The 9 Laws of Phishing (Part 3)

Posted on Sunday June 27 2010 by hell if i know

Copyright © What The Hell? Security [ Part 1 | Part 2 | Part 3 ] (continued ) The 9 Laws tell us quite a bit about designing a viable platform solution.  Let’s step through them again, sketching as we go. Law 1:  Phishing Is About Commerce Web 1.0 was all about commerce.  Only we [...]

Filed under: certificate authorities, hypertext, malware, phishing, security, security sense | Leave a Comment »

The 9 Laws of Phishing (Part 2)

Posted on Wednesday April 28 2010 by hell if i know

Copyright © What The Hell? Security [ Part 1 | Part 2 | Part 3 ] (continued) Picking up at Law 9 of my 9 Laws of Phishing manifesto: 9. The solution is a platform. So why a platform?  Because the phishing problem itself spans a number of platforms:  devices, operating systems, and applications to name [...]

Filed under: certificate authorities, hypertext, phishing, security, security soapbox, ssl | Leave a Comment »

The 9 Laws of Phishing

Posted on Monday April 5 2010 by hell if i know

Copyright © What The Hell? Security [ Part 1 | Part 2 | Part 3 ] What the hell is it about phishing that makes it seem so intractable? First off, let’s talk intractable.  An uncontrollable or incurable problem. Computational complexity theory adds a convenient twist: A problem that can be solved, only not fast enough [...]

Filed under: certificate authorities, hypertext, phishing, security, security soapbox, ssl | Leave a Comment »

Bit.ly Fantasizes of Combating Twitter Scams

Posted on Tuesday December 8 2009 by hell if i know

Copyright © 2009 What The Hell? Security If you believe that Bit.ly is going to solve their shortened URL problem the way they intend to, have I got a story for you. [Sidebar:  Be aware that it's completely safe to click on the links in the previous paragraph.  If you don't believe me, select View [...]

Filed under: fraud, hypertext, phishing, security, security soapbox | Leave a Comment »

Blocking Dirty Bits Not As Good As Identifying Good Bits

Posted on Thursday December 3 2009 by hell if i know

Copyright © 2009 What The Hell? Security John Pescatore makes a point about warning vs. blocking bad links.  But here’s the thing about links:  We’re thinking about them all wrong. Now, of course there are bad links.  They end up on blacklists.  Let’s pretend they’re more than marginally useful.  (If you have issue with that [...]

Filed under: fraud, hypertext, phishing, security | Leave a Comment »

What The Hell? Spike in Phishing & Malware Misdiagnosis

Posted on Thursday November 5 2009 by hell if i know

Copyright © 2009 What The Hell? Security What the hell? We have it all wrong again. Listen up everybody. This isn’t about Facebook. It’s like this. Consider the crime of stealing a credit card number in two scenarios, one offline and one online: Offline Online Victim Street Pedestrian Online Pedestrian Perpetrator Fraudulent Hot Dog Vendor* [...]

Filed under: fraud, hypertext, malware, phishing, security | Leave a Comment »

Next Page »
Follow

Get every new post delivered to your Inbox.