December 2009
For ten days at the beginning of 2009, a team of computer-security researchers managed to take control of a live, real-world, criminal botnet. Over those days, they observed (and recorded) the botnet harvest over 70GB of stolen data (password, bank-account number, etc.) from almost two hundred thousand subverted machines. Why did they do this? Simple curiosity, probably. But that's not nearly as interesting as how they did it, what they found, and what this means about the field of computer security.
Quick: what is the following text about?
... the result of the collapse of large portions of the three provinces to have a syntax which can be found in the case of Canada and the UK, for the carriage of goods were no doubt first considered by the British, and the government, and the Soviet Union operated on the basis that they were...
Give up? It's about pwning your computer, actually. That's not 'real' English text, there, but a cleverly-disguised attack on your computer.
Readers may recall my kvetching about Drupal from a few posts ago. In particular, I was complaining that while Drupal (the software that powers this site) is powerful enough to do anything I could imagine doing with a site, it doesn't really come out-of-the-box ready to do anything in particular.
Between my trip to CCS last month and my employer's internal security-focused reading-group, I've been exposed to quite a bit of recent research in the area of computer security recently. Much of it has been highly technical, of course, but after a while it has sparked some very general observations about the field. Over the next few posts, I'd like to review some of the more accessible papers and use them to motivate some of those observations. In this post: why I am so frustrated by the field of academic cryptography.
...Or someone who was famous, at least, for fifteen seconds or so.
Well, now I know what happens when I go too long without posting: the spambots swarm in.
