[LINK] Consumer computer security

Kim Holburn kim.holburn at gmail.com
Sun Jan 14 07:31:29 AEDT 2007

There was a good article recently in NYTimes (login required I think):

> Attack of the Zombie Computers Is Growing Threat

> In their persistent quest to breach the Internet’s defenses, the  
> bad guys are honing their weapons and increasing their firepower.
> With growing sophistication, they are taking advantage of programs  
> that secretly install themselves on thousands or even millions of  
> personal computers, band these computers together into an unwitting  
> army of zombies, and use the collective power of the dragooned  
> network to commit Internet crimes.
> These systems, called botnets, are being blamed for the huge spike  
> in spam that bedeviled the Internet in recent months, as well as  
> fraud and data theft.
> Security researchers have been concerned about botnets for some  
> time because they automate and amplify the effects of viruses and  
> other malicious programs.
> What is new is the vastly escalating scale of the problem — and the  
> precision with which some of the programs can scan computers for  
> specific information, like corporate and personal data, to drain  
> money from online bank accounts and stock brokerages.

> “It represents a threat but it’s one that is hard to explain,” said  
> David J. Farber, a Carnegie Mellon computer scientist who was an  
> Internet pioneer. “It’s an insidious threat, and what worries me is  
> that the scope of the problem is still not clear to most people.”  
> Referring to Windows computers, he added, “The popular machines are  
> so easy to penetrate, and that’s scary.”

> Sensor information collected by his company is now able to identify  
> more than 250,000 new botnet infections daily, Mr. Wesson said.
> “We are losing this war badly,” he said. “Even the vendors  
> understand that we are losing the war.”
> According to the annual intelligence report of MessageLabs, a New  
> York-based computer security firm, more than 80 percent of all spam  
> now originates from botnets. Last month, for the first time ever, a  
> single Internet service provider generated more than one billion  
> spam e-mail messages in a 24-hour period, according to a ranking  
> system maintained by Trend Micro, the computer security firm. That  
> indicated that machines of the service providers’ customers had  
> been woven into a giant network, with a single control point using  
> them to pump out spam.

> Serry Winkler, a sales representative in Denver, said that she had  
> turned off the network-security software provided by her Internet  
> service provider because it slowed performance to a crawl on her  
> PC, which was running Windows 98. A few months ago four sheriff’s  
> deputies pounded on her apartment door to confiscate the PC, which  
> they said was being used to order goods from Sears with a stolen  
> credit card. The computer, it turned out, had been commandeered by  
> an intruder who was using it remotely.
> “I’m a middle-aged single woman living here for six years,” she  
> said. “Do I sound like a terrorist?”
> She is now planning to buy a more up-to-date PC, she said.

On 2007/Jan/13, at 8:50 PM, Alan L Tyree wrote:

> Hi Linkers,
> I'm looking for some help here. I'm writing a submission to ASIC on  
> the
> review of the EFT Code of Conduct. One of the things that Industry has
> been pushing for is to make consumers liable for losses caused by
> computers infected with malware.
> The argument I wish to make is that consumers are hopelessly ill
> equipped to secure their (Windows) computers. Can someone point me to
> real research/statistics about the way that people *actually* run  
> their
> computers?
> Many thanks,
> Alan
> -- 
> Alan L Tyree                    http://www2.austlii.edu.au/~alan
> Tel: +61 2 4782 2670            Mobile: +61 427 486 206
> Fax: +61 2 4782 7092            FWD: 615662
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3342707610
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the Link mailing list