Computer security is not a game
In a previous life, I worked for 3+ years at a computer security magazine and got a solid education on everything from self-propagating malware to botnets to why you never use a Vegas ATM at BlackHat or DefCon.
Perhaps this is why I was so disturbed by this recent column on distributed computing featured by Captivate parent co. USA Today. According to the columnist, all you have to do to help fight cancer is download a program that allows a cancer research facilty to use your computer's excess memory and processes to help them sort through an overflow of data. Maybe, just maybe, your computer's extra power can help them find this cancer cure faster.
Now, normally I'm not one to bite the hand that writes my paycheck, but it is *very* irresponsible play on the heartstrings of the unsuspecting lay people typical of a USA Today audience whose idea of computer security is writing their network passwords on a Post It so they won't forget.
I'm sorry, I don't mean to rain on your parade, but these computing programs are not completely safe for the experienced technogeek who knows how to properly set up a firewall and plug up open ports, let alone mom and pop on their home computer who think it would be cool to let SETI use their extra bandwidth to search for intelligent life in the universe. These distribued computing programs act as a blaring red flashing beacon to every hacker and botnet on the 'net, screaming outloud, 'Hey! I've got an open, insecure port I'm using to download, process and send information!'
Quicker than photogs on the new Jolie-Pitt babies, these botnets will swarm the system, enslave it and make it another zombie, leaving poor mom and pop to wonder why their computer is running so slow -- and when did their credit card bill get so high?
Computer security, as I had pounded into my head during my past life, is not something to f*** around with. Don't open random emails. Don't write your passwords on a Post It, no matter how hard your IT crew made the requirements. And don't download things off the internet just because a tech columnist assures you that it's safe.
Trust me. I'm just trying to help.
Perhaps this is why I was so disturbed by this recent column on distributed computing featured by Captivate parent co. USA Today. According to the columnist, all you have to do to help fight cancer is download a program that allows a cancer research facilty to use your computer's excess memory and processes to help them sort through an overflow of data. Maybe, just maybe, your computer's extra power can help them find this cancer cure faster.
Now, normally I'm not one to bite the hand that writes my paycheck, but it is *very* irresponsible play on the heartstrings of the unsuspecting lay people typical of a USA Today audience whose idea of computer security is writing their network passwords on a Post It so they won't forget.
I'm sorry, I don't mean to rain on your parade, but these computing programs are not completely safe for the experienced technogeek who knows how to properly set up a firewall and plug up open ports, let alone mom and pop on their home computer who think it would be cool to let SETI use their extra bandwidth to search for intelligent life in the universe. These distribued computing programs act as a blaring red flashing beacon to every hacker and botnet on the 'net, screaming outloud, 'Hey! I've got an open, insecure port I'm using to download, process and send information!'
Quicker than photogs on the new Jolie-Pitt babies, these botnets will swarm the system, enslave it and make it another zombie, leaving poor mom and pop to wonder why their computer is running so slow -- and when did their credit card bill get so high?
Computer security, as I had pounded into my head during my past life, is not something to f*** around with. Don't open random emails. Don't write your passwords on a Post It, no matter how hard your IT crew made the requirements. And don't download things off the internet just because a tech columnist assures you that it's safe.
Trust me. I'm just trying to help.
Labels: botnets, computer security, distributed computing, passwords, SETI
This entry was posted by Amber, on Monday, July 14, 2008. You can
leave your response
. 
