What The Hell? Phishing & Malware Misdiagnosis P2

Posted on Monday November 23 2009 by ljh

Copyright © 2009 What The Hell? Security

Referring to my previous post, here is the skinny on my Anti-Fraudulent Hot Dog Vendor Detector.

Well, hold on. I’m up to Version 2.0. Before I describe that, I really should explain Version 1.0. Here’s a theoretical average day in its life.  Bear with me, there’s actually something to be learned.

  • 100 people walk past the fraudulent vendor’s hot dog cart
  • 42 buy the bait
  • 4 have their card numbers pilfered
  • 0.2 notice strange charges on their next bill
  • 0.06 bother to report it to their fraudulent hot dog vendor detective (me)
  • After 33.3 business days I discern a solid pattern of 2 reports from my clientele, so I mention it to the neighborhood beat cop
  • After 66.6 business days, the beat cop discerns a solid pattern of 2 reports from me, so he starts warning hungry-looking pedestrians

Believe it or not, this service was so effective that unimaginative copycats started coming out of the woodwork.  What the hell?  This left me no choice but to release Version 2.0, which has the following benefits over Version 1.0:

  • this space intentionally left blank

See, a Fraudulent Hot Dog Vendor Detector can only get so good.  No matter how fast it gets at detecting bad guys, they always win by definition.   You can’t detect something that hasn’t happened.  At least at it pertains to hot dogs, as one of Heisenberg’s sadly overlooked corollaries makes clear.

What hot dog eating pedestrians would really benefit from is a drop-dead simple way to identify which hot dog vendors are legitimate before they take the bait.  And what online pedestrians would really benefit from is a drop-dead simple way to identify which links and forms have legitimate destinations before they click.

Yeah, I know what you’re thinking.  SiteAdvisor does that, right?  Let’s just say that their green checkmarks are not what they appear to be.  They’re derived from — get this — a blacklist they compile from scouring Web content.  Blackish-green they are.  They don’t tell you what’s without a doubt legitimate at this very moment.  They tell you with plenty of doubt what they surmised was not bad the last time they looked.

Is it time to blacklist blacklists?  Not really.  But it is time to knock them off their pedestal and let gravity do what gravity does.

Filed under: Uncategorized | Tagged: , ,

« »

Leave a Reply