitive” technologies like our Superb Comodo Firewall however there are more than 400 Million Internet enabled PCs with a good chunk of them infected by these viruses/malware!
Time to get the “Human” element and start fighting these “Machines”! That’s where Comodo once again taking the lead and showing the world of security how it should be done, by creating “Free Malware Removal” by Comodo Security Experts! These security experts will remotely clean your machine and, if you wish to, install our Security technologies to protect you from future attacks and infections.
Whether you like it or not, the war has began!
thanks
Melih
Above images are taken from:
Race to Zero… Who needs it?
Self denial
Ostridge mentality
Can’t face the music
Hard to let go
and so on… summarises all that you can say about the Current AV industry!
Hey guys: Wake up and smell the roses! You are fighthing 21st Century war in trenches!!! It does not work!!
Here is the Article where AV vendors cry foul about a Contest at Defcon . In this contest contestants will simply create new malware from the old ones by modifying the current ones.
WOW…
No.. There is no WOW.. this is a well known technique well exploited by malware authors over and over and over! What do you think malware authors do, create malware and keep their fingers crossed that AVs don’t catch it, or simply test their creations against well known AVs make sure they don’t even blink at this new malware before they release it to the wild! Its old news. Let me explain: You take an existing malware and re-pack (encrypt) it with an obscure packer (encryptor) now you have an old malware with a new disguise! Yep as simple as that! Now, crying foul, whinging and poo pooing this contest is NOT what the current AV industry should be doing! It is silly to claim this contest will create more malware!! As if malware authors don’t have access to the latest virii making tools!! Cos they all do!
What is silly is the way we still defend ourselves using 25 year old technology!!!! For god sake, imagine going around with 1980’s cell phones today?? How cool would that be? But we are not ashamed to go around with a similarly old technology that we call AV products based on signatures!!
My point is not that AV doesn’t have a role in our security arsenal. It certainly does.
My point is: Signature based AV is not and cannot be your first line of defense, Period!!!
Signature based AVs work based on default allow , this kind of technology can no longer be trusted as your first line of defense as they will let some baddies in! What we need a Default Deny system where malware can’t surprise us!
Thanks
Melih
Social Authentication
hmmmm… yet another Social something! Social networking, Social peeing, Social this and Social that! Whatever next!!
But….
The power of end users who are doing things and the power of internet and computers to be able to utilize these actions, turn them into a useful set of data and then re-use it for other users is a nice of way progressing internet!
First time in human history (that we know of ) we can use our collective intelligence. We just need a way to mine and use that intelligence!
So here comes Social Authentication!
What is it: Its an infrastructure to enable end users (bloody powerful force I say..) to tell us what is good what is not! As simple as that! You go to a site and you rate it. You rate whether that site is a subject matter expert on the content it is displaying or whether they are a good merchant that has done things right for you or not. Now you can learn from the experiences of others in this social network! Its a social network for Authentication!
Why does it matter: Well, because we are now generating more content than ever before! Great that we can search thru this content but WE NEED HELP!!!! Having 10BillionZillionTrillion web pages is no good unless I can find what I want! Yep its well and good that search engines have some way of creating relevant indexing, but I rather know what other users have thought about a site than a formula of a search engine! The power of end user’s say is infinitely more valuable in deciding the relevancy of a web site/page than any known formula today! Being able to identify top rated sites/pages by users is valuable, saves times and gets the user exactly what they need! Thats worth something! When you go to a site seeing what other users’s have said and rated the site with is also a great indicator that will play a role in the way that end users make their decisions.
Social Authentication is the way in which we can make Internet more relevant!
Thanks
Melih
Enough is enough! Time for accountability for the Desktop Security industry!
Enough is enough! Well over 20 years the industry has been selling solution to a problem, that seems to have gotten worse!
Thats like selling headache pills and your headache gets worse! Something is wrong with that picture!
When you get your haircut, you don’t then go home and finish it off yourself! Thats why you pay the hairdresser!
When you go to a restaurant, you don’t go and cook with the chef! (even though I have been to a few in my time, where I wished I had :))
You get the gist!…Enough is enough for paying for desktop protection where I am not guaranteed protection nor offered a remediation when I need it!
So what do I pay for? Partial security?
The truth is yes! Unaccountable, partial security is what you get!
Enough is enough!!! NO MORE
Today, 4th February 2008, is the day Comodo puts accountability in the dictionary of Desktop Security Vendors!
-> First time ever, You getting infected with malware will cost the Security vendor money!
-> First time ever, You never have to deal with malware!
-> First time ever, A security vendor will put itself between you and the malware!
-> First time ever, A security vendor will give you a peace of mind from malware!
-> First time ever, A security vendor will put themselves Accountable for your Protection!
Its been far too long, but enough is enough! Now with Comodo AVSMART Warranty users will get total peace of mind and protection!
We are the first desktop security company who has put itself between its users and malware. what that means is we are the only company whereby if you get infected it will cost us money, unlike other security vendors! We are like the insurance company rather than a drug company where it is not in our interest for you to be sick because it will cost us money!
This is the revolution long overdue! This is the revolution you the endusers deserve!
Enough is enough. End users deserve accountability!!!! Security industry can only smile at endusers’s face while taking their money and in return provide no accountability!
IT STOPS TODAY, RIGHT HERE, RIGHT NOW!
Thank you
Melih
Pages
Recent Posts
- Inability to Authenticate hits us right where it hurts - security!
- Service to human race or fame seeking selfishness?
- Technology will turn photos and Videos into liars!
- Comodo (Melih) Manifesto
- The “Trouble Triangle” for the Music and Video industry!
