Is It A Good Idea To Violate The Security Of Your Customers If They're Security Ignorant?
from the asking-for-serious-trouble dept
Rich Kulawiec writes in to point out that security expert Dan Geer is suggesting that merchants violate the security of customers they deem as security risks. His argument is, basically, that there are two types of users out there: those who respond “yes” to any request — and therefore are likely to be infected by multiple types of malware doing all sorts of bad things — and those who respond “no” to any request, who are more likely to be safe. Thus, Geer says merchants should ask users if they want to connect over an “extra special secure connection,” and if they respond “yes,” you assume that they respond yes to everything and therefore are probably unsafe. To deal with those people, Geer says, you should effectively hack their computer. It won’t be hard, since they’re clearly ignorant and open to vulnerabilities — so you just install a rootkit and “0wn” their machine for the duration of the transaction.
As Kulawiec notes in submitting this: “Maybe he’s just kidding, and the sarcasm went right over my (caffeine-starved) brain. I certainly hope so, because otherwise there are so many things wrong with this that I’m struggling to decide which to list first.” Indeed. I’m not sure he’s kidding either, but the unintended consequences of violating the security of someone’s computer, just because you assume they’ve been violated previously are likely to make things a lot worse. This seems like a suggestion that could have the same sort of negative unintended consequences as the suggestion others have made about creating “good trojans” that go around automatically closing the security holes and stopping malware by using the same techniques employed by the malware. Both are based on the idea that people are too stupid to cure themselves, and somehow “white hat” hackers can help fix things. Now, obviously, plenty of people do get infected — but using that as an excuse to infect them back, even for noble purposes, is only going to create more problems in the long run. Other vulnerabilities will be created and you’re trusting these “good” hackers to do no harm on top of what’s been done already, which is unlikely to always be the case. No, security will never be perfect and some people will always be more vulnerable — but that shouldn’t give you a right to violate their security, even if for a good reason.
Filed Under: botnets, computers, dan geer, rootkits, security, vulnerabilities
Comments on “Is It A Good Idea To Violate The Security Of Your Customers If They're Security Ignorant?”
I want an extra special secure session. I love extra special things. Especially when they’re extra extra special. Yeah?
The depths of nobility and depravity capable by humans are totally available to this discussion…
There are those with the skills and desire to help the ignorant do indeed exist, but I doubt they’ll be hired by corporations.
For all we know, some of the “good” things described have already been done.
Though, that doesn’t touch the ethical considerations mentioned herein. :p
Easier test...
I just assume that everyone running windows is already hacked and that everyone running a *NIX-based OS such as OSX, Linux, or BSD is secure.
The assumption that all windows users are 0wned is correct at least 60% of the time, according to the information I have available. The assumption that non-windows users are secure is correct at least 98% of the time.
What I’d really like to know is how you write a ‘r00tkit’ that’s smart enough to deal with a completely unpredictable environment of malware, and which may already be running under the mother of all rootkits, a VM within a malicious hypervisor.
Re: Easier test...
Actually you’d be surprised at how many nix and mac users think they are secure just because they don’t use windows, and just how many of them are dead wrong. Script kiddies will never touch them, but other hackers can, have, and will.
They did say YES
And, by saying yes, they DID assent to the ‘extra secure’ software being installed to encrypt the connection. Theres no sarcasm in the idea… The question asks the user if their PC is own3d and asks the user for permission to take countermeasures to increase the security of the following transaction.
S0unds G00d t0 me.
I believe Rich is seri0us, but I’m laughing s0 hard I can’t type anym0re. zcat, y0u had t0 start it didn’t y0u? Actually, Mike started it.
I remember this happening 20 years ago...
It was back in the heyday of the Atari ST, when floppy-disk viruses tended to be more playful than malicious. One common virus just swapped all your mouse directions by reprogramming your keyboard, so you had to turn the mouse upsides-down to use it sensibly. A month or so later there was a “blank” floppy disk available through the ST PD community that was “infected” deliberately with a virus that overwrote the mouse-swapper virus and then “inoculated” the bootsector to prevent it from recurring. The idea was that you made sure your most commonly used disks were infected/inoculated and then just let the rest of your data disks get cleaned as and when you got round to using them.
I thought it was kind of cool. 🙂
zcat is wrong...
The assumption that all windows users are 0wned is correct at least 60% of the time, according to the information I have available.
The assumption that all Windows users are 0wned is correct absolutely 0% of the time, as long as there is a single un-0wned Windows user. The assumption that any particular user is 0wned simply because they use Windows might be accurate 60% of the time, but that’s a far cry from what you were saying.
But back to the original article. There’s two major problems with this issue. Firstly, it is likely illegal. But more importantly, it’s not logically sound. It is completely based on a single assumption, and that is that people will always click ‘yes’ or always click ‘no’. It completely fails to account for a third part of the computer using populace which could be described as “people who sometimes click ‘yes’ and sometimes click ‘no’. This includes people like me, who are generally pretty paranoid and usually click ‘no’ to everything, but prefer to use the most secure methods possible when available.
The described system only functions correctly when the assumption that it is based on is true, and since that assumption is not true, it’s unlikely that you could build an effective system based on it.
Re: zcat is wrong...
Lets not forget that dialog boxes can say whatever you want, and do whatever you want. I’d much rather click the ‘X’ or better yet use the keyboard shortcut to force quit so I don’t risk it doing something anyways.
Re: zcat is wrong...
“The assumption that all Windows users are 0wned is correct absolutely 0% of the time, as long as there is a single un-0wned Windows user.”
Would you rather argue semantics or make a real point here?
Nice idea, stupid question
“Do you want us to hack your computer, Y/N?”
fucking grammar nazis
The assumption that any particular windows user is 0wned is correct at least 60% of the time, according to information I’ve seen recently.
And yes, I am aware that some mac users and a very small number of Linux noobs are 0wned without knowing it. That’s why I said 98% rather than 100%.
Also there’s nothing stopping MSIE on an 0wned Windows machine from identifying itself as “Firefox/Linux”.
The real answer is that you communicate cryptographically with hardware that’s not so easily 0wned (USB security device, TCP module) or you rely on a completely independent channel such as SMS to confirm that the primary channel isn’t being messed with.
Of if that’s too hard, you accept that there will be some loss and take out insurance.
Re: fucking grammar nazis
and the more you keep telling non-windows users that they’re safe 98% of the time, the more likely they’ll do ridiculously retarded things thinking they’re safe.
what is the “information you’ve seen recently” anyways?
Real world scenario
Let me put this in a real world scenario for you to see if you still feel the same way.
You’re standing on once side of fence. On the other side you can see someone getting robbed of all their money. You know that if you go over there you can stop the robbery. There is an unlocked gate in the fence next to you. On the gate is a sign that says entry explicitly forbidden. What would you do?
Re: Real world scenario
download anti-virus 😛
We should also eat babies to solve the starvation and overpopulation dilemmas.
That depends..
How likely is it that after you’ve stopped the robbery, the victim goes ahead and sues you for illegally entering their property?
Besides it’s not actually like that. You can’t actually see through the fence, you have to tresspass first. You might stop a robbery, or you might just be tresspassing. Is it OK to go entering other people’s property simply because it’s insecure and they _could_ be being robbed?
More depends..
Continuing the analogy.. You enter the property, the robber’s accomplice takes you by surprise and relieves you of your weapon. Now you’ve supplied the them with a weapon that can be used in future robberies. Or at the very least they know what weapon you carry and will be prepared for it at the next robbery.
This is a really strained analogy 🙂
Even if the user agrees, it’s still illegal to do so *cough* Sony rootkits *cough* and we’ve all seed the multi-million dollar class-action lawsuits.
Is the person who came up with the idea stupid? Yes. Are users just as stupid? Yes. Does that justify installing malware? No.
Anything that ‘pops up’ could be seen as spam, and oh whooops, I accidentally clicked yes instead of no, so I must be a retard that deserves to get rootkitted. Nice flawed stupid logic, he should work for M$!
As soon as this is tried on anyone ‘sufficiently skilled in the art’, it becomes an open question just who’s computer gets control…
Personally I’d find it rather funny to have some idiot open a connection I know about in advance, in an attempt to take over my computer…
This idea, if implemented would be very short lived… but would add a few more corporate level systems to the bot nets… or worse.
GNU/Linux is the future.
So if somebody says no, they do not wish to use a secure connection, they are more likely to be secure? Does this guy think it’s Opposite Day or something?
For every foolproof system we develop, nature will counter with a ‘new and improved fool’. Social engineering continues to plague what was once mitigated by common sense. Still a sad story that humans still believe that computers or AI can replace intelligence and accountability. It’s sad that one wants to surrender the power of choice to be less accountable or responsible. I’d prefer a ‘none of the above’ response or a force quit routine depending on the nature of the site. While the masses are still trying to respond, i’ll be happily automating a process to assist me in avoiding their interuptions on my cell phone as they nag “can I have a moment of your time so you can assist me in my world until I finally decide you are no longer important to me”?
That’s fine – at long as it’s a two way street. If they have weak security, than it’s ok if we take advantage of the situation too.
Such as in…. cracking encryption?
I’m BUTTfucking a *nix user up the ass as we speak. Here comes my new $82,000 RV!
I just hope he does’nt have lifeblock!
Hey,
I woke up this morning with a condom sticking out of my butt.
Were you at my place?
Thanks for using protection anyway…
re: "by Clare" # 13
Making a “Modest Proposal,” eh, Clare?