DigiCrime Blocked by Snake Oil
Several sources have recently informed me that two different security
products are now blocking visits to the DigiCrime web site.
The first is called "WebNOT" from Raptor Systems. According to their web site,
...the optional WebNOT capability prevents inappropriate
materials from being downloaded into your site.
Yeah right, like educational materials.
The second was formerly called WebScanX, and
is apparently now part of
A Questionable Selection Process
What's most disgusting about WebScanX was that they also blocked access to
their competitors - specifically,
CyberSoft (this has since been removed).
Since the US Justice Department has recently become interested in
anti-competitive activities in the computer industry, perhaps we will see McAfee investigated in the future.
Vulnerabilities in commercial computer systems are a fact of life, and this is
why companies like Raptor and Mcafee are able to sell products. It's beyond
comprehension why they would consider DigiCrime as inappropriate. We can only
conclude that they like their customers to be utterly clueless. So do
A Useless Security Strategy
Perhaps more seriously, the strategy used by "site blockers" is
totally ineffective against hackers. Site blockers depend on
identifying and blocking the so-called "hacker sites", when in fact these are
almost always security information sites. This is not a likely source of
attack, for the simple reason that such a site would be an advertisement for
criminal activity, and easily traceable. Any hacker with half a brain who is
bent on mischief would employ a totally different strategy. The best strategy
for hacking people through their web browser is to break into a completely
legitimate site and implant evil content there. If a hacker broke into a site
like www.cnn.com and implanted dangerous
content there (perhaps in a hidden frame or selectively to certain clients
using active server pages), then they could inflict far greater harm. There
would be many more visitors to such a site than would ever visit a "hacker
site", and visitors to www.cnn.com would be unsuspecting of attack from that
site. Moreover, it would allow a hacker to cover their tracks, since
intrusion detection software is only as strong as the weakest link in a
system. For a hacker bent on mayhem, this makes a lot more sense than
planting harmful content on their own site.
Perhaps a better target would be MSNBC,
since that site tries to reconfigure your browser with ActiveX each time you visit it with MSIE.
Products like WebScanX and WebNot would be about as effective against this
as a screen door on a submarine. Too bad they only sell assurance
of security, rather than actual security.
ADDENDUM added December 10, 1997 Several news agencies have
reported today that a hacker group carried out a graffiti attack on the
popular Yahoo site and implanted a message
threatening such a virus attack. At this time no evidence of such a virus was
found, although the site was indeed hacked. In spite of the fact that no
virus was found, it was certainly possible in spite of numerous industry PR
people falling over themselves trying to deny it. In the meantime, this
attack reinforces the fact that the strategy used by censors such as Raptor
and McAfee would be of no value against such an attack.
Further information on graffiti attacks used to be available at www.hacked.net. Alas, no more.
Return to DigiCrime (if you can...)