North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?)
- From: Vinny Abello
- Date: Sun Jul 27 11:57:03 2003
Forgive my typo... here = hear. My brain isn't functioning yet this morning
and I am just typing what I "hear" in my head. ;) It's a Sunday morning. :P
At 11:45 AM 7/27/2003, Vinny Abello wrote:
At 11:25 AM 7/27/2003, Rob Thomas wrote:
Hi, NANOGers.
] Folks, its not underground any more. The criminals are using trojans
] to steal real money from real people now.
Indeed, and for a while (circa five months by my observation) now.
It is no longer, and hasn't been for a while, about technology.
The technology - the Internet and the connected devices - has
become a conduit for profitable criminal activity on an ubiquitous
scale, pure and simple. Miscreants don't break into databases and
steal 8M credit cards at a pop so they can card shells and shoes.
] Firewalls can't stop it, ISPs can't stop it. Its a *HOST* security issue.
I'll slightly modify that statement; it is a *PEOPLE* issue.
People who write code. People who use systems and networks.
People who abuse all of the above for monetary gain.
<babble>
I think people forget that we don't live in a utopian society. Some people
expect computers to solve all the problems and expect that they can
prevent crime in their own domain. We haven't eliminated physical crime at
all so I don't see why people are surprised to find that a computer was
used to commit a crime. Bank robberies take place all the time and you
don't here much about them. Probably more similar is fraud which has taken
place for a countless amount of time without the use of computers. Using
computers is just another way to perpetuate it.
I do agree with a lot of people in the fact that users of the tool must be
informed of how to use it safely, just like anything the person is not
100% familiar with. It's somewhat common knowledge to not leave bank
account numbers lying around for anyone to see. It's not as common for
people who are unfamiliar with computers to know not to open unknown
attachments, run anti-virus software, use a firewall, etc... Would the
average driver know how to handle an 18 wheeler? They could probably get
it going, but not safely. People must be educated about using computers,
ESPECIALLY if it is in a situation where security is elevated because the
company has something valuable to protect. A bank teller wouldn't likely
let a client behind the counter, yet many would probably open an
attachment sent via email without knowing what it is. I know the average
end user probably isn't likely as aware about security using their PC in
their home, but if banks and other institutions plan on making their
services available online in some manner, perhaps they should at least
send out occasional best security practices to protect people's
information. I can also see that it's not REALLY their problem either so I
could also go the other way on this. Just like a bank is not responsible
for someone breaking into your house and stealing your checkbook.
</babble>
Just my 2�.
Vinny Abello
Network Engineer
Server Management
[email protected]
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN
There are 10 kinds of people in the world. Those who understand binary and
those that don't.
Vinny Abello
Network Engineer
Server Management
[email protected]
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN
There are 10 kinds of people in the world. Those who understand binary and
those that don't.
|