jump to navigation

How to teach an ardor stance on net security? October 9, 2009

Posted by mbdavenport in Uncategorized.

It has been widely reported that 10,000 Hotmail email addresses ended up on the internet with matching passwords attached to each. After some brief fear of a widespread hacking job it became clear that these details had not been extracted by any black-hat coding ninjas. Rather, that the owner of each compromised account had willing given their details away to a fraudulent phishing attack.

Anti-virus companies spend millions, freakin’ millions on developing software designed to keep people safe from the more shady corners of the net. They developed file scanners, firewalls, spam-blockers and heuristic detection algorithms to keep the public safe and then they sold it to them so that they could protect their hardware from spyware, Trojans and worms. So they installed it, and all at once did they feel safe and good.

The problem is that it’s not enough. The general public seem to think that they’re protected from everything just because they downloaded AVG for free (or bought a Mac). They don’t appreciate that Anti-virus software has its limitations, the biggest one being its inability to save a user from their own stupidity.

Despite every company in the known world trying to tell their customers that they will NEVER ask for log-in details and or a password people will still give hand their passwords over to any email with a .jpeg file of any particular bank’s logo sutured on. People are still sending money to the sons of wealth Nigerian princes with liquidity problems. People are still clicking on banners telling them they’ve won a laptop, or a plasma television, or a holiday, or Tower Bridge. Apparently even Heads of the F.B.I. do it.

They just want to get on and use the computer for what they want. They’ll download anything, confirm everything and care nothing as they fumble their way around the internet, just so long as the computer remains usable. Their PC can be part of a botnet sending a hundred spam email a day but everything is hunky-dory if iPlayer is still working.

The only two things that prompt a response from an apathetic user from this malware co-existence are a) they download something that actually prevents them using the computer, or b) their bank account is emptied via a cash point in Taiwan.

Only education will save the day. People have to be taught about what is most likely safe and what probably isn’t. But people don’t care a massive amount about internet safety. They don’t care about computers at all. Go and find someone over the age of 30 and ask them what processor they have their computer. See that glazing of their eyes? That’s proof, that is.

It’s not a new problem – plenty of garages see cars with engines that detonated because they didn’t have any oil in them and they will continue to do so until the end of time. Or at least until the electric car becomes the norm and then it’ll just be something else going wrong.

Phishing is one of those problems that will exist in some form forever, a result of a failing in human nature that no software can reprogram.

I’ll bet anyone £20 that of the 10,000 addresses published, less than 50 per cent have had their passwords changed by the end of next week. Care to bet against me? No, I didn’t think so.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: