Curious about SQL attacks?

March 20, 2009 at 8:31 am Leave a comment

That question should be, actually, automated SQL attacks, managed by botnet masters (which may explain to you the continuing rise in concern over the Downadup virus, which hasn’t at least apparently been used for anything much–although recently the merely 5K or so possible addresses that could be contacted for instructions expanded to 50K or so).

Anything that can run inside a browser, from QuickTime to Flash to the Java Script mentioned in the article–is an active threat, which is why the Firefox NoScript addon is a useful layer of defense.  However, MS is being blamed, mostly because its browser (IE) still has the widest market share, although by a continually declining margin.

Pay attention especially, if you read the article (I do suggest it, although it may take some time, particularly if you follow the links inside it) to the reiterated absolute necessity for keeping software updated.  And after all of that, bear in mind that nothing is uncrackable.  There have been several wild-sounding declarations that the Internet has lost its utility over such vulnerabilities that can lead to “identity theft” or at least usage of portions of one’s online identity.  [I’ve actually accidentally seen two sites that claimed to sell complete identities, down to relatives, interests–and, of course, the relevant “social-networking” sites.  On one, I managed to escape without being infected.  On the other, it was caught by a subsequent scan (the Netsky virus).  Each was evidently at least potentially a trap of some sort, and I don’t indulge in or condone that kind of activity.  If you do somehow hit one of these sites knowingly, don’t let curiosity overwhelm you in the least.  Use ALT+F4 and clear history, cookies, temporary internet files–running CCleaner is the easiest way to do this, and history actually should be kept at an absolute minimum on your browser in any case, unfortunately–and run as complete a series of scans as possible.  And if you can, avoid going there in the first place by using WOT and/or Haute Secure.  Neither of which is infallible.  I recall one day when it was announced that at the least something like half a million sites had been hit–with no way of knowing which ones.  Don’t be too curious.  And bear in mind that places like Facebook do have profiles set up to install badware.]

Which is probably quite enough, if not too much.  I can be a bit wordy at times.  My apologies.


Entry filed under: browsers, computers/tech, current news, internet, internet security.

“A New Viewer” Defraggler

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Trackback this post  |  Subscribe to the comments via RSS Feed

%d bloggers like this: