Frackin script kiddies!!

Sat Aug 7 21:30:49 EDT 2010

On Aug 7, 2010, at 7:45 PM, Derek Martin wrote:
> 
> That's an absurd scenario, but so is a hostile invisible proxy -- not
> that they can't exist, but I seriously doubt that anyone with the
> wherewithall to set up such a thing is waiting around Starbucks for
> David to access his MythTV setup so they can snarf his password and
[snip]

It isn't that the black hats are going to sit around in Starbucks looking for David's MythTV access.  They're going to carpet bomb every open network they find and take anything and everything they can get in the hopes of finding something valuable.  Think that's absurd?  So is the idea of JavaScript embedded in PDFs as a rootkit distribution mechanism.

JavaScript embedded in PDFs is the most prevalent rootkit vector in the wild today.

Believing that it is absurd does not magically make it not a threat.  Believing that you aren't worth targeting does not make you safe from attack.  If you use a web browser, if you read electronic mail, then you are a target.  But don't feel bad.  It's nothing personal.  They're targeting *everyone* who browses the web and reads electronic mail.

--Rich P.