Yesterday someone reminded me the “hacking” styles used in two Sci-Fi TV series that he has seen:

1. Babylon 5
2. Battle Star Galactica

In the middle of the Babylon 5 series, there is an episode that takes the memory of John Sheridan and Delane to see what happens to the human race after 70 years, few hundreds of years and so on… In one of these timelines, we see Mr. Giraboldy that is now a hologram, “hack” into the systems of some people on earth that are at war with people on Mars. When the person asks him “how were you able to do it ?” Mr. Giraboldy answers: “I saw how you accessed the systems and used my experience to understand how to hack it.”

In Battle Star Galactica, we saw in the first session that the computers of Galactica where never online and therefore the Cylon virus never effected them. On the first episode of the second session, Galactica lost the rest of the spaceships and the only way to find them on space was to use grids with all of the computers on the ship. When they did so, they became open to attacks because there was a network, and the Cylon virus could spread to the main computer core. The most funny part there was the fact that they could identify the virus, but never thought to fix vulnerabilities that caused the virus to spread … (and people call it Sci-Fi …).

To make long story short, on both cases we see how social engineering turns the table. I read today an advisory that shows how easy it is to bypass Microsoft Windows XP SP2 firewall. It is partly problematic, because attackers require access and write permissions to the registry. But then I remembered that Windows requires Administrator privileges to play many computer games.

I’ll repeat it: You need to have Administrator privileges in windows in order to play games !

When I try to teach people not to use this user, I receive answers like: “but I can’t do something X if I’m not an administrator user” or “But I have an antivirus and a firewall, and any other anti maleware tool”. But still we get reports such as: “Microsoft Windows keybd_event Validation Vulnerability” that are given very high priority on security channels.

When problems such as the Israeli trojan occurs, you may think that people will learn not to use administrator based users… But no! they do not. And the worst issue, is that most places in the world did not report this issue. It was not very different from any other known problem, but it was important for teaching people that Social Engineering is a very serious flaw.

We all need to learn how to work a bit different with our computer. Security comes from restricting what you can and can not do, not by installing 100 types of protection methods. Because all it takes is one program not to be detected and all of your measures are for nothing.