Your brain is the most powerful defense against Internet threats
The BBC reports that users of the popular video streaming website Twitch.tv are attacked on the site which can lead to the buying, selling or trading of virtual user items on the gaming platform Steam.
Attacks are carried out via links that get posted in chat on the site according to F-Secure which reported about it first. The messages invites users to participate in weekly raffles for a chance to win virtual items for the game Counter-Strike Global Offensive, the most recent version of the popular Steam game.
Users who click on those links load a Java program which asks them for information. While it is unclear if those information are processed at all, it is clear that the program drops malicious software on the user system which allows the attacker to perform a series of commands including adding new friends on Steam, buying items with user money, sending trade offers, selling items on the market and accepting trade transactions.
Virtual items can be bought, sold and traded on Steam with some items being sold for thousands of Dollars. While the average amount is lower than that, most games have rare items that are offered for one hundred or even more Dollars.
The problem
These types of attacks, and Twitch is just an example of one attack on one site, can be addressed in several ways:
- The site that is bombarded with them could add security checks or notifications, just like Valve has done on Steam recently. These would warn users to click on links posted by unknown parties.
- The browser/operating system manufacturer could improve security.
- User education.
If a user cannot distinguish between a legitimate link and a malicious one (click on this link and a Nigerian prince will send you $10 million US Dollars for safe keeping), then this is without doubt the biggest problem.
While companies can improve security on their end, there will always be ways for attackers to exploit the naivety of Internet users.
Raffles, quizzes, surveys, phishing emails and others are used for a long time by attackers and nothing seems to have changed in that time. Users still fall pray to those scams even though magazines and sites report about them all the time.
System and program security has improved as well in that time but that does not seem to keep users safe on its own. While it may help somewhat, attackers are ingenious enough to find new attack forms or variations of existing ones to exploit.
The only thing that will help in the long run is user education. This does not have to be in form of an hour-long session either as there are only a few rules that users need to follow to improve their security on the Internet significantly:
- Use your brain. If something seems too good to be true, it usually is.
- Don't click on links in emails or chats if you don't know the sender. Even then, think about it first before you click.
- Don't click "next" or "ok" when prompts appear without knowing what this is about.
Now You: Have something to add? Feel free to share it with all of us in the comment section below.
Doesn’t Windows 8 know that www. or http:// are passe ?
Well it is a bit difficulty to distinguish between name.com domains and files for instance.
I know a service made by google that is similar to Google bookmarks.
http://www.google.com/saved
@Ashwin–Thankful you delighted my comment; who knows how many “gamers” would have disagreed!
@Martin
The comments section under this very article (3 comments) is identical to the comments section found under the following article:
https://www.ghacks.net/2023/08/15/netflix-is-testing-game-streaming-on-tvs-and-computers/
Not sure what the issue is, but have seen this issue under some other articles recently but did not report it back then.
Omg a badge!!!
Some tangible reward lmao.
It sucks that redditors are going to love the fuck out of it too.
With the cloud, there is no such thing as unlimited storage or privacy. Stop relying on these tech scums. Purchase your own hardware and develop your own solutions.
This is a certified reddit cringe moment. Hilarious how the article’s author tries to dress it up like it’s anything more than a png for doing the reddit corporation’s moderation work for free (or for bribes from companies and political groups)
Almost al unlmited services have a real limit.
And this comment is written on the dropbox article from August 25, 2023.
First comment > @ilev said on August 4, 2012 at 7:53 pm
For the God’s sake, fix the comments soon please! :[
Yes. Please. Fix the comments.
With Google Chrome, it’s only been 1,500 for some time now.
Anyone who wants to force me in such a way into buying something that I can get elsewhere for free will certainly never see a single dime from my side. I don’t even know how stupid their marketing department is to impose these limits on users instead of offering a valuable product to the paying faction. But they don’t. Even if you pay, you get something that is also available for free elsewhere.
The algorithm has also become less and less savvy in terms of e.g. English/German translations. It used to be that the bot could sort of sense what you were trying to say and put it into different colloquialisms, which was even fun because it was like, “I know what you’re trying to say here, how about…” Now it’s in parts too stupid to translate the simplest sentences correctly, and the suggestions it makes are at times as moronic as those made by Google Translations.
If this is a deep-learning AI that learns from users’ translations and the phrases they choose most often – which, by the way, is a valuable, moneys worthwhile contribution of every free user to this project: They invest their time and texts, thereby providing the necessary data for the AI to do the thing as nicely as they brag about it in the first place – alas, the more unprofessional users discovered the translator, the worse the language of this deep-learning bot has become, the greater the aggregate of linguistically illiterate users has become, and the worse the language of this deep-learning bot has become, as it now learns the drivel of every Tom, Dick and Harry out there, which is why I now get their Mickey Mouse language as suggestions: the inane language of people who can barely spell the alphabet, it seems.
And as a thank you for our time and effort in helping them and their AI learn, they’ve lowered the limit from what was once 5,000 to now 1,500…? A big “fuck off” from here for that! Not a brass farthing from me for this attitude and behaviour, not in a hundred years.
When will you put an end to the mess in the comments?
Ghacks comments have been broken for too long. What article did you see this comment on? Reply below. If we get to 20 different articles we should all stop using the site in protest.
I posted this on [https://www.ghacks.net/2023/09/28/reddit-enforces-user-activity-tracking-on-site-to-push-advertising-revenue/] so please reply if you see it on a different article.
Comment redirected me to [https://www.ghacks.net/2012/08/04/add-search-the-internet-to-the-windows-start-menu/] which seems to be the ‘real’ article it is attached to
Comment redirected me to [https://www.ghacks.net/2012/08/04/add-search-the-internet-to-the-windows-start-menu/] which seems to be the ‘real’ article it is attached to
Article Title: Reddit enforces user activity tracking on site to push advertising revenue
Article URL: https://www.ghacks.net/2023/09/28/reddit-enforces-user-activity-tracking-on-site-to-push-advertising-revenue/
No surprises here. This is just the beginning really. I cannot see a valid reason as to why anyone would continue to use the platform anymore when there are enough alternatives fill that void.
I’m not sure if there is a point in commenting given that comments seem to appear under random posts now, but I’ll try… this comment is for https://www.ghacks.net/2023/09/28/reddit-enforces-user-activity-tracking-on-site-to-push-advertising-revenue/
My temporary “solution”, if you can call it that, is to use a VPN (Mullvad in my case) to sign up for and access Reddit via a European connection. I’m doing that with pretty much everything now, at least until the rest of the world catches up with GDPR. I don’t think GDPR is a magical privacy solution but it’s at least a first step.