Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security

Group

Whatever...
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Robin Hood Carries A Netbook and No Guilt

One thing that hackers have worked out is that the financial system is all smoke and mirrors running on hot air.

It doesn't take much experience at the exploit level to realise that you can just print your own money and someone is going to quietly cover their/your ass, because it's their ass they're covering too.

Very much like the government bail-outs.

Hackers have been doing a few bail-outs of their own and we'll see some spectacular ones in the near future.

It would be easy to just assume that the whole financial system is finally exposed for what it is. Hot air and promises.

It's that time of the year again, when the 'security researchers' get together for their versions of the Academy awards, only these are the kids who mightn't have been cute enough to be child actors, and those that are have too much smarts to bother working a day. (While the Hackademy Rewards goes on quietly elsewhere)

There is the widely known Black Hat event where an every growing bunch of hyperactive nerds pretending to be black hat (really white hats in disguise) confirm what we all know - security is just another hot air draft from the snake-oil marketplace.

There isn't anything earth-shatteringly new, and one could be forgiven for thinking they're trying to distract us from the flaws we were supposed to fix last year.

There are even a few in there for the greenies. Want to reduce your energy consumption? Simply hack the electronic 'Smart'(you know immediately what it means when they use the word 'smart') meters and reduce your energy bill. It mightn't cure global warming but it'll make you feel better when you boast over dinner about how low your energy consumption (bill) is.

There is also an element of national pride in play. The Americans, being competitive, want to show just how bright they are (while the Chinese quietly take notes) and the Russians offer payouts for exploits and kits. I'm sure those government security types just cringe and hit the bars for the week, after all what can they do?

This year was bound to be the year of the mobile attack, and we see everything from android hacks and iPhone root kits to SMS attacks. Those smart phones aren't too smart either.

The forgone conclusion is that we're all behind the 8ball, and it's just a matter of time before we're in pocket too.

One thing I have noticed is that hacking is now up there in the respectability stakes, like banking. It can be hard to find a moral argument that they shouldn't be doing it, after all it's only little numbers, not trillions, and someone will always cover the losses and if not, perhaps it's a good lesson for those empowering banks to make everyone's life a misery. (I'd point you through to the amusing misery index on another site, but it is apparently a no-go zone.)

Suffice to say Sriram, that hackers are not being racked by guilt anymore than the bosses of a few banks with big fat payouts.

Look for some thrilling Robin Hood action in the coming year.

I add that in my time on finextra, I have never communicated the precise method of performing an exploit to readers, and I do not favour public disclosure of the core of exploits, but it does irk me when I get  my blog pulled because I truthfully state that it is easier to hack Windoze than go through the customer registration process. Lucky I don't tell you more.

BGP- still done, but partially 'fixed' (if you know what I mean)

MD5 - done, trashed

SSL - trashed

EvSSL - yes trashed

Bios - new and old hat hacked.

Rootkits - Mac, iPhone, android, nokia, .....

Updates - Apple. Windoze (better described as up-the-date)

as well as endless variations of the old spook tricks, sniffing keystrokes, blah blah.

There have been some positive advances environmentally, it takes less energy and resources to perform exploits, so even hackers are doing their bit.

One thing for sure, the security industry is becoming very environmentally friendly, running now completely on hot air.

I'm waiting to see who wins the Bernie Madoff Challenge Event, where the goal is to redistribute more than Bernie did. Some developing nations could be in for a windfall.

 

p.s. Speaking of windfalls, if your bank hasn't been forthcoming with the bonuses perhaps your fellow workers are giving themselves a payrise with metasploit (if your customers aren't readjusting their balances), now making it even easier to attack Oracle. Perhaps you IT guys better get those updates installed quickly...

2754

Channels

Security

Group

Whatever...
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (0)

Join the discussion

Member since

0

Location

0

More from member

This post is from a series of posts in the group:

Whatever...

A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

See all
Community
See all blogs »
Fintech 

How innovation in encryption is helping secure the credit card approval process

Ghazi Ben Amor

Ghazi Ben Amor

Operational Risk Management 

DORA – Navigating the EU’s Operational Resilience Landscape

Antony Fung

Antony Fung

Fintech 

The importance of risk management in trading

Kate Leaman

Kate Leaman

Digital Identity Management 

Navigating the digital identity landscape: A blueprint for financial services competitiveness

Adam Preis

Adam Preis

Now hiring

See more