Sunday, September 09, 2007

spyware terminator forum compromised

are you like me folks? does hearing about security site after security site being compromised make you more and more numb to the whole thing? i know i'm starting to feel desensitized...

isn't it weird that in trying to raise awareness for something important you can actually wind up doing the opposite in the long run...

anyways, luke tan pointed me towards these two threads about the spyware terminator forum being compromised (the second one is on the spyware terminator forum, by the way)...

now, maybe it's just me, but it seems to me that if you're going to run a security forum you might want to follow some basic security best practices and make sure you keep your software up to date!... i mean, come on, barring incidents like this, not following security best practices when you're supposed to know better teaches those who don't know better bad security habits...

then again, when incidents like this happen you serve as an object lesson to your users for what NOT to do... unfortunately it's an object lesson that has the potential to put those very same users in harm's way and do you think they visited the forum with the same precautions in place that they'd use when visiting a suspect site in order to analyze it? probably not...

that is, perhaps, another lesson users could learn from this sort of incident... although you might trust a given site's administrators not to do anything malicious with their site, you should never trust them not to make mistakes that would allow 3rd parties to do malicious things with their site, nor should you trust that the software the site runs on won't allow the same thing regardless of mistakes made or not made by administrators... make sure you have some kind of protection when visiting any site... this is probably one of the better arguments for always browsing from within a sandbox, whether a full virtual machine like the vmware browser appliance or an application sandbox product like sandboxie, so that possible malware intrusions as a result of visiting a supposedly safe site can be contained... there really isn't anyplace on the internet that is perfectly safe, you need some kind of protection in place at all times, for all sites...

and if you're a security site (or any other kind of site, actually) administrator that hasn't been hit yet, don't be the next one to get caught... please, think of the users... also, i might run out of ways to use it as an object lesson... maybe...

1 comments:

Luke said...

Cute. FSecure's forum got hacked too.

http://www.f-secure.com/weblog/archives/00001336.html