About | Buy | News | Products | Rants | Search | Security
Home » Security » Smart Computing

Getting The Horse Inside

The relative ease with which the author of the ILOVEYOU worm got into millions of computers world-wide might still have some people baffled; but no worry, for if you still don't understand how this happened, either you're a newbie and are entitled to an explanation, or you're a seasoned pro and should be immediately removed from the gene pool.

The key to getting a trojan on your machine is social engineering: The culprit must in some way get you to 'open' a file you shouldn't. This can of course be accomplished in different ways.

You might have a slight acquaintance on ICQ. This so-so friend tells you that (s)he has this great program you just have to try out, and sends it to you. You run it. Voila, it's a fait accompli, and the trojan is installed. Your 'friend' might not even be aware of any foul play: A 'good' trojan will not make you suspicious (unless you're adept at such things).

First rule: never accept any files from anyone you don't know well or are not expecting.

That's easy enough, but it's not enough. Your 'trojan' might come as the ILOVEYOU worm, and take advantage of some absolutely moronic features of the paraplegic Outlook email program. Coupled with the Microsoft implementation of the corporate wide policy of regarding you as a user as incorrigibly dumb. Extensions can be hidden, how Microsoft deals with files with successive extensions absolutely unforgivable, and so you might have thought the ILOVEYOU email was a text file when it wasn't.

Good email clients will store email in pure text files, so that you can inspect the contents of them with an ordinary text editor. Microsoft, in their infinite and concerted lack of wisdom, makes this almost impossible. Anytime you see anything suspicious you should inspect it with a text editor; and above all you should use an email client which makes this possible.

Further, to ensure an even higher level of security, you should turn off Java and Javascript while downloading and reading your email. Email shouldn't have to have Java and Javascript running - benign email that is. And above all, get yourself an email client that was not made behind the walls of Redmond.

But even if the horse somehow gets inside your machine, it has to run to be effective, and knowing what is going on in your machine at all times will clue you into what, if anything, is afoot that shouldn't be.

Next: Run Run Run

About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.