“The three-week cyberattack on Estonia threatened to black out the country’s digital infrastructure, infiltrating the websites of the nation’s banks and political institutions”

The article cites as source (hey, at least they cite sources) an equally “well researched” piece from the Telegraph.co.uk which says almost the same thing. Now I seem to remember that the Estonia incident was just a large scale DDoS attack, so I’ve looked around for more reliable sources, like this article on Dark Reading Authoritatively, Who Was Behind The Estonian Attacks? by Gadi Evron (or see this other article). This confirms what I was remembering: it was a large scale DDoS attack with some minor defacements, but in no way were they “infiltrating the websites”.

The second (unrelated, other than the fact that it is an overstatement) quote comes from the Kaspersky blog, where we can read that:

“a vast amount of pirate software nowadays contains trojans, both for the PC and Mac”

This depends very much on your interpretation of “vast amount” (as me how I know :-P). Of the actual pirated software shared in limited networks like college campuses, very little is infected. What are extremely likely to be malicious are the crack / keygen websites. Either they contain exploits directly or they bundle malware with the downloads. An other sneaky way, seen on P2P networks like Gnutella or eDonkey, is to run bots which respond to any search with an executable that contains the keywords in the name and is – of course – malicious. So, depending on your interpretation of “vast amount”, this doesn’t hold up.

The conclusion, as always: do your own research!

Picture taken from cooljinny’s photostream with permission.

Facebook now has 300 million users. Let’s assume that each user has at least one piece of user-generated content on their Facebook page cause, well, it’s a very user-content driven site. That means that of the 300 million home pages on Facebook that 95% (285 million) has either a malicious link or other insecure content. Conversely that means that 5% (15 million) are clean, uninfected, safe pages.

The average Facebook user has 120 friends or 281 friends, depending on which news article you might be reading. Let’s just assume for mathematical purposes that the number is somewhere in the middle, at about 200 friends per user. Let’s pretend, too, that you visit every friend’s page in a single day. Because it’s your day off, of course, you wouldn’t actually do that at work.

The mathematical likelihood that one of your 200 friends is one of the 95% that is infected is infinitesimal.

This statement seemed a little off. After all, we are selecting 200 pages out of 300 million where 275 million are infected. The chance to get to an infected / malicious page can’t be that low, right? Wrong! The problem as stated is known in mathematics (probability theory to be more precise) as the “drawing without replacement” and apparently the scientific name is hypergeometric distribution. Long story short, Wikipedia pointed me to a calculator which says that – given the parameters quoted above – you have a 99.9999608980365% chance that all of your friends will be clean / non-malicious! Talk about counter-intuitive!

Conclusion? First of all, trust but verify. If you hear something which sounds “off”, try to verify the information from multiple sources. Then again, our brains don’t seem to be wired to evaluate probabilities “heuristically”, so one should always sit down and work out the exact math (there are a lot of free tools on the Internet which can help you) before making important decisions.

Picture taken from EraPhernalia Vintage’s photostream with permission.

Webroot says (the incorrect information is highlighted in red):

Adware tracking cookies trigger the most benign form of pop-up ads. Cookies that reside on your PC serve up pop-up ads related to the site you are visiting, your personal information or online activities. The more cookies you have on your PC, the more pop-ups you’ll see. A more malignant type of pop up won’t stop appearing until you allow it to download spyware software. Sometimes, even the “close” or “cancel” buttons mean yes. A slightly different pop-up, which mimics a Windows Messenger Service window, is also a ploy to download spyware software onto your PC.

As you can see close to 50% of the description is inaccurate and 50% is not relevant to the subject (it talks about pop-ups). Very useful for the client.

To get a more balanced and technically correct description which a technically not so savvy user can understand visit the page of the Electronic Frontier Foundation.