Page 3 of 6 FirstFirst 12345 ... LastLast
Results 21 to 30 of 56

Thread: Baltimore City Government Computers Taken Over by Ransomware Hackers

  1. Top | #21
    Veteran Member
    Join Date
    Oct 2018
    Location
    Colorado
    Posts
    1,040
    Rep Power
    4
    Quote Originally Posted by lpetrich View Post
    That's Social engineering (security) - ways to trick people into revealing passwords and other such info for accessing computer systems. Sometimes being rather threatening, like saying that one's target's account is about to expire or that one's target's account has been broken into and it's necessary to log into it about that.
    would you buy girl-scout cookies from a man in a ski mask at your door at 3:00AM? No? Then why the fuck are following along with that Indian on the phone that wants you to do stuff to your computer so he can "fix it"... cause Microsoft calls you all the time to fix things they "detect" you might need fixing, right?

    Social engineering only works on gullible people. There has not been a clever social engineering attack since the IRS scam (which was not that clever either... how people believe that their government "sues" them for taxes, threatens legal action over a phone call, and would be happy to "make it all go away" with a money wire (no check, no credit card... a fucking bank wire).

    Normally I would say that victims are fully deserving of loosing their money in some of the most moronic ways possible... but the problem is that money is used by terrorists, human traffickers, and money launderers.

  2. Top | #22
    the baby-eater
    Join Date
    May 2011
    Location
    Straya
    Posts
    3,661
    Archived
    1,750
    Total Posts
    5,411
    Rep Power
    35
    Quote Originally Posted by Gun Nut View Post
    Social engineering only works on gullible people.
    And no matter how angry you get about it, you'll never change the fact that gullible people use computers at work.

    Quote Originally Posted by Gun Nut View Post
    Normally I would say that victims are fully deserving of loosing their money in some of the most moronic ways possible... but the problem is that money is used by terrorists, human traffickers, and money launderers.
    All the more reason to make more secure IT systems.

    Raging at human nature, especially with you stupid fucking ski-mask-at-3am hypotheticals, is just a waste of time. It doesn't lead to actual solutions.

  3. Top | #23
    Contributor barbos's Avatar
    Join Date
    Nov 2005
    Location
    Mlky Way galaxy
    Posts
    9,488
    Archived
    8,047
    Total Posts
    17,535
    Rep Power
    60
    Quote Originally Posted by Gun Nut View Post
    Quote Originally Posted by lpetrich View Post
    I don't see why [being presented with mysterious links] has to be a security hole. I think that good security involves a lot of idiot-proofing.
    ... and that is the problem... that people think this. Do you get in your car, close your eyes, and then jam your foot down on the peddle to find out later where your car took you? If you kill a dozen people doing that, is it "bad car security"? People need to take responsibility for their own actions... like even a little fucking bit.

    Do you know what the "spam email" success rate is (success = they clicked the link you sent them)? It's 1:12. For every 12 people you send ANY email to, one will blindly follow along. You know why there is a spam problem? Because of that 12th person... who, it seems, is this friggin guy.
    .
    No, the real problem is that one can not safely click on unknown links. Technology exists which allows just that, yet for some reason MS can't implement it.

  4. Top | #24
    Veteran Member
    Join Date
    Oct 2018
    Location
    Colorado
    Posts
    1,040
    Rep Power
    4
    Quote Originally Posted by barbos View Post
    Quote Originally Posted by Gun Nut View Post
    Quote Originally Posted by lpetrich View Post
    I don't see why [being presented with mysterious links] has to be a security hole. I think that good security involves a lot of idiot-proofing.
    ... and that is the problem... that people think this. Do you get in your car, close your eyes, and then jam your foot down on the peddle to find out later where your car took you? If you kill a dozen people doing that, is it "bad car security"? People need to take responsibility for their own actions... like even a little fucking bit.

    Do you know what the "spam email" success rate is (success = they clicked the link you sent them)? It's 1:12. For every 12 people you send ANY email to, one will blindly follow along. You know why there is a spam problem? Because of that 12th person... who, it seems, is this friggin guy.
    .
    No, the real problem is that one can not safely click on unknown links. Technology exists which allows just that, yet for some reason MS can't implement it.
    One cannot safely open the door for strangers at 3:00AM
    One cannot safely cross the street in traffic without looking both ways
    One cannot safely grab a random bottle of chemicals from under the sink and drink it

    Yes, there are lots of things people just can't safely do without taking some degree of personal responsibility.
    The difference between some people here is the thought that it is someone else's responsibility to tell you who to open the door for or not, or to hold your hand for you when you cross the street, or smack the bottle of cleaner out of your hand... or tell you if you really won the prize to the drawing you didn't enter.

  5. Top | #25
    Elder Contributor
    Join Date
    Feb 2001
    Location
    Located 100 miles east of A in America
    Posts
    22,316
    Archived
    42,473
    Total Posts
    64,789
    Rep Power
    97
    Quote Originally Posted by Gun Nut View Post
    Quote Originally Posted by lpetrich View Post
    That's Social engineering (security) - ways to trick people into revealing passwords and other such info for accessing computer systems. Sometimes being rather threatening, like saying that one's target's account is about to expire or that one's target's account has been broken into and it's necessary to log into it about that.
    would you buy girl-scout cookies from a man in a ski mask at your door at 3:00AM? No? Then why the fuck are following along with that Indian on the phone that wants you to do stuff to your computer so he can "fix it"... cause Microsoft calls you all the time to fix things they "detect" you might need fixing, right?
    Or logging into a system your username and password because your "IT head" told you to update your information. Typically, the email sent doesn't read.

    Hello, this Boris... your IT scam provider.

    We need you to log into fake human resource site in order we get your login and password to upload ransomware software.

    Please do not call me on phone, I'm busy in other office.

    Boris Badinov
    Not Head of IT at Your Company


    Heck, even email is letting a bunch of phishing scams in again, as the phishers have managed to make the scanners think that you really have let your prescription lapse at the pharmacy.

  6. Top | #26
    Veteran Member
    Join Date
    Oct 2018
    Location
    Colorado
    Posts
    1,040
    Rep Power
    4
    Quote Originally Posted by Jimmy Higgins View Post
    Quote Originally Posted by Gun Nut View Post
    Quote Originally Posted by lpetrich View Post
    That's Social engineering (security) - ways to trick people into revealing passwords and other such info for accessing computer systems. Sometimes being rather threatening, like saying that one's target's account is about to expire or that one's target's account has been broken into and it's necessary to log into it about that.
    would you buy girl-scout cookies from a man in a ski mask at your door at 3:00AM? No? Then why the fuck are following along with that Indian on the phone that wants you to do stuff to your computer so he can "fix it"... cause Microsoft calls you all the time to fix things they "detect" you might need fixing, right?
    Or logging into a system your username and password because your "IT head" told you to update your information. Typically, the email sent doesn't read.

    Hello, this Boris... your IT scam provider.

    We need you to log into fake human resource site in order we get your login and password to upload ransomware software.

    Please do not call me on phone, I'm busy in other office.

    Boris Badinov
    Not Head of IT at Your Company


    Heck, even email is letting a bunch of phishing scams in again, as the phishers have managed to make the scanners think that you really have let your prescription lapse at the pharmacy.
    So is that a "yes", you would open the door for the man in the ski mask because it SAYS "girl scouts" on it? Just like the email SAYS it's your IT guy (who never contacts you that way, and you company never needs you to "update your information", and the email address it came in from isn't even close to looking like a corporate address).

    I could ask you, "how does your company help you manage your identity".. and sure as fuck you won't say "they send us emails from external addresses, loaded with vague at best information and broken English grammar". Paying more than 1 second of attention to these is you being a poor employee. And before you complain that you are not a computer expert... I will remind you that you are probably also not an HR expert, but can probably pull of avoiding sexually harassing every female employee you see some how... you are also probably not a judge, but still pull off not breaking every law everyday... so spending 2 more seconds to forward that email to your helpdesk to ask what you should do and/or why IT is trying to contact you that odd way is the least you can do.... the absolute minimum to be anything but a liability to an organization that would do better without you.

  7. Top | #27
    Contributor barbos's Avatar
    Join Date
    Nov 2005
    Location
    Mlky Way galaxy
    Posts
    9,488
    Archived
    8,047
    Total Posts
    17,535
    Rep Power
    60
    Quote Originally Posted by Gun Nut View Post
    Quote Originally Posted by barbos View Post
    No, the real problem is that one can not safely click on unknown links. Technology exists which allows just that, yet for some reason MS can't implement it.
    One cannot safely open the door for strangers at 3:00AM
    One cannot safely cross the street in traffic without looking both ways
    One cannot safely grab a random bottle of chemicals from under the sink and drink it

    Yes, there are lots of things people just can't safely do without taking some degree of personal responsibility.
    The difference between some people here is the thought that it is someone else's responsibility to tell you who to open the door for or not, or to hold your hand for you when you cross the street, or smack the bottle of cleaner out of your hand... or tell you if you really won the prize to the drawing you didn't enter.
    I am not following.

  8. Top | #28
    Administrator lpetrich's Avatar
    Join Date
    Jul 2000
    Location
    Lebanon, OR
    Posts
    5,221
    Archived
    16,829
    Total Posts
    22,050
    Rep Power
    76
    Quote Originally Posted by barbos View Post
    No, the real problem is that one can not safely click on unknown links. Technology exists which allows just that, yet for some reason MS can't implement it.
    Or else is unwilling to do so. M$ sometimes seems very slovenly about security.

  9. Top | #29
    Veteran Member
    Join Date
    Oct 2018
    Location
    Colorado
    Posts
    1,040
    Rep Power
    4
    Quote Originally Posted by bigfield View Post
    Quote Originally Posted by Gun Nut View Post
    Social engineering only works on gullible people.
    And no matter how angry you get about it, you'll never change the fact that gullible people use computers at work.

    Quote Originally Posted by Gun Nut View Post
    Normally I would say that victims are fully deserving of loosing their money in some of the most moronic ways possible... but the problem is that money is used by terrorists, human traffickers, and money launderers.
    All the more reason to make more secure IT systems.

    Raging at human nature, especially with you stupid fucking ski-mask-at-3am hypotheticals, is just a waste of time. It doesn't lead to actual solutions.
    The only solution to "can I has your computer" is "no, you cannot". Putting the onus on the user to employ a fundamental level of scrutiny and care is exactly the solution.

    The alternative is someone like me gets to pick and choose what sites you are allowed to visit. I'd have to block you from Facebook to protect you from posting something that you will regret. I will have to block all porn sites because I have no way of knowing if you are really interested in chicks with dicks... but you can register your sexual preferences with me on my website so I can let the good stuff get through for you.
    Have to block all banking sites, because someone can get your money that might be impersonating you after you gave them your password...

    The only reasonable solution is just saying, "no, that link is unknown to me and I have better things to do than just 'see what might be there'"

  10. Top | #30
    Veteran Member
    Join Date
    Oct 2018
    Location
    Colorado
    Posts
    1,040
    Rep Power
    4
    This conversation reminds me of the movie "the invention of lying". Great movie, by the way.
    In it, society never learned the skill of lying. Everyone tells the flat-truth always. The protagonist suddenly has a breakthrough where he learns to lie... there was no word for lying... the best he was able to understand is that he was able to, "say things that were not".
    One of the first things he does with his new "power" is tell a women in the street that aliens are about to destroy the world unless they have sex together right away... the woman responds, "oh my god, we better get back to my place right away!!"

    That's how you guys operate your computers... comically oblivious, to the detriment of all others.

Similar Threads

  1. New computers - old blu-ray
    By Jimmy Higgins in forum Computers and Technology
    Replies: 14
    Last Post: 07-12-2018, 04:16 PM
  2. Some of the worst thugs are the police, at least in the city of Baltimore
    By southernhybrid in forum Political Discussions
    Replies: 5
    Last Post: 02-07-2018, 08:30 PM
  3. Baltimore Mayor Does Right By Her City
    By Trausti in forum Political Discussions
    Replies: 0
    Last Post: 04-12-2017, 06:16 AM
  4. Russian hackers compromise DNC network
    By Deepak in forum Political Discussions
    Replies: 1
    Last Post: 06-15-2016, 03:36 PM
  5. computers
    By BH in forum Natural Science
    Replies: 13
    Last Post: 08-16-2014, 02:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •