Categories

BitTorrent
Conferences
Direct Revenue
Julie Amero
Myspace
Podcasts
Postbag
The Big Ones
The Fourth Wall
Yapbrowser
Zango

Creative Commons License
All articles licensed
under a Creative
Commons License.  








Home | About me | Press | The Fourth Wall | Links

Monday, April 03, 2006

Paperghost Postbag: Your questions answered

Welcome to another round of Q&A, hosted by yours truly and populated by your good selves. I noticed some of the questions were basically the same thing but from different people, so in those cases I've lumped some of you together under the same question thingy. It'll make sense when you see it. On with the show...

If you hadn't gone in to comp security what would you have done in life?

*please don't say paint banana pics* (Caz and RinCe)

Well, take a look at the picture of some guy holding an orchestra stick thingy. Try to ignore the fact that a small child holding cymbals seems to have been bundled into a Double Bass case. It was the photographer's idea, honest.

That was indeed me, waving a plastic stick at people blowing into instruments and hitting things with mallets. I do wonder how far I would've taken it, but we shall likely never know.

My speciality was getting kids to play Mahler. In the example above, it was a chunk of Mahler's Third. No, I'm not insane. Of course, I do reserve the right to change my mind at any time and go make some albums. I used to write orchestral stuff too, you know. Not exactly rock n' roll, but then I do find myself signing more autographs these days(!) - at least, a lot more than when I was doing arty stuff. Weird, really. I hear they sell for at least a dollar on E-Bay!

Of course, I nearly ended up making films in a low / no-budget capacity. I was minutes away from doing Astrophysics in Keele University. I almost went to live in China. And if you want to know what got me into this whole thing in the first place, read this.

Which piece of malware has given you the biggest shock? Like a real "Oh Sh*t"! moment?
(Mr Alpha)

I'd say the BitTorrent install bundles were quite an eye-opener...getting you to download 175MB of a television show, then have you install a bunch of Adware you didn't even need to open the file was pretty low. It's old news now, both in terms of sophistication (there wasn't any) and stealth (there wasn't any). At the time though, all Hell broke loose. I also remember the first time I came across someone hijacked by a CWS variant that kept popping open illegal websites - a nice indicator that the people behind this stuff should be burnt at the stake. The way I see it, if you're gonna' play hardball to that extent, then it's time for the good guys to break out the baseball bats and start swinging too.

You've been listening to alot of Oasis recently. Are you really mad fer it? (Paperghost's Sister)

Yes. In fact, I'm so mad fer it, that I'm going to randomly throw some beer cans at the next person to walk past my house.

Do you think the UK authorities will ever put a body in place to deal with the ever increasing malware threat? Will Joe public ever get their head's round how serious the malware problem has become and begin to realise that viruses are no longer about some teenage geeks gaining kudo's from their mates for their latest script? and has now become a criminal money making monster? (Darren McCabe)

I'd like to think so - we do have the Hi-Tech Crime Unit people on the prowl, after all. What I question is their real knowledge and ability when pitted against some 16 year old kiddie who is down with the scene. Joe Public is slowly starting to "get it" with regards just how bad this stuff is - credit cards routinely scammed, bank accounts emptied, illegal porno splashed across your desktop and lives ruined for fun and profit...as for the authorities?

Not sure. You get soundbites here and there, but (by and large), that's all you get.

Take this as an example - it was launched to much hoo-hah, but - amazingly - it hasn't progressed much beyond its' initial release. That's the best our Government can do with regards naughty things being done online? Bah. I'm also incredibly wary of "official lines" turning everything into some agenda about terrorism. Yes, some online Warez scenes actively fund certain types of gun-fun, but by and large, it's either bored kids or soccer-moms flogging stuff at car boot sales. Get sidetracked by the terrorism angle, and before you know it you're missing the root of the problem. Unfortunately, that's all you seem to hear about at the moment.

What is your favorite video game? Or other activity to do when your not hunting down botnets or drawing bananas. (Anonymous)

Games? I'd say The Matrix Online was a blast until it turned out it was (in fact) a bug-addled mess. The entire Final Fantasy series is awesome, as is shooting crazy villagers in Resident Evil 4. Aside from that, I was into Asian Cinema years before it became trendy and have hundreds and hundreds of films in my collection. Even the really bad ones. I'll also discuss Gustav Mahler with you at great length and tell you exactly why he is the greatest human that ever lived. Oh, and comics. Comics kick ass. Especially Batman.

Getting back to the kerayzee art angle, I may well get back into composing and I'm also considering getting back into painting / film-making. It would be interesting to see how much of a noise I could make. Probably a wet, squishy one.

Ok PG do you think that Msn are doing all they should to stop the spread of bots via msn messenger i have noticed an upsurge in Botnet infections via this media (Milligans Ghost)

To be honest, there'll always be a way that some Johnny-Skankbag will find a way round the security measures put in place by the people running the networks. And as more and more networks become more interconnected over the next 12 months, you'll start to see the end of the "AIM" virus and the "MSN" virus, and you'll just be left with "virus". What would be extremely good to build into chat clients would be some kind of "report this now!" button, so a hijacked end-user could fire off all relevant details to the support team. This would mean the network wouldn't have to wait for a security company to show up and go, hey, this thing sucks, kthxbye, and they could be a little more pro-active about stabbing a bad guy in the face.

Does anybody know if MSN / AOL etc does this yet?

When Vista comes out, how secure do you think it will be, and will it have a better f/w than XPs standard one? :P (Mike1901, C Lead)

It'll definitely be a step-up, but I wouldn't put any faith in it being a magic bullet or anything. It won't be long before a whole bunch of exploits are found for it - they'll just be even more devious and complicated than before. And as the current flavour of the month relies on exploiting people rather than machines, this will continue to play an important part in PC hijacks. In fact, it might just be the single most important aspect of Vista shenanigans.

As for the Firewall, I personally wouldn't advise anyone to run a built-in Windows Firewall, especially after all the silliness regarding the last one. I can't exactly remember what that silliness was, but I think it was something pretty stupid so there you go. I'd stick with a decent third-party app for now. I might eventually relent, but the onus is on MS to prove to me that I want to ditch my current setup in favour of their new toy.

We want Adware Man! (Suzi, Mike, Corrine, about six bazillion other people via email, text and felt-tip on underpants. Okay, not really underpants).

He's on his way. I promise. Honest!!

...and that wraps it up for this week. Apologies to anyone I missed out - you might magically appear in the next one. And now, I must go back to doing really exciting and scary Internet stuff!

Labels:

posted by paperghost at 1:26 PM | Digg it!

All Content © Vitalsecurity.org 2006. The content of this site is entirely the opinion of Paperghost, and is in no way endorsed by FaceTime Communications. In other words - have a problem, come see me.