Posted on 02/28/2006 1:16:19 AM PST by neverdem
Most people who use e-mail now know enough to be on guard against "phishing" messages that pretend to be from a bank or business but are actually attempts to steal passwords and other personal information.
But there is evidence that among global cybercriminals, phishing may already be passé.
In some countries, like Brazil, it has been eclipsed by an even more virulent form of electronic con the use of keylogging programs that silently copy the keystrokes of computer users and send that information to the crooks. These programs are often hidden inside other software and then infect the machine, putting them in the category of malicious programs known as Trojan horses, or just Trojans.
Two weeks ago, Brazilian federal police descended on the northern city of Campina Grande and several surrounding states, and arrested 55 people at least 9 of them minors for seeding the computers of unwitting Brazilians with keyloggers that recorded their typing whenever they visited their banks online. The tiny programs then sent the stolen user names and passwords back to members of the gang.
The fraud ring stole about $4.7 million from 200 different accounts at six banks since it began operations last May, according to the Brazilian police. A similar ring, broken up by Russian authorities earlier this month, used keylogging software planted in e-mail messages and hidden in Web sites to draw over $1.1 million from personal bank accounts in France.
These criminals aim to infect the inner workings of computers in much the same way that mischief-making virus writers do. The twist here is that the keylogging programs exploit security flaws and monitor the path that carries data from the keyboard to other parts of the computer. This is a more invasive approach than phishing, which relies on deception rather...
(Excerpt) Read more at nytimes.com ...
If a security vendor isn't willing to show his work, I'm not going to trust that his stuff doesn't do something malicious.
Don't get me wrong, I use closed-source software when it's the best choice.
I just can't understand how ANY security software, especially closed-source software, can be considered the best choice when it runs on a Windows platform.
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
Oh - and don't listen to the Linux fanboys who insist that XP can't be made secure. It can, and you're off to a great start. Go to zonelabs.com and download their free firewall, and you'll be doing enough that you won't get hit by anyone who's not specifically targeting you.
Haw haw, Microsoft may have known about it for 3 months or more before it gets around to plugging yet one more sieve hole. They have to, lest the fix disable one of their lucrative program$.
Got a link to a LiveCD .iso? I'm not closed-minded; I'm more than willing to try out Linux if someone can show me a build that will operate the fairly standard hardware in my laptop.
Methinks we have a Winders troll here, but I'm willing to reserve judgement for a bit....
Here. Please list what hardware it doesn't find.
No, really. We'll wait for you to come back with the list.
Well, in that case, you should be able to hack my machine right now. Why don't I PM you my IP address, and you show me just how insecure I am?
I'll leave that joy to the l33t h@X04$ in Russia.
That's exactly what I do. I run both hardware and software firewalls, and I frequently sweep for malware with different products. (I am on assignment removing the stuff professionally at this point in my life. I get an occasional tracking cookie- but that's it.)
Great idea.
or insert a Sony BMG CD....
or look at a web page with an image crafted to take advantage of the fact that IE is built in to the GUI and the GUI is built in to the OS.
But, yeah, other than that, XP is great! And all you need is a bunch of extra software and hours of time to make it that way!
Not at all a troll. I'm downloading the .iso now, although since it'll take an hour or two to complete I probably won't be able to burn the CD and test it until tomorrow. I promise that I'll run it and post back on this thread within 24 hours, whether my results are positive or negative. Thanks for providing a promised-good build.
I've had pretty good luck with Knoppix. 4.0.2 is the current version, I think. It seems to find everything OK on my homebrew.
http://www.knoppix.net/
Or- try digging through here:
http://www.frozentech.com/content/livecd.php
None of them has tried, or at least been successful. So why don't you go ahead and show them, and me, up? Obviously you have l33t h4 >< >< 0r $k1||s and can p\/\/N W1n|)0z3 anytime you want. I don't get why no one ever takes me up on that challenge. I mean, I do get why, but the reason's kind of embarassing for the ultra-superior Linux/Mac user, so it never comes up.
I'm d/ling the LiveCD from the link in post #48. I've tried the Knoppix build you linked me to, and it was totally uninterested in my wireless card, which was the first thing I tried to set up. I'll try your second link tomorrow if what I get from #48 doesn't work for my system.
Let me know how Ubuntu works out.
The second link is to a MASSIVE list of live CD distros. Mostly Linux, some Windows.
You might not even know they've been there.
Windows is promiscuous by fundamental design. It would be like giving a hooker a list of 10,000 places she can't go. That's fine, till someone tells her about a 10,001st place.
As promised, I'll post back to this thread tomorrow, when I've had a chance to burn and test this distro. Right now I have to go to bed two hours ago. BTW, nice tagline from a great film.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.