Beware of malware, lawyers and elves
- June 5, 2007 8:10 PM |
- By Saleem Khan
by Saleem Khan, CBC News Online
Have you ever wondered whether you should click on or download some new piece of software you or your friends have found on the internet? It's probably worth paying attention to that nagging voice in the back of your head.
Dave Marcus, a senior strategist at security software vendor McAfee Inc., was in Toronto on Monday, and we discussed the increasing sophistication of malware authors – the people who make things like computer viruses.
Marcus explained that as the bad guys are becoming more sophisticated and professional in their approach, they're also adopting techniques more often used in the corporate world.
"Do you know what the difference between malware and adware is?" Marcus asked rhetorically. "A lawyer – a lawyer and an end-user licence agreement."
Criminals have been known to wrap difficult-to-remove malware in an attractive software package, dressed up with all of the bells and whistles that you might expect of a legitimate piece of software, including an end-user licence agreement or EULA. Buried in the reams of text – if anyone bothered to read it instead of just clicking the "Accept" button – people might find clauses in which the user grants permission for the computer to be used for any purpose the criminal might choose.
These days, that might include a line that allows the software to use the computer to distribute spam e-mails touting any number of products.
I remember talking to a worker at a prominent computer security company nearly 10 years ago, who told me about a hilarious program that featured elves dancing onscreen as they sang a tune. People were passing the tiny piece of software around to entertain one another with the comical characters and the tune that accompanied them.
It was only after scores of people had already installed the program that the company's computer network became bogged down and they realized they had infected their machines with a piece of malware.
That was a decade ago but the capacity for criminals to exploit human social behaviour is not to be underestimated. If they can get the security experts, the rest of us should be on guard.
So exercise caution and watch out for the lawyers – and the singing and dancing elves.
All News blogs
- Universe hates Higgs boson, Chicago Cubs
- By John Bowman, CBCNews. A physicist working on the Large Hadron Collider doesn't think much of the theory that the universe is sabotaging the project to prevent the discovery of the Higgs boson. Might as well say that Nature hates... Continue reading this post
- Large Hadron Collider goes Back to the Future
- By Peter Evans, CBCNews.ca. Two respected physicists have put forward the theory that the Large Hadron Collider's stated aim of finding the Higgs boson might be so abhorrent to nature that mysterious forces are traveling back through time and sabotaging... Continue reading this post
- Multi-touch concept for desktops: 10/GUI
- By John Bowman, CBCNews.ca. I'm a fan of alternative ideas for human-computer interaction, so this video caught my attention. It shows an idea for a ten-finger touchpad interface and associated changes in the way a computer would handle multiple windows.... Continue reading this post