An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Page 10 of 12 1 2 8 9 10 11 12
Re: THE CYBER-SECURITY THREAD
tacit #25607 04/03/13 04:20 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Today the MacInTouch Reader Report on Security noted an interesting article about Who Wrote the Flashback OS X Worm? and why. Another worthwhile read linked to is Everything We Know About What Data Brokers Know About You.


alternaut moderator
Re: THE CYBER-SECURITY THREAD
alternaut #25610 04/04/13 03:40 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
If this guy is who I think he is, he spent some time working with the DNSchanger/Zlob gang in Estonia. He escaped back to Russia when the rest of the gang was arrested about a year and a half or so ago.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: THE CYBER-SECURITY THREAD
alternaut #25611 04/04/13 02:27 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
That data article is amazing, scary, and it seems that the only way to stop it would be Orwellian and worse than the sickness.

what a wild world we now live in.


MacBook 2.4 Ghz · 4 Gb ram · 10.7.5
stuff I'm interested in
iPhone 4s 7.0.2
Re: THE CYBER-SECURITY THREAD
roger #25620 04/04/13 11:13 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
I think the best way to stop it wouldn't be Orwellian at all. I would propose several things:

1. For Russia to make computer malware a crime. Right now, writing malware 9even malware designed to steal money) just isn't a crime in Russia. Russian mafia makes more money these days on computer malware than on the normal organized crime trifecta of drugs, prostitution, and extortion; outlawing this activity in Russia would go a long way toward kicking the legs out from under Russian mafia.

2. For Russia to have extradition with the US.

3. For banks and merchant account underwriters to stop processing credit cards for organized crime. A lot of organized crime's revenue stream comes from "ransomware" (malware that encrypts the data on your computer and threatens to delete it if you don't pay a fee) and "scareware" (phony antivirus software that warns you of bogus, non-existent viruses and then keeps bogging your computer down with popup warnings until you pay to "register" the software). Panda Labs estimates that as of 2009, Russian organized crime was bringing in $34 million a MONTH from fake antivirus malware. Almost all of this money comes from credit card transactions. In 2011, US banks stopped doing business with Russian groups who were collecting money for fake antivirus registrations, but European banks quickly stepped in, often charging 30% or more in fees. The lure of $10 million a month in income was too great to pass up, I suppose. Outlawing credit card processing for criminal activity would do a lot to remove the financial incentive for some forms of malware.

4. Better policing of online ad clicks. The Flashback malware makes money when the virus writers set up Web sites that have ads on them, and then the malware causes infected computers to send bogus "clicks" to the ads. With each bogus click, the malware writers make money. If Google, Doubleclick, and other ad vendors were to implement more proactive monitoring of their ad performance, they could put a stop to it; for example, if a Web site has just one page that's an article in Romanian about artichokes, and somehow it's generating $15,000,000 a month in advertising clicks and 99% of the visitors to the site click the ads, then it doesn't take a rocket scientist to figure out what's happening.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: THE CYBER-SECURITY THREAD
tacit #25622 04/05/13 11:39 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
I wasn't thinking so much about the malware thing, more about the data collection by companies that is then sold to other companies. Making a profit from our information seems underhanded to me, but stopping/monitoring the collection of that data is what would be Orwellian.


MacBook 2.4 Ghz · 4 Gb ram · 10.7.5
stuff I'm interested in
iPhone 4s 7.0.2
Re: THE CYBER-SECURITY THREAD
roger #25633 04/06/13 12:02 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
After reading alternaut's linked article I visited Rapleaf, which was identified as a company that allows you full access to your records, and after viewing four accounts, one for each of my pertinent e-mail addresses, I found that they think that I'm male...nothing more. smile

That's only one data collector out of zillions, of course, but it's a nice start.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: THE CYBER-SECURITY THREAD
artie505 #25944 05/23/13 09:25 AM
Joined: Aug 2009
Likes: 7
Offline

Joined: Aug 2009
Likes: 7
Tacit: What's your opinion about Hackers Find China Is Land of Opportunity?


Jon

macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
Re: THE CYBER-SECURITY THREAD
jchuzi #25945 05/23/13 05:10 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
The article you link to has an interesting comment from an Indian professor about the Chinese hacking 'culture'. The curious (and I'm sure unintended) thing about that comment is that it also seems applicable to similar spyware activity in India, as exemplified by email-attached spear-phishing malware recently found in Europe.

Perhaps even more than for what it does, this so-called KitM/HackBack/Kumar malware is interesting because it's signed with a valid Apple Developer ID, which bypasses the Gatekeeper security feature in Mac OS X Mountain Lion. The associated 'Rajinder Kumar' ID is another cue to a large cyberespionage campaign that appears to be originating in India, to which KitM has been linked. This campaign has targets of both national interest (Pakistan) and economic interest (Western industries), something so far mostly seen with attacks coming from China.


alternaut moderator
Re: THE CYBER-SECURITY THREAD
jchuzi #25947 05/23/13 06:32 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Sounds about right. The Chinese government doesn't limit its endorsement of hacking to internal matters, either; it actively recruits and pays programmers to create and distribute malware that promotes China's interests abroad, whether that's targeting pro-Tibet activists worldwide or attacking US Government sites.

In Eastern Europe, hacking is just as common, though it's almost always organized crime who's doing it and it's almost always done for profit (bank skimming Trojans, botnets, and so on make lots of money for Russian organized crime). In China, the government sees hacking as a way to control dissent at home and gain an advantage abroad.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: THE CYBER-SECURITY THREAD
tacit #25983 05/26/13 08:06 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
It's not just china. Governments exist (in theory anyway) to benefit their people. Beyond that, all bets are off, anything is game. That's why we have wars, spies, gitmo, hacking, etc.

I'd imagine hacking is one of the more tame "state-sponsored" antisocial activities done abroad. Every government of reasonable size is doing it, just the same as every sizable government has a network of spies abroad.

"Why are we doing it? It benefits our people. Got a problem with that? If it's benefitting my people, why would I possibly care if you don't like my doing it? I''ll try to be a little more discrete, but I'm sure as heck not gonna stop."

Last edited by Virtual1; 05/26/13 08:09 PM.

I work for the Department of Redundancy Department
Re: THE CYBER-SECURITY THREAD
Virtual1 #28596 04/09/14 01:27 AM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Earlier this week Heartbleed, a 28 months old flaw in SSL was patched, that 'could allow attackers to monitor all information passed between a user and a Web service or even decrypt past traffic they’ve collected'. Do I hear someone muttering 'NSA' ?

There's little a user browsing the web can do about this, as the bug is located in a library used in the Apache and nginx Web server applications (which need to be updated), but it's something that should give one yet another pause commensurate with the importance the web plays in one's life. I'm sure there's more to come, both with regard to info about this particular issue, and others down the line.


alternaut moderator
Re: THE CYBER-SECURITY THREAD
alternaut #28597 04/09/14 09:25 AM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
As alternaut noted, there's precious little the end user can do until the various servers affected are repaired.

From the BITS blog at The New York Times:
"The most immediate advice from security experts to consumers was to wait or at least be cautious before changing passwords. Changing a password on a site that hasn’t been fixed could simply hand the new password over to hackers. Experts recommended that, before making any changes, users check a site for an announcement that it has dealt with the issue."

Re: THE CYBER-SECURITY THREAD
grelber #28601 04/09/14 06:51 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
I was pleased to note that the version of OpenSSL that ships with Mavericks isn't vulnerable, so those of us running OS X servers need not freak out.

That's a rather tiny spark of light in a very gloomy situation, though.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: THE CYBER-SECURITY THREAD
alternaut #28602 04/09/14 07:03 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Slowly, more information about the Heartbeat bug is becoming available. From the various sources I (fairly arbitrarily) picked two for your perusal (and follow-up, when and where warranted):

- The critical, widespread He...fo safe
- The Heartbleed Bug

It has been noted here and elsewhere that the SSL flaw didn't affect certain Mac OS X versions, based on the SSL version(s) used there. However, everyone accessing compromised web servers may still have had sensitive data exposed and should respond accordingly. In addition to keeping track of server update deployment, users may want to update affected browsers and other web apps they rely on. The first (PC-World) article linked to above lists ways to keep track of both update activities.


alternaut moderator
Re: THE CYBER-SECURITY THREAD
alternaut #28603 04/10/14 01:46 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
> Slowly, more information about the Heartbeat bug is becoming available. (Emphasis added)

Congrats on having a healthier heart than all/most/some of the rest of us. laugh

Edit: Oops! I see that Heartbleed actually is a Heartbeat bug. (Good opening, anyhow!)

Last edited by artie505; 04/10/14 01:55 AM.

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: THE CYBER-SECURITY THREAD
alternaut #28604 04/10/14 06:32 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Didn't think to document where, but I found this test, which pronounces all my critical financial sites (and FTM) secure.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: THE CYBER-SECURITY THREAD
artie505 #28607 04/10/14 08:59 AM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: artie505
Didn't think to document where, but I found this test, ...

Possibly in PCWorld's article (hotlinked in alternaut's earlier post).

Also of interest might be
Heartbleed-Masstest which lists the 'top' 10,000 vulnerable or OK websites at the beginning of the week.

Re: THE CYBER-SECURITY THREAD
grelber #28608 04/10/14 03:29 PM
Joined: Aug 2009
Likes: 14
Online

Joined: Aug 2009
Likes: 14
I wonder what the difference is between "No SSL" and "not vulnerable". Do they essentially mean the same thing?


ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: THE CYBER-SECURITY THREAD
ryck #28609 04/10/14 06:07 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
I'm pretty sure that "no SSL" would mean "vulnerable" to all and any information traveling back and forth, since there would be no secure sockets layer (cryptography) of any sort (ie, no https). Not likely that you'd find such on financial websites inter alia.

Re: THE CYBER-SECURITY THREAD
ryck #28610 04/10/14 06:59 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
"No SSL" means the site doesn't use encryption at all (if you try to go to https://thenameofthesite you won't get anything). Most sites on the Internet don't use SSL because they don't need to--they don't accept credit card information, for instance.

For example, my site at xeromag.com would sho up as "no SSL" because there's no security certificate there--I don't sell anything where I need to accept sensitive information. On the other hand, my site at franklinveaux.com does have SSL because I have an ecommerce store there.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: THE CYBER-SECURITY THREAD
tacit #28612 04/10/14 07:11 PM
Joined: Aug 2009
Likes: 14
Online

Joined: Aug 2009
Likes: 14
Originally Posted By: tacit
"No SSL" means the site doesn't use encryption at all (if you try to go to https://thenameofthesite you won't get anything). Most sites on the Internet don't use SSL because they don't need to--they don't accept credit card information, for instance.

Okay. Thanks. I had wondered because the Canadian Banking Association announced this morning that no Canadian banks were affected. However, this link had some banks as "no SSL" and others as "not vulnerable".

So, new question….if they don't use SSL, would they have their own encryption to assure the traffic between customer and bank is secure?

Last edited by ryck; 04/10/14 07:18 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: THE CYBER-SECURITY THREAD
ryck #28613 04/10/14 07:55 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: ryck
So, new question….if they don't use SSL, would they have their own encryption to assure the traffic between customer and bank is secure?

Yes. I checked with a major banking group earlier today on just this issue since nowhere on their website was there any indication of whether the bank's secure banking servers had been affected by the Heartbleed bug. Nor had any assurances been posted that their secure servers were immune to same and safe to use.

The bank advised:
"[Bank] has defenses in place to protect our customers so you can do your banking securely and without risk to your personal data. [Bank] uses secure SSL. Our banking sites and customer data are protected.
"Although we don't recommend any specific actions to bank customers as a result of this vulnerability, we always recommend that customers change their passwords regularly (ie, several times a year)."

According to a number of reports in the Canadian press, no major Canadian bank was affected by the Heartbleed bug. See, for example, the coverage in The Globe and Mail (www.theglobeandmail.com).

Re: THE CYBER-SECURITY THREAD
alternaut #28614 04/11/14 01:21 AM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Here are some more Heartbleed updates and tools. Among other things, it looks like it may be password changing time soon for lots of folks. Big time...

- Healing Heartbleed: LastPas...ability
- How to protect yourself in Heartbleed's aftershocks


alternaut moderator
Re: THE CYBER-SECURITY THREAD
alternaut #28617 04/11/14 08:05 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Heartbleed's been an open sore for more than two years, already, and there doesn't appear to be any indication that it's been exploited.

It's like the announcement, itself, is its springboard!


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: THE CYBER-SECURITY THREAD
grelber #28618 04/11/14 08:45 AM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
And this from the Office of the Superintendent of Financial Institutions (OSFI) via the Financial Post:
Heartbleed bug prompts OSFI to check in with Canada’s banks

Page 10 of 12 1 2 8 9 10 11 12

Moderated by  alternaut, cyn 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.063s Queries: 65 (0.050s) Memory: 0.7250 MB (Peak: 0.8872 MB) Data Comp: Zlib Server Time: 2024-03-28 08:47:32 UTC
Valid HTML 5 and Valid CSS