An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Page 10 of 12 < 1 2 ... 8 9 10 11 12 >
Topic Options
#25607 - 04/03/13 09:20 AM Re: THE CYBER-SECURITY THREAD [Re: tacit]
alternaut Offline

Moderator

Registered: 08/04/09
Today the MacInTouch Reader Report on Security noted an interesting article about Who Wrote the Flashback OS X Worm? and why. Another worthwhile read linked to is Everything We Know About What Data Brokers Know About You.
_________________________
alternaut moderator

Top
#25610 - 04/03/13 08:40 PM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
If this guy is who I think he is, he spent some time working with the DNSchanger/Zlob gang in Estonia. He escaped back to Russia when the rest of the gang was arrested about a year and a half or so ago.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#25611 - 04/04/13 07:27 AM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
roger Offline


Registered: 08/04/09
Loc: Vermont
That data article is amazing, scary, and it seems that the only way to stop it would be Orwellian and worse than the sickness.

what a wild world we now live in.
_________________________
MacBook 2.4 Ghz · 4 Gb ram · 10.7.5
stuff I'm interested in
iPhone 4s 7.0.2

Top
#25620 - 04/04/13 04:13 PM Re: THE CYBER-SECURITY THREAD [Re: roger]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
I think the best way to stop it wouldn't be Orwellian at all. I would propose several things:

1. For Russia to make computer malware a crime. Right now, writing malware 9even malware designed to steal money) just isn't a crime in Russia. Russian mafia makes more money these days on computer malware than on the normal organized crime trifecta of drugs, prostitution, and extortion; outlawing this activity in Russia would go a long way toward kicking the legs out from under Russian mafia.

2. For Russia to have extradition with the US.

3. For banks and merchant account underwriters to stop processing credit cards for organized crime. A lot of organized crime's revenue stream comes from "ransomware" (malware that encrypts the data on your computer and threatens to delete it if you don't pay a fee) and "scareware" (phony antivirus software that warns you of bogus, non-existent viruses and then keeps bogging your computer down with popup warnings until you pay to "register" the software). Panda Labs estimates that as of 2009, Russian organized crime was bringing in $34 million a MONTH from fake antivirus malware. Almost all of this money comes from credit card transactions. In 2011, US banks stopped doing business with Russian groups who were collecting money for fake antivirus registrations, but European banks quickly stepped in, often charging 30% or more in fees. The lure of $10 million a month in income was too great to pass up, I suppose. Outlawing credit card processing for criminal activity would do a lot to remove the financial incentive for some forms of malware.

4. Better policing of online ad clicks. The Flashback malware makes money when the virus writers set up Web sites that have ads on them, and then the malware causes infected computers to send bogus "clicks" to the ads. With each bogus click, the malware writers make money. If Google, Doubleclick, and other ad vendors were to implement more proactive monitoring of their ad performance, they could put a stop to it; for example, if a Web site has just one page that's an article in Romanian about artichokes, and somehow it's generating $15,000,000 a month in advertising clicks and 99% of the visitors to the site click the ads, then it doesn't take a rocket scientist to figure out what's happening.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#25622 - 04/05/13 04:39 AM Re: THE CYBER-SECURITY THREAD [Re: tacit]
roger Offline


Registered: 08/04/09
Loc: Vermont
I wasn't thinking so much about the malware thing, more about the data collection by companies that is then sold to other companies. Making a profit from our information seems underhanded to me, but stopping/monitoring the collection of that data is what would be Orwellian.
_________________________
MacBook 2.4 Ghz · 4 Gb ram · 10.7.5
stuff I'm interested in
iPhone 4s 7.0.2

Top
#25633 - 04/05/13 05:02 PM Re: THE CYBER-SECURITY THREAD [Re: roger]
artie505 Online


Registered: 08/04/09
After reading alternaut's linked article I visited Rapleaf, which was identified as a company that allows you full access to your records, and after viewing four accounts, one for each of my pertinent e-mail addresses, I found that they think that I'm male...nothing more. smile

That's only one data collector out of zillions, of course, but it's a nice start.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#25944 - 05/23/13 02:25 AM Re: THE CYBER-SECURITY THREAD [Re: artie505]
jchuzi Online


Registered: 08/04/09
Loc: New York State
Tacit: What's your opinion about Hackers Find China Is Land of Opportunity?
_________________________
Jon

OS 10.14.6, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365

Top
#25945 - 05/23/13 10:10 AM Re: THE CYBER-SECURITY THREAD [Re: jchuzi]
alternaut Offline

Moderator

Registered: 08/04/09
The article you link to has an interesting comment from an Indian professor about the Chinese hacking 'culture'. The curious (and I'm sure unintended) thing about that comment is that it also seems applicable to similar spyware activity in India, as exemplified by email-attached spear-phishing malware recently found in Europe.

Perhaps even more than for what it does, this so-called KitM/HackBack/Kumar malware is interesting because it's signed with a valid Apple Developer ID, which bypasses the Gatekeeper security feature in Mac OS X Mountain Lion. The associated 'Rajinder Kumar' ID is another cue to a large cyberespionage campaign that appears to be originating in India, to which KitM has been linked. This campaign has targets of both national interest (Pakistan) and economic interest (Western industries), something so far mostly seen with attacks coming from China.
_________________________
alternaut moderator

Top
#25947 - 05/23/13 11:32 AM Re: THE CYBER-SECURITY THREAD [Re: jchuzi]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
Sounds about right. The Chinese government doesn't limit its endorsement of hacking to internal matters, either; it actively recruits and pays programmers to create and distribute malware that promotes China's interests abroad, whether that's targeting pro-Tibet activists worldwide or attacking US Government sites.

In Eastern Europe, hacking is just as common, though it's almost always organized crime who's doing it and it's almost always done for profit (bank skimming Trojans, botnets, and so on make lots of money for Russian organized crime). In China, the government sees hacking as a way to control dissent at home and gain an advantage abroad.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#25983 - 05/26/13 01:06 PM Re: THE CYBER-SECURITY THREAD [Re: tacit]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
It's not just china. Governments exist (in theory anyway) to benefit their people. Beyond that, all bets are off, anything is game. That's why we have wars, spies, gitmo, hacking, etc.

I'd imagine hacking is one of the more tame "state-sponsored" antisocial activities done abroad. Every government of reasonable size is doing it, just the same as every sizable government has a network of spies abroad.

"Why are we doing it? It benefits our people. Got a problem with that? If it's benefitting my people, why would I possibly care if you don't like my doing it? I''ll try to be a little more discrete, but I'm sure as heck not gonna stop."


Edited by Virtual1 (05/26/13 01:09 PM)
_________________________
I work for the Department of Redundancy Department

Top
#28596 - 04/08/14 06:27 PM Re: THE CYBER-SECURITY THREAD [Re: Virtual1]
alternaut Offline

Moderator

Registered: 08/04/09
Earlier this week Heartbleed, a 28 months old flaw in SSL was patched, that 'could allow attackers to monitor all information passed between a user and a Web service or even decrypt past traffic they’ve collected'. Do I hear someone muttering 'NSA' ?

There's little a user browsing the web can do about this, as the bug is located in a library used in the Apache and nginx Web server applications (which need to be updated), but it's something that should give one yet another pause commensurate with the importance the web plays in one's life. I'm sure there's more to come, both with regard to info about this particular issue, and others down the line.
_________________________
alternaut moderator

Top
#28597 - 04/09/14 02:25 AM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
As alternaut noted, there's precious little the end user can do until the various servers affected are repaired.

From the BITS blog at The New York Times:
"The most immediate advice from security experts to consumers was to wait or at least be cautious before changing passwords. Changing a password on a site that hasn’t been fixed could simply hand the new password over to hackers. Experts recommended that, before making any changes, users check a site for an announcement that it has dealt with the issue."

Top
#28601 - 04/09/14 11:51 AM Re: THE CYBER-SECURITY THREAD [Re: grelber]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
I was pleased to note that the version of OpenSSL that ships with Mavericks isn't vulnerable, so those of us running OS X servers need not freak out.

That's a rather tiny spark of light in a very gloomy situation, though.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#28602 - 04/09/14 12:03 PM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
alternaut Offline

Moderator

Registered: 08/04/09
Slowly, more information about the Heartbeat bug is becoming available. From the various sources I (fairly arbitrarily) picked two for your perusal (and follow-up, when and where warranted):

- The critical, widespread He...fo safe
- The Heartbleed Bug

It has been noted here and elsewhere that the SSL flaw didn't affect certain Mac OS X versions, based on the SSL version(s) used there. However, everyone accessing compromised web servers may still have had sensitive data exposed and should respond accordingly. In addition to keeping track of server update deployment, users may want to update affected browsers and other web apps they rely on. The first (PC-World) article linked to above lists ways to keep track of both update activities.
_________________________
alternaut moderator

Top
#28603 - 04/09/14 06:46 PM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
artie505 Online


Registered: 08/04/09
> Slowly, more information about the Heartbeat bug is becoming available. (Emphasis added)

Congrats on having a healthier heart than all/most/some of the rest of us. laugh

Edit: Oops! I see that Heartbleed actually is a Heartbeat bug. (Good opening, anyhow!)


Edited by artie505 (04/09/14 06:55 PM)
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#28604 - 04/09/14 11:32 PM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
artie505 Online


Registered: 08/04/09
Didn't think to document where, but I found this test, which pronounces all my critical financial sites (and FTM) secure.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#28607 - 04/10/14 01:59 AM Re: THE CYBER-SECURITY THREAD [Re: artie505]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
Originally Posted By: artie505
Didn't think to document where, but I found this test, ...

Possibly in PCWorld's article (hotlinked in alternaut's earlier post).

Also of interest might be
Heartbleed-Masstest which lists the 'top' 10,000 vulnerable or OK websites at the beginning of the week.

Top
#28608 - 04/10/14 08:29 AM Re: THE CYBER-SECURITY THREAD [Re: grelber]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
I wonder what the difference is between "No SSL" and "not vulnerable". Do they essentially mean the same thing?
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#28609 - 04/10/14 11:07 AM Re: THE CYBER-SECURITY THREAD [Re: ryck]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
I'm pretty sure that "no SSL" would mean "vulnerable" to all and any information traveling back and forth, since there would be no secure sockets layer (cryptography) of any sort (ie, no https). Not likely that you'd find such on financial websites inter alia.

Top
#28610 - 04/10/14 11:59 AM Re: THE CYBER-SECURITY THREAD [Re: ryck]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
"No SSL" means the site doesn't use encryption at all (if you try to go to https://thenameofthesite you won't get anything). Most sites on the Internet don't use SSL because they don't need to--they don't accept credit card information, for instance.

For example, my site at xeromag.com would sho up as "no SSL" because there's no security certificate there--I don't sell anything where I need to accept sensitive information. On the other hand, my site at franklinveaux.com does have SSL because I have an ecommerce store there.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#28612 - 04/10/14 12:11 PM Re: THE CYBER-SECURITY THREAD [Re: tacit]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: tacit
"No SSL" means the site doesn't use encryption at all (if you try to go to https://thenameofthesite you won't get anything). Most sites on the Internet don't use SSL because they don't need to--they don't accept credit card information, for instance.

Okay. Thanks. I had wondered because the Canadian Banking Association announced this morning that no Canadian banks were affected. However, this link had some banks as "no SSL" and others as "not vulnerable".

So, new question….if they don't use SSL, would they have their own encryption to assure the traffic between customer and bank is secure?


Edited by ryck (04/10/14 12:18 PM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#28613 - 04/10/14 12:55 PM Re: THE CYBER-SECURITY THREAD [Re: ryck]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
Originally Posted By: ryck
So, new question….if they don't use SSL, would they have their own encryption to assure the traffic between customer and bank is secure?

Yes. I checked with a major banking group earlier today on just this issue since nowhere on their website was there any indication of whether the bank's secure banking servers had been affected by the Heartbleed bug. Nor had any assurances been posted that their secure servers were immune to same and safe to use.

The bank advised:
"[Bank] has defenses in place to protect our customers so you can do your banking securely and without risk to your personal data. [Bank] uses secure SSL. Our banking sites and customer data are protected.
"Although we don't recommend any specific actions to bank customers as a result of this vulnerability, we always recommend that customers change their passwords regularly (ie, several times a year)."

According to a number of reports in the Canadian press, no major Canadian bank was affected by the Heartbleed bug. See, for example, the coverage in The Globe and Mail (www.theglobeandmail.com).

Top
#28614 - 04/10/14 06:21 PM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
alternaut Offline

Moderator

Registered: 08/04/09
Here are some more Heartbleed updates and tools. Among other things, it looks like it may be password changing time soon for lots of folks. Big time...

- Healing Heartbleed: LastPas...ability
- How to protect yourself in Heartbleed's aftershocks
_________________________
alternaut moderator

Top
#28617 - 04/11/14 01:05 AM Re: THE CYBER-SECURITY THREAD [Re: alternaut]
artie505 Online


Registered: 08/04/09
Heartbleed's been an open sore for more than two years, already, and there doesn't appear to be any indication that it's been exploited.

It's like the announcement, itself, is its springboard!
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#28618 - 04/11/14 01:45 AM Re: THE CYBER-SECURITY THREAD [Re: grelber]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
And this from the Office of the Superintendent of Financial Institutions (OSFI) via the Financial Post:
Heartbleed bug prompts OSFI to check in with Canada’s banks

Top
Page 10 of 12 < 1 2 ... 8 9 10 11 12 >

Moderator:  alternaut, cyn