[dba-Tech] The storm after the break in

Peter Brawley peter.brawley at earthlink.net
Tue Jan 19 12:29:04 CST 2010


Jim> Does this mean that we should stop using IE, as some have suggested, until a
>patch can be created and distributed?

For security & performance it seems reasonable to restrict IE use to (i) 
Microsoft sites and (ii) reputable sites that work correctly only with IE.

PB

-----

Jim Lawrence wrote:
> Google has been going into over-drive mode trying to find the culprits who
> managed the break-in to the Google Gmail sites. To that end they have shut
> down the Beijing office while a forensic search of all data and
> communication records goes on...it may be a Google insider who had the
> required knowledge. Supposedly, a security hole in a number IE versions
> allowed the attack and governments all over the world seem to be very
> concerned. (As of yet the patch has not been completed.)
>
> http://news.cnet.com/8301-27080_3-10436618-245.html?tag=newsLeadStoriesArea.
> 1
>
>
> The attack is considered a super sophisticated and required a number of
> integrated components to work. The nature of the attack is such that it is
> widely believed that the process was encourage and sponsored by the Chinese
> government who would have a vested interest in the discourse of foreign and
> local decedents.
>
> http://www.wired.com/threatlevel/2010/01/operation-aurora
>
>
> In addition, to the hacking of Google a number of companies were hacked and
> source code extracted which may have in turn been used to launch the Google
> attack that appears to have been the main object of the exercise:
>
> http://news.cnet.com/8301-27080_3-10434721-245.html?tag=mncol;txt
>
>
> The actual code that utilized the IE hole has been posted according to the
> following link and if so it will not be long before every devious hacker and
> script kiddies will have a copy:
>
> http://siblog.mcafee.com/cto/%E2%80%9Caurora%E2%80%9D-exploit-in-google-atta
> ck-now-public
>
>
> Does this mean that we should stop using IE, as some have suggested, until a
> patch can be created and distributed? That would be difficult as so many
> companies and individuals depend on IE to run their business. According to
> many experts the attack code can not be deployed unless the victim initially
> connects to a tricked up predatory site.
>
> AVG now has a free link-scanner which is supposed to catch or be able to
> identify links from your current web page that may be dangerous:
>
> http://linkscanner.avg.com
>
>  
> The truth is, it is probably beyond the capability of any browser to be a
> hundred percent effective against an attack especially if the perpetrator is
> capable of investing unlimited resources, in such a venture.
>
> Jim
>
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com 
> Version: 8.5.432 / Virus Database: 270.14.150/2632 - Release Date: 01/19/10 07:34:00
>
>   



More information about the dba-Tech mailing list