Problems resulting from the ignorance of the average computer user (4)

1 Name: 404 - Name Not Found 2006-02-20 12:27 ID:wTz1HS8W

Whether it is the inability of people to update their software toat allows the spread of worms or people installing Bonzai Buddy and Cometcursor or whatever asks them to these people present many problems to the Internet. The finacial damage alone done from zombie botnets DDoSing and blackmailing or just spam and email viruses is probably immeasurable. I'm sure people will think that these things would not have happened in the earlier days, but I do not agree. Certainly the percentage of people that were not interested in computers would be lower, but the population was still there. Malicious hackers are not something new. If people had been using Outlook back then instead of pine, I'm sure there would have been email viruses still.

Since there will always be this population that is vulnerable, what can we do about it?

2 Name: 404 - Name Not Found 2006-02-20 12:38 ID:Heaven

This is by no means limited to end-users only either. The number of insecure webapps that are deployed either by hobbyists or professionals also pose a threat. For example, take that DQN thread that had people posting their world4ch cookies. That vulnerability could have been used for far more nefarious purposes. There is also the slew of XSS vulnerabilities in sites such as myspace and livejournal. If these are leveraged for more than just stealing people's cookies there may be grave concesquences. Just recently a list of usernames and passwords mined from myspace users was released. Not only does this allow one to screw up someone's myspace, but the majority of these logins may be used in other places. I'm certain that at least some of these may be used to find online banking information, paypal users, blackmail material, or numerous other things with real-world repercussions.

3 Name: 404 - Name Not Found 2006-02-22 17:56 ID:Heaven

>For example, take that DQN thread that had people posting their world4ch cookies.

actually they were 4chan cookies, not world4ch. the vulnerable scripts were http://dis.4chan.org/derefer.php and http://www.4chan.org/derefer.php.
lol, someone mentioned my dqn exploits on /net/.

4 Name: 404 - Name Not Found 2006-02-22 18:53 ID:Heaven

>>3 I stand corrected. However, my thead is lonely still.

This thread has been closed. You cannot post in this thread any longer.