Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Predictions of 2004

Posted by michael on from the looking-forward dept.

scubacuda writes "Computer World's security predictions for 2004: R.a..n,d,o.,m p,u,,n,c.t,,u_a.t.1..0.n evading spam filters, Internet access filtering, better desktop management, enterprise personal firewall deployment, tools that securely scrub metadata, corporate policies against USB flash drives, Wi-Fi break-ins, Bluetooth abuses, cell phone hacking, centralized control over IM, public utility breakin publicized, government defense against cybercriminals, organized cybercrime, and a shorter time to exploitation."

5 of 326 comments (clear)

  1. Spam Spam Defeatable Spam by dorward · · Score: 5, Insightful
    Spam operators are getting more creative in their efforts to get around spam filters. R.a..n,d,o.,m p,u,,n,c.t,,u_a.t.1..0.n makes it nearly impossible to block spam messages by filtering keywords.

    It doesn't take very much CPU to s/\W//g

    Operators are changing to graphics interchange format images with no searchable text.

    Yeah! Block all email containing only graphics!

    Some spammers send in encoded formats, like Base64, to circumvent keyword filters altogether,

    Base64 isn't hard to decode... or to just bin.

    and relay through IP addresses that have no Domain Name System domains associated with them.

    I've never seen an email with an IP address based URI that wasn't spam. Trash em

    These recent developments are challenging spam-filter vendors and frustrating users.

    Not this user, or this user's spam filter. Spams using these techniques get the highest spam scores and when 5 is worthy of trashing, 35 is worthy of laughing at (at least until I get so much spam I'll put it in /dev/null rather then ~/mail/spam)

  2. Re:Don't put your email address online by wiggys · · Score: 5, Insightful

    >Don't put your email address online, period

    That's like saying "Don't go out after 9pm or you deserve to get beaten/raped".

    Sorry, but my instincts are to fight the spamming bastards rather than give in to them.

    --

    Sorry, but my karma just ran over your dogma.

  3. Re:Nearly impossible? by miu · · Score: 5, Insightful
    Why not filter out spam by anything with > 3 periods, and/or commas?

    What seems slightly more workable is to ignore punctuation in the subject when checking for 'spam' words. This would fit more in line with the extremely naive filtering available to Outlook users.

    Going simply by punctuation density could cause a lot of false positives based on acronyms and ellipses.

    --

    [Set Cain on fire and steal his lute.]
  4. Re:Nearly impossible? by miu · · Score: 5, Insightful
    If you need to keep changing your filter, the spammers have already won.

    If you are stating that Outlook client pass/fail filters are bad because (among other flaws) they need constant updating, then you are preaching to the choir. Until Exchange gets a good scoring filter, it makes sense to at least improve the flawed tools that are available to most corporate users.

    --

    [Set Cain on fire and steal his lute.]
  5. Re:Forget the flash drives... think USB HARD DRIVE by scottj · · Score: 5, Insightful
    Come to think of it, there's nothing to stop somebody with one of these Hard drives
    Come to think of it, this is nothing that I could not have done several years ago with my 20GB laptop. These USB drives are not a new threat in an environment where mobile computing is prominent. Not ALL of us use desktops. In fact, I don't have a single coworker who uses a desktop computer these days.
    --
    .-.--