February 15, 2006

The new face of phishing

One of the basic aspects of security is trust. Trust is a difficult thing to quantify, to assign, and to validate. This has not stopped the Internet from being built relying on trusted authorities to tell us, the great unwashed masses, who is a scammer and who is for real.

So on that note, some phishers have taken a step forward in sophistication. According to several articles (one of which is here: http://www.boingboing.net/2006/02/14/phishers_trick_inter.html ), a phishing site was erected that not only looked like the legitimate bank, but it had an SSL certificate issued from Geotrust, and assurance from Choicepoint that they were the genuine article.

What do we do if even jaded security professionals can get duped, and the mechanisms that are in place to assure individuals about who we should trust and who we should shun are compromised?

I do think that incidents such as this will raise awareness in the trusted authority community that scammers are now actively targeting them. While I love that SSL certificates are no where near the price they were five years ago, I do believe that improvements in fraud detection from the cert authorities will enter an arms race similar to that of the malware/anti-malware dynamic.

March 29, 2005

Why would anyone attack me?

After hearing yet another person say that he was not too concerned about security because he had nothing he cared about the confidentiality of, I felt I should post briefly the answers I have given so many times to those sorts of remarks. For those readers who know anything about security, there is nothing new here.

You should always be concerned about security because you will always be a target. Even if a home computer that has no confidential information on it will likely be targeted, for several reasons.

1. Automated threats such as worms and viruses don't care what they infect, they infect whatever they can, generally indiscriminately.

2. Your computer represents computing resources. It probably has a lot of processing power that you rarely use, and a lot of unused disk space. The perfect place for storing hacker warez or pornography, and if you're on a broadband link, the perfect system for using to launch a denial-of-service attack, or as a file server. The fact that you are an unimportant, obscure user only makes it more appealing, because the attacker is less likely to be found out.

3. You represent an interesting target for advertisers and spammers. Hence the proliferation of spyware and adware - as long as you are surfing, you are a reasonable target to such dirty tricks.

You should care about this, because if your computer gets hacked and malware gets on it, it can at best ruin your computing experience by grossly slowing down your machine and making it crash, and at worst it can make your computer party to a crime such as serving child porn or participating in extortion attacks.