The President's Message

June 2011

Rick Curry

Congratulations to our club members who were able to work with the schedule change last month. To any who missed the estivities, we were double-booked last month. The Boys & Girls Club has apologized, and the members did a great job of putting the room back the way the next group needed it.

It is my pleasure to welcome our presumptive new president, Dr. James Brown, to our board, and to the opportunities in the job. Dr Brown, I hope you enjoy holding the post as I have.

Thanks to the membership and board for allowing me to wear the president's hat for the past two years. It has been a lot of fun joining you all on Saturdays, finding out about new products and ideas (and even exploits). I've also enjoyed sharing my running commentary on changes in computers and technology in these articles. Some of you might find this surprising, but I am not accustomed to public speaking; my thanks for your patience with my deer-in-the-headlights stage presence. Standing on a stage and writing something more literary than an interoffice memo have been the opportunities I feel that I took advantage of during my tenure.

Drive-by polluting We know that we should be careful of the programs we download from the Internet. We know that email attachments can carry computer viruses causing us grief if we open the attachments. There is also a somewhat recent concept of "drive-by" infections with Web sites; no need to click on a link, run a program, or perform any action beyond going to the website to infect your machine.

Microsoft's hotmail product was recently the host to a "drive-by" infection in emails. You did not need to do anything with an attachment, click on a link, or take any other action. Just open the email. This is not the first "drive-by" email infection, but it is the first one in a while. Most recent email infections required the user to follow instructions in the infected email. We should take this as a reminder that emails are not especially safe.

A related issue to be aware of is that email accounts have been hijacked. Hackers are finding various ways to get the passwords for free email accounts (I am especially aware of it on the service whose name is a synonym for "boorish"). So even if you know the person sending you the email, it can be something bad.

The problem emails I have seen seem obvious from the subject line. For instance, the subject references something that I have never discussed, nor would ever discuss, with that person. Some of the emails just contain a link with no explanation. I have yet to see a "drive-by" email from a friend's hijacked free email account, but it seems like a natural next step in the malware arms race.

And in a third related bit of news, crime toolkits have been posted on the Web for free download. The groups that send the infected emails or hack Web sites so that they perform a "drive-by" infection use toolkits in their businesses much the way game companies use common toolkits that cause games to have a common look and feel. These crime toolkits have been expensive, and only the well-heeled, more organized, organized crime syndicates could afford the really good toolkits. Well, much the way Hollywood's movies are leaked to the Internet before they show up in theaters, a couple of the premier crime toolkits have been posted on the Internet for free sharing. Any clever child can find and download one of these toolkits (or maybe get both and produce an even better hybrid).

Some days it just doesn't pay to climb out of the fallout shelter … On the positive side, major world governments are calling to shut down crime on the Internet. I will lament the loss of freedom of expression as the anonymous artist ceases to find refuge in anonymity. I will not miss the thieves who take refuge in that same anonymity.

Happy computing!