Sunday, October 24


In Nipissing University, Ontario, Canada, a spyware was found in a center computer. It is possible that all students' personal information is stolen.

Students are not worried: "I guess that the worst that could happen is that the hacker gets to pay my student loans for me, so I'm not exactly worried about it. "

But I'm worried about the security. The center computer should be running UNIX, so the hacker must have made a special spyware for this hacking action because those modern spyware are only in Windows. After the spyware was developed, she found out a way to sneak into the university's system, and run the program (maybe she has root privilege?).

Although in the news the university "insists the school followed all the standard security procedures and had firewalls and monitoring software in place to catch hackers.", but I wonder whether the hacker has delete some log info, if she has root privilege. If this is true, the only way left for the police is to trace where the infomation is going to. I hope the receiving server IS in North America.

Dr. Prakash in University of Michigan is working on WebTap, which is a good tool to monitor outbond activities to find out spyware. This tool is useful in this case, because it can quickly find out the "unusually high levels of traffic on the computer network" automatically, which was found manually 6 months after the spyware was installed.