The infamous bradhicks

[thebitterguy]

Qusay will agree with me that bradhicks is an interesting read, but sometimes I just go "gah?" Like the past few days. He’s been doing a three part series about Script Kiddie Botnets and Gangster Supercomputers. Now, I’m no expert in the technology, but reading it just comes across as a wee bit hysterical.

He makes it seem as if every PC in the world is a zombie drone that will be turned upon its owner at any second, spilling his (OR HER!) credit and password information to an international conglomerate of cyber-thieves. And there’s NOTHING YOU CAN DO TO PROTECT YOURSELF.

I’m normally one to listen up when someone is offering a warning. But the sheer fear mongering aspect of this reminds me of the “child abduction hysteria” you get when you log into the website for a missing children’s charity. XX THOUSAND CHILDREN GO MISSING EVERY YEAR! and then you do some poking and find out the vast, vast majority of them are either parental abductions or runaways.

So, does anyone have any more level headed pieces on spam bots and related topics?

Comments

[rickj.livejournal.com]

I'm no expert, but his comment about getting hacked before you can put the service pack on your PC is 100% true. When I brought up my new PC, it fortunately came with some anti-virus stuff installed. While the service pack was downloading, I was playing with the bells and whistles of the AV software, having it show everything, and within 5 minutes of putting the computer on the internet, I had been probed 2-3 times and there had been a failed breakin.

[mneme]

Sure. The same advice you get everywhere else:

1. Run behind a hardware firewall. Disallow everything, then turn on only the services you need to get out. A software firewall is no substitute for a hardware firewall.

2. If you can manage it, run a *nix, not windows. When you're setting up the box, turn off all services except the ones you use (remember: you don't need it). If you can't run personal firewall software behind your hardware firewall.

3. Don't use MSIE or Outlook. Don't use whatever 90% of people out there are using -- that's what will get targetted.

[thetathx1138.livejournal.com]

Well, unfortunately, he's right. There really isn't anything you can do. A dedicated hacker can break into pretty much any security system available to the public. It's mostly a question of making it too difficult for "script kiddies", people too lazy to write their own code, to break in. They just go for easy targets.

The absolute easiest way to do this is to buy a Mac. That's not a bragging thing: nobody writes hostile scripts for Macs.

[redeem147.livejournal.com]

http://www.pulse24.com/Business/Top_Story/20060217-001/page.asp

[thetathx1138.livejournal.com]

Kinda proves my point; the first virus that comes down the pike and it's THAT? Kind of a letdown...

[redeem147.livejournal.com]

There's a further story on Feb 22, about how this is just the start, and the vulnerability of the Apples.

[thetathx1138.livejournal.com]

If you dig you can find articles about how viruses are going to descend on and destroy Macs en masse any day now for the entire history of the Internet. I remember how a bunch of superhackers were brewing up an OSX-destroying virus. Any day now it would be released, I was told.

The truth of the matter is most hackers don't own Macs (hence they can't write the code) and targeting Macs just isn't worth it to them. Keep in mind 90% of all hacking activity, viruses, etc., is about bragging rights. "Hey, I ruined some guy's Blueberry iMac" just isn't up there with "Hey, I shut down the entire banking system for my state" for a bored 15-year-old.

I'm sure eventually Mac viruses will become far more commonplace. They're as vulnerable as any other computer system; it's really just Unix with some proprietary code tacked onto it at this point. But I just don't see a flood being precipitated by some worm installed in iChat you have to go through several steps to trigger.