Monday, November 3, 2008

Teh people vs an infected internets

Here's some useless technology "reporting" from the BBC. WTF is the point of this article? All it does is scare people about some vaguely defined internet badness. 

There's little to no explanation about the nuts and bolts of risky activities, infection, how it works, what to do if you've already been knacked, or what to look out for which might indicate that your system has been compromised. Pathetic!

The BBC's advice about how to avoid infection is totally laughable - "Don't click on links, especially on high traffic sites like social networks." LOL! 

To be totally safe, I guess I should just turn off my computer and never use the internets again... because if I do, this ill-defined but powerful worry that bad things will happen to me will come true! And it sounds like it's got something to do with my bank account but I'm not really sure. 

Things are slightly better at the Register, where their story Undetectable data-stealing trojan nabs 500,000 virtual wallets tells you how your computer can become infected (i.e. which programs it exploits), where the virus hides once installed on your machine, and then what it does to steal information off you, which is where it all gets pretty interesting. 
"Sinowal sits dormant on a machine until a user points a browser at the website of a bank or other financial institution. Then an HTML injection engine adds fields to the website's login page that prompt victims to enter social security numbers, passwords, and other credentials."
Very clever! And it shows up the main weakness the virus aims to exploit: user stupidity. Sure, the technology is pretty impressive, but this (and in fact most viral attacks) still rely on the user being dumbassed enough to enter all sorts of extra data that their bank has never previously asked them for. Or click on this hilarious .exe file - honest, it's really funny! And so on.

Apparently people really are this dumb. And the BBC's article doesn't do much to help their readers avoid this or similar pitfalls. It's not their job to do so, of course, but if their journalists have to report on technology, wouldn't it make sense if they actually explained things in a useful way, instead of than just stirring up angst?

Rant ends.

No comments: