Opinion: Safety of Security forums?

Discussion in 'other security issues & news' started by ejr, Dec 30, 2006.

Thread Status:
Not open for further replies.
  1. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    I have come to this forum for a little over a year now. I also go to other forums like Spyware Doctors forum, Spyware Warrior, Comodo, etc. I feel that coming here and to others keeps me abreast of the latest threats as ell as the cutting edge security programs.

    But a friend of mine views it a little different. He thinks that coming here would make you a target for the "bad guys" to try out their new malware. He figured that the hackers would come to these types of forums to also stay abreast of what is going on in security so that they can devise malware to circumvent it.

    I never thought of it that way.

    Opinions?
     
  2. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    We are the few.

    Hackers go after the many. Commonly refered to as "the fish".
     
  3. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Sounds fair enough ;)

    Well, we can only talk about this place. Bottom line for all forums is keeping all updated/patched (board software, server in use as for Linux, PHP, Apache etc.). Apart from that HTML should be (and is) disabled for security reasons. Last but not least a fine moderating team is needed, amongst others to dump links posted to insecure places etc. This board does meet the standards mentioned above. Bottom line: this forum is as safe as can be.

    Black hats visit all sort of places - (security)forums included, that's no secret. This does and will not compromise any member or visitor over here in anyway.

    regards,

    paul
     
  4. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I can't imagine it any other way - both sides of the fence dipping their feet into the other camp to get a sense of the state of play. However, what gets discussed in these forums is largely what has already been implemented by either security vendors or malware authors. In a sense it is past history, albeit recent past.

    As for coming here, reading material, and possibly taking some measures that may be broadly recommended, how does that change anything for the general user? It is the same as believing that, as a typical user with a dynamic IP address, discussing what security software you may or may not use puts you at a heightened disadvantage to malware authors who generally don't know (and probably don't care specfically) that you even exist.

    Does listening to the weather reports regarding an impending storm render you more susceptible to the forces of nature? No, not really, although you will now probably not do "irrational" things - say planning a barbeque during a hurricane - due to lack of information. What it does do is perhaps add a period pre-storm of heightened anxiety, during which you can take both sensible and/or irrational storm preparation measures.

    Frequenting security forums is similar. You are listening to the current storm conditions in the Net. You are no longer oblivious to what's happening around you. You can take that information and act/observe accordingly, or you can go off the deep end implementing schemes to deal with each and every eventuality real or imagined.

    Blue
     
  5. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    All I can say is that I learned everything regarding computer security since I discover this fantastic forum.
     
  6. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hello,
    I think one should not look at security forums as a means of getting even with the bad guys, owning the system or something of that sort. Rather, it is a place to have fun with people, exchange ideas, argue, and educate oneself into the best ways of enjoying the computers. Using a product or knowledge for the sake of revenge or spite is useless. I don't think one should visit a security forum because one 'hates' hackers / spyware. One should do it because one loves security. There's a big difference.
    Mrk
     
  7. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    :thumb: I've learned what I know so far from Wilders. I've looked at others but this remains my main resource.

    Put it this way, whoever is lurking out there or in here with bad intentions, I feel far safer knowing what I know now, what I use now and from what I will learn ongoing from remaining here.
     
  8. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    1. with the exception of the staff your IP is masked even if its static
    2. script kiddies run an IP stack in the millions to look for vulnerable systems for their particular exploit
    3. malware authors more and more sell their efforts to script kiddies\criminals
    4. there is a rise in targeted IP subversion, but its almost always specific corporate networks, where they employ apparently legit email messages with social engineering to drop zero day trojans and backdoors.
    5. but most incursions for a home user come from the basic attack vectors, IM, email, browser exploits, downloaded files. And those are almost always automated tools.

    The danger to the home user is more along the borged and botted variety where they are unwittingly employed to conduct DDoS attacks and have info harvested via automation, there are just too many fish to spend time manually poking around in the corners of your box for secrets. They dont even care who you are, unless they manage to harvest enough to steal an identity.

    the increased danger of participating in a security forum is nil
    just the opposite, ignorance may be bliss, but it also leads to unpleasant surprises
     
    Last edited: Dec 31, 2006
  9. herbalist

    herbalist Guest

    There's nothing in a forum itself that identifies you in a manner a malicious individual could use. Your IP is hidden to everyone except the mods. You actually put yourself at more risk by using an instant message program.
    There's no incentive for a malicious individual to try to target security forum users. They generally look for 2 types of targets:
    1, Valuable or high profile targets, where there's valuable data to harvest (credit card or account data for instance) or instances where cracking such a target would be a big bragging point. Examples of each would be targeting a bank or the defense department.
    2, Weakly secured or unprotected PCs, ones with outdated AVs, etc. These are easily compromised, free tools waiting to be used. A lot of spam comes from these PCs.

    Most forum readers fit neither of these. Most forum readers are at least reasonably secured, if not outright paranoid with PCs locked completely down. Most security forum readers have already asked themselves "what can I do to keep from being a victim?" and have taken some steps to address the weaknesses they've found. We're much more likely to discover it if our PC gets compromised compared to the average user. They want to find PCs that they can safely use for long periods of time, where their malware will remain hidden. These PCs are rare at security forums.

    If you think about it, malicious users would actually be taking a risk targeting security forum readers, unless they knew exactly who they were targeting. On several of the security forums, some members maintain anti-malware programs, track down spammers and phishers, investigate and dismantle botnets, etc. Some have honeypots (systems designed to look like valuable targets that trap the attacker) and try to bait malicious users. If a malicious individual were to try to attack security forum readers without knowing exactly who the particular IP addresses belong to (is it a newbie or an experienced malware tracker), they'd be taking a big risk with very little to gain and much to lose.
    Rick
     
Loading...
Thread Status:
Not open for further replies.