Monday, October 20, 2014

Resources of a digital survivor

“When there's no more room in hell, the dead will walk the Earth.” These words are said at one of the key scenes of the “Dawn of the Dead” remake, a film of worship for all lovers of zombie genre.

You may wonder why the CIGTR starts its articule with something so trivial. The answer is simple. Truth is sometimes stranger than fiction. The zombie world had its new golden age in cinema under the paradigm of a society overwhelmed by too much information, the TV and the government control. Meanwhile in the third environment we see how everyday zombie hordes or deadly viruses attack where they hurt, on our digital life.

These kind of situations are usually studied by researchers, like those at Check Point Software Technologies who have showed how one of the communication pillars on Android, Binder, is vulnerable to man-in-the-middle (MITM) attacks. Binder is the name given to the IPC system of Google’s mobile OS. Such system is responsible for communicating processes with each other, so that an application can show something on screen, call the keyboard or share information with another app. If you take into consideration that most applications do not have a reliable layered security system, jumping from one layer to another could ultimately affect any system service, exposing user data, passwords, communications...

There are more and more zombies in cyberspace. In fact, a huge number of real zombies operate under cybercriminals’ orders. Actually you could be one of them, although you probably may not have noticed it yet. The Spanish Internet User Security Office (OSI) published some tips this weekend to identify if your devices are suffering any ‘zombification effect’, as well as a list of free online tools to verify this and try to get rid of the evil yoke of these botnets.

Users sometimes act like zombies too, representing the weakest link in the chain. Phishing campaigns invade your inbox, and take advantage of your lethargic mind. The latest of this campaigns targets your Dropbox account. It uses a HTML page shared by a random user (so the link, looks and feels like the official website is certified by Dropbox) and abuses the SSL security failure presented last week to bypass data sent by the victim.

"Brains!" Or rather information is what such hypothetical (not because there are hypothetical, but because we are not pointing to any specific one) companies which look for former employees from large companies would consume. They offer them money in exchange of business confidential information from it. Chema Alonso talks about this on a short article written as a conversation between applicant and payer. This information would be resold to third parties and used to what they wish.

The digital world changes people. That quiet bartender from the bar at the corner can be a real monster behind the screen. Waiter and good neighbor, but digital stalker. Or maybe just an annoying troll, who systematically set their goals to discredit other people publicly. The problem comes when the situation switches from nuisance to criminal acts which, in the case of UK, might lead up to two years in prison.

And here you have a suggestion for all Yosemite users. Yosemite is the new version of Apple’s desktop operating system. The company says it does not collect personal information, but the new Spotlight, the system’s contextual search does. To disable it, simply follow the little tutorial linked on the article.

Remember: Stay informed, secures your system and enjoy the network. Every digital survivor must comply these three tips to the letter, if he does not want to end up falling by an infected bite :)


Post a Comment