[59948] in North American Network Operators' Group
Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User
daemon@ATHENA.MIT.EDU (Vinny Abello)
Sun Jul 27 11:46:59 2003
Date: Sun, 27 Jul 2003 11:45:51 -0400
To: Rob Thomas <robt@cymru.com>
From: Vinny Abello <vinny@tellurian.com>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <ROTMAILER.0307271018300.24354-100000@dragon.sauron.net>
Errors-To: owner-nanog-outgoing@merit.edu
At 11:25 AM 7/27/2003, Rob Thomas wrote:
>Hi, NANOGers.
>
>] Folks, its not underground any more. The criminals are using trojans
>] to steal real money from real people now.
>
>Indeed, and for a while (circa five months by my observation) now.
>It is no longer, and hasn't been for a while, about technology.
>The technology - the Internet and the connected devices - has
>become a conduit for profitable criminal activity on an ubiquitous
>scale, pure and simple. Miscreants don't break into databases and
>steal 8M credit cards at a pop so they can card shells and shoes.
>
>] Firewalls can't stop it, ISPs can't stop it. Its a *HOST* security=
issue.
>
>I'll slightly modify that statement; it is a *PEOPLE* issue.
>People who write code. People who use systems and networks.
>People who abuse all of the above for monetary gain.
<babble>
I think people forget that we don't live in a utopian society. Some people=
=20
expect computers to solve all the problems and expect that they can prevent=
=20
crime in their own domain. We haven't eliminated physical crime at all so I=
=20
don't see why people are surprised to find that a computer was used to=20
commit a crime. Bank robberies take place all the time and you don't here=20
much about them. Probably more similar is fraud which has taken place for a=
=20
countless amount of time without the use of computers. Using computers is=20
just another way to perpetuate it.
I do agree with a lot of people in the fact that users of the tool must be=
=20
informed of how to use it safely, just like anything the person is not 100%=
=20
familiar with. It's somewhat common knowledge to not leave bank account=20
numbers lying around for anyone to see. It's not as common for people who=20
are unfamiliar with computers to know not to open unknown attachments, run=
=20
anti-virus software, use a firewall, etc... Would the average driver know=20
how to handle an 18 wheeler? They could probably get it going, but not=20
safely. People must be educated about using computers, ESPECIALLY if it is=
=20
in a situation where security is elevated because the company has something=
=20
valuable to protect. A bank teller wouldn't likely let a client behind the=
=20
counter, yet many would probably open an attachment sent via email without=
=20
knowing what it is. I know the average end user probably isn't likely as=20
aware about security using their PC in their home, but if banks and other=20
institutions plan on making their services available online in some manner,=
=20
perhaps they should at least send out occasional best security practices to=
=20
protect people's information. I can also see that it's not REALLY their=20
problem either so I could also go the other way on this. Just like a bank=20
is not responsible for someone breaking into your house and stealing your=20
checkbook.
</babble>
Just my 2=A2.
Vinny Abello
Network Engineer
Server Management
vinny@tellurian.com
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN
There are 10 kinds of people in the world. Those who understand binary and=
=20
those that don't.
