LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A high-level view of the MeeGo security landscape

A high-level view of the MeeGo security landscape

Posted Nov 18, 2010 19:34 UTC (Thu) by jimparis (subscriber, #38647)
Parent article: A high-level view of the MeeGo security landscape

> With MeeGo, there are new usage models where desktop data is migrating to mobile phones, which are much more easily lost, for example. People are doing banking from their phones as well. When Ware asked how many in the audience had used their phone for banking, he got quite a few hands; "you're all screwed", he said. Those credentials are stored somewhere in the phone for an attacker (or thief) to find.

Screwed? Unless I tell it to save passwords, I really doubt that Firefox on my phone is storing my bank login credentials. And any particular session cookie will expire pretty quickly. I don't think existing phone manufacturers have gotten this as wrong as they suggest.

> $8-90/1000 bots "depending on quantity"

I'm not quite sure how to parse that. Is it "between $8 and $90 per 1000 bots, depending on the total quantity"? Those numbers are strangely specific for covering such a large range. Or was "between $80 and $90" the intended interpretation, which could make sense if observed averages are within that small range.

(Log in to post comments)

A high-level view of the MeeGo security landscape

Posted Nov 19, 2010 11:50 UTC (Fri) by niner (subscriber, #26151) [Link]

Could be that you would simply get some extremely nice discounts for large quantities. Like paying $90 for 1000 bots vs. $8000 for 1000000 bots.

A high-level view of the MeeGo security landscape

Posted Nov 23, 2010 2:51 UTC (Tue) by rrware (guest, #71420) [Link]

> Screwed? Unless I tell it to save passwords, I really doubt that Firefox on my phone is storing my bank login credentials. And any particular session cookie will expire pretty quickly. I don't think existing phone manufacturers have gotten this as wrong as they suggest.

It was actually a joke to help wake people up after lunch. :-) I should have clarified that they were screwed because their phone's were already rooted anyway. ;-)

> I'm not quite sure how to parse that. Is it "between $8 and $90 per 1000 bots, depending on the total quantity"? Those numbers are strangely specific for covering such a large range. Or was "between $80 and $90" the intended interpretation, which could make sense if observed averages are within that small range.

Strangely enough, it actually is $8-$90 per 1k. It is a large range and there is a number of reasons for it; quality of the botnet client, size of the botnet being leveraged, popularity of the botnet in the news and geographic location/prevalence.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds