Nitesh Dhanjani and Billy Rios are security researchers who penetrated the "phishing underground" -- the ecosystem of scam-artists who run rip-off phishing sites and the toolsmiths and fences who supply them and vend the identities they steal. The conclusions are fascinating: first, phishers sell on the stolen identities to more sophisticated crooks; second, phishers steal from each other -- phishware is riddled with back-doors installed by other phishers to phish the phishers; finally, phishers are dumb and unsophisticated, doing nothing more technical than unpacking a directory on an exploited website, lacking even the competence to spot the backdoors in their tools.
The number of backdoors we saw was staggering. The servers serving the phishing sites had backdoors, the code used in the phishing kits had backdoors, the tools used by phishers had backdoors. Phishers aren't afraid to steal from regulars people and they are also not afraid to steal from other phishers. Some of the backdoors were meant to keep control over a compromised server, while other simply stole information that had been stolen by other phishers! We came across several forums where phishers, scammers, and carders basically identified other phishers, scammers, and carders that had scammed them. These shady characters may work with each other but they sure don't trust each other, that's for sure.
(Image: The scam truck, a Creative Commons Attribution ShareAlike photo from Jepoirrier's Flickr stream)
David Robinson used the data from the 28,657 people who self-selected to take the Stack Overflow survey to investigate the relationship between programmer pay and the conventions of using either tabs or spaces to mark indents, and found a persistent, significant correlation between using spaces and bringing home higher pay.
It’s the end of an era, sort of: Fraunhofer IIS, the developers of the MP3 audio compression format, announced that they are ceasing their licensing program. In a blog post, spokesman Matthias Rose says that it’s had a good 20-year run and is obsolete. But it’s also true that the decoding patents expired last year, […]
Freddy deBoer writes that he’s been telling the same joke for years about Silicon Valley’s only product, which might be universalized as “At last, a way to verb with nouns on the internet!” But the social-media techopoly is stable, now, and so the venture capitalists have moved on to the three terrible trends that will […]
Although flagship smartphones are unlikely to adopt heavy-duty outer casing anytime soon, you can always prepare your device for the outdoors with a beefy case and and an external battery like this Nomad Tile Trackable PowerPack, available in the Boing Boing Store for $119.95.The Nomad Tile can fully recharge an iPhone 7 over three times […]
Even though credit cards now feature an EMV chip for securing transactions, they still have to include the magnetic strip for compatibility with older point of sale systems. Because of this, there’s no way for the chip’s new security capabilities to protect against card skimmers in the wild.How do you protect yourself from legacy-technology-induced fraud? […]
As the old saying goes, “You should sit in meditation for 30 minutes every day. Unless you are too busy, in which case you should meditate for an hour.” Since most of us have an endless list of things to do and people to see, carving out quiet time can feel impossible, especially when most […]