I’m paranoid about the web, and with good reason.
The #1 way hackers get into computers today is through your web browser from an infected website. The battle for control of your computer has spread from e-mail and attachments. Another battlefront has opened up on your web browser. A large number of big-name sites have been hacked recently and nobody is completely sure just what the hackers made off with. Hackers use DNS spoofing to trick computers into coming to an infected website, so you can’t completely be sure that you ended up on the website you intended to visit. They also buy up common misspellings of big sites to catch anyone that makes a typo.
Hackers have been using SQL injection vulnerabilities to break into websites for years (it is in fact one of the primary ways hackers get into a server), and these vulnerabilities still go unpatched. Now they are infecting websites in order to set up complex computer/browser/plugin fingerprinting engines that detect vulnerable versions. These engines deliver attacks custom-tailored to infect the visitor’s computer with slimy botware. Take out the cookies, pop-ups, plugins and JavaScript and you’ve stripped your attack surface these engines can attack, down to just your web browser. But this makes browsing less user friendly and a lot more frustrating in the short term, and confusing for people who aren’t technical.
Of course, whenever someone starts talking about a really secure platform, the Mac fanboys jump right in to tell me how secure Apple MacOS is–never mind that the MacOS/Safari combo gets hacked every year (2007, 2008, 2009, 2010,2011) during PWN2OWN at CANSECWEST. Never mind that the hackers have now developed a crimeware kit for the Mac, which means Mac users will need to be on the lookout for a deluge of malware from now on.
With so much dangerous malware and so many threats, how do I stay secure online?
The term computer appliance is a generic term for a class of computer devices that come pre-packaged and pre-wired from the factory with special features and functionality pre-configured and ready to use with only minimal setup. There are several types of devices that fall into this category such as storage appliances, network appliances, security appliances, anti-virus appliances and so forth. You can find this new tutorial I’ve written in my Tutorials section, under Computers as computer appliances.
Cool flash applet HTML5/JavaScript page showing the history of the development of web standards and web browsers:
http://evolutionofweb.appspot.com/
(I stand corrected.. 😉 )