Tag Archives: BBC

Anti-social media part umpteen

BBC: Children ‘blackmailed’ for sexual images in online video chats. “A surge in the use of video chats and live-streaming among children is leaving them vulnerable to abuse, the NSPCC has warned, calling for a social network regulator to be introduced.”


Graham Cluley: Facebook Portal isn’t designed to be as private as you might hope – Graham says “I doubt I’m alone in the world in thinking that allowing Facebook, of all companies, into your home with a microphone and a video camera is a pretty terrible idea.” Indeed he isn’t… And this story is not reassuring, with FB’s weaselly partial backtracking on the assertion that it would not collect data for targeted advertising.


I’m not the biggest fan of SANS and its newsletters. (That would be SANS…) But the Top Of The News section in its October 19th 2018 Newsbites newsletter includes a number of links relevant to election interference and social media that you might find worth reading.

David Harley

Advertisements

Resource updates 21st March 2018

Additions to the new Anti-Social Media page:

Additions to Meltdown/Spectre – Related Resources

Petya – cracking the encryption for free

A flaw in Petya – the current version, at least – has allowed an unidentified researcher to create a key generator to crack the encryption without paying 0.9 bitcoin to the criminals. BBC story: Petya ransomware encryption system cracked. Commentary by David Bisson for Graham Cluley’s blog: Infected by Petya ransomware? Use this tool to unlock your files… for nowThank goodness ransomware sometimes contains bugs too… And the website set up to help people with the generation: unfortunately, the average victim will have problems getting the information necessary to kickstart the process.

Confirmed by Lawrence Abrams of Bleeping Computer.

David Harley

Added to the Ransomware Resources page

A technically not-very-sound article from the BBC on The computer virus that blackmails you. It would be nice if a ‘technology reporter’ knew better than to describe all malware as ‘a virus’. Still, I suppose anything that raises awareness of the problem is at least partially helpful. And while it’s not always the case that files can only be recovered from a backup version, it’s good to reinforce the idea that backups are a Good Thing.

Added to the Ransomware resources page.

David Harley

About those alligators….

I don’t know what Peter Norton  is up to these days. In the anti-virus industry, he’s probably best remembered for (a) the security products marketed by Symantec that still bear his name (though not the famous pink shirt photograph), though he sold his company to Big Yellow about 20 years ago. In researcher circles, he’s also remembered for telling Insight magazine in 1988 or thereabouts that “We’re dealing with an urban myth. It’s like the story of alligators in the sewers of New York. Everyone knows about them, but no one’s ever seen them. Typically, these stories come up every three to five years.” Well, quite a few people put computer viruses in the same category as flying saucers around that time. Commodore, for instance, reacted to questions about Amiga malware by saying that it sounded like a hoax, and moved on (1) to ignoring it altogether.

Not long after that, he lent his name to Symantec’s antivirus product, which I suppose makes it the world’s first anti-hoax software.

I’ve no idea whether there really are or ever were alligators in the sewers of New York, but according to the BBC, Scotland ‘s sewage system has quite a few equally bizarre inhabitants. Notably:

  • A Mexican Kingsnake
  • A goldfish called Pooh
  • An anonymous frog
  • An equally anonymous badger (no, it wasn’t in the company of the frog: what a story that could be…)

 The above were all alive and well, if not as sanitary as one might hope. However, a sheep found in a manhole chamber and a cow found in a storm tank did not survive the experience. Other inanimate objects found included credit cards, a working iron, false teeth, jewelry, and some of the hundreds of thousands of mobile phones that Brits are alleged to flush down the loo. 

It’s not known whether the very smelly aggregation of money mules that is apparently operating out of Scotland and associated with the “London scam” described here is operating out of the same network

(1) Yes, I’m paraphrasing myself. “Viruses Revealed”, Chapter 2, published by Osborne in 2001.

David Harley FBCS CITP CISSP
Security Author/Consultant at Small Blue-Green World
Chief Operations Officer, AVIEN
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://avien.net/blog
http://www.eset.com/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://macvirus.com

PleaseRobMe: too much information…

[I’ve been told that the PleaseRobMe site includes some dubious affiliation links and is in any case not being updated. I haven’t checked it myself, and the information comes from an organization that flags ‘problem’ links and suggests links to its own resources irrespective of relevance, so I suggest that you take it with the usual pinch of salt. However, I’ve disabled the link anyway: it is, after all, a very old story.  I did consider just removing the article, but it has some historical interest, and I’ve tweaked it slightly to bring it up to date. DH, 2018.]

Sometimes I think I should just stop killing myself multi-blogging and retweet Graham Cluley’s blog URLs. Like this one.

The web site he talks about (PleaseRobMe, not the Sophos blog) “…mashes together content from Foursquare and Twitter, providing an easy way for potential burglars and stalkers to find out where you are supping your cappuccino, and when you may have left your home empty…”

In fact, what the site has been doing  is auto-grabbing publicly available data from such sites and putting it all in one place, with the intention of highlighting the risk of giving away information that burglars and stalkers would find useful about your movements. Sadly, this makes it more of a miscreant-friendly resource than one useful to potential victims, since those victims-in-waiting are not very likely to come across the site.

Graham comments that it will be interesting to see if FourSquare and Twitter try to stop PleaseRobMe snarfing the data from them. We already have part of the answer to that: Mikko Hypponen reported about three hours ago that Twitter had suspended the @pleaserobme account.

There’s been a series of infomercials on UK TV recently in which “members of the public” try to interest thieves and burglars in robbing them, and a while ago there was a “reality” show in which an ex-burglar broke into people’s homes (with permission) and then lectured them on what they should have done to prevent it.

There’s would be a certain felicitous and felonious irony if PleaseRobMe were to get accused of having stolen part of their idea from these sources. 😉 In fact, though, the site is Dutch, according to the BBC, so probably not. The Beeb does cite some good advice from Charity Crimestoppers.

“Details posted online are available for the world to see; you wouldn’t hang a sign on your door saying you’re out, so why would you post it online?”

David Harley 

The Internet Book of the Dead (pointer)

I’ve just put up an article at ESET’s blog page that you might find interesting. In fact, if I wasn’t desperately trying to clear a backlog of stuff so that I can take a couple of days off, I’d have posted more on the topic here, but I am desperate, so here’s a simple pointer instead.

http://www.eset.com/threat-center/blog/2009/12/12/the-internet-book-of-the-dead

It’s basically a mock-up of an interview for the BBC that unfortunately didn’t take place, concerning the way your data outlive you.

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://dharley.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/

Now We Are 60-something

One of the joys of being over 60 (along with being able to travel free on buses I don’t have time to wait for, being written off as a bloodsucking pensioner by Gordon Ramsay, and humiliations like being offered seats on trains by heavily pregnant women unsure as to whether I’m likely to survive until Earl’s Court), is being patronised by people who haven’t been alive for as long as I’ve been working in IT.

Actually, 50-year-olds don’t have it much better: a publisher in the UK called Babani has a range of books on IT-related subjects like the Internet Guide for the Older Generation “Especially written for the Over 50s…It is written in plain English and avoids technical jargon wherever possible.” Perhaps it was written by the child in a cellphone shop in Reading who offered to show me how to change the battery in the mobile phone I was in the process of buying, since “even he” found it a bit challenging. Perhaps I shouldn’t have hit him with my work Blackberry: it hasn’t worked quite so well since.

Anyway, thanks to Corrine for directing my attention to this gem, telling me all about a “New PC developed specifically for the over 60’s” which apparently has just six clickable buttons (that sounds good, because it’ll give me a few fingers left over to count the hours till nurse brings my tea and biscuits), is based on Linux (this isn’t Grannyx, at last, is it?) and seventeen video tutorials introduced by Valerie Singleton.

Val was apparently born in 1937, which makes her even older than I am, and used to be one of the presenters of a BBC programme called Blue Peter, but has, it seems, recently moved on to talking down to those of us who’ve now attained our second childhood.

She explained to the BBC news that she doesn’t think that people understand computers.

“I’ve been using a computer for quite some time and I don’t understand everything,” she said.

“Every time I learn a new thing to do on my computer I have to write it down so that I can remember it.”

So I guess using a text editor or word processor isn’t one of the things she’s learned to do yet. Unless she had a senior moment and lost that particular piece of paper.

Hmm. Looking round my own office, maybe I shouldn’t be the first to cast that particular stone.

David Harley