| Threats from Gadgets |
| Eric Chien - Symantec Bio |
| Gadgets are mini-applications, usually Javascript and XML, that are hosted by a framework. The most popular gadgets for Windows are Google Desktop gadgets and Yahoo Widgets. Gadgets have also existed for some time on the Macintosh platform and will be native to Windows Vista. Gadgets typically provide a small graphical view of realtime data such as the current battery life, stock quotes, or weather and are overlayed on the desktop. However, despite the appearance of some sort of sandboxed applet or plugin, gadgets generally have full system access just like any other program. Gadgets can contain malicious content including trojans, viruses, and worms. In addition, since most frameworks ship on both Windows and Macintosh systems, gadgets can easily be cross-platform. This paper will discuss the threats gadgets pose and how the frameworks allow rapid development of potentially malicious code. |
Eric Chien first started working at Symantec in 1997 for the Symantec AntiVirus Research Center (SARC) headquarters in Santa Monica, California. He graduated from the University of California, Los Angeles (UCLA) with a Bachelor of Sciences degree studying Molecular Genetics and Electrical Engineering. Currently, Chien heads research in EMEA region, analyzing current virus threats and researching new threats in the world of viruses and malicious software. He has been a key developer in projects such as the Digital Immune System, Symantec's automated system of virus analysis and the Seeker project which proactively finds viruses on the Internet. Chien has spoken at various conferences and published a variety of papers addressing threats to computer security via malicious software.