[smolloy]

Quote:

Originally Posted by techieMoe

My ISP does this. If your computer is found to be infected with something that's detrimental to the network they block your access and make you call customer service to get it reactivated. The idea is (I guess) that the rep will make you run antivirus and remove the threat. I've not had any problems with the policy so far.

I wish more ISPs would do this. It *seems* like it would be in their interest to get rid of all the spam traffic that originates from their network, but I guess someone has done the sums and figured out that they'd lose more money from annoyed, security unconscious, customers migrating away than from cutting bandwidth costs

[bigtomrodney]

That reminds me of a letter my bank sent me the other day. It was about Phishing and Vishing, as a lot of people are getting caught and trying to get the bank to pay for their mistakes.

So It says everyone should get anti-virus, and consider using a firewall. I was really confused by this. Considering the fact that these are social attacks and not technical is one part. The other is if anything you should have a decent firewall first to stop traffic. Antivirus software doesn't detect adware/spyware etc. Just makes you wonder why they bothered at all. Probably just legal lipservice.

[techieMoe]

Quote:

Originally Posted by bigtomrodney

So It says everyone should get anti-virus, and consider using a firewall. I was really confused by this. Considering the fact that these are social attacks and not technical is one part.

That's a point often confused by industry pundits trying to "blow a hole" in the strawman theory that Mac OS X is invulnerable (note that I've never heard anyone with any sort of measurable intelligence ever say that OS X or any other system was perfect). Most of the "viruses" on OS X have been due to social engineering. They trick the user into doing something like opening a file or running a script. In effect, the user hangs themselves.

I agree that if a bank tells people to install antivirus to stop phishing attacks, they're just playing the "cover our posterior" game so that when someone gets their information stolen they can say, "We told you to be careful! We're not liable."

[Vergil83]

Quote:

Originally Posted by bigtomrodney

So It says everyone should get anti-virus, and consider using a firewall. I was really confused by this. Considering the fact that these are social attacks and not technical is one part. The other is if anything you should have a decent firewall first to stop traffic. Antivirus software doesn't detect adware/spyware etc. Just makes you wonder why they bothered at all. Probably just legal lipservice.

It reminds that a lot of phreaking and early hacking wasn't just technology related, but it also involved social engineering. Calling up and pretending to be someone else to get information (see Kevin Mitnick)

[techieMoe]

Quote:

Originally Posted by Vergil83

It reminds that a lot of phreaking and early hacking wasn't just technology related, but it also involved social engineering. Calling up and pretending to be someone else to get information (see Kevin Mitnick)

The US Congress is working on (or has already passed, I forget) legislation against this very thing. I think the term they used was "pretexting", where you call a company pretending to be someone else in order to get their information. Telemarketers have been known to use this on customers by calling and not immediately identifying themselves as telemarketers to milk unwitting people out of their information.

[Danny Lawson]

This is technology at its best. There are always advantages and disadvantages of technology. It totally depends upon every individual to use or misuse it, whether it is internet or anything else.
IMO there are only handful of people whose natural tendency is to misuse things.
It is not far from getting freedom from viruses, spyware and the rest.

[carlosponti]

the pretexting has been used to find names of people who have reportedly are copyright infringer's by the MPAA. Usually there is not information available for the MPAA to sue individuals so they dupe the people into giving up information for them to turn around and sue them. I think its completely against our system to break the law to use illicit means to enforce it.

[Zoneseek]

I have to wonder though. How big of a problem would botnets be in a world without Windows? No difference?