Log in

View Full Version : USA's "National Cyber Alert System"

David Prahl
01-28-2004, 07:47 PM
Check out
http://edition.cnn.com/2004/TECH/internet/01/28/homeland.cyberwarn/index.html

Sounds like a good plan to begin with, but then you think about it more and it suddenly becomes a bad idea. If the next person who writes a mass-mailing worm using the same subject lines and spoofed domains as the National Cyber Alert System, guess what's going to happen? People are going to purposely open said messages. It's like using "Virus warning - download this fix" as a subject line, but more powerful.

Sigh...
:roll:
Janak Parekh
01-28-2004, 08:29 PM
Well... the messages are cryptographically signed. Not useful for the average consumer, but still better than nothing.

Besides, what else would you propose?

--janak
DimensionZero
01-29-2004, 10:30 PM
Hmmm, I dunno... Sounds a lot like existing sites out there.. Microsoft's Security Alert, CERT Advisories, Virus eye.. Nothing new really. Perhaps a more central location to get this info.
famousdavis
01-30-2004, 06:28 AM
Maybe a pull strategy instead of a pure push.

The gov't could send an email stating that there has been a new alert issued. There would be a hyperlink to the gov't site, showing the warning.

The email message would have to be patently clear that the email recipient check the URL to ensure they've been directed to a real gov't website, and not some bogus site.

Moreover, the gov't should be clear that they NEVER send email attachments or request any email recipient to download anything, ever. These would become the flashing red lights if any spoofer tried to do something like that.

It'll take education and diligence, it's not perfect, but it's better than not doing anything.
Janak Parekh
01-30-2004, 06:41 AM
The gov't could send an email stating that there has been a new alert issued. There would be a hyperlink to the gov't site, showing the warning.
That's not foolproof either. If the message was spoofed, it certainly wouldn't include a warning to check the URL, and 99% of users would never know the difference. Ditto with attachments.

--janak
Janak Parekh
01-30-2004, 06:41 AM
Hmmm, I dunno... Sounds a lot like existing sites out there.. Microsoft's Security Alert, CERT Advisories, Virus eye.. Nothing new really. Perhaps a more central location to get this info.
Yes. This is consolidating/replacing CERT.

--janak