While We Were Busy Patting Ourselves On The Back For Beating Viruses, Somebody Stole All Our Passwords
from the try-again dept
While the folks at Kaspersky are celebrating their supposed triumph over “virus” authors, the rest of the world is still dealing with all the other security headaches malware authors are creating. The company’s claim that viruses are dying out rings a little bit hollow when you consider malware authors and hackers are just spending their time on other things these days, meaning there’s still plenty of places where security firms have their work cut out for them. Case in point? Browser-based vulnerabilities such as phishing and password theft. A new study says that anti-phishing toolbars don’t do a great job, while separately, a researcher says that new versions of Internet Explorer and Firefox are vulnerable to fake site login forms that could allow hackers to surreptitiously steal users’ passwords. There’s little point in trying to claim a security triumph when the threat and benchmarks are constantly moving, and acting as if people face a reduced threat today is little more than disingenuous. The threat hasn’t reduced, it’s just changed — and if a security company can’t recognize that, they’re what’s going to disappear, not the security problems.