While We Were Busy Patting Ourselves On The Back For Beating Viruses, Somebody Stole All Our Passwords
from the try-again dept
While the folks at Kaspersky are celebrating their supposed triumph over "virus" authors, the rest of the world is still dealing with all the other security headaches malware authors are creating. The company's claim that viruses are dying out rings a little bit hollow when you consider malware authors and hackers are just spending their time on other things these days, meaning there's still plenty of places where security firms have their work cut out for them. Case in point? Browser-based vulnerabilities such as phishing and password theft. A new study says that anti-phishing toolbars don't do a great job, while separately, a researcher says that new versions of Internet Explorer and Firefox are vulnerable to fake site login forms that could allow hackers to surreptitiously steal users' passwords. There's little point in trying to claim a security triumph when the threat and benchmarks are constantly moving, and acting as if people face a reduced threat today is little more than disingenuous. The threat hasn't reduced, it's just changed -- and if a security company can't recognize that, they're what's going to disappear, not the security problems.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
shouldn't that be considered inept user vulnerabilities?
[ link to this | view in chronology ]
I haven't had a single piece of malware infest my PC in over 2 years at least, because I don't download stupid software and open spam and whatnot. Oh, and I run Firefox too, which makes a HUGE difference in overall web security. I do have to switch to IE for compatibility with certain things, but when I do I make sure it's a safe website first. I rarely even run spyware scanners anymore, because they drain resources on my computer and they never find anything to remove. I do still run some basic antivirus software, which I think is still essential, but beyond that, it's all pretty much all about your level of intelligence.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
preaching to the choir
A company could prevent a lot of the downtime caused by this kind of stuff, if they had their employees take a class or watch a presentation about it.
[ link to this | view in chronology ]
The idiots in question are, for the most part, extremely educated - most of them (~98%) are attorneys, no longer practicing law. (which in my book makes them smarter than those JDs that do still practice law)
[ link to this | view in chronology ]
[ link to this | view in chronology ]