Filed under: Uncategorized
I have only spent a few days doing website analysis but it appears that my perceptions of the threat of malware on the internet were a bit off base.
Even though I was often called on by friends and family members to resolve Badware related issues, I have only come into contact with malware as an actual end user on a personal level once. I’m a long time linux user but three years ago decided to use Windows on my desktop at home out of convenience. Okay, okay, I did it for the games. I actually don’t have any excuses because the only ones I played repeatedly were Doom 3 and Unreal Tournament 2004 – both have native Linux implementations.
In Windows land, functionality means 3rd party software and 3rd party software costs. I wanted a mount -o loop like I had in Linux and everyone recommended Alcohol 120%. I downloaded the software. I navigated to a well known crack site ending in .sk. I knew the danger of malware on these sites and was using Firefox. Full speed ahead.
I knew better. I shouldn’t have been doing what I was. I wasn’t auto-exploited. The malware that infected me was particularly nasty. Broke my display adapter driver. Made the control panel unusable, even in Safe Mode. I tried doing the usual HijackThis, Spybot, and adAware routes that were the first line of defense then. No go. I could have reinstalled by why bother. Since I had only been using the Windows system for about a month I decided to just go back to using my Linux system. Different mantra, everything is released as source so the more egregious violations of users machines is largely moot.
As one of our departing interns said: We have smoked them out of their caves and now the Internet at large is fair game for malware.
So here we are, standing in front of the Internet sized game of wack-a-mole. StopBadware and their mechanism of control works, but is the action ultimately a step towards a more secure Internet and near elimination of Badware or impetus for attackers to step up their game? This question can be asked in the context of anti-virus vendors, computer security researchers, con artists. It is a race of attack v. defense. The problem is systemic of humanity, technology only seems to augment how the problem manifests. This battle occurs in perpetuity and the success of the project is real. Full speed ahead.