Contact Us
Mental Health
Financial advice
Youth Matters
Techno Corner

Arun Marballi

Have you ever attempted to buy tickets for an event on Ticketmaster or tried to open a yahoo or hotmail e-mail account? If you have, then you will have encountered the so-called CAPTCHA systems (Completely Automated Public Turing test to tell Computers and Human Apart).

This is the test where you are presented with an image of wavy, oddly shaped jumbles of letters and numbers and you are required to recognize and type them out. Hitherto, these tests have been effective in thwarting computers from mimicking human presence for executing rapid purchases of show tickets or from setting up multiple e-mail accounts to enable spam generation and phishing.

It appears that the crooks have come up with a trick to bypass this test thereby allowing them to use computers to masquerade as extremely speedy human beings to carry out the very activities that these CAPTCHA systems are attempting to keep the computers out of – mass ticket purchases or mass e-mail accounts setup for spam and phishing. They are doing this by luring thousands of Internet users to play games with pop-up icons that promise rewards (including some bordering on the risqué) for solving puzzles. The puzzles presented are in fact the CAPTCHA images received by the crook’s computer program and passed on to unsuspecting Internet users in real-time. When gullible users respond by typing in the letters and numbers represented in the image, the computer program is able to bypass the CAPTCHA gatekeeper.

Speaking of gatekeepers, a while back I had explained that anti-virus programs use information called virus signatures to detect and block viruses and other malware.

However, it now seems that the ever-potent and ever-mutating Storm worm could be turning the tables on these anti-virus programs and trying to beat them at their own game. According to a recent posting by an analyst from Sophos (an Internet Security firm) a mutation of the Storm Worm, nicknamed “Dorf,” is using the signatures of all known anti-virus programs to neutralize them in the computer’s memory. So, on infected computers, the Anti-Virus software will appear to be running but will not be effective as it has been effectively “lobotomized” by the Dorf worm.

So, how do we stay away from this worm and its brethren? Perhaps, if more legitimate website operators obtained Extended Validation SSL Certification as opposed to Standard SSL Certification, we could tell them apart from other suspect websites and be assured of safer passages in the cyber world. What is Extended Validation SSL Certification, you ask? Read on and I will bring you on-board.

Worms such as the Storm Worm are typically picked up as hitchhikers from compromised websites that we may be redirected to by a phishing attack. Although most genuine websites use “certificates” to vouch for their authenticity, it is unfortunate that the level of certificates used is not verifiable and hence not fool-proof. Wouldn’t it be nice if our browser could verify that the certificate of the website that we visit is authentic and warn us if it is not?

Such verification is possible with a mechanism called Extended Validation (EV) SSL Certificate. These certificates were established as a direct response to the rise in Internet fraud and decreasing consumer confidence in online transactions. For obtaining this certification, the owner of a website is thoroughly investigated for authenticity by the Certificate Authority (CA). In fact the CA, itself, is subject to an extensive independent audit as part of their Web Trust review.

As part of their investigation, these CA organizations must establish the legal identity as well as the operational and physical presence of the website owner; they must establish that the website owner does not share the web address (URL) with another entity; and finally, confirm the identity and authority of the personnel acting on behalf of the website owner and verify that documentation of legal obligations are signed by an authorized officer of the website owner. The CA provides browser vendors its unique EV Identifier and also embeds this identifier in the Certificate it grants to the website owner. Thus, when the browser receives a webpage from this website with its certificate, it can match the EV Identifier on the Certificate with the one known to it and verify the authenticity of the website.

How do these EV SSL Certificates manifest themselves to the Internet user? First of all, at this time the only Internet Browser that is EV SSL Certificate ready is the Internet Explorer 7. When a website with an EV SSL Certificate is displayed, the address bar on the top (the box where the website’s address is displayed) turns green and the adjacent panel that shows a padlock for Standard SSL Certificates will be expanded to additionally include a label that will periodically alternate between the name/address of the website owner and the CA that issued their certificate. If the Internet user sees these two effects on the webpage displayed, then the user is assured that the website being displayed is safe and not a phishing webpage. Check Wikipedia for more information


Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail


Contact Information
The Editor:
Send mail to with questions or comments about this web site. Copyright © 2004 Khaas Baat.

Anything that appears in Khaas Baat cannot be reproduced, whether wholly or in part, without permission. Opinions expressed by Khaas Baat contributors are their own and do not reflect the publisher's opinion.

Khaas Baat reserves the right to edit and/or reject any advertising. Khaas Baat is not responsible for errors in advertising or for the validity of any claims made by its advertisers. Khaas Baat is published by Khaas Baat Communications.