loose wire | blog – Page 105 – Jeremy Wagstaff: ex Reuters/BBC/WSJ etc. Now consulting and writing. Blogging here since 2001

The Pitfalls of Facebook

By jeremy | August 19, 2008

Facebook just grew up and gave some of its users a shock they probably deserve. You might even have been one of them.

You may have received a message from a friend already on Facebook; something that doesn’t sound like them, but hey, they might have been out partying when they wrote it:

“have you heard about that blog that was about you? apparently it’s pretty bad,” it will say. “I think you and everyone should read it..” And then there’s a link.

Click on the link and you’d be taken—if you’re unlucky, and haven’t upgraded your browser recently–to a website that looks a lot like a Facebook login page.

If you’re wary, you won’t have gotten this far, because your browser—assuming you’re using one of the more recent versions–will have flashed a warning that you’re trying to visit a dodgy site. That’s because the site itself is not Facebook.com, but Facelibook.com—a website hosted in China.

What will happen then, if you don’t notice those extra two letters hiding in the website name and enter your name and password, is that you’ll be “phished”—in other words, your password and username will now be known by someone else. Someone else who won’t necessarily be a pal.

Phishing has been around for a few years, and sadly we’re still falling victim to it. It’s simple really: A bad guy uses whatever tricks he can—technology, our gullibility, simply looking over our shoulders—to steal our passwords, and then uses that access to either empty our bank accounts or pretend to be us.

In this case, they use the Facebook account to send more messages to other people. You see, the thing about Facebook is that it’s a trusted area. All the people we get messages from are people we trust, people we know, so what better way to lure people into a trap than to send messages so they look as if they’re from someone we know?

Giving someone access to your Facebook account is not a good thing, of course. They can not only send out creepy messages that compromise your friends (and endanger your friendships) but they’ll also have access to whatever information you’ve stored in your Facebook account: your previous jobs, your interests and your address for starters. That’s enough for them to steal your identity.

But that’s not all the Facebook thing does. I’m not quite clear whether these two attacks are the same, but they may well be: The hijacked accounts, I’m told, will now send out a slightly different message this time, along the lines of “You’ve been caught on hidden cam, yo” (“cam” is short for camera, for those of you not up with the lingo. “Yo” is a term of endearment reserved for the hip and would-be hip).

Click on this particular link and worse things happen. You’re told your version of Flash player is out of date—a normal enough message, as Flash players are programs used to play animated content in your browser—and then you’re instructed to download and install an update, a piece of software called codecsetup.exe. Agree and you’ll be treated to a video of a laughing clown as, behind the scenes, a piece of malware—or software with bad intentions—is downloaded to your computer.

You won’t necessarily be any the wiser. Your computer will continue to function. Only it will also have been infected with a virus, which could do any number of things, from reporting back home all your passwords, to turning your computer into a zombie in a botnet. (Zombies are computers that can be controlled remotely, and a botnet is network of hundreds, maybe thousands, of compromised computers which can be used to send spam or launch other computer-borne attacks.)

None of this is good for you. If you’re infected by this kind of virus, you need to disinfect, and that may require a professional. If you think you might be infected, first run a check on your computer with something like Housecall from TrendMicro (housecall.trendmicro.com).

Earlier in August Facebook itself reported that a small percentage of users were infected by this virus; the trouble is that a small percentage of all the millions of Facebookers is still hundreds of users. As Avi Dardik of antivirus company Yoggie Security Systems puts it, users are lulled into making a false step through a gradual series of moves: “Notice how sophisticated this series is–the user is essentially drugged to sleep in several steps,” he says.

The simple lesson from this is that Facebook—and other social networking sites—are becoming popular enough to entice the bad guys into coming up with ways to attack us. Now there are enough of us on these sites to make it worth their while. So we need to be careful clicking on links—as careful as when we open an ordinary email. Remember: Just because it’s from a friend doesn’t mean it’s safe.

Needless to say, make sure you’ve got antivirus software on your computer, and make sure it’s up to date. Also, make sure your browsers and operating system are up to date too: Antivirus alone is not enough to protect you. (I would recommend the latest version of the Firefox browser, but if you insist on using Internet Explorer, do make sure it’s the latest version.)

Here’s another way to play safe if you’re using Windows XP. Vista—the new version of Windows—plugs this hole by default, but the older version, XP, allows users to run their computer as an administrator. This means you can do anything—install software, change important settings, etc—which is good, but dangerous, because it means anything that can insinuate itself onto your computer can do the same thing.

This might be possible even just visiting a website—you don’t have to actively download or install anything—so it makes browsing potentially lethal. Better to forego those administrative privileges and play safe. The problem is you’ll have to switch back and forth between administrator and ordinary user should you want to install legitimate software, or change the settings on your computer.

Here’s a simple enough way round this: This link–http://is.gd/1JR6—will take you to a step-by-step guide I’ve written to surfing without administrative rights, while keeping those rights for everything else you do. That adds another layer of security that would save you from the kind of scary stuff I’ve been talking about. I’d recommend you do it right now.

Final word: Facebook et al are great playgrounds to mess around with your friends. But it’s not a bouncy castle: You can still hurt yourself.

Some Early Lessons from The Georgian Cyberwar

By jeremy | November 22, 2011

0 Comment

illustration fron Arbor Networks

There’s some interesting writing going about the Georgian Cyberwar. This from VNUnet, which seems to confirms my earlier suspicion that this was the first time we’re seeing two parallel wars:

“We are witnessing in this crisis the birth of true, operational cyber warfare,” said Eli Jellenc, manager of All-Source Intelligence at iDefense.

“The use of cyber attack assets in conjunction with kinetic military operations in the current crisis now stands among the most significant developments ever seen in the field of information security or cyber conflict studies.”

Others suggest that in fact there are examples of earlier parallel conflicts: Kosovo, among them, says Arbor Networks’ Jose Nazario.

ZDNet’s Dancho Danchev takes the idea that this is all about denying participants a chance to get their message out a stage further: those put out of action are being forced to get their message out through other channels. Georgia’s foreign ministry, for example, has set up a blog at Blogger and the website of the Polish president.

The mainstream press is having a go at the story, too, including the Journal and the NYT. The main culprit, the articles suggest (following Georgia’s own claims), is the Russian Business Network, a St. Petersburg-based gang.

But as this article points out, finding out who is responsible is a slow business. Indeed, this is a strange feature of cyberwar that makes it more akin to terrorism than to warfare. This kind of makes the notion of establishing responsibility a little beside the point. Cyberattacks are a chance for ordinary (well, sort of ordinary) citizens to do their bit for the war effort. In this sense the government is a customer for the services of botnet and hacker groups or individuals with skills the government is happy to see deployed on its behalf, while able to plausibly deny it has anything to do with.

Indeed, we may be missing the more interesting aspect of this, one that predates South Ossetia. Now we’re just seeing cyber attacks work alongside the physical, or kinetic, attacks. A sort of psywar, since it’s mainly about getting the word out and winning hearts and minds.

But what about a cyberwar conducted on its own, but one that leads to a physical war—at least, a cold one? Joel Hruska at arstechnica points out in a piece written a week ago, that an uncovered little cyberwar—or rather cyber-hacktivism—in Lithuania, led to a serious cooling of relations between its government and that of Russia. As with Estonia last year, the attack “marked the first time I was aware of in which a single individual with a computer was able to notably impact relations between two neighboring nations.”

Georgia, however, represents the first time we’ve seen a government almost wiped off the Internet. Whether this is a prelude to it being wiped off the map is something we’ll have to wait and see. But already some conclusions are becoming obvious:

Cyberwar is too powerful a tool for any government to ignore, both offensively and defensively;
Cyberwar is not just about putting citizens of a target country in the dark; it’s about making it impossible for the target government, and its citizens, to get their side of the story out.
As these tools get more powerful, when will we see cyberwar as a specific phase in a physical war designed to achieve what used to be done by the physical bombardment of communication centers?
Botnets, and their owners, are powerful players beyond the underworld of spam and phishing. A government that has them operating within their borders must surely know of their existence; if it hasn’t shut them down already, is it too great a leap of logic to suggest there must, at some level, be a relationship between them?

Georgia gets allies in Russian cyberwar – vnunet.com

Why Do People Contribute Stuff for Free?

By jeremy | August 12, 2008

0 Comment

By Jeremy Wagstaff

If you want to see two worlds collide, introduce a Wikipedian to a bunch of journalists.

I’ve been doing this quite a bit recently, partly for fun, and partly because I’ve decided a key part of training journalists to be ready for online media is understanding what they’re up against. “This is your competitor,” I say, introducing them to a slightly pudgy PhD candidate in ancient Greek and Latin, still sweating from his journey and a couple of hours of fencing lessons. “This person works for the single biggest media property on the web.”

Needless to say, they all look askance at the man, and me, and I can see them thinking to themselves, “Well that’s something we don’t have to worry about.” Especially when the guy, called Edward, tells them he does all his work for free and largely, he says, because he’s a pedant.

Of course Wikipedia—that online encyclopedia that now boasts 2.5 million articles in English alone—doesn’t pretend to compete with traditional newspapers or media. It’s an encyclopedia, after all, although it’s updated far more frequently than most encyclopedias, and, dare I say it, many traditional media websites.

But it’s the fact that all this is done for free that gets the journalists in my class all riled up. Edward tells them he spends about 20 minutes a day working on pieces, either adding something to a page on an obscure Chinese bridge, or tidying up someone’s grammar on a page about a kind of Southeast Asian bread. Why? they ask? Why would you spend all this time doing all this?

Well, first off, I can tell he spends way more time on it than 20 minutes. In class you can see him get distracted by an article and then start tweaking it. We’re speaking serious compulsive tendencies here. But the truth is, he does it because he enjoys it. He really is a pedant, in the nicest sense. He can’t stand to see things online that aren’t, in his view, correct. Whether it’s a serious error or a more esoteric one (he’s the first person I’ve met who can talk about ligatures until the tripthongs come home.)

Edward may be unusual, but he, and people like him, are the bedrock of sites like Wikipedia. In fact, while Wikipedia is the seventh most popular website on the planet, only 0.2% of visitors contribute anything, and only a tiny fraction of that do most of the grunt work.

This isn’t just true of Wikipedia. The history of the Internet is about the few creating, the rest doing what is usually called lurking—sitting within earshot but not actually saying anything. The ratio is called the 1% rule, meaning 90 percent lurk, 9% contribute occasionally, and 1% account for most of the contribution.

This is probably true offline as well; anybody who’s tried to get volunteers to help out on committees or at events know all about freeloaders. The web just makes this more obvious—that a lot of people tend to freeload, and a handful of people just seem to keep on giving.

But that’s not exactly true. Everyone is motivated somehow, and the Edwards of this world are motivated too. Studies have been done to show how a Wikipedia environment is very much like an academic one: those who do contribute find themselves in a weird sort of social hierarchy. Some recognise their work—there’s a merit system within Wikipedia where contributors are given barnstars by other grateful contributors. Others complain they get no recognition and that the whole thing is political anyway.

Sound familiar?

For most websites like this, I suspect the story is similar. People get involved because they’re interested, and then they find it’s a community, and then they want to be a useful member of that community, and then they seek recognition in that community, and the rest is history. That’s not to denigrate it; a lot of fine work has been done for worse reasons.

The same is true of open source software, of Amazon book reviews, of comments on obscure ornithology websites about the lesser-spotted rabbit catcher. The Internet is a great leveler, in that anyone with an Internet connection can join in, but then human nature kicks in, and hierarchies form. In this case it tends to be around what you know, and how much you hang around and contribute.

But there’s a bigger point here. Just as each online community depends on these power users, so do they depends on ordinary folk like us. Editing a Wikipedia entry is remarkably easy, and the warm fuzzy feeling you get for correcting even the smallest error is a a heady one. Try it and you’ll see how easy it is to get addicted.

Indeed, websites make it so easy for us to play a role that in a way the model is changing. We can add our voice while doing nothing more tiring than listening to music on our computer. Software will feed our choices of songs to others who may share our tastes and are looking for new artists to listen to. We can easily add websites to social lists of bookmarks with just a mouse click. Increasingly we do this kind of thing with our friends via social networking sites–partly because it’s fun and partly because we like to be useful.

And maybe, in the end, that’s all it comes down to. My Dad used to walk around the village picking up bits of litter—some of them so small my toy microscope wouldn’t have spotted them—just because he wanted to be useful. I suspect Edward, and all those other Wikipedians out there, are doing something similar. Which gives me a warm fuzzy feeling about the future of the Internet. Of course, a couple of barn stars wouldn’t go amiss either.

Is PaperMaster Finally Dead?

By jeremy | November 22, 2011

32 Comments

A reader tells me that PaperMaster, the once great scanning and file saving software, is no longer available. Tech support, the reader says, says only that the product was pulled today and no other info is available.

Try to order one online and the message ‘531031 PaperMaster Pro International – not available’.

A sad end to what was once—and for many still is—the best program for scanning documents into folders where you can easily find them again. Paperport just isn’t quite the same, somehow.

That said, the company that bought PaperMaster, j2, have had it coming to them for a while. I found them unhelpful in my efforts to review earlier versions of the software, and this blog has been something of a gathering point for disgruntled users.

I don’t think they really understood the software, or the fanbase, that they had. The product has not been mentioned on their corporate website for some time (except, interestingly, on their legal page.)

Sad, really, given that there are lots of users still out there. If you’re in that boat, and you’re still looking for a replacement, you might want to try Evernote. It’s not quite ready to do what PaperMaster did, but they’re promising PDF thumbnails (Macs already have it, natively) so you might find it works for you.

Technorati Tags: papermaster,paperport,evernote,scanning,pdf,dead software,paperless office,paper,paperless,filing,organizing

South Ossetia: The First Cyber/Physical War?

By jeremy | November 22, 2011

10 Comments

BBC picture

Wikipedia is doing a good job of chronicling the war in South Ossetia; its mention of several apparent cyberattacks on both sides makes me wonder whether this is the first instance of a physical war being accompanied by a cyberwar? All those listed on Wikipedia are not parallel attacks, i.e. they are not part of an actual physical war.

So far the attacks have been by Georgian supporters on two Ossetian media sites, and attacks by supporters of South Ossetia on the Georgian National Bank website and the Georgian Ministry of Foreign Affairs (which was reportedly splashed with a collage of of Saakashvili and Hitler photos.) The Georgian news site, Civil Georgia that reported the attacks on the South Ossetian websites itself now appears to be down.

Some attacks appear to preceded the war, suggesting that they were part of a deliberate build-up ahead of the entry of Russian troops into South Ossetia. On July 21 the Georgian president’s website was attacked. I wasn’t able to access the website as of early Aug 9. While tensions have been growing between Georgia and Russia for several weeks, it seems clear that the botnet involved in this attack was set up for this purpose only a few weeks ago.

Of course, none of this means that it’s done at an official level. But it’s interesting that at a time the Georgians and the South Ossetians would presumably like to get their sides of the story out, they can’t because their websites, official and unofficial, are down.

As the Georgian ambassador to the UK put it to Al Jazeera:

“Georgia has been attacked by a formidable force, it is a brutal attack with the use of air force, tanks and even the trademark cyber attack.”

“If this is not an all out war what is?” he asked.

War in South Ossetia (2008) – Wikipedia, the free encyclopedia

Update on Aug 12: some more links

http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/063820.html

http://news.cnet.com/8301-1009_3-10014150-83.html

Technorati Tags: georgia,russia,cyberwar,cyber attacks,cyber war,cyberattack,cyberattacks,south ossetia,ossetia,caucus,hacking,ddos,botnets