Feb 22, 2005

huh?

Am I missing something here? Lots of posts about this popping up everywhere. In short, some blogger signed up for an SMS service, it logged in and captured all his contact info, it then spammed all his contacts, he posts an apology on his blog, said SMS company writes him a desist letter. Let me get this straight. This blogger signs up for a SMS service where you are required to provide your freaking password for your email? What? Surely that is incorrect. No no it is correct. I went to sms.ac and checked.

So this guy must not be that computer savvy right? No he is. In fact I'll go one further. I got an email from my old boss a while back saying how great this very SMS service was. I remember thinking at the time is this spam or did he get a virus? Now I know. What makes this bad though is that I used to work at a software company in a group focused on SECURITY!

My point here is that security people and general computer users always seem to focus on security holes and patches and so forth. Admittedly this is important. But I've operated my Windows machines without patches and without antivirus software for many long months in the past. You know why? Because it is far easier for people to get the information they want about you by simple social engineering. Why go to all the trouble to figure out how to buffer overflow a memory cache to inject malicious code into a computer when you can call or email most people and ask them for anything you want.

Why don't I need to install anti-virus software or to patch my computer? Because I don't open email from people I don't know, I never give out confidential information, and I don't visit porn sites. It's really that simple.

If supposedly technical minded people are getting suckered with such an obvious ploy then how in the world are the non-technical people not scammed out of everything they own. (wanders off shaking head)

1 comment:

Melissa said...

Well Firefox just came out with an update and it had, what... 17 security fixes? Can you imagine if IE came out with that? It'd be all over the front page. Remember, porn is bad. Well...not always.