If there were ever a modern case that could be compared to the Salem witch trials, it would be the effort to prosecute Julie Amero, a Norwich, Connecticut school teacher for (allegedly) exposing her students to pornography.
Julie was convicted on four counts of exposing kids to pornography after she turned on a spyware-infested (school-owned) machine and a flurry of porn pop-ups began appearing on the screen. Julie, who was merely a substitute teacher, didn't know what to do and the teenagers in her class witnessed the event.
Even worse, the school district had let their content filtering software expire. Computer experts later discovered the spyware infestation was caused by someone accessing a hairdressing site. Presumably, this site was accessed by a student, who wasn't aware of the spyware and didn't know the school district had let their content filtering expire.
On Friday, Alex Eckelberry, CEO of Sunbelt Software, announced that the Amero nightmare is over in his popular Sunbelt Blog. Sadly though, she still had to plead to a misdemeanor charge of disorderly conduct. The result was a $100 fine and she has had her teaching credentials revoked in Connecticut.
Considering in the initial trial she was facing a conviction on four felony counts — which could have netted her 40 years in the slammer — I suppose this is a win?
"She acquiesced to the lesser misdemeanor charge, and while it may have been a bitter pill to swallow, she can at least can move on now without this sick cloud hanging over her head. It was less than two years ago that Julie was facing felony charges with a maximum of 40 years in prison," according to Alex Eckelberry,
Alex and a host of people from the computer security industry, along with a pro bono attorney, William Dow, led the effort to expose this injustice and get Julie a new trial. The number of people who got involved in this is amazing and many of them are mentioned in Alex's blog post.
I found this case amazing since malicious and even so-called commercial sites infest unprotected machines with all kinds of "ware" on a daily basis. In this case, it was the industry that protects computers from unwanted "ware" that had to step in and educate the authorities that there was a problem with the intent in the case. Perhaps the authorities should have hired someone a little more knowledgeable in computers in the first place before attempting to prosecute Julie.
Sadly, Julie's health has been failing as a result of the stress induced by this prosecution. Even sadder, with all the real crime on the Internet, which rarely ever results in a prosecution, a lot of taxpayer money was wasted going after someone who most believe was completely innocent!
I've written a few posts about the Julie Amero story. It's ironic that Internet porn, which is allegedly controlled by organized crime, translated into a teacher being charged for turning on a computer for the first time. Even more ironic is that in those four years, very few, if any, of the people behind the actual problem have been brought to justice. Also, ironic was a WebMD survey that found that Internet porn reaches most children, including the age of the teenagers present in Julie's class that day. The truth is that most of the teenagers in the class have probably seen worse, unless they've never surfed the sometimes murky waters of the Internet.
The ironies in this case are many and in the end, history will write it that way.
Showing posts with label adware. Show all posts
Showing posts with label adware. Show all posts
Sunday, November 23, 2008
Saturday, January 05, 2008
Sears site violates people's privacy!
Ran into this story on the Truston blog. Tom Fragala, CEO of Truston writes:
I guess this means that anyone can violate a Sears customer's privacy by using their website as a tool?
Please note that Professor Edelman has shown some pretty good evidence that regular and not just e-commerce customers can be compromised, also.
Going back to Professor Edelman's contention that snooping software was spying on customers -- spyware and adware are used on a lot of sites. In fact, I highly recommend scanning your system on a regular basis using reputable software. I'm always amazed at how much of it I find when I do.
My opinion is that that when information is data mined, there needs to be a transparent way a customer opts-in (authorizes) an entity to use their information.
Current opt-out options are often deceptive and laden with a lot of small print.
So far as Sears, until they disclose what they are doing to fix this (at least answer Mr. Krebs), I'm going to make sure I avoid using their shopping facilities!
The internet retailer you choose just might, without disclosure, install software on your computer to snoop on your web browsing. Brian Krebs at the Security Fix blog has this story. Would you believe it could be one of the country's oldest retailers though?Even worse, as revealed in Brian Krebs interesting blog post is that:
"Sears is having a bit of a rough day with the privacy community. The company got off to a rocky start with revelations that many customers who gave Sears their personal details after shopping at the company's Web site also were giving away their online Web browsing habits to marketers, thanks to snooping software silently installed (and ill-documented) by a Sears marketing partner."
The discovery comes from Ben Edelman, an assistant professor at the Harvard Business School and a privacy expert whose research has done much to raise public awareness about the intersection of big business and shady advertising practices.
Sears offers no security whatsoever to prevent any user from retrieving a third party's purchase history, Edelman said, which violates its own privacy policy with such disclosures, no part of which "grants Sears the right to share users' purchases with the general public."
I guess this means that anyone can violate a Sears customer's privacy by using their website as a tool?
Please note that Professor Edelman has shown some pretty good evidence that regular and not just e-commerce customers can be compromised, also.
Going back to Professor Edelman's contention that snooping software was spying on customers -- spyware and adware are used on a lot of sites. In fact, I highly recommend scanning your system on a regular basis using reputable software. I'm always amazed at how much of it I find when I do.
My opinion is that that when information is data mined, there needs to be a transparent way a customer opts-in (authorizes) an entity to use their information.
Current opt-out options are often deceptive and laden with a lot of small print.
So far as Sears, until they disclose what they are doing to fix this (at least answer Mr. Krebs), I'm going to make sure I avoid using their shopping facilities!
Sunday, June 10, 2007
We all could be at risk of losing our freedom and becoming the next Julie Amero
Julie Amero, a substitute teacher previously convicted of showing porn to students, is getting a new trial.
Given the evidence brought forward after the trial, I'm pretty shocked they didn't just drop the whole matter.
Stephanie Reitz of the AP is reporting (courtesy of the Washington Post):
Not very long after her conviction, I did a post on this quoting a lot of computer security experts, such as Alex Eckelberry from Sunbelt Software. Alex and other experts in the field contend the computer in question was old, lacked firewall protection, and that spyware and adware caused the porn infestation.
Their contentions made sense to me, or should to anyone -- who has accidentially clicked on one of these sites and gone into "pop up" hell.
Illegal porn is a big problem on the Internet - very few people get caught - and it's rumored to be controlled by organized crime. The Gambino crime family has allegedly made millions of it.
Recently, I blogged about British citizens, who were wrongfully accused of viewing child pornography after their credit cards numbers were stolen. This was part of an International case, involving people, worldwide.
Those responsible for investigating crimes involving computers, and the Internet are going to have to exercise a little more "due diligence" in their investigations. Spyware, adware and identity theft (to cite a few things) are making the waters a little more murky than they used to be.
Spyware and adware are used by a lot of businesses to market products. As a matter of fact, it sometimes amazes me, just WHO is using it; considering some of the privacy concerns associated with it.
The sad thing is that if you really think about it, a lot of us could be in danger of being accused of something we didn't do. Recently, we've seen a lot of stories about identity theft victims, who like Julie, went through a lot of pain and suffering for a crime they didn't commit.
This is the very reason, we need to take a hard look at what enables this activity, or makes it too easy to accomplish.
The other thing I'll add, as a closing note -- is that we live in a society --where OJ Simpson beat a murder rap because of reasonable doubt. It's pretty sad that with all the reasonable doubt revealed in this case, Julie Amero has to face another trial to prove her innocence.
AP story (courtesy of the Washington Post), here.
Previous post from Fraud, Phishing and Financial Misdeeds, here.
Given the evidence brought forward after the trial, I'm pretty shocked they didn't just drop the whole matter.
Stephanie Reitz of the AP is reporting (courtesy of the Washington Post):
The computer was sent to a state laboratory after the trial, and the judge said Wednesday that those findings may contradict evidence presented by the state computer expert.
"The jury may have relied, at least in part, on that faulty information," said Judge Hillary B. Strackbein, who granted the request for a new trial.
Amero has adamantly denied clicking on pornographic Web sites that appeared on her classroom's computer screen in October 2004 while she was teaching seventh-graders at Kelly Middle School in Norwich.
Not very long after her conviction, I did a post on this quoting a lot of computer security experts, such as Alex Eckelberry from Sunbelt Software. Alex and other experts in the field contend the computer in question was old, lacked firewall protection, and that spyware and adware caused the porn infestation.
Their contentions made sense to me, or should to anyone -- who has accidentially clicked on one of these sites and gone into "pop up" hell.
Illegal porn is a big problem on the Internet - very few people get caught - and it's rumored to be controlled by organized crime. The Gambino crime family has allegedly made millions of it.
Recently, I blogged about British citizens, who were wrongfully accused of viewing child pornography after their credit cards numbers were stolen. This was part of an International case, involving people, worldwide.
Those responsible for investigating crimes involving computers, and the Internet are going to have to exercise a little more "due diligence" in their investigations. Spyware, adware and identity theft (to cite a few things) are making the waters a little more murky than they used to be.
Spyware and adware are used by a lot of businesses to market products. As a matter of fact, it sometimes amazes me, just WHO is using it; considering some of the privacy concerns associated with it.
The sad thing is that if you really think about it, a lot of us could be in danger of being accused of something we didn't do. Recently, we've seen a lot of stories about identity theft victims, who like Julie, went through a lot of pain and suffering for a crime they didn't commit.
This is the very reason, we need to take a hard look at what enables this activity, or makes it too easy to accomplish.
The other thing I'll add, as a closing note -- is that we live in a society --where OJ Simpson beat a murder rap because of reasonable doubt. It's pretty sad that with all the reasonable doubt revealed in this case, Julie Amero has to face another trial to prove her innocence.
AP story (courtesy of the Washington Post), here.
Previous post from Fraud, Phishing and Financial Misdeeds, here.
Tuesday, October 24, 2006
The State of Crimeware on the Internet
"Crimeware," according to Wikipedia was a term coined by Peter Cassidy of the Anti-Phishing Working Group as a "type of computer program or suite of computer programs that are designed specifically to automate financial crime."
Last week, the US Department of Homeland Security, SRI International Identity Theft Technology Council and the Anti-Phishing Working Group issued a pretty telling report about how crimeware is being used to commit financial crimes and identity theft.
From the executive summary, here is how crimeware is used by Internet criminals:
Crimeware is software that performs illegal actions unanticipated by a user running the software, which are intended to yield financial benefits to the distributor of the software.
Crimeware is a ubiquitous fact of life in modern online interactions. It is distributed via many mechanisms, including:
Last week, the US Department of Homeland Security, SRI International Identity Theft Technology Council and the Anti-Phishing Working Group issued a pretty telling report about how crimeware is being used to commit financial crimes and identity theft.
From the executive summary, here is how crimeware is used by Internet criminals:
Crimeware is software that performs illegal actions unanticipated by a user running the software, which are intended to yield financial benefits to the distributor of the software.
Crimeware is a ubiquitous fact of life in modern online interactions. It is distributed via many mechanisms, including:
- Social engineering attacks convincing users to open a malicious email attachment containing crimeware;
- Injection of crimeware into legitimate web sites via content injection attacks such as cross-site scripting;
- Exploiting security vulnerabilities through worms and other attacks on security flaws in operating systems, browsers, and other commonly installed software; and
- Insertion of crimeware into downloadable software that otherwise performs
a desirable function.
Full report, here.
Recently, we've read about organized crime groups employing "highly technical personnel" and carder rooms - where financial information is bought and sold.
A recent USA Today story about "carder forums" quoted the following statistics:
$67.2 billion: FBI estimate of what U.S. businesses lose annually because of computer-related crimes.
$8 billion: Consumer Reports estimate of what U.S. consumers lost the past two years because of viruses, spyware and Internet scams.
93.8 million: Privacy Rights Clearinghouse's count of personal records reported lost or stolen since February 2005.
26,150: The Anti-Phishing Working Group's count of unique variations of phishing scams reported in August 2006.
Crimeware and the Internet are fueling the identity theft problem - which in turn could threaten the stability of our financial systems. Some even say, might be a National Security issue, also.
In the rapidly changing world of technology, laws have failed to keep pace. Perhaps with the upcoming elections, it's time for all of us to examine what our political representatives are doing about this problem.
We might find that we all have a common interest on this issue!
Friday, June 09, 2006
On the WWW, A Prudent Soul Holds On To Their Wallet!
I read this post from Paul Young of Prying1 (Digging a little Deeper) and it says it all - "See a Pop Up? Hold On To Your Wallet."Paul writes:
"Had a popup appear suddenly as I was surfing Blog Explosion. Earlier I was surfing for funny videos to download and that might have been when I got the cookie. Anyway. Here I am zigzagging through Cyber Space when I'm accosted by a window that claims I can make money simply by filling in my name and email address. Such a deal. They didn't even demand I use my real name. Is this a great country or what?
"Well I right-clicked on the window and clicked on properties to find out who they were before I'd take a chance on giving them a phony name and junk email address. This is how I discovered 'ReferralWare'. I have no problem with people throwing money at me as these folks proposed. Especially for free. BUTTTT!!! - I have a major defect in my emotional well being. I'm a skeptic... - I thought I would perform one more test. What I call the Company Name/Scam Google Test."
For the full "read" (highly recommended) and the results of Paul's experiment, link here.
Normally, I try to add some additional resources -- but since I like this one so much -- it's best left in it's original state.
Prying1 takes a "common sense" approach to dealing with life's woes and it is a site that I frequent on a regular basis.
So far as this (probably semi-legal scam), always remember "If it seems to good to be true, it probably isn't."
Sunday, May 07, 2006
Internet Crimes are On the Rise and Deadlier than Ever
Panda Software recently issued it's quarterly report, which comes to the frightening conclusion that 70 percent of all malware they detected in the first quarter of 2006 is related to cyber crime. Activity also seems to have hit record numbers!
Here is their summary:
This report confirms the new malware dynamic based on generating financial returns. Spyware, Trojans, bots and dialers were the most frequently detected types of malware between January and March 2006. Trojans accounted for 47 percent of new malware examples during the first quarter of 2006.
Seventy percent of malware detected during the first quarter of 2006 was related to cyber crime and more specifically, to generating financial returns. This is one of the conclusions of the newly published PandaLabs report, which offers a global vision of malware activity over the first three months of the year. Similarly, the report offers a day by day analysis of the most important events in this area. This report can be downloaded, free of charge, here.
Since this statistic interested me, I jumped over to the Anti-Phishing Working Group's page to see what they had to say. Please note that Panda, along with Websense and MarkMonitor share information with the APWG. They confirmed Panda's report that crime on the Internet seems to be at an all time high.
Here is a tickler from their report:
The total number of unique phishing reports submitted to APWG in March 2006 was 18,480, the most reports ever recorded. This is a count of unique phishing email reports. March 2006 continues the trend of more phishing attacks and more phishing sites. The IRS phishing attack doubled in volume in March as compared to February (in the USA, the tax filing deadline was April 17 in 2006, as the usual April 15 deadline fell on a weekend this year.)
Link, here.
Two of the most concerning forms of malware being used are Keyloggers and Redirectors. Keyloggers are a form of spyware, which record all the strokes on a computer and transmits them to back to the person (criminal), who installed the malware. They are normally used to steal financial information, used in identity theft schemes.
Sadly enough, Keyloggers are legal and easily bought anywhere, including the Internet. They allegedly have legitimate uses like spying on other people?
Perhaps, the FTC should go after some of these vendors like they recently did with the Private Investigators selling telephone records?
Redirectors are a trojan, which once installed on a computer, redirect the user to malicious sites, where their financial information is stolen. The sites are also known to download more malware (crimeware) on systems. Redirectors are extremely dangerous because there is little indication you are being hijacked.
The Anti-Phishing Working Group has some excellent educational information on this subject, including what to do if you become a statistic:
How to Avoid Phishing Scams
What To Do If You've Given Out Your Personal Financial Information
Too many people (who know what to look for) ignore and delete phishing attempts. There are a lot of places you can report activity and make an impact. In most cases, it only takes a minute or two to do so.
You can report phishing activity to the APWG, here. Activity can also be reported to PIRT, which is a joint venture by Sunbelt Software and CastleCops.
Another resource to report activity is the Internet Crime Complaint Center, which is associated with the FBI. You can report it a lot of places, but it is important to report it. If everyone took the time to report one phishy email a day, it would probably have a significant impact.
By reporting the activity that we see and taking advantage of the mostly volunteer efforts to fight it, we might make the Internet a safe place for everyone again. As access becomes cheaper and more widespread, the number of potential victims is growing at a record rate.
Continuing to ignore all those "Phishy" e-mails will only encourage the Phishermen to move forward with greater frequency. Additionally, the attacks are becoming more sophisticated and "how to kits" are being sold on how to do these dirty deeds. This will undoubtedly bring more and more Phishermen to the (already) murky waters of the Internet.
Of course, we can also take the time to educate newer users, also. In fact, awareness protects people more effectively than anything I've seen, thus far.
Here is their summary:
This report confirms the new malware dynamic based on generating financial returns. Spyware, Trojans, bots and dialers were the most frequently detected types of malware between January and March 2006. Trojans accounted for 47 percent of new malware examples during the first quarter of 2006.
Seventy percent of malware detected during the first quarter of 2006 was related to cyber crime and more specifically, to generating financial returns. This is one of the conclusions of the newly published PandaLabs report, which offers a global vision of malware activity over the first three months of the year. Similarly, the report offers a day by day analysis of the most important events in this area. This report can be downloaded, free of charge, here.
Since this statistic interested me, I jumped over to the Anti-Phishing Working Group's page to see what they had to say. Please note that Panda, along with Websense and MarkMonitor share information with the APWG. They confirmed Panda's report that crime on the Internet seems to be at an all time high.
Here is a tickler from their report:
The total number of unique phishing reports submitted to APWG in March 2006 was 18,480, the most reports ever recorded. This is a count of unique phishing email reports. March 2006 continues the trend of more phishing attacks and more phishing sites. The IRS phishing attack doubled in volume in March as compared to February (in the USA, the tax filing deadline was April 17 in 2006, as the usual April 15 deadline fell on a weekend this year.)
Link, here.
Two of the most concerning forms of malware being used are Keyloggers and Redirectors. Keyloggers are a form of spyware, which record all the strokes on a computer and transmits them to back to the person (criminal), who installed the malware. They are normally used to steal financial information, used in identity theft schemes.
Sadly enough, Keyloggers are legal and easily bought anywhere, including the Internet. They allegedly have legitimate uses like spying on other people?
Perhaps, the FTC should go after some of these vendors like they recently did with the Private Investigators selling telephone records?
Redirectors are a trojan, which once installed on a computer, redirect the user to malicious sites, where their financial information is stolen. The sites are also known to download more malware (crimeware) on systems. Redirectors are extremely dangerous because there is little indication you are being hijacked.
The Anti-Phishing Working Group has some excellent educational information on this subject, including what to do if you become a statistic:
How to Avoid Phishing Scams
What To Do If You've Given Out Your Personal Financial Information
Too many people (who know what to look for) ignore and delete phishing attempts. There are a lot of places you can report activity and make an impact. In most cases, it only takes a minute or two to do so.
You can report phishing activity to the APWG, here. Activity can also be reported to PIRT, which is a joint venture by Sunbelt Software and CastleCops.
Another resource to report activity is the Internet Crime Complaint Center, which is associated with the FBI. You can report it a lot of places, but it is important to report it. If everyone took the time to report one phishy email a day, it would probably have a significant impact.
By reporting the activity that we see and taking advantage of the mostly volunteer efforts to fight it, we might make the Internet a safe place for everyone again. As access becomes cheaper and more widespread, the number of potential victims is growing at a record rate.
Continuing to ignore all those "Phishy" e-mails will only encourage the Phishermen to move forward with greater frequency. Additionally, the attacks are becoming more sophisticated and "how to kits" are being sold on how to do these dirty deeds. This will undoubtedly bring more and more Phishermen to the (already) murky waters of the Internet.
Of course, we can also take the time to educate newer users, also. In fact, awareness protects people more effectively than anything I've seen, thus far.
Tuesday, April 25, 2006
Do It Yourself Hacker Kits
Not too long ago, you needed some technical expertise to become a Internet criminal. Think again, for about $15.00 you can buy your own do it yourself kit from Russia. This kit downloads a Trojan when someone visits the site it is installed on. It logs keystrokes, (which can give someone access to your personal and financial information), downloads additional cybernasties and opens backdoors to a compromised system.
The Trojan is even smart and can detect what browser is being used via the user agent and customize the exploit based on the browser settings.
Here is the ad, which was translated into English by Websense:
Dear Friends! We would like to offer you multi-component exploit Web-Attacker IE604, that realizes vulnerabilities in the internet browsers Internet Explorer and Mozilla Firefox. With the help of this exploit you will be able to install any programs on the local disks of visitors of your web pages. In the foundation of work of the exploit Web-Attacker IE0604, there are 7 already-known vulnerabilities in the internet browsers: Objective of the Exploit: Hidden drop of the executable from the deleted source to the local hard drive of the site visitor.
-Bypasses all security measures-Is not blocked by Firewalls [Agnitum Outpost, Zone Alarm, Sygate Personal Firewall]
-Tri-level protection -Flexible installation -Updates -Detailed Statistics
For the full alert, with screenshots, click here.
John Leyden of the Register is also covering this story.
trimMail's E-Mail Battles has an interesting story about why some of these kits are so dangerous. Here is an excerpt:
Smart computer users know that once a computer is infected by a rootkit, it's changed forever. And as Windows rootkits go, Hacker Defender is among the most dangerous. The author of Hacker Defender, holy_father, explains why he does what he does, and what you can do to detect his rootkit.
Antivirus companies sell a fake sense of security, but they do not bring real security to your computer. Antivirus just fights programs that are visible to common users. They don't care about the cause.
Do it yourself kits are becoming increasingly common and are making the Internet increasingly dangerous for the common user.
The Trojan is even smart and can detect what browser is being used via the user agent and customize the exploit based on the browser settings.
Here is the ad, which was translated into English by Websense:
Dear Friends! We would like to offer you multi-component exploit Web-Attacker IE604, that realizes vulnerabilities in the internet browsers Internet Explorer and Mozilla Firefox. With the help of this exploit you will be able to install any programs on the local disks of visitors of your web pages. In the foundation of work of the exploit Web-Attacker IE0604, there are 7 already-known vulnerabilities in the internet browsers: Objective of the Exploit: Hidden drop of the executable from the deleted source to the local hard drive of the site visitor.
-Bypasses all security measures-Is not blocked by Firewalls [Agnitum Outpost, Zone Alarm, Sygate Personal Firewall]
-Tri-level protection -Flexible installation -Updates -Detailed Statistics
For the full alert, with screenshots, click here.
John Leyden of the Register is also covering this story.
trimMail's E-Mail Battles has an interesting story about why some of these kits are so dangerous. Here is an excerpt:
Smart computer users know that once a computer is infected by a rootkit, it's changed forever. And as Windows rootkits go, Hacker Defender is among the most dangerous. The author of Hacker Defender, holy_father, explains why he does what he does, and what you can do to detect his rootkit.
Antivirus companies sell a fake sense of security, but they do not bring real security to your computer. Antivirus just fights programs that are visible to common users. They don't care about the cause.
Do it yourself kits are becoming increasingly common and are making the Internet increasingly dangerous for the common user.
Here is a recent post, I wrote about "how to scam kits" and one that is designed for use in committing fraud on eBay.
Link, here.
Subscribe to:
Posts (Atom)
