Anyhow after I figured out the exploit I deleted the message off my blog, of course. So it goes. I’ll probably turn off anonymous posting this weekend while I’m away.
— Badtux the Spammed Penguin
]]>It’s another form of terrorism.
]]>I’ve been thinking about the sheer sophistication of many of the attacks these days. I received an email yesterday that made it through the spam filters. I was almost sure it was spam or worse… almost… so I… no, I didn’t open it; I used a tool available in my webmail to view the source without opening it. It was a multipart/mixed message with a multipart/alternative (the usual text/plain and text/html) as the first part and a GIF file of some sort, referred to from the text/html, as the second part. The alternative texts contained poetry… not bad; it may have been copied from legitimate poetry somewhere, though it was rather chopped up. So the payload must have been in the GIF file. An ad? a faulty GIF designed to infect via a buffer overrun of some sort? I’ll never know, because ultimately I did not attempt to open the mail.
For professional purposes I’ve learned quite a bit about the internals of MIME-structured email. If I, knowing what I know, had difficulty determining if that message was spam, or perhaps something more hazardous, what chance does an ordinary user have? If their a/v software catches it when they open it, that’s great. If not…
I agree with your assessment of these gang members, though I increasingly believe it’s no longer clever script kiddies, but capable adult programmers who intend to use their ‘bot networks for profitable criminal purposes. As you know, I oppose the death penalty, but if anyone could make me change my mind, it’s these people… murder can be committed without premeditation, but hacking is always intentional, and while it may not kill people, it can certainly destroy their lives.
I also worry about politically motivated hacking, and not just of voting machines. But I’ll save that for another day.
]]>