Nigeria Closes down Spammers

The Nigerian Anti-Fraud commission EFCC states on its website that they started an operation against spam that has already resulted in the termination of 800 web sites. Nigeria is the home of the 419 scam emails where people are promised a substantial amount of money from questionable origin if the make some advance payments.

Will this reduce the amount of spam? I do not think so: 419 scams are almost neglegible in my spambox. However, if they actually shut down the scammers, it might help Nigeria's internet reputation, which might help Nigeria's economic development.

Kaspersky wants to end Internet Anonymity

In an interview with zdnet Asia Eugene Kaspersky suggests to put an end to internet anonymity. He says "I'd like to change the design of the Internet by introducing regulation--Internet passports, Internet police and international agreement". Well, first this won't happen because it would be way to expensive. Even if an established system like OpenID would be used as the source of the identity management required here all ISPs and website operators would have to adopt their software. Second, it should not happen because anonymity is sometimes a part of freedom.

However the present system of website logins is a mess and should be fixed by using a voluntary identity management system.

Cnet reports that Comcast have a similar initiative where they disconnect users with infected PCs. This is also problematic, but it sounds a little better becasue it's good internet citizenship not to act as a springboard for internet criminals.

Realistically spaking, the responsibility for PC security remains with the vendors, not with the users as long as the systems are too complicated to be fully managed by the end users.

Secure Online Banking

The Swiss company Crealogix has announced the CLX.Sentinel, a USB device which promises secure online banking. As I was with them team that developed it, it's no surprise that I like it.

But here is why: It uses a smart card to verify the user identity and set up a SSL connection to the bank. Thus, man-in-the middle attacks are prevented. As an additional security benefit it uses an internal list of legitimate banking sites so that phishers can't use the null prefix issue. The CLX.Sentinel won't connect to anything that's not on its list, so the browser infections are next to impossible.

The software is installed on the flash memory inside the token, so it can't be patched and it contains countermeasures against debugging and code injection at runtime.

I believe that this amount of countermeasures is needed nowadays.

The URLZone Trojan

RSA Fraud Action Research Lab publish an article about a online-banking trojan called URLZone. This trojan has an interesting new feature:

It can determine if whether requests for new "mules" come from a botnet member or a security company. If the request comes from a security company or researcher, the server will respond with account data of innocent people, thus protecting their mules from prosecution.

The accounts are people who received a legitimate transfer from a URLZone victim before.

'Mules' are the people who receive payments from infected PCs and forward them to the gangster's accounts. That's money-laundering, and not only criminal, but also quite dangerous. The fake mule responses will put innocent people under suspicion of money laundering.