CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Implications of Mobile Code on Microsoft Platforms

Padgett Peterson

Padgett Peterson - Lockheed Martin

Mar 31, 2000

Size: 236.2MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube

Abstract

With the advent of mobile code (excutable programs that are carried on web pages and inside E-Mail) in everyday use, the capability to include malicious software without the recipient's knowlege has been implicit.

From the first crude examples ("Concept", 1995) through the "Russian New Year" exploits (1997-98), to the current surprises (Bubbleboy, 1999) there has been a continual advance in sophistication.

Despite attempts by the manufacturer to provide mitigation, these patches are little known or applied and often apply only to the latest versions and not the bulk of the installed base.

We shall examine the built-in capabilities that make this possible, the probable rationale behind such decisions, and the implication for future events.

About the Speaker

Mr. Peterson is currently the principal corporate information security architect for Lockheed-Martin Corporation. With over thirty years experience in computers, cryptography, and malicious software, he has written BIOS-level antivirus freeware (\"DIskSecure\", 1990) and macro-based WORD macro protection (\"Macrolist\", 1996). A frequent speaker at security conferences he is an internationally recognized expert in the field. He also collects Pontiacs

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

Disclaimer

The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.