By ARUN MARBALLI
Have you ever attempted to buy tickets for an event on Ticketmaster or
tried to open a yahoo or hotmail e-mail account? If you have, then you
will have encountered the so-called CAPTCHA systems (Completely
Automated Public Turing test to tell Computers and Human Apart). This
is the test where you are presented with an image of wavy, oddly shaped
jumbles of letters and numbers and you are required to recognize and
type them out. Hitherto, these tests have been effective in thwarting
computers from mimicking human presence for executing rapid purchases
of show tickets or from setting up multiple e-mail accounts to enable
spam generation and phishing. It appears that the crooks have come up
with a trick to bypass this test thereby allowing them to use computers
to masquerade as extremely speedy human beings to carry out the very
activities that these CAPTCHA systems are attempting to keep the
computers out of – mass ticket purchases or mass e-mail accounts setup
for spam and phishing. They are doing this by luring thousands of
Internet users to play games with pop-up icons that promise rewards
(including some bordering on the risqué) for solving puzzles. The
puzzles presented are in fact the CAPTCHA images received by the
crook’s computer program and passed on to unsuspecting Internet users
in real-time. When gullible users respond by typing in the letters and
numbers represented in the image, the computer program is able to
bypass the CAPTCHA gatekeeper.
Speaking of gatekeepers, a while back I had explained that anti-virus
programs use information called virus signatures to detect and block
viruses and other malware. However, it now seems that the ever-potent
and ever-mutating Storm worm could be turning the tables on these
anti-virus programs and trying to beat them at their own game.
According to a recent posting by an analyst from Sophos (an Internet
Security firm) a mutation of the Storm Worm, nicknamed “Dorf,” is using
the signatures of all known anti-virus programs to neutralize them in
the computer’s memory. So, on infected computers, the Anti-Virus
software will appear to be running but will not be effective as it has
been effectively “lobotomized” by the Dorf worm. So, how do we stay
away from this worm and its brethren? Perhaps, if more legitimate
website operators obtained Extended Validation SSL Certification as
opposed to Standard SSL Certification, we could tell them apart from
other suspect websites and be assured of safer passages in the cyber
world. What is Extended Validation SSL Certification, you ask? Read on
and I will bring you on-board.
Worms such as the Storm Worm are typically picked up as hitchhikers
from compromised websites that we may be redirected to by a phishing
attack. Although most genuine websites use “certificates” to vouch for
their authenticity, it is unfortunate that the level of certificates
used is not verifiable and hence not fool-proof. Wouldn’t it be nice if
our browser could verify that the certificate of the website that we
visit is authentic and warn us if it is not? Such verification is
possible with a mechanism called Extended Validation (EV) SSL
Certificate. These certificates were established as a direct response
to the rise in Internet fraud and decreasing consumer confidence in
online transactions. For obtaining this certification, the owner of a
website is thoroughly investigated for authenticity by the Certificate
Authority (CA). In fact the CA, itself, is subject to an extensive
independent audit as part of their Web Trust review. As part of their
investigation, these CA organizations must establish the legal identity
as well as the operational and physical presence of the website owner;
they must establish that the website owner does not share the web
address (URL) with another entity; and finally, confirm the identity
and authority of the personnel acting on behalf of the website owner
and verify that documentation of legal obligations are signed by an
authorized officer of the website owner. The CA provides browser
vendors its unique EV Identifier and also embeds this identifier in the
Certificate it grants to the website owner. Thus, when the browser
receives a webpage from this website with its certificate, it can match
the EV Identifier on the Certificate with the one known to it and
verify the authenticity of the website.
How do these EV SSL Certificates manifest themselves to the Internet
user? First of all, at this time the only Internet Browser that is EV
SSL Certificate ready is the Internet Explorer 7. When a website with
an EV SSL Certificate is displayed, the address bar on the top (the box
where the website’s address is displayed) turns green and the adjacent
panel that shows a padlock for Standard SSL Certificates will be
expanded to additionally include a label that will periodically
alternate between the name/address of the website owner and the CA that
issued their certificate. If the Internet user sees these two effects
on the webpage displayed, then the user is assured that the website
being displayed is safe and not a phishing webpage. Check Wikipedia for
more information
(http://en.wikipedia.org/wiki/Extended_Validation_Certificate).
Arun Marballi has worked in the Information Technology arena for more than 20 years with extensive experience in software development, process design and network/workstation management. For comments, questions, tips or suggestions, e-mail amarballi@hotmail.com.
|
Contact Information
Anything that appears in Khaas Baat cannot be reproduced, whether wholly or in part, without permission. Opinions expressed by Khaas Baat contributors are their own and do not reflect the publisher's opinion.
The Editor: editor@khaasbaat.com Advertising: advertising@khaasbaat.com Webmaster: webmaster@khaasbaat.com Send mail to webmaster@khaasbaat.com with questions or comments about this web site. Copyright © 2004 Khaas Baat.
Khaas Baat reserves the right to edit and/or reject any advertising. Khaas Baat is not responsible for errors in advertising or for the validity of any claims made by its advertisers. Khaas Baat is published by Khaas Baat Communications.
|