These RSA (Royal Society for the encouragement of Arts, Manufactures and Commerce) animations are excellent. Ever wondered how to be happy in your work?
I’ve spent the last 48 hours working on a crazy Open Source project (a web-based webpage designer using natural language!). I’m not getting paid for it but it’s great fun. I can relate to this video. I spent years working in software companies where I had to follow a particular course (which was often chosen by marketing or management and I knew would be a disaster). At times I had amazing ideas which management failed to grasp and which I never got to explore.
Aza Raskin from Mozilla Labs has come up with a new type of phishing attack based on tab browsing. When the user clicks away from an innocent looking page on the phishing site to a different tab the malicious code waits a few seconds and then changes the page to a phishing page – his example is a googlemail login screen.
It’s worth noting here that’s it’s always worth checking the URL in the browser. Before clicking a link it’s worh checking the acual URL of the link. It’s very easy to make a link look like it goes one place but sends you somewhere else (for example: http://www.youtube.com/). In my browser (firefox) the URL is previewed in the status bar at the bottom.
So which bit is the domain? It should be after “http://” and before the next “/”. If the URL looks messy or uses a numeric IP address instead of a text domain name then you might want to not trust it.
Here are some examples of evil code and I’ll explain how to read a domain from a URL. Suppose we bank with mybank.com:
http://www.mybank.evilcode.com/
http://www.mybank.com@evilcode.com/
http://www.my.bank.com/
http://www.my-bank.com/
What’s wrong with these?
First of all, it’s best to read a URL from right to left and break up the domain at the dots. The most important stuff is on the right.
So, in the first example we have the “.com” top-level domain, next we have “evilcode.com”, then we have “mybank.evilcode.com” – that’s a sub-domain of “evilcode.com”.
In the second example, again reading from right to left you’ll realise that it’s an evil site. The part of the URL before the “@” will be passed as a username to the site. Most modern browsers have protection against this (you are using a secure modern browser aren’t you, ps Internet Explorer=fail).
Number three and four are simply miss-spelt but are totally different domains and so not to be trusted.
