×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Inside a Ransomware Money Machine

Unknown Lamer posted about a year and a half ago | from the spam-this-time-it-breaks-your-legs dept.

Crime 158

tsu doh nimh writes "The FBI is warning that it's getting inundated with complaints from people taken in by ransomware scams that spoof the FBI and try to scare people into paying 'fines' in lieu of going to jail for having downloaded kiddie porn or pirated content. KrebsOnSecurity.com looks inside a few of the scams in the FBI alert, and it turns out it only takes 1-3 percent of victims to pay up to make it seriously worth the fraudsters' while."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

158 comments

Scams (1, Troll)

Sparticus789 (2625955) | about a year and a half ago | (#40996443)

Scams are only effective if they appear to be true. Would it surprise anyone for the FBI to essentially take bribes (fines) over fake criminal charges?

Re:Scams (3, Informative)

h4rr4r (612664) | about a year and a half ago | (#40996455)

Yes, me. I got one of these emails, but since I know that is not how the FBI operates I deleted it.

Re:Scams (4, Insightful)

CheshireDragon (1183095) | about a year and a half ago | (#40997781)

Exactly. If they suspect you have kiddie pr0n they are not going to take a bribe and say 'pay up to keep us quiet.' The first time you will even hear from them they will be kicking in your front door, seize you and all your electronics.

Re:Scams (5, Funny)

firewrought (36952) | about a year and a half ago | (#40997921)

The first time you will even hear from them they will be kicking in your front door, seize you and all your electronics.

And it's that sort of personalized attention that makes American law enforcement the best! :O

Re:Scams (1)

Anonymous Coward | about a year and a half ago | (#40996521)

Yes, it would surprise anyone with a brain. Basically that eliminates a huge swath of tin foilers such as yourself.

Re:Scams (3, Insightful)

Deep Esophagus (686515) | about a year and a half ago | (#40997981)

That's why the thought that 1 to 3 percent of the targets are falling for this makes me weep for the collective intelligence of the human race.

Re:Scams (5, Insightful)

ideonexus (1257332) | about a year and a half ago | (#40999005)

It's easy to laugh and feel superior that a small percentage of people fall for these scams, but what isn't funny is that the people falling for it are mostly senior citizens. Just yesterday my mother-in-law brought me the phone and told me, "It's somebody from Microsoft! They say our computer is infected with a virus!"

I answered the phone and somebody with an Indian accent told me his name was "Todd Moody" and that our computer was sending error messages to Microsoft. Curious about the scam, I let him walk me through opening the application error log and trying to delete some errors from it, to which he exlaimed, "Oh no sir! You cannot delete the errors! This is very very bad! You have a very dangerous trojan virus on your computer!"

If I hadn't been there, my mother-in-law would have handed over her credit card information no questions asked. In fact, my father-in-law had done this in the past. One day I'm going to be a senior citizen and my bullshit detector is going to stop working like it does for everyone else. The Federal Government should be putting a stop to this predatory scumbaggery with extreme prejudice.

When you see this crap, do your civic duty and report it [ic3.gov] .

Re:Scams (1)

Anonymous Coward | about a year and a half ago | (#40996625)

Hell yes. Unlike some third-world countries, the justice system in this country is not corrupt. They don't just take money with no cause, despite Republican/libertarian protests that the government is running amok.

I feel the same way about the folks trying to convince me my WOW account is banned, or that I'm somehow in violation of the Mattress Tag law.

funny thing about that law (3, Informative)

RobertLTux (260313) | about a year and a half ago | (#40996699)

once you have the mattress home it is legal for you to remove the tag but after that you can't resell the mattress.

Re:funny thing about that law (1)

h4rr4r (612664) | about a year and a half ago | (#40996795)

You can't sell it as a new mattress, I don't believe those tags are required for sales of used mattresses. However some jurisdictions forbid the sales of used mattresses all together.

Re:funny thing about that law (0)

Anonymous Coward | about a year and a half ago | (#40996975)

Actually the only thing that matters is if the mattress is made out of hemp. Fuck the tag. If the mattresses factory is producing hemp mattresses then the FBI will come down with a boot to the neck, just like a poor Amish farmer with raw milk.

None of this teaches people to operate their OS.
None of this teaches people to monitor their processes or services.

If they did these two things, there would be 80% less BS.

Re:funny thing about that law (1)

Eponymous Hero (2090636) | about a year and a half ago | (#40998095)

and they are strictly enforced by craigslist sting operations. there just aren't enough real criminals to go after. i mean, what?

Re:funny thing about that law (1)

cayenne8 (626475) | about a year and a half ago | (#40998241)

However some jurisdictions forbid the sales of used mattresses all together.

Wow...that's quite interesting, I'd never heard of such a thing.

I wonder why some areas would ban sales of used mattresses?

Re:funny thing about that law (2)

mellyra (2676159) | about a year and a half ago | (#40998349)

I wonder why some areas would ban sales of used mattresses?

probably old laws that were meant to reduce the spread of lice and mites

Re:funny thing about that law (2, Insightful)

Anonymous Coward | about a year and a half ago | (#40998751)

"I wonder why some areas would ban sales of used mattresses?"

Health concerns. There was a major issue with it (or at least a heavily reported issue) in the 80/90s. Not so much with personal sales but with less reputable companies which would take the most rancid, stained, mold/parasite infested and disgusting mattresses and resell them. What idiot would buy a nasty stained mattress you say? Lots of people as the companies in question would replace/sew over the old mattress with a new cover which made it look brand new but still had the contaminated stuffing.

Re:Scams (1, Insightful)

moeinvt (851793) | about a year and a half ago | (#40997873)

"Unlike some third-world countries, the justice system in this country is not corrupt."

I don't think they would take a bribe to make an arrest, but that doesn't mean they aren't corrupt as hell. How many well-connected elites in the financial sector have been prosecuted for fraud, forgery and perjury? The FBI issued a report in 2003 warning of an "epidemic of fraud" in the home mortgage market, yet no arrests and prosecutions? How many Bush admin officials have been prosecuted for violations of the FISA law, torture, war crimes, etc.?

Selective enforcement of the law is corruption, and it is absolutely pervasive in our so-called "justice" system.

Re:Scams (2)

cayenne8 (626475) | about a year and a half ago | (#40998271)

How many Bush admin officials have been prosecuted for violations of the FISA law, torture, war crimes, etc.?

Same thing could be asked of the current Obama administration's officials.

Re:Scams (2, Insightful)

Anonymous Coward | about a year and a half ago | (#40998987)

Shhhhh.... You can't tell anyone that Obama's terrorism policies are the exact same as Bush's.

Hah! (5, Informative)

Anonymous Coward | about a year and a half ago | (#40996479)

My buddy got one of those from watching waaaaayy too much porn, and actually called the FBI who told him it was a virus.

What it does is lock your screen with an FBI logo and official-looking message, even displaying the output from the webcam if there is one, saying that unless the mark pays $200 or so using a Bitcoin-like form of payment one can get at convenient stores, the user will be arrested for downloading CP and/or "copyrighted material." Certain keys are locked, obviously, so you can't do the 3-finger salute and kill it with the task manager.

A boot into safe mode and a little MsConfig was enough to fix, though not remove, the malware.

-- Ethanol-fueled

Re:Hah! (0)

Anonymous Coward | about a year and a half ago | (#40996889)

Sounds no different from the "software" some media companies bundle with commercial products.

Re:Hah! (3, Informative)

Anonymous Coward | about a year and a half ago | (#40997307)

My buddy got one of those from watching waaaaayy too much porn

No, your buddy got it from downloading and executing malware. You can look at an unlimited amount of porn, but if your policy is that you don't run code that you have reason to trust, then you can't get infections. Porn is still as safe as it has always been.

Re:Hah! (1)

Anonymous Coward | about a year and a half ago | (#40997521)

Porn-delivered Malware is about on the same level as, while looking for a hooker, being shown a rancid taco and being told it's a vagina, then sticking your dick in it.

Re:Hah! (0)

Anonymous Coward | about a year and a half ago | (#40998649)

Drive-by infections are quite possible, even before one consider social engineering. Said buddy may well be one of those that insist on still using IE.

Funny how it's not a scam when the lawyers do it (5, Insightful)

Nyder (754090) | about a year and a half ago | (#40996491)

It should all be considered a scam when someone says pay up or I'll take you to court/press charges/sue/threatens you.

Re:Funny how it's not a scam when the lawyers do i (4, Insightful)

darkmeridian (119044) | about a year and a half ago | (#40997319)

The difference between blackmail and settlement is that blackmail requires the threat of doing something ILLEGAL if the demands are not met. Whereas, a settlement offer is the forbearance of a LEGAL right if the demands are met. If someone didn't pay me for my work, for instance, I can send a demand letter asking that he pay me or I will sue him for the money, which is a legal right I have. If I demand money or I will shoot him, that's blackmail.

The boundary is close when it comes to porno cases. What if the right to sue is clear cut (the Copyright Laws clearly prohibit downloading the material) but the real damage is the damage to reputation? That becomes closer to the situation of, "Give me money or I'll release this sex tape you made" or "Give me money or I'll tell the world about our love baby."

Re:Funny how it's not a scam when the lawyers do i (4, Interesting)

HungryHobo (1314109) | about a year and a half ago | (#40997547)

" If I demand money or I will shoot him, that's blackmail."

No, that's extortion.

Blackmail would be threatening to tell your wife about your mistress. Blackmail can include things you would otherwise be perfectly legally allowed to do.

You may have every legal right to expose the trips made to a bathhouse by a homophobic republican senator but if you demand money from him in exchange for *not* revealing that secret, that's illegal.

Re:Funny how it's not a scam when the lawyers do i (2)

Opportunist (166417) | about a year and a half ago | (#40997725)

I don't know about your country, but in mine, suing someone despite knowing very well that your chances of winning are zero with the intent of browbeating the person sued into submission due to him not knowing the legal system and not being able to afford adequate legal representation IS actually illegal.

It's called a frivolous lawsuit and if you are a lawyer and tend to do such things too often, I hope you have a plan B for your time after being disbarred.

Re:Funny how it's not a scam when the lawyers do i (0)

Anonymous Coward | about a year and a half ago | (#40997915)

You've never been to Mexico?

The best defense against scams (5, Insightful)

operagost (62405) | about a year and a half ago | (#40996503)

The best defenses against scams are still the same:
1. Knowing your right to due process, and
2. Knowing proper spelling and grammar in your native language.

I'm continually dismayed that large numbers of people (possessing enough intelligence to use a web browser) don't realize that the FBI using email or popups to demand summary payment of "fines" without due process is implausible and illegal.

Re:The best defense against scams (3, Interesting)

Anonymous Coward | about a year and a half ago | (#40996591)

You'd be surprised at how ignorant folks are. Particularly older users tend to take real
appearing emails at face value. I've told my parents to treat ALL commercial emails
as fake, even if they are from some organization they actually do business with. Call
the organization 800 number, go to the web page directly (not via "links" in the email). Yes,
it is a pain/loss of functionality, but so is getting taken, and ignoring them all ends up being the safer
approach... The above policy started after they got one of the fake anti-virus trojans...

Re:The best defense against scams (0, Insightful)

Anonymous Coward | about a year and a half ago | (#40996613)

Give them a few years. Right now, some bureaucrat is thinking, "This would be a great revenue enhancer. How do I implement this?"

Re:The best defense against scams (-1)

Anonymous Coward | about a year and a half ago | (#40996665)

No they aren't you fucking cock jockey.

Re:The best defense against scams (0)

Anonymous Coward | about a year and a half ago | (#40996983)

Oh yes they are. If you think otherwise you don't know much about government, do you? These are the same people that went 'stop LIGHT cameras are a great idea, so how do we make this bring in even more money? Stop SIGN cameras!'

Re:The best defense against scams (5, Insightful)

dkleinsc (563838) | about a year and a half ago | (#40996729)

There's a couple more rules of thumb that help:
1. It's much harder to cheat an honest person. For example, if you don't download kiddie porn, it's very hard to get you to pay a fine to avoid trials for doing so. The Nigerian prince scam worked only on people who were willing to help somebody commit money laundering.
2. If it seems fishy, it's a scam. Anyone saying "money for nothing" (who's not a member of Dire Straits) should be suspect.

Re:The best defense against scams (2)

AwesomeMcgee (2437070) | about a year and a half ago | (#40996967)

I suspect Dire Straits, to be sure this whole thing wreaks of them.

Re:The best defense against scams (4, Funny)

Canazza (1428553) | about a year and a half ago | (#40997563)

I got an email saying they'd pay me a million dollars if I helped some arab guy transfer his money.

Sultan of Swing or something.

Re:The best defense against scams (0)

Anonymous Coward | about a year and a half ago | (#40998909)

There's a couple more rules of thumb that help: 1. It's much harder to cheat an honest person. For example, if you don't download kiddie porn, it's very hard to get you to pay a fine to avoid trials for doing so. The Nigerian prince scam worked only on people who were willing to help somebody commit money laundering. 2. If it seems fishy, it's a scam. Anyone saying "money for nothing" (who's not a member of Dire Straits) should be suspect.

Righto! cf. http://www.419eater.com/ [419eater.com]

Re:The best defense against scams (3, Funny)

Hatta (162192) | about a year and a half ago | (#40998955)

The Nigerian prince scam worked only on people who were willing to help somebody commit money laundering.

I think the Nigerian prince scam works only on people who are too stupid to understand what money laundering is.

Re:The best defense against scams (4, Funny)

sl4shd0rk (755837) | about a year and a half ago | (#40996897)

I'm continually dismayed that large numbers of people--

Oh, so many ways to finish that sentence.

Re:The best defense against scams (5, Interesting)

asdf7890 (1518587) | about a year and a half ago | (#40997063)

2. Knowing proper spelling and grammar in your native language.

There have been suggestions that some of the scammers use this as a mark filter: people put off by the spelling/grammar would be unlilkely to follow through to the end anyway so put them off early so you can concentrate on the others. People who fall for the scam despite the presentation are better quality marks and more more likely to pay out (either because they have done something wrong and are feeling guilty, or because they don't speak the language well enough to spot the telltail problems, or simply because they are just plain thick).

Though I think it more likely that the simpler explanation (most of the scammers simply fail to create a good presentation in the target language) is more likely at least in most cases.

Re:The best defense against scams (1)

RivenAleem (1590553) | about a year and a half ago | (#40997093)

The spelling and grammar mistakes in there are intentional. They want intelligent people to immediately dismiss the scam for what it is and move on. They don't want them to follow up and call the FBI to find out what it is about.

Someone who is fooled by poor spelling and grammar will likely also fall for the scam itself.

Re:The best defense against scams (3, Insightful)

Zontar_Thing_From_Ve (949321) | about a year and a half ago | (#40998727)

The best defenses against scams are still the same: 1. Knowing your right to due process, and 2. Knowing proper spelling and grammar in your native language.

I'm continually dismayed that large numbers of people (possessing enough intelligence to use a web browser) don't realize that the FBI using email or popups to demand summary payment of "fines" without due process is implausible and illegal.

As an American, I will shamefully explain why this kind of thing would work here. First of all, I have noticed a big uptick in the number of people with conservative political affiliations who have an irrational distrust and hatred for governments in general and the US government in particular. Such people do not know anything about due process and they believe every negative story they hear about "big government". They'll easily believe that the FBI would contact people this way.

Second, just from reading Slashdot it's become clear to me to that the educational system in every English speaking country, yes every one of them, has completely failed its students and nobody anywhere in the English speaking world learns spelling and grammar any more. People think that "prolly" is a real word. People now think that anytime something puzzles you, you just need to add a question mark to it (ie. "I have no idea why the soap was on sale in the store for 25 cents?"). If anything I'm actually a little encouraged that only 3% or so of "victims" are falling for this. I would probably have guessed it would be at least 10%.

Re:The best defense against scams (1)

bobthesungeek76036 (2697689) | about a year and a half ago | (#40999067)

I'm continually dismayed that large numbers of people (possessing enough intelligence to use a web browser) don't realize that the FBI using email or popups to demand summary payment of "fines" without due process is implausible and illegal.

Just about everyone that watches WWE and has a computer would fall into that category...

I call BS, or Stupid - your choice (0)

Anonymous Coward | about a year and a half ago | (#40996583)

Step 1
Find out which binary is running which provides the ransomware message. Rename it. View the hex code and see if it connects to other files or registry entries. Keep searching and identifying the malware parts.

Step 2
Rename, Delete

Step 3
Get a scan from the free online scanners.
Keep deleting until the ransomware and all worms and virii are gone

Step 4
Use D7

This stuff happens cause people don't understand how to use their Operating System.
It's the education stupid. That's not to say you make a mistake once every 5 or 10 years and accidentally delete your partition while partitioning something else. Or you actually run a worm'd up binary. It happens, I have no ego here, EVEN I screw up occasionally. However the difference is I head off to Step 1 above.

Actually writing the FBI for help? Very stupid.

Re:I call BS, or Stupid - your choice (3, Insightful)

vlm (69642) | about a year and a half ago | (#40996621)

Geeze isn't it simpler to just install linux or get a mac?

Re:I call BS, or Stupid - your choice (0)

Anonymous Coward | about a year and a half ago | (#40996741)

Geeze isn't it simpler to just install linux or get a mac?

I've worked rootkitted linux servers. They aren't above being exploited. The focus for my comment was the windows os, because the OP's Said description was a pop-up, something that linux doesn't do, since it doesn't run windows binaries.

Well not without wine or a vm..
I digress.

There are valid reasons to run windows. You use what works for whatever your goal is. Playing windows, linux, or mac fanboi isn't my style. I don't give a crap what OS it is, I use what works for the goal intended.

I'd rather use Sony Vegas Pro, than Cinelerra for example. Why? Cause I actually get work done in Vegas. Does that mean I need to hide my windows workstations behind linux firewalls. YES.

Re:I call BS, or Stupid - your choice (0)

Anonymous Coward | about a year and a half ago | (#40997189)

Geeze isn't it simpler to just install linux or get a mac?

Only if you're a socially stunted geek or one of the sheeple.

Re:I call BS, or Stupid - your choice (0)

Anonymous Coward | about a year and a half ago | (#40997481)

For the record I have linux boxen (firewall, workstations), I have a unix server (streaming audio), I have people that send me data which comes from mac (final cut). I choose to have sony vegas on a fucking windows workstation, however I also understand the underlying OS in each case.

I like and so far, continue to like everything.
The first level logic command OR works with me, and against you, using a modified truth table in this instance.

I use this or this or this or this or this or that or whatever works to get the goal completed.

If you think I am a sheeple then explain why do I bother unplugging the tv, and loading drudge, rense, zerohedge, david icke, AJ, we are change or blacklistednews?
Maybe I think the FRN counterfeit printers are chilax?

Re:I call BS, or Stupid - your choice (1)

CanHasDIY (1672858) | about a year and a half ago | (#40996851)

I have no ego here, EVEN I screw up occasionally.

Yup, no egotism there, no siree...

FYI, understanding the fundamentals of how software works (i.e. "View[ing] the hex code") is not a requirement of using a computer, and shouldn't be.

Equally relevant, being a condescending asshat in regard to your perception of near infallibility isn't necessary either.

Re:I call BS, or Stupid - your choice (0)

Anonymous Coward | about a year and a half ago | (#40997113)

That's fine, pile it on me.
I don't have an ego.

near infallibility is ENOUGH for me.
If Fravia was raised from the grave he could tear my computer up.
There are other wizards, you speak the truth.

While not perfect, my security planning has worked quite well so far.
Cloned disks, and off disk encrypted password managers tend to keep the ice creams away from the starving.
Even if you get cracked, you have a small window to replace all your passwords, and thus stop the financial BS.

Viewing Hex code should be part of computer 101, and so I disagree, it should be equally taught as DOS, or Bash.
I benefited from it.

I reply in LOVE not hate.

Re:I call BS, or Stupid - your choice (1)

Opportunist (166417) | about a year and a half ago | (#40997831)

Why is it stupid to write to the FBI for help? Isn't it their job to prosecute crimes that cross the borders of the local jurisdiction, something that is almost certainly the case with such a scam?

Think of the FBI what you want, but as much as it may anyone surprise, they ain't the bad guys, most of the times...

Re:I call BS, or Stupid - your choice (1)

Anonymous Coward | about a year and a half ago | (#40998971)

Step 1 Find out which binary is running which provides the ransomware message. Rename it. View the hex code and see if it connects to other files or registry entries. Keep searching and identifying the malware parts.

Step 2 Rename, Delete

Step 3 Get a scan from the free online scanners. Keep deleting until the ransomware and all worms and virii are gone

Step 4 Use D7

This stuff happens cause people don't understand how to use their Operating System. It's the education stupid. That's not to say you make a mistake once every 5 or 10 years and accidentally delete your partition while partitioning something else. Or you actually run a worm'd up binary. It happens, I have no ego here, EVEN I screw up occasionally. However the difference is I head off to Step 1 above.

Actually writing the FBI for help? Very stupid.

You're absolutely right. My 77 year old mother spends most of her time (now that she's retired) tracing and debugging malware binaries. Please.

The bullshit you're spewing is about the same as "the problem with air travel is that people don't know how to pilot a 767." Are you really that thick or are you just trolling?

Posting anon as I'm moderating on this thread.

Same stats as spam ... (3, Interesting)

gstoddart (321705) | about a year and a half ago | (#40996663)

it turns out it only takes 1-3 percent of victims to pay up to make it seriously worth the fraudsters' while

Isn't this about the same percentage as any spam campaign? That's pretty much why it's still profitable.

Though, you'd think that most people would realize that law enforcement doesn't simply send you an email demanding you pay a fine or face criminal charges -- there really isn't that option as far as I know. Well, at least not in all countries.

Re:Same stats as spam ... (3, Interesting)

EdIII (1114411) | about a year and a half ago | (#40997783)

Depends on the ransomware. I have run across the FBI thing twice now and the real problem is that the machine had business data. Paying to get access to your business data was the main reason why they were willing to pay.

These particular variants were making it difficult to locate data since they had silently redirected the My Documents folder. If you could get out of it and back into safe mode you would see your data missing unless the ransomware program was actually running.

Even more problematic is that some of these programs encrypt the data. Then you really have a problem.

It's a hard lesson of why you need to keep business machines and fapping stations separate .

Re:Same stats as spam ... (1)

Lehk228 (705449) | about a year and a half ago | (#40998283)

difference is, a typical spam campaign will be for a $30 pack of make your penis huge pills. these are $500 or $1000 "fines" AND the victims are scared, thus less likely to report it or talk about it. Imagine your reaction if a non-technical co worker mentioned at lunch how they bought in to an email real estate offer vs. your reaction if he mentioned "so... the other day i was looking at child porn and the FBI put this message on my computer....."

Re:Same stats as spam ... (1)

gstoddart (321705) | about a year and a half ago | (#40999119)

vs. your reaction if he mentioned "so... the other day i was looking at child porn and the FBI put this message on my computer....."

Except for the fact that a tiny fraction of people getting this (if any) would have done so, and would be damned sure they hadn't.

It's not like they had to target people actually doing this for it to be effective.

I know if I got an email like that I would immediately know it to be fake. I stumbled on some almost a decade ago when usenet was the wild west -- and I hope to never see it again.

And, really, who is going to believe the FBI would let you off with a fine? This is something they prosecute quite seriously.

This has gotten out of hand. (3, Interesting)

sageres (561626) | about a year and a half ago | (#40996727)

Just a horrible observation: this has seriously gotten out of hand and it is getting worse. Back twenty years ago, there were only a limited number of known viruses, that identity definitions / checksums of all of them could have fitted on a single database file big enough for a single floppy disk. Nowdays the combination complicated operating systems with weak security, security bugs on internet software and abundance of poor programmers in the 3rd world countries willing to sell their code of ethics, morals and their mother for two thousand dollars per exploit make it virtually impossible for anti-virus companies to maintain a product and database to keep these off.
In my experience, my customers in most cases were duped in downloading these pieces of thiefware. My personal thought back than was "I wish I could lock this computer in read-only state so that they can not do absolutely anything stupid except turn it on, browse and turn in back off."

In light of this there must be a new way of conducting Internet browsing and software management on local computers. My personal thought was a full read-only operating environment periodically verified with full checksum for its integrity, on which any software updates or new software installs are simply impossible / or new installs are allowed based on reputation scores of such software.

But seriously, are there any schemes or research out there that has been working on the topic of creating a managed secure environment for average consumers?

Re:This has gotten out of hand. (0)

Anonymous Coward | about a year and a half ago | (#40996817)

are there any schemes or research out there that has been working on the topic of creating a managed secure environment for average consumers?

Yeah it's called a KIOSK. It doesn't work for Everyone. I wouldn't buy it unless I was re-selling it to others.

If your plan here is some utopia kiosk, perhaps you should state a SINGLE utopia that has ever happened on the history of this planet.
If anything KIOSK-ing everything is worse than a police state. However I am not above rolling it out to protect Grandma.

Re:This has gotten out of hand. (-1)

Anonymous Coward | about a year and a half ago | (#40997649)

All I did in this thread was give excellent advice. Maybe I should fucking say I am a Jew next? I had my ego, my OS choice, my wide-awakeness vs sheeplenes, and perhaps much more challenged. BUT I remind you I only gave ADVICE (home lan security plan -- hey tat rhymes) and SOLUTIONS (kiosk) the rest of this bs is attacks.

Ask yourself why the attacks?
You fuckers want an internet ID like ol kasper says?

Don't fuck with me. Support me, by waking the hell up and saying no more BS.
I can't fight blackhat seo's on slashdot when you volunteer to do their works.
You better eat your medicated brownies and stfu, just like ol kasper needs to suck down that fscking v0dsky and stfu, get back to reversing these binaries.
Go on now get the fsck out of here..
I'll sick Gibson Research on ya..

j/k ;o)

Come on lighten the fuck up

Re:This has gotten out of hand. (4, Informative)

viking099 (70446) | about a year and a half ago | (#40996821)

Back when I was working the computer labs at my university, we used a product by Centurion [centuriontech.com] to secure our workstations.

We would build an image, then lock down this little device installed in the case.

The computer user never even notices it, and they can write to temp folders and change settings, and everything.

When the computer is then rebooted, this device just reloads the OS from the "locked" partition, and it's just like it ever was.

Day to day it was great, but applying updates was a pain because you had to visit each system and unlock it manually. This was 15 years or so ago, so I'm sure they have a better system in place now, but it worked pretty well for our group and the hundreds of computers we maintained.

Re:This has gotten out of hand. (0)

Anonymous Coward | about a year and a half ago | (#40997865)

I noticed nobody commented on you. It frankly pissed me off!

I think kiosks are a great idea by whoever started it. It will ONLY improve over time. However it doesn't fix the banking system, the markets, nor the US monetary system.

I loved it (kiosks) in the 80's cause you could avoid the lines in banks on payday on the USAF bases.
I saw in the 90's the prices were vulture. "Check into Cash"
Post 911/2k we have accepted the vulture. "No Money Down" "Check into Cash" "Reverse Mortgage"
Acceptance without fact leads to disaster.

I believe these hardened kiosks work. they arent tje ones siphoning off trillions
As with money, only vigilance wins.
We all get cracked.
But I like "them kiosks" better than a LINE of stinking hot fellow Agenda 21 suffering people.
You know the enlisted grunt, retired, and officers on base, everyone else off base
So, let's just be sure the SOURCE isn't CORRUPT eh?
If it's so, perhaps they plan WORLDWIDE DOOM e.g. the officials and the corrupt people at the top who they protect using military force.
Now who's not awake?

In addition, what be if the electricity goes out? Hmmmm? Oh I'm sorry no 60Hz hmmm. no 50Hz hmmm hmm.
Better have Value in something other than paper and electronics.

Even your offline USB password manager is VULNERABLE

Re:This has gotten out of hand. (3, Informative)

g1zmo (315166) | about a year and a half ago | (#40999389)

At my last job in a university library, they used the same approach (but different product [wikipedia.org] ) for keeping the public PC stations locked down.

Re:This has gotten out of hand. (1)

Anonymous Coward | about a year and a half ago | (#40997323)

Since the act of browsing requires downloading information to your client, how in the world do you think you can make it "read only"?

Yes, I know, you'll say, "but the OS is read only, no changes to any system files allowed, and the content is only stored in this one partition that gets wiped when the browser is closed." Sure, that might work, for bare bones content browsing. But think about all the things people expect when they get content from the internet; text, photos, music, video, and you know, actual software. How are you going to keep your system pristine then?

How about making a copy of your machine state before you browse, then wipe the disk entirely after the browse session, and copy over the prior state? Nope, people still want to retain some of the content they got online, and during the browse session, your machine is still vulnerable to intrusion, and can do things you don't want it to do.

It's not possible - just like you can venture into the world wearing body armor over a full body condom, but that's not really practical.

Life is risk. Be moderately careful, and you'll get the things you want, and *probably* won't get hurt. Much. Often.

Re:This has gotten out of hand. (0)

Anonymous Coward | about a year and a half ago | (#40997431)

Hate to say it, but Apple. No one else gives a shit about the average consumer (personally, I hate both Apple and the average consumer)

Re:This has gotten out of hand. (-1)

Anonymous Coward | about a year and a half ago | (#40998251)

"But seriously, are there any schemes or research out there that has been working on the topic of creating a managed secure environment for average consumers?" - by sageres (561626) on Wednesday August 15, @10:43AM (#40996727)

Yes - I post PART of it here today -> http://yro.slashdot.org/comments.pl?sid=3050133&cid=40997381 [slashdot.org] which SPECIFICALLY shows you how to "stall" the botnet C&C Servers (& more) ,b>for Zeus + it's variants (Citadel, & Ice IX, which Krebs noted specifically in his REVETON article).

* The rest is YOU "security-hardening" your system, & I wrote up guides for THAT from 1997-2008, that still do the job excellently:

http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Search&gbv=1&sei=9s4rUNnAK6Xu0gGeqIDYCg [google.com]

---

* THE APK SECURITY GUIDE GROUP 18++ THUSFAR (from +5 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

APK SECURITY GUIDE:2009 -> http://it.slashdot.org/comments.pl?sid=1361585&cid=29360367 [slashdot.org]
APK SECURITY GUIDE:2009 -> http://yro.slashdot.org/comments.pl?sid=1218837&cid=27787281 [slashdot.org]
APK SECURITY GUIDE:2008 -> http://ask.slashdot.org/comments.pl?sid=970939&cid=25093275 [slashdot.org]
APK SECURITY GUIDE:2010 -> http://tech.slashdot.org/comments.pl?sid=1885890&cid=34358316 [slashdot.org]
APK SECURITY GUIDE (old one):2005 -> http://it.slashdot.org/comments.pl?sid=154868&cid=12988150 [slashdot.org]
APK SECURITY GUIDE:2008 -> http://ask.slashdot.org/comments.pl?sid=970939&threshold=-1&commentsort=0&mode=thread&no_d2=1&cid=25092677 [slashdot.org]
APK SECURITY GUIDE:2008 -> http://tech.slashdot.org/comments.pl?sid=1027095&cid=25747655 [slashdot.org]
APK SECURITY TEST CHALLENGE LINUX vs. WINDOWS:2007 -> http://it.slashdot.org/comments.pl?sid=267599&threshold=1&commentsort=0&mode=thread&cid=20203061 [slashdot.org]
APK SECURITY GUIDE:2010 -> http://yro.slashdot.org/comments.pl?sid=1638428&cid=32070500 [slashdot.org]
APK SECURITY GUIDE (old one):2005 -> http://books.slashdot.org/comments.pl?sid=168931&cid=14083927 [slashdot.org]
APK SECURITY GUIDE:2009 -> http://news.slashdot.org/comments.pl?sid=1135717&cid=26941781 [slashdot.org]
APK SECURITY GUIDE:2008 -> http://it.slashdot.org/comments.pl?sid=416702&cid=22026982 [slashdot.org]
APK SYSTEM TUNING:2010 -> http://hardware.slashdot.org/comments.pl?sid=1497268&cid=30649722 [slashdot.org]
APK SECURITY GUIDE: 2008 -> http://ask.slashdot.org/comments.pl?sid=970939&no_d2=1&cid=25092677 [slashdot.org]
APK SYSTEM TUNING:2010 -> http://hardware.slashdot.org/comments.pl?sid=1497268&threshold=-1&commentsort=0&mode=thread&cid=30649722 [slashdot.org]
APK SECURE SETUP FOR IP STACK:2005 -> http://it.slashdot.org/comments.pl?sid=170545&cid=14211084 [slashdot.org]
APK SECURITY GUIDE (old one):2005 -> http://it.slashdot.org/comments.pl?sid=170545&cid=14210206 [slashdot.org]
MICROSOFT SECURITY:2010 -> http://news.slashdot.org/comments.pl?sid=1546446&cid=31106612 [slashdot.org]

---

Plus, A TESTIMONIAL OF A USER THAT APPLIED THOSE GUIDES' POINTS TO-THE-LETTER, & HIS RESULTS OVER MORE THAN A YEAR for himself, friends, & family + clients:

To "immunize" a Windows system, I effectively use the principles in "layered security" possibles!

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

I.E./E.G.-> I have done so since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:

http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text [neowin.net]

& from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml [archive.org] which Neowin above picked up on & rated very highly.

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ [pcpitstop.com] (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2 [xtremepccentral.com]

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3 [xtremepccentral.com]

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getting my host file updated, setting services to system service, rather than system local. (except AVG updater, needed system local)" - THRONKA, user of my guide @ XTremePcCentral

---

* It works...

APK

P.S.=> As to the efficacy of a custom hosts file (which is what my 1st post link above's about?), I'll let your peers on /. here tell you about that much:

---

22++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"put in your /etc/hosts:" - by Anonymous Coward on Friday December 03, @09:17AM (#34429688)

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

As well as posts on them I've done that were "modded up":

---

* THE HOSTS FILE GROUP 37++ THUSFAR (from +5 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]
HOSTS MOD UP vs. SOPA act: 2012 -> http://yro.slashdot.org/comments.pl?sid=2611414&cid=38639460 [slashdot.org]
HOSTS MOD UP vs. FaceBook b.s.: 2012 -> http://yro.slashdot.org/comments.pl?sid=2614186&cid=38658078 [slashdot.org]
HOSTS MOD UP "how to secure smartphones": 2012 -> http://mobile.slashdot.org/comments.pl?sid=2644205&cid=38860239 [slashdot.org]
HOSTS MOD UP "Free Apps Eat your Battery via ad displays": 2012 -> http://mobile.slashdot.org/comments.pl?sid=2734503&cid=39408607 [slashdot.org]
HOSTS MOD UP "How I only hardcode in 50 of my fav. sites": 2012 -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765 [slashdot.org]
APPLYING HOSTS TO DIFF. PLATFORM W/ TCP-IP STACK BASED ON BSD: 2008 -> http://mobile.slashdot.org/comments.pl?sid=1944892&cid=34831038 [slashdot.org]
HOSTS vs. TRACKING ONLINE BY ADVERTISERS & BETTER THAN GHOSTERY: 2012 -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org]
HOSTS FOR ANDROID SMARTPHONES: 2012 -> http://yro.slashdot.org/comments.pl?sid=2940173&cid=40455449 [slashdot.org]
HOSTS vs. DEMONOID MALSCRIPTED ADBANNERS: 2012 -> http://yro.slashdot.org/comments.pl?sid=3022017&cid=40856945 [slashdot.org]
HOSTS vs. BANNER ADS AT uTorrent: 2012 -> http://yro.slashdot.org/comments.pl?sid=3042765&cid=40964905 [slashdot.org]

---

And, there you are...

... apk

Re:This has gotten out of hand. (2)

Archenoth (2592069) | about a year and a half ago | (#40999399)

It sounds like you may like Deep Freeze. http://www.faronics.com/enterprise/deep-freeze/ [faronics.com]

It costs a bit, but pretty much on every restart it will revert any "frozen" drives to their previous state, this is usually done in unison with a second partition that is "unfrozen" so people can save files... And if you want to update your system, you can turn Deep Freeze off temporarily. It also has a user permission system so some people can save files.

Fantastic for management, and as someone who was on the user end of it for a while, it wasn't that bad because of the unfrozen drive for my files. (You could permanently install with a password if you needed to)

Why some people fall for this (3, Insightful)

JDG1980 (2438906) | about a year and a half ago | (#40996955)

Several commenters have asked why anyone would fall for this – after all, US law enforcement agencies generally don't just shake people down for cash. But there are two real-world situations the average person might have dealt with that are somewhat analogous to this.

One is traffic tickets: In most cases, drivers are given the option to simply pay the fine without having to go to court. You can have a full hearing if you want, but most people just pay the fine.

The other is the legal threats against BitTorrent users, the ones where the MAFIAA sends out letters demanding that the person whose account the activity was conducted from either must pay $1000 or some similar amount immediately, or face a lawsuit for significantly more.

Now, there are definitely some legal differences there: a traffic infraction is a "summary offense" that doesn't carry the threat of jail time, and the MAFIAA lawsuits are civil cases, not criminal. But most people don't understand these subtleties: to many of them, any scary-sounding authority figure saying "Pay up" is the same thing. Heck, the Milgram experiment showed that you could have regular people deliver "fatal" electric shocks just by having a guy in a white lab coat tell them they had to.

Re:Why some people fall for this (0)

Anonymous Coward | about a year and a half ago | (#40997961)

@1000, it sounds like targeting people
@5999, with a scope
@X,000,000,000 with a ICBM
@ ~ with a nuke plant

psychopaths are in charge I say. I presume.

So let's stop them, NO MORE BS

Re:Why some people fall for this (0)

Anonymous Coward | about a year and a half ago | (#40998199)

but unless you're in Mexico, a Cop won't ask you to PAY the fine to him directly.

Re:Why some people fall for this (1)

reebmmm (939463) | about a year and a half ago | (#40998351)

This distinction is actually quite blurry for most municipal fines and citations. A number of states, for example, allow you to pay your speeding ticket fines directly at the time of the citation via credit card. How you'd distinguish this case from that case, I'm not sure.

Re:Why some people fall for this (1)

swb (14022) | about a year and a half ago | (#40998295)

Ha, we don't know how often LEO does or doesn't shake people down for cash/drugs/sex. My guess is it happens much more than anyone is willing to admit.

And there's the percentage of people with non-US life experiences where getting shaken down for bribes is part of the system.

Re:Why some people fall for this (0)

Anonymous Coward | about a year and a half ago | (#40999187)

One is traffic tickets: In most cases, drivers are given the option to simply pay the fine without having to go to court. You can have a full hearing if you want, but most people just pay the fine.

In the US generally, when you get a speeding ticket you can plead guilty or not guilty. If you plead guilty you generally don't have to show up in court. In the state of New York however, you are not told the amount of the fine to be paid when given the ticket. As such, unless you're a moron you plead not guilty and show up at the court so you don't get slapped with a $975 fine for going 67mph in a 55mph zone. Talk about revenue generation scams!

Language bug in some images posted at botnets.fr (0)

Anonymous Coward | about a year and a half ago | (#40996993)

So, the scam message is delivered in the local (non-English) language with the local police authority's logo, but some
of them have a "Federal Computer Crime Unit" or similar in English!

Webcam ransomware (1)

Compaqt (1758360) | about a year and a half ago | (#40997177)

I'm surprised there isn't more ransomware that turns your webcam on, perhaps catching you in something you'd rather not have on the interwebs, and blackmails you with that.

Re:Webcam ransomware (1)

Anonymous Coward | about a year and a half ago | (#40997355)

I bet you could even automate it to look for certain body parts using computer vision software.

Re:Webcam ransomware (1)

Anonymous Coward | about a year and a half ago | (#40997373)

I fear that some ransomware will actually put some kiddie porn or something on the victim's PC and show it to them, before demanding payment to avoid being reported to the FBI. Even if they know they didn't put it there, they won't know how it got there, and they won't be sure of being able to get rid of it or prevent it being replaced, so they will probably be scared enough to pay up in a lot of cases.

Re:Webcam ransomware (2)

asdf7890 (1518587) | about a year and a half ago | (#40998763)

To work that would need to be a fairly targeted attack: picking a few marks and working on them. A scatter-gun attack as usually used by scammers will simply alert the world to the problem and make all marks take the "no one will believe you" line, and the more targeted approach would take a lot more time and effort (and ability): while the payout could be more than worth it long term, I doubt any scammer will take the risk of waiting for as long as the scheme could take to "pay out".

The only case where this sort of attack is a concern IMO is when the attacker is someone that you know, rather than a more remote scammer, who sees reason to be out to get you.

Re:Webcam ransomware (2)

CCarrot (1562079) | about a year and a half ago | (#40997593)

I'm surprised there isn't more ransomware that turns your webcam on, perhaps catching you in something you'd rather not have on the interwebs, and blackmails you with that.

For this reason, I am still amazed that no (well, not many) webcams out there come with a physical shutter that the user can slide closed / open. Why leave it 'looking' at you when you're not using it?

It's not like people don't know this is possible, it's been used as a premise in enough tv shows...

Ah well, a sticker works about the same for me...low tech to the rescue! :)

Re:Webcam ransomware (2)

Lehk228 (705449) | about a year and a half ago | (#40998319)

I just leave my wank sock over it, since the cam is just for chatroulette anyways and i need both for that.......

Woah... (2)

Type44Q (1233630) | about a year and a half ago | (#40997217)

...and it turns out it only takes 1-3 percent of victims to pay up to make it seriously worth the fraudsters' while

You mean to say that if I demand that a hundred people each send me a lot of money, and one to three of them do... those one to three people are going to... send me a lot of money?? (Is this that "math" thing I've heard so much about?! :p)

Re:Woah... (1)

Anonymous Coward | about a year and a half ago | (#40997509)

1-3% of one million people = 10,000 - 30,000 people paying up. If you charge say $500 per person then you end up with $5,000,000 to $15,000,000.Granted it's unlikely that you will get even one million people, your scam would probably be caught on to by then. But if you even a few hundred thousand then your still going to make about one million dollars. Not that I would encourage anyone doing this but there are obvious reasons why someone would be motivated to do this.

I can't get "hit" by these (you all know why) (-1)

Anonymous Coward | about a year and a half ago | (#40997381)

Krebs specifically notes Citadel &/or Zeus (there's variants like Ice IX too): Per my subject-line above?

I block out their C&C servers + other spreaders of them here via a custom hosts file, & "ZeusTracker" is one of my sources to do so, here -> https://zeustracker.abuse.ch/monitor.php?filter=lastupdated [abuse.ch]

What makes it EASY for me to do that, along with other sources for that type of information?

This app I wrote up!

For those of you that run Microsoft Windows 32 or 64 bit? An automated hosts file creation & mgt. program:

---

APK Hosts File Engine 5.0++ 32/64-bit:

Screenshot -> http://start64.com/images/win64/security/apk-hosts-file-engine-1.png [start64.com]

&

Download Site #1 -> http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74 [start64.com] [start64.com]

or

Download Site #2 -> http://securemecca.com/public/APKHostsFileInstaller/2012_06_01/APKHostsFileEngineInstaller32_64bit.exe.zip [securemecca.com] [securemecca.com]

a.) Extract its sfx installer file from the zipfile
b.) Run the installer from inside ANY folder you like, extracting the executables + datafiles to any folder you wish (usually one you create for it, doesn't matter where, but you MUST run it as administrator for FULL functionality (simple & the "read me" tab shows how easy THAT is to do))
c.) Then, & lastly - Run either the 32-bit OR 64-bit version (rightclick on the executable & set it to run as Administrator, OR, make a shortcut that can for FULL functionality (like write-protecting the hosts file, & more...))

---

What's it do for you?

It's a custom hosts file mgt. program that does the following for end users after it obtains custom hosts file data from 12 of the reputable & reliable sources listed below:

---

1.) Blocks out malware/malscripted sites
2.) Blocks out Known sites-servers/hosts-domains that are known to serve up malware
3.) Blocks out Bogus DNS servers malware makers use
4.) Blocks out Botnet C&C servers
5.) Blocks out Bogus adbanners that are full of malicious script content
6.) Gets you back speed/bandwidth you paid for by blocking out adbanners + hardcoding in your favorite sites (faster than remote DNS server resolution)
7.) Adds reliability (vs. downed or misdirect/poisoned DNS servers).
8.) Adds "anonymity" (to an extent, vs. DNS request logs)
9.) The ability to bypass DNSBL's (DNS block lists you may not agree with).
10.) More screen "real estate" (since no more adbanners appear onscreen eating up CPU, Memory, & other forms of I/O too - bonus!)
11.) Truly UNIVERSAL PROTECTION (since any OS, even on smartphones, usually has a BSD drived IP stack).
12.) Faster & MORE EFFICIENT operation vs. browser plugins (which "layer on" ontop of Ring 3/RPL 3/usermode browsers - whereas the hosts file operates @ the Ring 0/RPL 0/Kernelmode of operation (far faster) as a filter for the IP stack itself...)
13.) Blocks out TRACKERS
14.) Custom hosts files work on ANY & ALL webbound apps (browser plugins do not).
15.) Custom hosts files offer a better, faster, more efficient way, & safer way to surf the web & are COMPLETELY controlled by the end-user of them.

---

& MORE, in roughly 10-15 minutes runtime (on an Intel Core I7 920 Quad/4 core cpu @ 2.67ghz) & faster on faster CPU's (e.g. - Intel Core I7 3960 "extreme" 6-7 core CPUs = 7 minute runtime) & slower on slower CPU's (Intel 1.5ghz Celeron single core = 45 minutes).

* The malwarebytes/hpHosts site admin another person/site hosting it (Mr. Steven Burn, a competent coder in his own right), said it's "excellent" in fact and has seen its code too...

(Write him yourselves should anyone doubt any of this -> services@it-mate.co.uk , or see his site @ http://hosts-file.net/?s=Download [hosts-file.net] )

A Mr. Henry Hertz Hobbitt of securemecca.org &/or hostsfile.org can also verify that this program is safe - write him @ -> hhhobbit@securemecca.com

APK

P.S.=> DETAILS ON WHAT THE PROGRAM DOES FOR YOU:

---

Using these sources for custom hosts file data:

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
http://hosts-file.net/?s=Download [hosts-file.net]
https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
http://ddanchev.blogspot.com/ [blogspot.com]
http://www.malware.com.br/lists.shtml [malware.com.br]
http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)
http://safeweb.norton.com/buzz [norton.com]

---

It populates and normalizes/deduplicates content in a hosts file, converting the blocking address to a smaller/faster more efficient one (0.0.0.0 vs. 127.0.0.1) & removes via filtering ANY sites that ought NOT be in a custom hosts file (such as CDN's that IF blocked, adversely affect website display):

---

A.) Offers massively noticeable increased speed for websurfing via blocking adbanners

B.) Offers increased speed for users fav. sites by hardcoding them into the hosts file for faster IP address-to-host/domain name resolutions (which sites RARELY change their hosting providers, e.g.-> of 250 I do, only 6 have changed since 2006 - & when sites do because they found a less costly hosting provider? Then, they either email notify members, put up warnings on their pages, & do IP warnings & redirectors onto the former IP address range to protect vs. the unscrupulous criminal bidding on that range to buy it to steal from users of say, online banking or shopping sites).

C.) Better "Layered-Security"/"Defense-In-Depth" via blocking host-domain based attacks by KNOWN bad sites-servers that are known to do so (which IS, by far, the majority of what's used by both users (hence the existence of the faulty but for most part working DNS system), AND even by malware makers (since host-domain names are recyclable by they, & the RBN (Russian Business Network & others)) were doing it like mad with "less than scrupulous", or uncaring, hosting providers)

D.) Better 'anonymity' to an extent vs. DNS request logs (not vs. DPI ("deep packet inspection"))

E.) The ability to circumvent unjust DNSBL (DNS Block Lists) if unjust or inconveniences a user.

F.) Protection vs. online trackers

G.) Better security vs. the DNS system being "dns poisoned/redirected" (a known problem for recursive DNS servers via port 51/53 misdirection)

H.) Write protecting the hosts file every 1/2 second (supplementing UAC) - even if/when you move it from the default location via this registry entry (which if done, can function ALMOST like *NIX shadow passwords because of this program):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters

And changing the "DataBasePath" parameter there (I do this moving it to a faster media, a "true SSD" using DDR-2 RAM, in the 4gb Gigabyte IRAM I have).

I.) Automatic downloading & Alphabetic sorting of hosts files' records entries (for easier end user mgt. manually) from 15 reliable sources (of 17 I actually use).

J.) Manual editing of all files used (hosts to import list, hosts itself in its default location of %windir%\system32\drivers\etc, the hosts files to import/download & process, & favorite sites to reverse dns ping to avoid DNS (noted above why)).

K.) Removal scanners (if the users decide to remove hosts entries from imported data they can check if the site is indeed known as bad or not (sometimes 'false positives' happen, or just bad entries, or sites clean themselves up after infestation due to vulnerable coding etc./et al)).

L.) Removal of bloating material in many hosts files like Comments (useless bulk in a hosts file that's "all business")

M.) Removal of bloating material in many hosts files like Trailing comments after records (produces duplicates)

N.) Removal of bloating material in many hosts files like Invalid TLD entries (program checks this in a BETTER method than the API call "PathIsURL")

O.) Removal of bloating material in many hosts files like Trims entries (vs. trailing blanks bloat on record entries)

P.) Removal of bloating material in many hosts files like the conversion of the larger & SLOWER 127.0.0.1 blocking "loopback adapter" address (slower due to larger size bytes wise to parse, & slower if loopback happens) to the smaller/faster to parse & load 0.0.0.0

Q.) Uniformity of ALL entries in hosts (as to records inserted & format they use - reducing bloat AND repeated bloating entries).

R.) Filtration-Removal of sites that IF in a hosts file are KNOWN to cause problems on larger portals that use CDN etc.

S.) Custom hosts files protect ALL webbound programs, not just webbrowsers (like AdBlock addons, & it doesn't even block ALL adbanners by default anymore) & it does so @ a more efficient faster level (Ring 0/RPL 0/Kernelmode) acting merely as a filter for the PnP design IP stack, vs. the slower level webbrowser programs & their addons operate in (Ring 3/RPL 3/Usermode), which addons slow them even more by "layering on" parsing & processing that browser addons layer on.

T.) Custom hosts files also offer the speedup to favorite sites noted above, & even firewalls + browser addons do NOT offer that...

---

Combining THAT, with std. firewalls + antivirus/antispyware (and NoScript, IE9 TPL's, AdBlock & browser level protections) AND, these filtering DNS servers listed next? I can't get "hit" by these bogus machinations:

Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
OpenDNS -> http://www.opendns.com/ [opendns.com]

Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection.

Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats):

Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that, other than suggest NoScript for FireFox users, or Opera's "By Site" preferences!

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

It's possible to use ALL THREE in your hardware NAT firewalling routers, and, in your Local Area Connection DNS properties in Windows where you can "layer in" as many of them as you like, for again, "Layered Security"/"Defense-in-Depth" too!

However: IF you are on a work LAN or even HOME LAN that uses Active Directory? Using these DNS servers can "mess up" MX mail records OR things like Outlook (full in Office) bindings to Exchange Servers since AD is HEAVILY DNS dependent - ask your network administrator or test yourself first using those tools to make sure it doesn't happen to you (this is MOSTLY for "single system 'standalone' machine" users but it works great & supplements what YOU locally control in custom HOSTS files, with better filtered vs. malicious exploits of all kinds online DNS servers))...

... apk Human beings,

I post a way to protect yourselves (-1)

Anonymous Coward | about a year and a half ago | (#40997621)

And you mod me down? For what reason?? Pure b.s.???

* I'd like to see a computing technical reason, not "hit & run" downmod crap, ok????

APK

P.S.=> Whoever the weasel is downmodding this post has NO BALLS, & is a TOTAL coward that I'd like to face in a debate where he can utterly disprove the points I made in my 1st post (of course, said weasel will NEVER show his face)...

... apk

Yet another bogus moddown? (-1)

Anonymous Coward | about a year and a half ago | (#40998807)

Ok - Justify it: Disprove my points/prove me wrong -> http://yro.slashdot.org/comments.pl?sid=3050133&cid=40997381 [slashdot.org]

* Perhaps THEN, you'll actually have made a valid point, by disproving mine... only thing is, so far? You haven't!

APK

P.S.=> The people downmodding my post(s) can only be 1 of 3 types of people:

---

1.) Malware makers/Botnet herders-masters (for obvious reasons - using custom hosts files mess up their bogus machinations)

2.) Advertisers (who rob you of CPU cycles, RAM, & other forms of I/O + electricity, via adbanners, as well as screen real-estate viewable)

3.) Webmasters (disgruntled over losing banner ad views - well, pay more attention to what your site's showing, because many have been INFESTED with malicious code)

---

NO questions asked... & IF/WHEN all you have are bogus "hit & run" downmods of my posts? You make MY point just above, for me... thank-you!

... apk

Re:I post a way to protect yourselves (-1)

Anonymous Coward | about a year and a half ago | (#40999325)

And you mod me down? For what reason?? Pure b.s.???

* I'd like to see a computing technical reason, not "hit & run" downmod crap, ok????

APK

P.S.=> Whoever the weasel is downmodding this post has NO BALLS, & is a TOTAL coward that I'd like to face in a debate where he can utterly disprove the points I made in my 1st post (of course, said weasel will NEVER show his face)...

... apk

I personally didn't downmod you. I'm not all that surprised that someone did. I thought about downmodding you too. Not because you're a huge jerk. Which you've clearly proven that you are. I thought about downmodding you because you repost the same stuff over and over and over.

In this particular discussion the crap you post is *marginally* on topic, so I left it alone.

I see you complain about people being out to get you and treating you poorly. Have you ever considered that you might be provoking that reaction? The thousand (two thousand?) word posts you spew generally contain dozens of links to the same information over and over again. Then you *repeat* that information in the same post.

I don't know you APK and have nothing personal against you. I have learned to ignore you -- not because I don't like you or think you're an idiot, but because you don't seem to add anything useful to discussions. I realize that you'll most likely just write me off as someone that's out to get you, but I write this in the hope that one day you'll stop re-posting the same crap over and over again and actually become a constructive part of discussions.

Anyway, I hope you understand this someday. Have a nice day!

To weasels downmodding my 3 posts here (-1)

Anonymous Coward | about a year and a half ago | (#40998883)

Ok - Justify it: Disprove my points/prove me wrong -> http://yro.slashdot.org/comments.pl?sid=3050133&cid=40997381 [slashdot.org]

* Perhaps THEN, you'll actually have made a valid point, by disproving mine...

(Only thing is, so far? You haven't!)

I've only seen "hit & run" unjustified bogus downmods of my posts here on this topic (when what I put out stalls these things largely):

---

http://yro.slashdot.org/comments.pl?sid=3050133&cid=40997381 [slashdot.org]

http://yro.slashdot.org/comments.pl?sid=3050133&cid=40997621 [slashdot.org]

http://yro.slashdot.org/comments.pl?sid=3050133&cid=40998807 [slashdot.org]

---

(What're you *trying* to hide, trolls? Truth & a way to defend one's self vs. online machinations like botnets/trojans & the like?)

APK

P.S.=> Lastly: The people downmodding my post(s) can only be 1 of 3 types of people:

---

1.) Malware makers/Botnet herders-masters (for obvious reasons - using custom hosts files mess up their bogus machinations)

2.) Advertisers (who rob you of CPU cycles, RAM, & other forms of I/O + electricity, via adbanners, as well as screen real-estate viewable)

3.) Webmasters (disgruntled over losing banner ad views - well, pay more attention to what your site's showing, because many have been INFESTED with malicious code)

---

NO questions asked... & IF/WHEN all you have are bogus "hit & run" downmods of my posts? You make MY point just above, for me... thank-you!

... apk

They deserve it! (1)

Ravaldy (2621787) | about a year and a half ago | (#40997799)

If the people watching kiddie porn end up scammed, I say it's cool!

Re:They deserve it! (0)

Anonymous Coward | about a year and a half ago | (#40998393)

Umm..... I really think you do not understand what is going on at all.....

CP and piracy (0)

Anonymous Coward | about a year and a half ago | (#40998005)

going to jail for having downloaded kiddie porn or pirated content

Is anyone else disturbed that they're putting the two together?

Got to love FUD and misdirection (0)

Anonymous Coward | about a year and a half ago | (#40998841)

It is funny that this gets released right after the FBI gets informed that they had a person who works for the US planting evidence and destroying easy access to the hard drive first - so what does the average IT person do with a hard drive keep it around for fear of data actually being recovered

Poor Adrian Moser from 2203 9th Ave, Apt 3 (it is an L shaped building) he got caught planting evidence and was sanctioned the bastard was video taped even god I wonder how much damage that would cause the Untied States if that Video Tape was released after his confession of who he worked for was released - damn the US is getting more and more incompetent in the IT department...

Say I hear there is going to be a massive leak about the whole chemical (as in computers who process information through the use of chemical reactions) computer network - point to Wright Patterson AFB - I am sure I can point to a college in "P"oduck WV that recently got 3 new buildings because the US is trying to locate a rouge chemical computer hidden on the grounds... it would really suck of the bad guys got ahold of it...

Gee, Is this FBI notice from an aol address real? (0)

Anonymous Coward | about a year and a half ago | (#40999355)

Got a few of these emails as well. Besides the dubious command (?) of the language there was also the minor detail of the source address. The ones I got were from places like 'aol' or 'hotmail' -- which seemed an unlikely source for a government message of any sort. Then the (snicker, snicker) demand that one open the attached file to read the charges... oh, please! The last one had a faked 'gov' address (didn't agree with the routing info on the email itself but they never fixed the language flaws. Pathetic. I cannot imagine anyone responding... least not anyone I would be interested in associating with...

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...