Slashdot Mirror
Spyware for Corporate Espionage
therufus writes "Late in July, an e-mail that hit employee in-boxes at a British credit card and finance company carried a secret payload--spyware capable of recording confidential corporate data and sending it over the Net."
Most of my company's data already goes right to our competitors already. What with our fancy new wireless network. Check it out - SSID: linksys, no wep, no wpa...
Some enterprising cracker is going to encapsulate a key logger into a piece of spyware, it is going to have a logic bomb in it so it will self destruct (the purpose to gather info and then leave no trace) , it will record passwords and other info, and that info will be sent back to some third party possibly a hostile government.
/dev/null.
It's going to happen. Here's why it's troublesome and mod me down if you must but our operation has a blind allegiance to Redmond and the IM folks are not particularly bright. We have had network problems in the past. China has opted to bet the farm on Linux after seeing the Windows Source Code.
As one of the few Linux developers here, I fear a nightmare is coming. I would really welcome any ideas that anyone has about how we combat this or put our minds at ease.
Redmond related flames go to
The sys-admin who is told by the CEO to remove the e-mail blocks, because someone wants to e-mail him a self-extracing zip file (.exe).
What kind of idiot sys-admin would allow the corporate users , to run their PCs with admin previleges , so that any unwanted junk s/w be installed on their PCs ?
The sys-admin who gets in trouble when he yelled at Bobby the Intern (who happens to be the CTO's nephew) for installing Kazaa on his machine. Ditto for the sys-admin who was told to turn the PHB's account into an Administrator account so he could install MS Entertainment Pack.
Which genius allows unrestricted access to confidential corporate data to its users ?
The genius who tried to secure the confidential corporate data with X.509 certificates and/or passwords, but was then told to remove them, because the VIPs were complaining about having to remember too many passwords.
Why do the corporate firewalls not block out-bound traffic to all ports but a select few HTTP/SSL ect ?
Because then the PHB can't use AIM to chat with his friends.
Seriously, I worked as a sys-admin in an environment like this. You wouldn't believe the number of safety procedures that the CEO/CTO/PHB wanted to circumvent to make life easier for themselves. Unless you have a CTO who understands security and will stand up to the rest of the VIPs, you're doomed. Completely and utterly doomed.
I attempted to implement the passwd changing program with cracklib support to prevent users from picking stupid passwords. That lasted about a week before I was told to take it away.
There was a brief period of time where we went around and killed off IE on the desktop machines, because there were too many damn vulnerabilities. That lasted about 2 weeks before the CEO told us that the researchers couldn't use "this Netscape thing".
Repeat for many other events. Bottom line is anyone who is not a sys-admin knows two things: routine and usability. However, implementing propert security requires changing at least one of those, if not both. And therein lies the problem.
There is no sig, there is only Zuul.
I think that China choose Linux not because of Windows source code but because Windows is the product of an American company.
But maybe I'm wrong.
Iraq: war to save the U