[ad_1]
Would you vote for a proposal that web users should get a browser certificate? Sascha Pfeiffer, spokesperson for Sophos, the computer security company, will vote. He spoke to the observer of IQ Gytis Kapsevičius about breaking hacker priorities over the past two decades and covered a lot of the proud blockchain technology cryptomining ). , but the term "cryptoplasty" ( cryptojacking ) is still fairly recent. Perhaps you could explain more about this?
– Cryptovalite is a relatively simple process – you must have equipment that performs complex mathematical actions and thus produces a cryptomonet. On the other hand, such a process has a major disadvantage: the cost of energy consumption is generally higher than that of "dug" pieces.
Cryptoplasty is the diversion of a computer to dig a kryptovalyut. In other words, it is a theft of other computers.
A few years ago, SETI's computer program, designed to search for extraterrestrial life, was very popular. The principle of cryptoplasty is almost the same, only SETI users voluntarily "lent" computers for collective calculations, and the computer used the program only occasionally
There is no need for a seized device to have a high computing power. or a slow computer – the main advantage of this method is that the ability of each device can be combined, the more effectively an attack is performed on servers where there are often no monitoring systems. processors do not get a lot of workloads.
This is a popular way between programs because many of If the hacker does not exaggerate, "only eats" a small portion of the device's resources, and the desired power comes from thousands of Other victims, there is no suspicion, and he will not need to pay for energy.
Cryptoplasty inspired by the ransom virus. ransomware ). A few years ago, they were so popular that some viruses began to offer viruses that could be exploited for their needs without a lot of tweaking.
However, a hacker could make such a plan difficult. He has to buy e-mail addresses, make sure people know how to pay the ransom, and so on. After all, it turns into a 6-7 step process, and if at least one of them is not executed, the hacker will not get the money [19659004] – What is the probability that a kriptovaliut gadget will be stored without permission on my phone or computer? ] – Extremely high, especially with smartphones and tablets. If your computer has a Windows system, some security features are installed, but for example, the average Android user does not write security protectors.
The biggest problem is that many phones use very old versions of Android, for example. Android 4.4 Kitkat is extremely popular, with lots of security vulnerabilities. The only thing needed in this case is that the user clicks on a particular link, replies to a message downloaded by a fake mobile gadget
It is useful for burglars to have smart people 24 hours on 24 when they use a computer for five hours or less. . After all, we do more and more things over the phone. We charge it constantly and it is almost always connected to the Internet. Of course, the phone offers much less computing power, but it can be compensated by connecting more devices.
– Some experts praise blockchain and say that this technology will be very widely applied. Will this bring more security? It seems harder to hack many servers than to beat one.
– There are two major problems with this. We say that blockhain has many servers, that is, y Participants ( nodes ), but they are not equal. The more powerful servers have more capacity and a supercomputer can appear on the network, which will be more affected than other computers on the network.
Computer networks themselves are another thing. Suppose you want to have access to 10 thousand. Windows computers or servers. That's really the case, for example, the program EternalBlue developed by the US National Security Agency that allows you to penetrate any Windows computer
Blockchain has another big problem – if a person or organization controls 51-52% On a networked computer, it can change the entire chain of blocks with the remaining 49%. consent of the user.
China is fond of this technology, as 300 of the world's 500 most powerful supercomputers could be in China. So why not, in my place, I would do the same thing. They have about 57 percent. all computers in the world power, so that they can control anything in practice.
The people who created this technology did everything because of anarchy. However, we will not be able to change what is controlled by big companies or big states into technologies that allow people to be anonymous and free
– Imagine you do not believe blockchain in the technology of the future?
– I think that digital currency is undoubtedly a future, but it should not be based on current technology.
Governments regulate banks and control the amount of money that can be spent. Money can be created freely in the Against World. Their "digging" consumes a lot of energy, and on the black market, cryptbadytics are used more often than elsewhere. While large corporations and communities such as Amazon do not cryptosilate, they will have very little value.
This is an uncontrolled environment, and blockchain is not the technology on which to build the economy, precisely because of the foregoing. weaknesses. And the problems with cryptoplasty are just highlighted.
– People who are not directly exposed to Internet security problems on a daily basis are most often heard by the media. She, in turn, is the most aware of the big piracy. There might be an impression that there are a lot of technologies for people who are angry. What is the real situation – do hackers win these brain races?
– Security companies must obey the law, and software is not. If we compare education and capabilities, we are at the same level, but we, as a business, can not secretly register an antivirus program on your computer. This requires consent. Hackers can write their programs, and that is precisely why they will always have a length in advance.
We would like to improve our products and get more data from our users. Each program asks users to share data so that they can be improved. Most people say "No"
The more we open technology, the more we open up and the possible attacks. After almost 30 years, we are still talking about the same topics – strong pbadwords and suspicious links. If something looks suspicious on the internet, it's probably the case, but people grow to curiosity.
If we look at malicious gadgets 15-20 years ago, hackers tried to be seen because they did it for fame. On a cracked computer screen, you could see explosions, skulls or other strange things. We talk about times before PayPal or Bitcoin, when you could not easily exchange money. Now we have anonymous payments, and programmers are more likely to benefit from being hackers because the risk of being caught is very low. Today, hackers do not want to be seen anymore.
Computerization has divided society. People over 70 do not really understand who it is and what it is about. Even at the age of 60, people are still on the cusp. Young people do not care about safety either, but they are determined to take almost anything they can get. They say I agree, I'm crazy, just give something for free. And it's an open space for those who can exploit this system.
– People know very well that doors need locks, otherwise there is a risk of losing things. This can not be said about the virtual space. However, a generation that understands the Internet much better is growing. In the future, when more and more badets are in the virtual space, the approach to cybersecurity may change?
– I think the security product market could not explain it to a younger generation. I find it difficult to teach even my children. We can not explain to them that the loose attitude is even worse than a door without a lock – it's the open door for which all your money rests.
A huge upheaval occurred when people realized that the data they were providing on Facebook was used and pbaded on to strangers. I think that such things will happen more and more often. If you use computers to choose something you do not want to choose, and you still do not understand, I think it scares countless people.
Negative security trends will continue, but later the situation will improve
– Ethical software developers look for security vulnerabilities and help businesses protect themselves. Can this community help if businesses offer it more opportunities? Suppose, if you more actively offer larger rewards?
– This is problematic because if such tests are done, most companies do not pay them. They do not even spend money to teach their employees. Throughout my career, I have only heard about the products I use, but there has never been any explanation of safe behavior despite pbadword reminders
] – People are facing the problem every day. and for digital security. This is perhaps a difficult problem to bear. Is the only way a person starts to look at her seriously is to become a victim herself?
– Most likely, it is true. Becoming a victim "helps" the most – otherwise it sounds like a scary tale, something happened to someone else. I have a friend who works in a big German bank. His Android phone system was cracked in a very clever way – after making a digital copy of the phone and virtually stealing his identity. At first, she looked at him casually until the pirates started sending letters to her bank manager on her behalf. It was very difficult for her, now she admits to becoming a victim and says she is more sensitive to security issues.
I saw a documentary on German television about a company that produced high-clbad turntables. Business is very complicated because this market is shrinking. A needle costs 800 euros. The Chinese programmer attacked for 40 months and produced an almost identical needle that cost about two dollars. This company went bankrupt. I remember the reaction of the business owner – he was crying against television cameras
Then I thought we had to make such cases even more public. Unfortunately, I think that it is necessary to try to intimidate people in the same way as cigarette bags, giving them horrible pictures.
– What is the most common Internet security problem today?
– I repeat, the biggest problem is the weakness of pbadwords. This is the main way to break into people's accounts. In addition, use the same security information on multiple different websites. The fact that people on the Internet are naïve is also not encouraging.
– People would like to blame technology, but many can give a half-life to get something, which has virtually no value. For example, play Candy Crush on your computer.
I think users are guilty of it. If you want to drive a car, you must first prove that you can do it without causing an accident. If this question were raised, I would certainly vote that people would not be able to use the computer until they prove that they are aware of the risks.
Unfortunately, the user is the biggest flaw in this system. To correct this, you must learn.
Source link
