A Dose of Paranoia for Your Reading Pleasure
Coming to a domain near you: DDoS attacks!
Given that LJ is a (relatively) small community, the Distributed Denial of Service (DDoS) attacks could be a prelude to something big.
As in "let's take down Facebook" or "let's overwhelm Twitter" big.
The pieces seem to be in place: the spammers able to break through Captcha and re-Captcha, which means that account creation and posting can be penetrated to a significant degree; RSA was hacked, the severity of which remains a fluid situation to all of those corporations which rely upon those SecurID tokens to provide secure access to their networks; and quite a few corporations have been recently hacked and had data stolen (including Kroger, Best Buy, Walgreens, and Tivo). Add to that the inherent insecurity in the public cloud storage services....
Paranoid? Perhaps. Corporations get hacked all the time, but very very few ever admit it. After all, it's bad for business admitting that your network got hacked. Also, two-factor authentication such as re-Captcha and SecurID tokens aren't perfect, and eventually the hackers would catch up with it. Finally, the biggest threat to security often comes from ourselves, when hackers use social engineering tactics to get the information they need.
But....
I can't help but think that this is all leading up to something big. LJ is just the testing ground. Can you imagine what would happen if Twitter were flooded with attacks, and everyone's cellphones started receiving hundreds or thousands of incoming Tweets a minute? Or, if there were such a volume of updates and attacks that Facebook went down? Or that hackers broke into Facebook and got into the treasure trove of what, a billion accounts?
EtA: I typically have my ISP keep a folder open for the filtered e-mail by their spam catchers, and the past couple of weeks my filter folder has had an increasing number of LJ posts. To be fair, my WoW blog has had an increase in catches recently too, and it's on Blogspot.com, but when spam filters are picking up the increase in spam comments, it's not a good thing.
Given that LJ is a (relatively) small community, the Distributed Denial of Service (DDoS) attacks could be a prelude to something big.
As in "let's take down Facebook" or "let's overwhelm Twitter" big.
The pieces seem to be in place: the spammers able to break through Captcha and re-Captcha, which means that account creation and posting can be penetrated to a significant degree; RSA was hacked, the severity of which remains a fluid situation to all of those corporations which rely upon those SecurID tokens to provide secure access to their networks; and quite a few corporations have been recently hacked and had data stolen (including Kroger, Best Buy, Walgreens, and Tivo). Add to that the inherent insecurity in the public cloud storage services....
Paranoid? Perhaps. Corporations get hacked all the time, but very very few ever admit it. After all, it's bad for business admitting that your network got hacked. Also, two-factor authentication such as re-Captcha and SecurID tokens aren't perfect, and eventually the hackers would catch up with it. Finally, the biggest threat to security often comes from ourselves, when hackers use social engineering tactics to get the information they need.
But....
I can't help but think that this is all leading up to something big. LJ is just the testing ground. Can you imagine what would happen if Twitter were flooded with attacks, and everyone's cellphones started receiving hundreds or thousands of incoming Tweets a minute? Or, if there were such a volume of updates and attacks that Facebook went down? Or that hackers broke into Facebook and got into the treasure trove of what, a billion accounts?
EtA: I typically have my ISP keep a folder open for the filtered e-mail by their spam catchers, and the past couple of weeks my filter folder has had an increasing number of LJ posts. To be fair, my WoW blog has had an increase in catches recently too, and it's on Blogspot.com, but when spam filters are picking up the increase in spam comments, it's not a good thing.