Storm and the Future of Social Engineering 77
Albert writes "Storm shows several key characteristics, some new and advanced. It uses cunning social engineering techniques — such as tying spam campaigns to a current event or site of interest — as well as a blend of email and the Web to spread. It is highly coordinated, yet decentralized — and with Storm using the latest generation of P2P technology, it cannot be disabled by simply 'cutting off its head.' In addition, Storm is self-propagating — once infected, computers send out massive amounts of Storm spam to keep recruiting new nodes."
ZOMG BOTZ (Score:3, Insightful)
the blurb doesn't even SAY anything beyond that, and the 'article' is a skinny summary that has a cute lil stupid graph in the middle... and a solid bracing of two columns of ads on either side.
Does any article with the word "storm" in it get published...?
Re:How is this news? (Score:5, Insightful)
Re:How is this news? (Score:3, Insightful)
First it says: "IronPort Systems estimates that, at its most destructive point in July 2007..."; I'd argue that it was at its most destructive during the September DDoS against multiple sites.
Re:ZOMG BOTZ (Score:2, Insightful)
A Little Education can bring calm after the storm (Score:5, Insightful)
Re:A Little Education can bring calm after the sto (Score:5, Insightful)
If you're car display lights up and flashes, people take notice but still I've seen people ignore the warning lights and just drive (sorry, but women are actually the worst culprits).
A computer is a black box to people and a few flashing lights/slowness mean nothing to them. It could be that their P2P app has just kicked in or their printer is printing or a million other things... people can't diagnose it, therefore they don't care about it.
You will *not* educate the masses, no matter what damage you do to their computers - these people are buying new computers every year because "the old one got slow", where in reality it was running at the same speed but just bogged down with viruses.
The way to do it is not to trust them to be able to spot it, or need to. That is, make a computer that takes care of such things. This is what privilege seperation do when they are implemented properly, but even on the strictest controlled networks, you'll find something users can do that wasn't designed for or intended. However, the fix is in the design and execution, not the dumb idiot who just wants to send an email to his family.
Re:How is this news? (Score:2, Insightful)
Re:How is this news? (Score:4, Insightful)
Re:Why. . ? (Score:4, Insightful)
Wikipedia (http://en.wikipedia.org/wiki/Storm_botnet) has a nice write-up on Storm, the "Methodology" Section is especially informative:
Yes, it's not hard to defend against getting infected, but every year there are a bazillion new computer users who want to "punch the clown to win a free i-pod", or whatever, and they get infected by the dumbest stuff. Then their computer can be used to attack others.
Anyway, most any
Re:A Little Education can bring calm after the sto (Score:4, Insightful)
Re:How is this news? (Score:3, Insightful)
That's not true if, instead, they have a healthy neurosis about running network clients that automatically download and execute foreign code.
It blows my mind that anyone still continued to run MSIE after 1995.
simple fix (Score:1, Insightful)
cannot be stopped, eh? (Score:4, Insightful)
I suspect a few public decapitations of the people running Storm would put a pretty quick stop to it. Just gotta pick the right targets, see.
Re:simple fix (Score:3, Insightful)
Re:Self created problem? (Score:3, Insightful)
I also prefer apps that are installed by dragging them into the applications folder, but if they create things in ~/Library, you're left with exactly the same uninstallation problem as you bemoan in Apple's installer. Unless that's just ~/Library/Preferences/com.domainname.AppName, I'd prefer a paper trail, i.e., an installer receipt.
Anyway, you or I may not create application installers, but as long as some people do, Apple is culpable in training users to type their password freely.
Re:Self created problem? (Score:3, Insightful)