Nowhere is it written that we must accept the status quo
This is The Header Then

Giant online security hole getting fixed, slowly

August 6th, 2008 . by TexasFred

SAN FRANCISCO (AP) - A giant vulnerability in the Internet’s design is allowing criminals to silently redirect traffic to Web sites under their control. The problem is being fixed, but its extent remains unknown and many people are still at risk.

The gaping security hole enables a scam that targets ordinary people typing in a legitimate Web address. It happens because hackers are now able to manipulate the machines that help computers find Web sites. If the trick is done properly, computer users are unlikely to detect whether they’ve landed at a legitimate site or an evil double maintained by someone bent on fraud.

Security experts fear an open season for virus attacks and identity-fraud scams.

“It’s kind of like saying, ‘There’s a bunch of money on the street. If you can get over there soon enough, you can get it,’” said Ken Silva, chief technology officer for VeriSign Inc., which manages the “.com” and “.net” directories of Internet addresses. “It’s something the industry is taking seriously. You’d be in a bad place if you weren’t doing something about it.”

The bug’s existence was revealed nearly a month ago. Since then, criminals have pulled off at least one successful attack, directing some AT&T Inc. (ATT) Internet customers in Texas to a fake Google site. The phony page was accompanied by three programs that automatically clicked on ads, with the profits for those clicks flowing back to the hackers.

Full Story Here:
Giant online security hole getting fixed, slowly

I click on a lot of sites, it’s the nature of the beast. Having blog rolls can be a real pain in the tush, and when I click on a site that loads *funny* and really slow, or, more correctly, *wonky*, I won’t place it on any of my blog rolls.

The same goes for sites ON the blogrolls. I have pissed a few folks off by dumping them from the rolls, but in most cases it was simply because they had a *wonky* site that made me highly suspicious and I am NOT going to expose my computer, or those of my subscribers, to ANY threat that I feel may exist.

I have no use for people that hack computers, or set adware and malware, I have never had anything of that nature on my site and I never will. I run some pretty good security too. And NO, I won’t tell you what any of it is. That’s part of the *security* concept! :P

Any time a site redirects you, click out ASAP, any time a site takes a very long time to load, get away from it, there IS some sort of problem in the script. If you click on a site and it locks you TO that site and won’t release you when you hit the back button, make a note to yourself to never go back there again, it’s a spam site or is running some kind of malware.

Use the best personal security you can afford, keep it updated, DAILY, keep it turned ON at ALL time! I know someone that bought a Norton System, installed it, turned it on and that was it. Never registered it, never did the 1st update, never set it to update automatically, nothing. But they think they’re protected. They have a virus protection program. And even though many of us have advised her to get it all updated, it just sits there, out of date and totally useless.

No matter what browser you use, Internet Explorer, Fire Fox, or one of the other systems, keep it current, update it to the newest edition, there are warning systems built in and will throw up a warning for you if you hit a *phishing* site.

And the biggest *common sense* thing that anyone can do is never put ANYTHING on your computer that can compromise your personal information, bank numbers, SS numbers, things of that nature, because no matter how secure you try to be, or think you are, there’s always someone out there that is trying to steal your money and identity.

If you enjoyed this post, make sure you subscribe to my RSS feed!

2 Responses to “Giant online security hole getting fixed, slowly”

  1. comment number 1 by: Robert

    Ok Fred, here is my take on it:
    Most blogs that you or I visit are not dangers, if they load funny or wonky it could be something as simple as an un-otimized DB if it’s a WP blog, or someone like me coded something wrong, IE7 mostly stops and crashes but FF will allow it and continue…those things are just internet issues. Sometimes a site is slow because the server they were on is CRAPLOGIC too… LOL

    There are dangers out there, don’t get me wrong, you are correct to be cautious.

    I think most hackers are looking to be vandals its those folks you have to worry about, your email is the most likely way in to your files so your system security is the most important. Browser Security is mostly because your cookies and cache. While it speeds some things up it needs to be maintained too.

    First thing to help is NEVER allow your browser to keep your Password for anything…Keep it off the net, that way a hacker would need a “Keyware” that keeps a record of the keys you hit. and if you do keep it with a browser, cange it often and never keep bank records/bill pay or any crucial data on your computer. Ease of use vs being a victim… your call.

    IE and FF are doing the best they can with security, the hackers just have more time. Safari and Opera are (Or used to be) the safest browsers, but if you own a PC (it will come to Mac sooner or later) you are a target. Your system is designed with flaws. Don’t get offended it is true thats why there is so much “Security” talk around PC’s it just is and you need to be up to date on all security features. Stay current.

  2. comment number 2 by: rtaylor83305

    Thanks for posting this! ID theft is a terrible problem that I have written about a couple of times. My sister lost thousands because she was a victim TWICE. You cannot be too careful. I quit writing checks because WalMart kept wanting to write my SSN on the check, but after hearing on Neil Cavuto today about hackers getting into retailers’ systems and getting debit card info, I’m nearly ready to just go to cash again…..
    Once upon a time many years ago, when debit cards were first coming out, I refused to participate. I paid cash for everything.. The only reason I had a checking account was to cash my paycheck.
    I’m beginning to wonder if we shouldn’t go back to a cash only basis and quit buying on line……….

1st time comment makers must be approved by Admin

You must be logged in to post a comment.