Saturday, October 03, 2009

Bank Robbery via Broken Windows


Most of us do it on a weekly basis...

bank online.

The majority of us have become comfortable with it just as we have most of our online tasks...

It's time to take pause...if you are a Windows User that is.

A recent story told of a new or re-engineered trojan that was allowing Russian, African and possibly US hackers access to bank accounts across the globe.

And as the media is fond of withholding, this isn't a Computer Problem...

This is a Microsoft Windows Problem.

Reports differ greatly but many report that millions are going to be stolen if they have not been already. Will they "patch" it?

Probably, until someone comes up with something new...some 15 year-old kid will have it ready within hours of the patch.

There is no sense in preaching to The Choir...you all know the sermon chapter and verse...

I won't bore you with the sermon.

Just let your Windows-using friends that Microsoft has again allowed thievery and shenanigans to reign supreme within the plastic, wire and metal that makes up their computers.

Windows User's are not all morons or lazy....or apathetic.

Some have gotten a clue.
(my thanks to Richie for the link)

Pass it on.

All-Righty Then

9 comments:

  1. But, of course, with Windows 7 and Microsoft Security Essentials everything will be fine! Ya, right!

    I'll pass this on, but if I had a penny for every time I'd told people Linux was more secure than Windows they'd probably think I'd harvested their account details!

    ReplyDelete
  2. Ubuntu by default is far more secure than Windows. If you learn how to use iptables, ufw, or any firewall front-end, you can be as secure as anyone ever is.

    Another thing that really drives me nuts is all the "Run Office 200x on Linux" stuff out there. Just refuse to use office and use OpenOffice. Stop letting microsoft dictate your document formats!

    ReplyDelete
  3. I run Ubuntu 9.10 with firestarter as a GUI front end for iptables. Reviewing my firewall logs, what never ceases to amuse me is the attacks on my system always show a pattern, an assumption by the attacker that I am running windows. However it can become annoying. I am so sick and tired of Chinese IPs hammering on my ftp server trying to guess the password to the "Administrator" account. Think ill just block all of china. When it comes to online banking I don't worry at all. Ken why do people put them selfs thru this?

    Kevin you are so right, whats the point of running Linux if you are just going to spend all your time using windows apps in wine or emulation. When I made the break back in 2007 I quit cold turkey.

    ReplyDelete
  4. @Justin

    Unless you have business that requires access by Chinese IP blocks, there are several ways to block the entire set, one of them at http://www.okean.com/thegoods.html. I think you can put up a cron job to wget the latest script and run it, which should update your iptable definitions, but that also means ensuring any other entries are included.

    I put this on a local LUG list, and other folks had some even better alternatives; look at the ALG mailing list archives and search for http://www.okean.com, and you should come up with the entire thread.

    ReplyDelete
  5. Just shared this with the Dell IdeaStorm community. :o)

    http://www.ideastorm.com/ideaView?id=087700000000BKAAA2&mc=0&p=16

    ReplyDelete
  6. @Felix

    Thanks for the tip. I was getting ready to lookup the CN ip ranges and block them manually by editing my /etc/firestater/user-post file. Your suggestion is a heck of a lot better, so thanks. Oh and no I have no need to do business with China.

    ReplyDelete
  7. Geoffrey Platt10/11/09, 11:00 PM

    Someone else who clue - New South Wales (Australian) Police:

    NSW Police: Don't use Windows for internet banking

    ReplyDelete
  8. @Geoffrey,

    I must have missed your post about the NSW police. I caught up with it through other sources yesterday. Here's my thoughts on what might turn out to be a key piece of advice!

    http://www.linuxquestions.org/blog/richc-403594/2009/10/14/detective-inspector-bruce-van-der-graaf-2329/

    ReplyDelete
  9. http://linux.slashdot.org/story/09/10/13/2344251/Washington-Post-Says-Use-Linux-To-Avoid-Bank-Fraud
    Finally, the media too is catching on.

    --
    a Linux Mint user since 2009 May 1

    ReplyDelete

Our HeliOS Project clients do come here and many are children so keep it clean. Profanity is immediately filtered and the ip of the offending user is blocked. No potty-mouth stuff here.