The year’s off to a rousing start, with all sorts of interesting security news this week: Wikipedia led a temporarily successful foray against SOPA and PIPA by joining numerous websites that went dark for a day; the founder of Megaupload had his hands slapped when law enforcement officials told him resoundingly, “no, you can’t pirate copyrighted material” – insult was heaped upon injury when dozens of expensive cars were towed away to show him they were right; and Koobface – the Facebook botnet that has been harassing Zuckerbook for years – was taken down by its own creators after the FB gang teamed up with The New York Times to uncover and publish the identities of the worm’s owners. To round off the week, QR codes may just be the latest form of spam, and news out of the Twitterverse suggests that Darwin’s cardinal rule is not only true, it’s actually a dire prophecy of our impending extinction.
The year’s less than a month old and it may already be shaping up as ‘the year of anything goes.’ Topping the headlines was a mass protest against seemingly inevitable anti-piracy legislation SOPA (Stop Online Piracy Act) and PIPA (Protect I.P. Act), as innumerable websites intentionally went dark on January 18. Led by students’ greatest friend and perpetual source of dubious information Wikipedia, the activist movement irritated Web surfers across the globe and scored one for the little guy as the bureaucrats in Washington, DC backed off the proposed legislation and shelved the bills, albeit temporarily. It’s practically inevitable that some wily spammers will take advantage of this controversy, so keep your eyes open and watch your back.
In a related story and in the spirit of fishy timing (i.e., the same week as the aforementioned protests), Megaupload founder Kim Dotcom was carted off along with several other geniuses who figured they would and could get away with providing a conduit for copyrighted material, all the while skimming millions of dollars off the illegal activity and thumbing their noses at the FBI. German national Mr. Dotcom, whose maiden name was Kim Schwartz before wedding his website, lamented as his lavish New Zealand mansion was raided and dozens of vintage cars were hauled away as the spoils of war. Again, there’s more here than meets the eye, especially now that Anonymous has its back up.
In an LMAO moment, individuals responsible for Koobface – a nasty piece of malware that has been frustrating Facebook and Twitter users for years – have taken down their own command and control server after Facebook teamed up with The New York Times to uncover and embarrass five of the founders, Russian nationals living in St. Petersburg, Florida. The named individuals have scrambled to scrub their online profiles, but it’s highly doubtful that erasing their cyber identities will have much of an effect in the real world, where police carry real guns and real handcuffs.
Are QR codes the newest spam threat? Some people think so. QR – or Quick Response – codes were developed in the automotive industry and have been used for a while. Slowly entering the mainstream over the past couple of years, they are in wide use in Japan, the UK and the US, amongst other countries. Popular because of their fast readability and relatively high storage capacity (compared to bar codes), the increased use of smartphones with cameras and QR reading apps have made the codes a prime target for manufacturers and retailers; heck, even Google’s looking at getting into the game by using QR codes as a secure login method. The problem is that QR codes can contain virtually any information, meaning that they are already being exploited by scammers and spear phishers. Keep an eye on this one, folks – and think twice before you take a picture of that code staring you in the face. (Note: the code used above is quite safe; it’s a link to AllSpammedUp.)
Finally, from the Twitterverse, here’s one that, no matter how much you shake your head, won’t rid that sickening feeling that the human race is on a collision course with extinction. Perhaps a case of ‘you can’t spell Twitter without ‘twit,’ this recent article shows just how careless – or ignorant, or both – Web users really are. Get this: over a twenty-four hour period, more than 11,000 Twitter users shared their e-mail addies with the rest of the world. A safe practice if we were living in Thomas More’s Utopia, it’s truly a boneheaded maneuver if you reside anywhere on Earth, which is rife with people who would just love to use that information against you. This is just a guess, but it looks like spear phishing season is open and Twitter is the local watering hole.