Sister CISA CISSP

Dec 29 2009   7:58PM GMT

Just in Time for the Holidays…..

Arian Eigen Heald Arian Eigen Heald Profile: Arian Eigen Heald

There are a bunch of year end studies coming out, predicting various sorts of rises and decreases in criminal activity on the Internet. (“cybercriminal” sounds way too glamorous for me.)

So I thought I’d offer up, in the spirit of the season, my two cents:

Under the Category of Bad Idea, we have:

1. Yahoo, Bing and Google are racing to integrate Twitter, Facebook and other social media to include up-to-the-minute postings from popular social networks atop search results.

Why, exactly, is this a good idea? When your teenager posts something numb on Facebook, will it will now appear in multiple search results?

2. “Cloud Computing.” Still has yet to prove itself secure, audit-able or a real cost savings in the long run. Losing real control of your data is going to be expensive.

3. Outsourcing overseas. Yes it’s cheaper, and so are the security measures. The laws are different, and will you travel to India to prosecute? This is what happens when the bottom line ignores common sense. See “cloud computing.”

For the Category of Internet Fraud:

1. Social Networks have become an increasingly rich mine of personal activity that can lead to malware and theft of personal information. Including, now the business networks, such as LinkedIn. Don’t personally know who invites you? Now what do you do with the people you accepted? “Unfriend” them?

2. Peer-to-peer part 1 – Pretty soon (if they haven’t already) they’ll figure out how to encode malware into audio and movie files. Watch a movie, get a Trojan!

3. Sql Injection – Is only getting worse, and it’s one of the few things we could fix.

In the Category of “We Knew This, Didn’t We???”

1. Peer-to-peer part 2 – Those networks are loaded with malware. Are your kids on one? Or two? Do they bring their laptops home from college loaded with them? Best hope they don’t do any banking or personal business on those machines. Wait, they’re kids! Kids think they’re invincible. Uh oh.

2. Millions of websites are unsecured and allowing i-frame malware and other code to run so that they can install Trojans, etc. We’re still surfing, and infection is rising. Solution, anyone? Other than having two computers?

3.The bad guys have already figured out banking’s “Is it your picture?!” attempt at cheap two-factor authentication. Get ready to have a keyring full of tokens – I have two already!

3. Leave your debit cards at home – how long do you want to spend hassling with the bank to get your money back?

4. Haven’t you encrypted all your laptops, yet?

And last, but not least, the category of “Bad Uses of Good Technology:”

1. People that break into cars and steal your GPS can use it to track back to your house for burglary purposes. Snopes says this is partially true. I suspect car burglars are not that bright, but, who knows? Especially if I am not bright enough to put my GPS away.

If they get your car registration and your garage opener, you’ll be much more vulnerable. They’ll just use the GPS for easy driving to your house.

2. ATMs continue to siphon enormous amounts of money from banks, businesses, payment card processors, etc. No end in sight. Who will pay for it, ultimately?

3. “Cloud computing” can be used to speed up decryption across multiple CPUs. A bad use of Bad Technology! Double winner!

Ho, ho, ho. Have a great holiday, get lots of presents, and try to think of it as job security. That’s what I’ll be doing.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: