Buznutt Blue Sky Solutions

Thoughts about the web: What I think I know.

Heads Up!

The internet is maturing. We now have all this great "Web 2.0" stuff whizzing around. You can make phone calls through your computer. You can do your banking online. Check out a product in an online store, click a tab, and the old information fades out while the new information fades in. Very cool. Very professional.

Developers are getting better at the craft. Browsers are becoming more capable. Connections are getting faster. Graphics are better too.

In general the internet is beginning to come into its own. I say beginning because no one knows for sure what it will be. It’s still too early for that. Yes, believe it or not, it is still too early to say. No one ever thought that the automobile would be a way to get to work. No one imagined drive in cafes or drive in movies, let alone drive in churches. Maybe one day we’ll decide that the ultimate purpose of the automobile was to cause mass extinctions through global warming.

The jury is still out on cars, and we’ve had them about a century now, so let’s cut ourselves some slack on this internet thing and admit that right now we still are not absolutely sure what the heck it’s really good for.

Whatever that may be, it’s getting better at what it is now. More usable, more varied, more useful and colorful.

We have better online applications. Businesses have options like Amazon Web Services to store data or run applications. Free email is available from Yahoo! and Google. Search is ubiquitous. The world is awash in web sites helping people get together in all sorts of ways. And then there is that absolutely killer application, email, which remains at the top of the list of the world’s most useful things.

Email is still great because people don’t change much. They want to communicate, to stay in touch, to be part of each other’s lives, and they always have. That doesn’t vary.

Sure you can put up a Facebook or MySpace page, or build your own web site somewhere (or even an online store, without much technical expertise at all). You can stuff all your photos into Flickr or one of the other, similar sites. But most of all you just want to keep in touch with people you care about, and communicate with them.

That’s normal.

The other side of this is darker. The other side is social engineering, "the art of manipulating people into performing actions or divulging confidential information". You can read about this at Wikipedia under social engineering.

Or see the movie "Catch Me If You Can", about Frank Abagnale (who has a book of the same title).

"Frank William Abagnale, Jr. (born April 27, 1948) is an American former check confidence trickster, forger and impostor who, for five years in the 1960s, passed bad checks worth about $2.5 million in 26 countries. During this time, he used at least eight aliases to cash bad checks. Currently he runs Abagnale and Associates, a financial fraud consultancy company."

From his web site: "Between the ages of 16 and 21, he successfully posed as an airline pilot, an attorney, a college professor and a pediatrician....Mr. Abagnale has now been associated with the FBI for over 30 years. More than 14,000 financial institutions, corporations and law enforcement agencies use his fraud prevention programs."

He did it by charming people. And he says it’s now easier than ever. Bluster works too. So does impersonation.

Which brings us back to the internet, and today.

I’ve recently switched to Linux for most of my work, and will be off Windows as soon as I can manage it. Luckily I have not had to deal with Windows Vista, but there is enough constant hassle with frequent firewall and anti-virus warnings, and upgrades to the firewall and anti-virus software. And constant fear.

Even on Linux I had a scare recently, when I clicked on a link after a Google search and came face to face with the "XP Antivirus 2008" malware. It completely took over Firefox and would not allow me to do anything. This is a great example of social engineering, and of how capable internet applications are getting.

It took the bluster approach. It looks like a real warning. It is scary, and it won’t quit until you do what it wants.

Being sort of sure that nothing could happen because I was on Linux and had a firewall set up wasn’t enough. This "XP Antivirus 2008" malware spooked the snot out of me. I panicked for a while. Because it took over my browser.

Even on Linux, which is basically safe from anything this evil software could do, I had a major if temporary disruption. Firefox was not responding to me at all. I disabled JavaScript and Java in Firefox and then the insane dialog box that would not die finally quit refreshing itself and I was able to close it, and then close Firefox normally.

I think I still rebooted the computer to be sure, and then did a search for new "*.exe" files in case I’d gotten some malware placed on the computer (even though Windows malware will not run on Linux). Anyway, it seems like I got through it OK.

I can only imagine what a totally naive person would think. You can get lots more information in a good story at "The Register": see "Anatomy of a malware scam: The evil genius of XP Antivirus 2008".

And keep your guard up, OK?

References:

Social Engineering at Wikipedia

Abagnale and Associates

Wikipedia on Frank Abagnale

Anatomy of a malware scam

Back to menu