Cybersecurity Newsbites: Be Careful Out There

Fighting the FUD in the cybersecurity headlines and highlighting the success patterns of security organizations staying out of the news by keeping their companies safe.

Cellphone Virus Boogie Man

Back in 2001, as PC shipments slowed, the anti-viral industry tried to hype up PDA and cellphone viruses - selling software to those billions of phones had them salivating. Of course, no real threats appeared and (luckily for them) by 2003 Internet worms started to impact consumer and enterprise PCs and sales went up. Of course, desktop antiviral hasn't been saving anybody from anything, but since it has been on our PCs since before the Internet, everyone assumes it has to be there.

Fast forward to 2004 - worms and viruses aren't making the new lately. Magically, the cell phone virus hype kicks up again.

It looks to me like 2006 is the earliers possible time that cellphone viruses or worms could be a meaningful threat - and the answer is not repeating the mistakes of the PC and trying to rely on client side software.

The cellular companies should learn from the AOL's of the world and announce they will remove viruses before they get to your phone. Let's only go to expensive, ineffective anti-viral client software if that approach doesn't work. On the Internet, we are doing the reverse - ISPs are starting to block attacks as we've realized client side software is expensive and doesn't really work.

08 December 2004 in Web/Tech | Permalink | Comments (2)

Phollowing the Phishers

More and more phishing emails can be traced back to compromised home PCs. For example, one that purported to be from CitiBank used the URL https://web.da-us.citibank.com/cgi-bin/citifi/scripts/login2/login.jsp?, but if you looked at the source it was really sending you to 68.72.96.25, which resolves to adsl-68-72-96-25.dsl.chcgil.ameritech.net  - probably a home user of Ameritech's DSL service whose PC has been compromised.

Even the simplest NAT firewall turned on at the DSL modem would stop this from working, the firewall in XP SP2 might as well. So, two easy steps to make it harder at that end.

But what really needs to change is the browser. There has to be a warning that the displayed destination is not where the browser is really going. Imagine if telephones allowed you to dial 800 BUY BOOK and it didn't take you to 900 280-2665, instead it took you to a credit hackers telephone. You'd be screaming at whoever sold you that phone. Unfortunately, the browser world has stagnated since Netscreen went down the dumper - maybe a bit of Firefox adoption will stir some innovation.

03 December 2004 in Web/Tech | Permalink | Comments (1)

Viruses and Search Engines

This latest my.doom variant used an interesting trick - when it hit a PC, it scanned that PC looking for domain names. It then went to Google, Yahoo, Altavista and Lycos and searched for email addresses from that domain name. This had several effects:

1. The virus tended to be harder on business PCs than consumer PCs, since more business email addresses seem to be found by the search engines.

2. It appeared to force Google to its knees. The way it worked acted as nice pseudo-randomizer - each new infected PC would search for different domain names, making it harder to recoginize (or stop) as a denial of service attack.

This is just another example of how the bad guys can use the good stuff to attack the good guys, and how we are inexorably being drawn towards email "white lists", where we trusted authenticated email senders but for everyone else we heavily spam filter and block all attachments. If you send me a virus, you are off the trusted list and get heavily filtered.

Between smarter viruses, phishing and other identity theft scams, the way we use and trust email is just going to have to change - it is inevitable. Today's email will go the way of the blinking URL tag.

27 July 2004 in Web/Tech | Permalink | Comments (1)

My Photo

About

Recent Posts

  • Web Audio As Podcast Test
  • Newsbites Deeper Dive - week ending March 15th 2019
  • This is only a test for simple audio capability
  • John and Carole Bike the Allegheny River Trail
  • Potomac Pedalers Back Roads Century Metric Version Ride
  • Another Bikey/Hikey/Bikey No Boaty Three Day Weekend
  • A Plethora of Baby Boomers Partial and Piecemeal Pedal of the Great Allegheny Passage Trail
  • Pretty Hilly, Pretty Hot, Prettyboy Reservoir 37 mile Bike Ride
  • Carole and John Head West: Bison Backups, Ursine Uncertainty, Cycling Skyward, Lakeside Lunching
  • Westminster Wheeling, Woodstock Walking

Linklist

  • A Nuttycellist's Monologue
  • John's Boring Work Blog
  • JJ8KGZ
  • JE1TRV
Subscribe to this blog's feed
Blog powered by Typepad

Categories

  • Funny ha ha
  • Ham Radio
  • Hiking
  • Internet Security
  • Kayaking
  • Old Fart
  • Pay it back
  • Sports
  • Web/Tech

Archives

  • July 2019
  • March 2019
  • October 2018
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • November 2016

More...

DAILY CARTOON click to enlarge
ANDERTOONS.COM DAILY CARTOONS
Cartoons by Andertoons

350 challenge

  • Brighter Planet's 350 Challenge