|
As I've mentioned elsewhere, I'm a Security Engineer for a large University. I'm part of a team that has to keep a five-figure number of users, their systems and their data safe from internal and external threats. That's not easy, when those same users don't want network security getting in their way, yet their nice shiny toys make them a very big target for malcontents. So yes, you could say that this gives me a rather more cynical insight into the internet compared to my users...
A few years ago, I wrote a long rant about AOL, blaming them for being a haven for clueless users, and created a mock-up of a new AOL Toolbar:
From left to right, there is:
- A "ME TOO !!!" button, which creates a reply to a message, quoting the whole thing, then appends "ME TOO !" at the end, followed by a whopping great sig block ;
- A "SPAM !!" button, which automatically posts a "MAKE MONEY FAST !!!" message to every news group, complete with something like "THIS IS NOT A SCAM ! HONEST ! THIS WILL CHANGE YOUR LIFE !" at the end - followed by a whopping great sig block ;
- A "FLAME !" button, which creates the standard "flame form" beloved of people who like to insult others en masse without having to think - the software also fills in the form at random, and finishes by adding a whopping great sig block ;
- AN "ALL CAPS !" BUTTON, WHICH TURNS ALL LOWER-CASE LETTERS INTO UPPER CASE, JUST LIKE IN THIS SENTENCE - FOLLOWED BY A WHOPPING GREAT SIG BLOCK;
- An "EMPTY MESSAGE !" button, which replies to a message, deletes the contents, and replaces them with a whopping great sig block ;
- A "WAREZ !" button, which scans the hard disk for applications installed, and creates a message saying "I've got all these K3wL WaReZ !!!" - this is automatically posted to all cracks and warez groups, plus alt.aldus.pagemaker (just to annoy them) complete with the obligatory whopping great sig block ;
- A "NUDE PIX !" button, which examines the list of newsgroups available to the user, picks all the really appropriate ones (like alt.disney and comp.os.unix.admin) and posts messages to them along the lines of "Where can I find nude pictures of Britney Spears ?" - followed by that sig block again ;
- A "HaCK3r dOOd" button, which sends out "NE HAX 4..." messages to all alt.2600, telecomms and networking groups - the kind of groups where security managers lurk to see what the AOL cracker-wannabes are up to. This button generates a huge sig block, which tries to convey how K3wL the sender is.
For an encore, I slagged off WebTV - their users didn't even need a computer to be annoying on the internet.
But over the years, I've looked back at those pages, and I've realised that there's a far more terrifying truth out there...
I've come to the conclusion that sitting in front of a computer can knock up to fifty points off anybody's IQ, the instant they log in and start browsing the web. It's the only explanation I can think of for highly-intelligent people falling for some of the most blindingly obvious scams out there !!!
Imagine you're selling something on the internet (eBay, whatever), and a complete stranger offers you considerably more than what you're asking for your goods - he'll send you a cheque, and you just wire him the difference back, minus "commission" for the sale...
Are the alarm bells ringing yet ?
He's sending you a cheque (which could bounce at any time, even after you've cashed it), but he wants his money wired by Western Union (which you cannot recall under any circumstances once the funds are committed).
Most people can see what's wrong with this picture, but I've had to deal with cases where normally sensible people have handed out their home address and accepted a cheque. At this point, we're dealing with a falsified monetary instrument, so it becomes a matter for the police.
People think of the internet as something that is intangible, and therefore it can't hurt them - so it doesn't matter what they do... right up to the point it reaches out and slaps them silly.
I've got a Corollary to this newly-minted "King's Law of Internet Cluelessness" - knock off another 30 IQ points if the web page they're looking at has the word "FREE!!!!" on it.
Robert Heinlein had it right when he coined the acronym "TANSTAAFL" - There Ain't No Such Thing As A Free Lunch (for the bookworms amongst you, this comes from "The Moon is a Harsh Mistress"). This applies as much to the internet as much as it does to real life - it may seem FREE!!!! right now, but you're going to pay some time, somewhere down the line...
...and if the FREE!!!! stuff involves letting random strangers install software on your computer, you're probably going to end up paying a very heavy price. If you're lucky, that screensaver you downloaded is just that - a screensaver. If you're unluckly, it could be installing other little nasties on to your system - most likely spyware, which can monitor your web browsing habits, plague you with pop-up ads and generally be a nuisance.
If you're really unlucky, the download could include malware - things like keystroke loggers (to steal passwords), remote-control software (so other people can see what you're doing, and take control of your computer), possibly even a web or FTP server (to dish out dodgy material).
Once a machine has been compromised in this fashion, it can no longer be trusted, and there's only one way to be absolutely sure that you've flushed out every little nasty that could be lurking - back up your data, reformat the hard disk and reinstall everything from your original media. This may sound rather extreme, but some malware can hide its presence from the operating system, and anti-virus/anti-spyware products might not be able to detect it.
|
