Tuesday, December 16, 2008

IE security flaws

The BBC is reporting that there is a new fatal flaw with Internet Explorer that allows hackers to gain access to a computer and steal passwords. In other news water is wet, politicians lie and Windows Vista is a huge disappointment.

Seriously though, this is usually the perfect opportunity for the blogger to pontificate about the evils of Microsoft and recommend readers to switch to Firefox/Safari/Opera/Chrome as of yesterday. Another tactic is to smugly admonish poor sods still using Internet Explorer to realise the folly of their ways and learn to love open source development. And then there is even a chance for Apple-heads to unleash a wave of self-righteousness and claim that this would not happen on a Mac. I will forego the temptation to fall into the aforementioned stereotypical actions, although I am truly fighting the urge to utter the predictable "I told you so", or the always-satisfying Nelsonian "HA HA!"

Instead of any unbecoming haughty displays, I notice that this exploit was designed to steal game passwords. As I've mentioned earlier, one of the fastest growing areas of cybercrime is the theft of virtual goods on games like WoW, where the in-game gold has acquired real currency value. It should be quite telling that this exploit is not being used to purchase things on eBay or Amazon, but to steal virtual goods. Perhaps the payout is not as big, but the risks seem much less. I don't think a cop is going to prosecute a hacker for stealing magic items on WoW.


Unknown said...

That's true in the US and England (for the moment) -- not so true in South Korea or Japan.

Andres Guadamuz said...

Indeed! I always forget how much more sophisticated is law enforcement in Korea and Japan, probably because many of them are gamers as well.