Bogus E-mail from Microsoft
isc.sans.org and several other sites are reporting a bogus e-mail from Microsoft containing malicious code, an example of which is below. In addition to the various technical measures that can be taken such as blocking executables in e-mail, effective spam filtering, A/V protection, and endpoint protections, users should also be reminded to be on alert for these types of issues. Besides telling them to never click on these types of items, and not giving them the local rights to accomplish this, I believe we can go further in order to promote more security conscious activities at home, and hopefully reduce the number of zombied systems available for bot herders. In this example it is easy to spot the poor grammar in the e-mail as a sure giveaway that this is bogus. OK, my grammar is not exactly perfect either, but that is not the point. Now Microsoft or any company would most likely never distribute updates in this manner, but hopefully any valid communication from a company of this size would certainly not contain as many errors as I have illustrated below in bold, and that is exactly one of the items I point out to end users in classes I teach. My guess is that someone for whom English is not his or her native language wrote this – a former or current Russian state would be my guess.
Dear Microsoft Customer,Please notice that Microsoft company has recently issued a Security Update for OSMicrosoft Windows. The update applies to the following OS versions: MicrosoftWindows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft WindowsXP, Microsoft Windows Vista.Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.Since public distribution of this Update through the official websitehttp://www.microsoft.com/ would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users. As your computer is set to receive notifications when new updates are available, [how do they know that?] youhave received this notice. In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine.
In that case,at this point the upgrade of your OS will be finished.We apologize for any inconvenience this back order may be causing you.
Friday, October 10, 2008
Friday, October 3, 2008
Travelers Privacy Protection Act of 2008
A bill has been introduced into Congress that would finally put protection and requirements in place before the Customs Service could confiscate your laptop, or perform an inspection of the data on the laptop without reasonable cause. The act further defines specific periods the equipment can be maintained and requires a warrant to be issued before a device could be seized. The bill also prohibits profiling and sets privacy requirements while the Customs Officials are looking at your computer or electronic device. I believe this is a step in the right direction, and a small return of our privacy and dignity that travelers lose every time they enter an airport, supposedly in the name of security. Our constitutional rights should not be thrown out the door in this current purgatorial zone of legality that currently exists at every US airport, and the comedic security measures that are taken, like removing your shoes, are doing little if anything to reduce the risk to the country or the particular flight you happen to be on. However, they are visible and easy, and that seems to be the mantra for the TSA – but I digress.
I still don’t believe you can legally be compelled to reveal your password, and the cases that have been tried have had so many other circumstances that had the person simply refused to divulge their password they would have probably prevailed. There is no judicial precedent on this matter, but it seems to be ill conceived on so many levels, not the least of which is the 5th amendment. Laptop computers and other electronic devices contain too much personal or corporate confidential information on them to simply let a government employee have complete access and copies of that data. Strong encryption and just one judicial precedence will hopefully end this matter for most of us law abiding citizens, and I’m sure the law breakers would never think to store this information in e-mail, or some other Internet storage application they can send back and forth across most borders without any checks.
But perhaps that is the government's next priority into our lack of privacy – let’s hope not.
I still don’t believe you can legally be compelled to reveal your password, and the cases that have been tried have had so many other circumstances that had the person simply refused to divulge their password they would have probably prevailed. There is no judicial precedent on this matter, but it seems to be ill conceived on so many levels, not the least of which is the 5th amendment. Laptop computers and other electronic devices contain too much personal or corporate confidential information on them to simply let a government employee have complete access and copies of that data. Strong encryption and just one judicial precedence will hopefully end this matter for most of us law abiding citizens, and I’m sure the law breakers would never think to store this information in e-mail, or some other Internet storage application they can send back and forth across most borders without any checks.
But perhaps that is the government's next priority into our lack of privacy – let’s hope not.
Subscribe to:
Posts (Atom)