The buggers now targetting data security professors?
 

Jean-Jacques Quisquater (allegedly) has had [URL="http://www.lalibre.be/actu/cyber/le-genie-belge-du-cryptage-espionne-par-la-nsa-52ec94893570d7514c2e7bba"]malware of NSA/GCHQ origin [/URL]installed on his machine.

If you don't know who JJQ is, Google and/or Wikipedia is your friend.

[QUOTE=xilman;366104]Jean-Jacques Quisquater (allegedly) has had [URL="http://www.lalibre.be/actu/cyber/le-genie-belge-du-cryptage-espionne-par-la-nsa-52ec94893570d7514c2e7bba"]malware of NSA/GCHQ origin [/URL]installed on his machine.

If you don't know who JJQ is, Google and/or Wikipedia is your friend.[/QUOTE]

More.....
[url]http://www.techweekeurope.co.uk/news/quisquater-nsa-gchq-malware-attacks-137990[/url]

[QUOTE=kladner;366115]More.....
[url]http://www.techweekeurope.co.uk/news/quisquater-nsa-gchq-malware-attacks-137990[/url][/QUOTE]
Sounds like JJQ simply fell prey to a run-of-the-mill phish:
[quote]t’s understood [Quisqauter's] machine was infected in September 2013 after he clicked on a fake LinkedIn request over email, leading to malware infecting his PC, allowing the attackers to scoop up his metadata.[/quote]

It never ceases to amaze/dismay me how many otherwise-very-knowledgeable people still haven't learned (or learned to make habitual) the simple anti-phishing expedient of "hover cursor over link and examine url before clicking anything".

But, hey, it happens - no need to go invoking grand government conspiracies (which is not to say such do not exist). Paul, your beloved "never ascribe to malice" aphorism comes to mind, although in this case substituting "lapse in judgment" for "incompetence".

[QUOTE=ewmayer;366150]It never ceases to amaze/dismay me how many otherwise-very-knowledgeable people still haven't learned (or learned to make habitual) the simple anti-phishing expedient of "hover cursor over link and examine url before clicking anything".[/QUOTE]JavaScript took care of that by faking the status bar text so the user never knows where the real link goes unless they carefully examine the source (or, more sensibly, disabled JS (why does the latest FF make so difficult for ordinary users to disable JS? FFS!)).

[QUOTE=retina;366164]JavaScript took care of that by faking the status bar text so the user never knows where the real link goes unless they carefully examine the source (or, more sensibly, disabled JS (why does the latest FF make so difficult for ordinary users to disable JS? FFS!)).[/QUOTE]
Does the above JS exploit also allow spoofing of link hovertext?

Your frustration with FF sounds distressingly par for the course of late ... I've frozen my FF at version 22 - after Mozilla force-enabled image display in v23 I decided I'd rather not have any more of their "latest innovations", thanks very much. Dunno if FF has changed w.r.to JS, but I continue to be quite happy with the NoScript add-on.

Mind you, most phish-mail I view using Apple Mail, but I've yet to come across a suspect message (e.g. which has been junked by the mail client, more rarely but also a-priori-obviously it ends up in my Inbox but is from a spoofed BigCorp I am not even a customer of) whose links appear to be legit but which does not also have the language typical of a legit mail, i.e. "You may log in to your account to view more details and take the required actions."

Paul, you wouldn't happen to know JJQ personally, would you? I'd love to peruse a copy of the mail which snared him.

[QUOTE=ewmayer;366172]Does the above JS exploit also allow spoofing of link hovertext?[/QUOTE]Link hover text (if you mean what I think you mean) is the [u]alt[/u] tag which can be any arbitrary text the sender wants to make it. But to answer your question, yes, JS can also alter this afterwards. In fact JS can rewrite the entire page if it desires and change any tag, text or link to something else. JS is both powerful and dangerous.

As well as the danger of clicking something which isn't what it seems, there is also the very real danger of performing a mouse click when this is unintended, perhaps while hovering the cursor over a link to investigate it as Ernst describes, whether or not the destination of the link has been faked as described by Retina. This was brought home to me a few days ago when using Firefox on a laptop with a built-in mouse pad. I was quite alarmed to notice that if I inadvertently applied a sudden light pressure with my finger on the mouse pad (which I am used to using to position the cursor), it would be interpreted as a mouse click (which I am normally used to performing with the buttons below the pad). Quite insidious!

I have yet to encounter a built-in laptop pointing device which I like. I find touch pads particularly irritating. However, the ones I have dealt with, IIRC, could disable tap-to-click.

The Latitudes E6(?)xx (those which have all 4 devices, including the IBM's "electronic clitoris") can do that, you can disable any of the devices, or any of the functions, and they have functional key to do that. I have one from the company, quite nice when you type.

[QUOTE=LaurV;366200]... the intel's "electronic clitoris"[/QUOTE]I had to look this up because I couldn't find anything related to Intel. I know the Thinkpads have it and HP also, but are you sure that Intel makes these?

A link for those curious: [url]https://en.wikipedia.org/wiki/Pointing_stick[/url]

IMB. Sorry. Hurry. Not intel. :redface:

[edit: exactly, the one you linked, although someone needs to read the page [URL="http://en.wikipedia.org/wiki/Pointing_stick#Informal_names"]up to the end[/URL], to get the point(ing)]