Big Red Brother (and his buddy) are Watching You

What would you say about the software that silently installs another piece of software from third-party vendor to your computer, which, in turn, collects information regarding your computer's security features (the presence and version of firewall, anti-virus software etc.) and requires Internet connection (!) to be available?

The software is called Adobe Flash Player extension for Firefox; the silently installed third-party tool is McAfee Security Scan Plus. That's it -- having installed a minor extension to a browser, you get a system-wide trojan curios piece of software installed to your PC.

Leaving aside the moral and legislative aspects of such scheme (and please don't say it's just business -- similar schemes were neglected even by Russian gangsters in 1990ths), just wish to warn you to be careful with these. Nobody knows what exactly information collects and sends out the installed tool, neither what is the purpose of collecting such information.

Another stimulus to write secure applications (taken from the Washington Post):

A data breach last year at Princeton, N.J., payment processor Heartland Payment Systems may have compromised tens of millions of credit and debit card transactions, the company said today.

If accurate, such figures may make the Heartland incident one of the largest data breaches ever reported.

It is not clear at the moment what exactly has caused the breach. The paper talks about some malicious piece of software, however, it says nothing about how had this code got to the payment processing network. In any case, a lack of attention or qualification (hope, the former) of developers and security officers has resulted in serious damage for the Heartland Payment Systems' reputation.

The data stolen includes the digital information encoded onto the magnetic stripe built into the backs of credit and debit cards. Armed with this data, thieves can fashion counterfeit credit cards by imprinting the same stolen information onto fabricated cards.