The Year In Chips And Spam

What do CPUs and malware have in common? They both have evolved very quickly over the past few years.
Posted December 22, 2007
By

Andy Patrizio


(Page 1 of 2)

Looking Back

Moore's Law doesn't just apply to semiconductors, it could rightfully be applied to the rate of innovation in the technology industry. In most cases, that's a good thing, while in some cases, it's truly awful. It's rather sad to see malware writers manage to out-innovate many firms in the Silicon Valley. One wonders what legitimate software they could come up with if they ever decided to emerge from the shadows.

While the criminal element keeps the security software in business, other sectors are equally busy. For a sector with essentially two players, semiconductors remains vibrant and exciting. Sun, battling back from the edges of extinction under a new CEO, did the unthinkable and went whole hog into open source, and has been warmly greeted for it by the open source crowd. And "green tech" became one of the buzzwords of the year as energy consumption came to the foreground of every CIO's mind.

AMD vs. Intel

Eighteen months ago, CNBC's blowhard stock picker/weather vane Jim Cramer was down on Intel, often demanding the firing of CEO Paul Otellini, who was still relatively new to the job and cleaning up the mess left by his predecessor.

AMD, on the other hand, had one-upped Intel twice. It came out with 64-bit processors when Intel said no one wanted or needed 64-bit and it was first to market with dual core processors. It entered the server market for the first time with its Opteron processors in 2003 with no major OEMs. By 2006, it had all the tier one vendors: IBM, HP, Dell and Sun.

That would make AMD a victim of its own success. Infrastructure and fabrication is as vital to any chip vendor's success as design. Hot chips are no good if you can't make enough of them, and with a vendor like Dell sucking up the supply, AMD couldn't make enough.

The result was the company was creamed in Q1 and spent the rest of 2007 recovering. Its $5.4 billion purchase of ATI has yet to pay for itself but may in 2009 with the Fusion project. In the mean time, AMD is being hampered by debt from the purchase, which in turn impeded its ability to expand its manufacturing lines.

Intel, on the other hand, streamlined its operations, cut more than 10,000 workers and was aggressive in releasing new chips, both desktop and server, and cutting prices. It beat AMD to market with a quad-core server, although AMD is very quick to point out that the quad-core Xeon is just two dual core chips on the same die.

AMD had a genuine quad core server chip in the works known as Quad Core Opteron, a.k.a. Barcelona. It should have been called Godot because a lot of people were waiting around for it, and at this point, still are. Granted, it did show up in August when it was had been due in February but only select customers are getting it. Unfortunately for AMD it showed up fairly slow, with the top clock speed of 2.0GHz. The company was insistent that it would out-perform the 3.0GHz dual core processors. The jury is still out on that.

Meanwhile, Intel came out with a whole new means for making chips that eliminated lead and the silicon that gave the Silicon Valley its name. Somehow, "The Hafnium Valley" just doesn't have a ring to it, but it was an important breakthrough none the less. The results were lower voltage desktop and server chips that ran much cooler. Going into 2008, Intel is positioned much better than it was at the beginning of the year, while AMD continues to fall behind.

The Year in Malware

If they weren't so loathsome, malware writers would be almost admirable in their drive to innovate. This year has seen some incredible advances in malicious code, which is not good news for the rest of us.

The year began with an attack that would set the tone for the rest of 2007. On January 19, after severe weather struck Europe, thousands of people received an e-mail with a subject line "230 dead as storm batters Europe." It became known as the Storm worm, a nasty piece of malware officially dubbed W32/Nuwar by Microsoft, McAfee and a few other anti-virus vendors.

Storm was nasty because it defied the traditional spam methodology of hub and spoke distribution. A few servers, called command and control servers, would send out their payload and orders to the thousands of millions of infected computers on a botnet (define).

Storm, on the other hand, used a store and forward peer-to-peer approach, making it hard to eradicate. There were no central servers to take down, except at the very source, and right now the developer of Storm is the Osama Bin Laden of malware. As a result, it made Storm eradication very hard. The software mutates every 30 minutes, making it impossible to detect it with the usual signature-based security.

Other ideas weren't so successful. Spam continues to grow overall, surpassing legitimate e-mail in sheer volume, but spam blocking filters have gotten more effective, sparing us the garbage. So spammers tried new ways to get around them. First was the use of image-based spam, where the information on pump-and-dump stocks, erectile dysfunction medication or mortgage deals was in a graphical image.

The filters got better at stopping that, so they tried PDF spam. That proved ineffective, partly due to the fact that PDF is so large it's not efficient for spamming people. Plus, end users had gotten smart about not opening attachments from an unknown source. So PDF spam came and went in a real hurry. The year also saw its first audio spam, featuring a mechanical voice hyping a penny stock that proved more frightening than effective at selling the stock.

As the year wore on, a few trends become rather clear: the virus as we knew it was pretty much over, anti-malware software needed to move off signature-based detection, and the primary method of attack was now based on human gullibility.

The virus used to be about causing damage to your computer and then taunting you about it. That has really ended, with some exceptions. A virus was making the rounds earlier this year that deleted all of the MP3s on the user's hard drive. But by and large, malware today is about stealth. A bot wants to operate quietly on an infected computer, pumping out spam. A key logger wants to get as much info from you as possible. So they want to keep quiet.

Signatures, the venerable method of virus detection, are being viewed as near-obsolete now because this stuff mutates so fast it's impossible to keep up with it. Even though many antivirus products update their signatures multiple times per day, with the Storm worm mutating every 30 minutes, it's impossible to keep up. An effort is underway to move toward heuristics, detecting malicious activity by suspicious behavior, but that has proven a less than perfect science up to now.

The business of malware remains, regrettably, healthy. With China and Russia as the primary sources of malicious code and almost no leadership from Washington, Americans continue to be victimized to the tune of $100 to $200 million a year, depending on which report you read. Malware is such a big business the writers even offer service contracts with their software, so if it stops working, they will update it to get around the latest security measures.

Next page: The Life of Java


Page 1 of 2

 
1 2
Next Page





0 Comments (click to add your comment)
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.