Anti-phishing apps are not foolproof

Cyndy Aleo-Carreira — Tue, 08 Jul 2008 22:57:41 -0700

Michael Horowitz of Webware has been pushing Firefox extension Flagfox as an added protection above and beyond Firefox 3's built-in anti-phishing capabilities. The problem? Even the IP address and associated location can be hijacked by skilled hackers. Horowitz claims it's impossible, but until CERT issued their alert today in conjunction with patches offered by major DNS software vendors, it actually wasn't all that difficult to accomplish.

DNS routing is beyond me, so I asked an old friend who is a former hacker, and he said that it will be more difficult with today's releases, but not all servers will be covered. Some are using a version of DNS software so old that the patches won't fix the vulnerability.

Even easier, he told me, is hacking the client PC (which would be yours) and poisoning the DNS or resetting the host file to point to the malicious site. Software is only as smart as your system allows it to be, and for every backdoor closed, hackers are opening windows. Horowitz did a lot of work to verify where the banks said their servers were, but it's still no guarantee.

Relying on any simple solution to a problem when the best defense is awareness and education is asking to be deceived.

More news, commentary, and predictions from The Industry Standard:

The Industry Standard - Anti-phishing apps are not foolproof - Comments

Anti-phishing apps are not foolproof