Wikipedia talk:WikiProject Computer Security/Archive 2

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Archive 1 Archive 2 Archive 3 Archive 4

LoA

I am currently on LoA until I complete the Rifle Range. Sephiroth storm (talk) 02:51, 6 January 2009 (UTC)

let me know if there's anything in particular I can lend a hand with. I'm only a couple months in as far as wiki is concerned, so I can't write any bots or anything, but if there's any grunt work to do, just drop a message on my talk page. Ched (talk) 01:43, 19 January 2009 (UTC)

How to Join

How do I join the WikiProject?

Securityadvisor - Talk | Contribs 00:18, 23 January 2009 (UTC)

Securityadvisor, I think you just add yourself to the list of participants on the project page, and get to work! I intend on going through the list of work items on the project page, and adding some articles when I can. This is my first active involvement in a project, but I think I can be a great help! Although I see there hasn't been much activity on this project for a while, no? Abs0lutZ3RO (talk) 04:08, 27 January 2009 (UTC)

Actually, this project is very active! We are about to start with monthly tasks, which members can assign to themselves. As far as membership in the project, yes, Add your name to the project list and start working on our articles.Sephiroth storm (talk) 21:51, 29 January 2009 (UTC)

Notes on Computer Security Categories

The current subcategories of Computer security seem somewhat ad hoc. Let's discuss a more systematic approach that will allow us to determine missing articles.

Here is the strawman draft framework to more general categories, and how existing subcategories map (in italic font):

  • Dimension 1: 'Where' - this top-level subcategory is related to the areas of computer security
    • Software
      • Operating system security
    • Hardware
    • Network
      • Computer network security
    • Information
      • Data security
      • Internet privacy (privacy does not belong to computer security in the strict sense)
    • Social
  • Dimension 2: 'When' - this top level subcategory is related to various processes related to computer security
    • Development
    • Acquisition
    • Governance
    • Operations
      • Controls
        • Access control
        • Authentication methods
        • Cryptography
        • End-to-end security (this subcategory should be removed and merged with others)
        • Identity management systems (this subcategory is very similar to authentication methods)
      • Incident response
        • Computer forensics
        • Computer security procedures/Information technology audit
    • Assurance
    • Research
      • Computer security models
    • History
  • Dimension 3: 'How' - this top-level subcategory is related to various approaches to computer security
    • Regulation
    • Standards
      • Computer security procedures/computer security standards
    • Education
    • Certification and Accredication
      • Computer security procedures/computer security qualifications
      • Computer security procedures/computer security accreditations
    • Computer security tools
      • Security software
    • Exploitation/Hacking
      • Hacking
      • Security exploits
  • Dimension 4: 'Who" - this top level category is related to people and organizations involved in computer security
    • Computer security organizations
    • People associated with computer security
    • Security software companies
-- Equilibrioception (talk) 04:29, 31 January 2009 (UTC)

More Notes on Computer Security Categories

I agree that the categories need a lot of work. Here's a list I put together from "out of the box" (my memory, and some extreme lateral thinking) of things that relate to Threats to Authentication Procedures and Data. The main problem with "categories" is that security people like them, and hackers ignore them - and there's quite a few places where classes of hacker-tricks simply don't fit neatly inside existing categories or analogies.

Background

There is a bewildering array of tricks, techniques, and technologies that exist to steal passwords, attack password systems, and circumvent authentication security.

The List

Here is the list:


  • 1. Confidence Tricks

    • 1.1. Phishing emails
      • 1.1.1. to lure victims to spoof sites
      • 1.1.2. to lure victims into installing malicious code
      • 1.1.3. to lure victims towards O/S vulnerabilities to inject malicious code
      • 1.1.4. to lure victims into revealing information directly via reply or via embedded FORMS within the email
    • 1.2. telephone phishing
      • 1.2.1. to directly extract auth info
      • 1.2.2. to direct victim to spoof site
    • 1.3. person-to-person phishing / situation engineering
      • 1.3.1. to directly extract auth info (ask)
      • 1.3.2. to direct victim to spoof site
      • 1.3.3. shoulder surfing (aka 4.5.2)
      • 1.3.4. physical attack of user - see 4.7
      • 1.3.5. physical attack of user resources (eg: computer theft)
      • 1.3.6. physical attack of server resources (eg: server/hosting-facility compromise)
    • 1.4. typographic attacks
      • 1.4.1. purpose: spoofing (eg: paypa1.com - using a number 1 for a little L)
      • 1.4.2. purpose: direct download of malicious code
      • 1.4.3. purpose: browser exploit injection
    • 1.5. online phishing
      • 1.5.1. pop-up/pop-behind windows to spoof sites
      • 1.5.2. floating <DIV> or similar elements (eg: emulating an entire browser UI)


  • 2. Remote Technical Tricks

    • 2.1. spoof techniques
      • 2.1.1. vanilla fake look-alike spoof web sites
      • 2.1.2. CGI proxied look-alike web site (server CGI talks to real site in real time - "man in the middle attack")
      • 2.1.3. popup windows hiding the address bar (3.4.1/3.4.2)
      • 2.1.4. <DIV> simulated browsers (1.5.2)
    • 2.2. iframe exploits (eg: 1.5.1/1.1.3) (spammers buy iframes to launch 1.5 and 1.4 attacks)
    • 2.3. p2p filesharing publication of products modified to remove/limit protection - PGP, IE7, Mozilla, ...
    • 2.4. DNS poisoning (causes correct URL to go to spoof server)
    • 2.4.1 client "hosts" file modification
    • 2.4.2 ISP's DNS servers compromised
    • 2.5. traffic sniffing (eg: at ISP, telco, WiFi, LAN, phone tap...)
    • 2.6. proxy poisoning (correct URL returns incorrect HTML)
    • 2.7. browser exploits (correct URL returns incorrect HTML)
    • 2.8. targeted proxy attack
      • 2.8.1. directs to vanilla spoof web site (2.1.1)
      • 2.8.2. uses CGI re-writing to proxy legitimate site (eg: convert HTTPS into HTTP to activate traffic sniffing) (2.1.2)
      • 2.8.3 activates 5.7
    • 2.9. Authorized exploitation - see 3.5.
    • 2.10. Exploiting outdated technology - eg: old browsers allowing frames from site A to read content in site B.
    • 2.11. undismissable download dialogues (eg: active-X) - see 3.3


  • 3. Local Technical Tricks

    • 3.2. Software vulnerabilities (aka exploits - eg - 1.1.3)
      • 3.1.1. Known
      • 3.1.2. Unknown
    • 3.2. Browser "toolbars" (grant unrestricted DOM access to SSL data)
    • 3.3. Trojans
      • 3.3.1. Standalone modified/hacked legitimate products (eg: PGP or a MSIE7) with inbuilt protection removed/modified.
      • 3.3.2. Bogus products (eg: the anti-spyware tools manufactured by the Russian spam gangs)
      • 3.3.3. Legitimate products with deliberate secret functionality (eg: warez keygens, sony/CD-Rom music piracy-block addins)
      • 3.3.4. Backdoors (activate remote control and 3.4.1/3.4.2)
    • 3.4. Viruses
      • 3.4.1. General - keyloggers, mouse/screen snapshotters
      • 3.4.2. Targeted - specifically designed for certain victim sites (eg paypal/net banking) or certain victim actions (eg: password entry, detecting typed credit card numbers)
    • 3.5. Authorized exploitation
      • 3.5.1. An authority (eg: Microsoft WPA/GA, Police, ISP, MSS, FBI, CIA, MI5, Feds...) Engineers "legitimately" signed & authenticated Trojan/Viral software to be shipped down the wire (eg: during "Windows Update") to victim PC
      • 3.5.2. Privileged persons (eg government, company staff, datacenter staff, hackers) "legitimately" compromise servers or steal secrets serverside.
    • 3.6. Visual tricks
      • 3.6.1. browser address bar spoofing
      • 3.6.2. address bar hiding
    • 3.7. Hardware attacks
      • 3.7.1. keylogger devices
      • 3.7.2. TEMPEST
      • 3.7.3. malicious hardware modification (token mods, token substitution, auth device substitution/emulation/etc)
    • 3.8. Carnivore, DCS1000, Altivore, NetMap, Echelon, Magic Lantern, RIPA, SORM... see 3.5


  • 4. Victim Mistakes

    • 4.1. writing down passwords
    • 4.2. telling people passwords
      • 4.2.1. deliberately (eg: friends/family)
      • 4.2.2. under duress (see 4.7)
    • 4.3. picking weak passwords
    • 4.4. using same passwords in more than one place
    • 4.5. inattentiveness when entering passwords
      • 4.5.1. not checking "https" and padlock and URL
      • 4.5.2. not preventing shoulder surfing
    • 4.6. permitting accounts to be "borrowed"
    • 4.7. physical attack (getting mugged)
      • 4.7.1. to steal auth info
      • 4.7.2. to acquire active session
      • 4.7.3. to force victim to take action (eg: xfer money)
    • 4.8. allowing weak lost-password "questions"/procedures
    • 4.9. people using outdated older technology (see 2.10)


  • 5. Implementation Oversights

    • 5.1. back button
    • 5.2. lost password procedures
    • 5.3. confidence tricks against site (as opposed to user)
    • 5.4. insecure cookies (non-SSL session usage)
    • 5.5. identity theft? site trusts user's lies about identity - see 7.1
    • 5.6. trusting form data
    • 5.7. accepting auth info over NON-SSL (eg: forgetting to check $ENV{HTTPS} is 'on' when performing CGI password checks)
    • 5.8. allowing weak lost-password "questions"/procedures
    • 5.9. replay
    • 5.10. robot exclusion (eg: block mass password guessing)
    • 5.11. geographical exclusion (eg: block logins from Korea)
    • 6.12. user re-identification - eg - "We've never seen you using Mozilla before"
    • 6.13. site-to-user authentication
    • 6.14. allowing users to "remember" auth info in browser (permits local attacks by unauthorised users)
    • 6.15. blocking users from being allowed to "remember" auth info in browser (facilitates spoofing / keyloggers)
    • 6.16. using cookies (may permit local attacks by unauthorised users)
    • 6.17. not using cookies (blocks site from identifying malicious activity or closing co-compromised accounts)
    • 6.18. preventing foreign script in web site context (eg: cookie theft, bogus injected login screens on live site, etc) - also called Cros-Site-Scripting or XSS
    • 6.19. input data sanitization. eg: someone typing this in a "name" input box: <script>alert(document.cookie)</script>
    • 6.20. output data sanitization. eg: allowing this to be printed in a form value= field without escaping the quotes ' onclick='alert(document.cookie)
    • 6.21. cryptographic oversights - using time() or rand() or pseudo-random functions to generate cookies or IDs or session keys (all can be esaily guessed)
    • 6.22. sessions: omitting key protection (eg: using serial integers when generating session keys/cookies/etc)
    • 6.23. data: omitting key protection (eg: using unprotected database key ID's in hidden <form> elements)
    • 6.24. ? XmlHttpRequests - might allow XSS or browser-based spoofing via proxy
    • 6.25. ? Other crypto attacks on implimentations


  • 6. Denial of Service attacks

    • 6.1. deliberate failed logins to lock victim out of account
    • 6.2. deliberate failed logins to acquire out-of-channel subsequent access (eg: password resets)


  • 7. Enrollment attacks

    • 7.1. Deliberate wrongdoer creates new set of credentials (eg: via identity theft)
    • 7.2. Identity squatters "register" your name/nickname/persona prior to you.


  • 8. Please contribute to this document! (click the "edit" button above)


203.206.137.129 (talk) 03:08, 9 March 2009 (UTC)

Notes on Terminology

The current emergent term for 'Computer Security' is 'Cybersecurity'. For example, there is DHS National Cybersecurity Division. 'Cyberspace' is considered part of US National Critical Infrastructure, see [National Strategy to Secure Cyberspace]. This document uses the term 'cybersecurity'. See also [Obama Unveils Cybersecurity agenda]. Wikipedia already has a redirect link for 'Cybersecurity', as a synonym for "Computer Security'.

There are three related areas:

  • Security
  • Privacy
  • Safety

Currently one of the subcategories for 'Computer Security' is "Internet Privacy'. This is incorrect. However, our project can make a decision to include 'Privacy' and 'Safety' into the scope of the project. This makes sense, as many of the approaches are quite similar.

-- Equilibrioception (talk) 04:29, 31 January 2009 (UTC)

so are you suggesting that we open our scope to all articles dealing with privacy issues? I can see how this can work, articles like Peer guardian privacy software would fall under. Can you identify these categories and place them here? Sephiroth storm (talk) 20:37, 16 February 2009 (UTC)

Tagging Computer Security articles

Hi, I added a 'Computer Security' tag to Talk:Cyberspace. I've noticed, that there are many articles are tagged as

   {{WikiProject Computing|class=Start|importance=|security=yes|security-importance=High}}

where there is an additional parameter "security=yes". See for example Talk:Access control. Shall we convert such articles to the new 'Computer Security' tag ? I believe, it is a good idea to use 'Computer Security' tag, because this will simplify management of the lists of articles for our project. Does anyone know an automated way of doing this ?

-- Equilibrioception (talk) 05:48, 31 January 2009 (UTC)
Yes, Tinucherian has a bot that can assist us, what we have to do is get a list of all the relevant categories that fall under our scope. Once we do that, then we can ask Tinu to send his bot through to tag each of the articles. Would anyone like to assist on this? Sephiroth storm (talk) 20:34, 16 February 2009 (UTC)
Currently we have two category spaces in Computer Security: Computer Security and Information articles and Computer Security Articles. The tag in the Computer Security Project places articles into the Computer Security Category. I have added a temporary table to the project to show statistics for Computer Security. I suggest we consolidate the two spaces asap.
-- Equilibrioception (talk) 19:30, 23 February 2009 (UTC)

Awards

I will try to award members with Barnstars as I see their contributions to Computer Security articles. if an editor shows a desire for such, I also have no problem recommending some of our editors for adminship, if they show the capacity for such. In any case our first award was given today to TechOutsider for his work on the Malwarebytes article, bringing it from deletion review to start class article! Thank You for your service! Sephiroth storm (talk) 20:34, 16 February 2009 (UTC)

List of trojan horses

Look at that article; it's a mess.

  • Which vendor's detections are we relying on? As I stated earlier, Vendor "A" can have completely different detections from Vendors "B" and "C". Are we going by Symantec's classification? Kaspersky? NOD32? Avira?????!!!!!!!
  • Continuing on that point: Today's polymorphic viruses can contain many characteristics of several different kinds of malware. Take conflicker. It's a worm first of all; it attacks network shares. It also is an exploit; it exploits a vulnerability in the server service. It also does a host of other "bad" things, such as modify the hosts files, etc. etc. A "bad" hacker could easily obtain a copy of Confliker (I did too), and modify it to his pleasing, maybe adding rootkit like abilities. Then, there would be at least 3 classifications ... Vendors "A" saying rootkit, "B" saying exploit, and "C" saying conflicker.

This list of pointless unless we reach a consensus on who's definition to trust. Or, we could cross reference the detections ... however AV-test has already done that here

The above is not just theoretical; it's real. I have ran across a plethora of malware samples that overlap categories and vendors disagreeing over detections.

  • Also, what do we do about generic detections? Are they of importance? They can be used to detect a plethora of malware as well, not just trojans.

We must reach a consensus on the above; otherwise I see good reason to delete this pointless article. And that's considering the "imperfect" clause at the beginning of the article. Thanks for hearing me out. I apologize for the tone; I am not angry. TechOutsider (talk) 03:37, 21 February 2009 (UTC)Techoutsdier

Anyone is free to comment on this, un/fortunatly, I am off to take some IT Training/testing, I will be back on March 1st, I'll imput my Ideas to everyone elses. Wish me luck. Sephiroth storm (talk) 05:25, 22 February 2009 (UTC)

Tips for a wiki noob?

Hi everyone,

After a slight disagreement with TechOutsider regarding the Kaspersky Internet Security article, I came across this project via their talk page. I would like to start improving the quality of various security related articles (sorting out Kaspersky Internet Security first of all, as my first edits didn't seem to help) as CS is my area of expertise (as an independent malware researcher) and was wondering how best it is to start rewriting articles that are quite severely out of date of contain bias/inadvertent advertising which may have been introduced, and finally how can I join the WikiProject Computer Security?

Any links or general advice appreciated.

Thank you! Jamshud (talk) 22:49, 13 March 2009 (UTC)

Heads up

I just tagged GhostNet with your project. (currently featured on the Main Page) APK thinks he's ready for his closeup 09:39, 29 March 2009 (UTC)


Conficker

Hey all, haven't been around recently, working on lots of stuff. anyway, I was looking at the Conficker warticle, and I think we can and should upgrade the article class. Article appears to meet C class with a casual glance. Thoughts? Sephiroth storm (talk) 12:04, 31 March 2009 (UTC)

Is the "Cyber War" between US and China in 2001 notable?

Right now I'm trying to improve the Honker Union article, and it appears that this hacker group's biggest handy work, which is reported by CNN and BBC at April-May 2001, is not mentioned in Wikipedia.

Here is some the background of the incident.[1][2]

Thanks for the feedback in advance. Jim101 (talk) 16:39, 2 April 2009 (UTC)

Hi Jim, I would suggest adding a section to the current Honker Union article, unless you find more reliabe sources that contribute more content for an article, I would advise agaist a new artile that would be relativly short. Sephiroth storm (talk) 13:15, 3 April 2009 (UTC)
Okay. Jim101 (talk) 13:47, 3 April 2009 (UTC)

Request for images...

I have been working intensively on the Rogue software article and I desperately need some images of rogue programs. If anyone has some that can be uploaded for use I would greatly appreciate it. Otherwise, I will have to start infecting my virtual machine to make some of my own images and I really would rather not do that right now, unless I have to. Thanks in advance.PedroDaGr8 (talk) 17:38, 19 April 2009 (UTC)

Ugh, I have been trying my butt off to get infected with a rogue security app and just can't do it. So can anyone PLEASE help (either a link to one, please mung the link if you do i.e. hxxp or http://xxx.roguesite.com/ or with images of Rogue.PedroDaGr8 (talk) 23:36, 24 April 2009 (UTC)
It's fair use to use a screenshot of a software to describe the software, wherever you get the image from. Just avoid ones with watermarks and crop any unnecessary material. Just use Google Images or another image search engine. --HamburgerRadio (talk) 23:57, 26 April 2009 (UTC)

Hacker conferences

I have been looking at the Hacker conference article, and I think we need to expand this article. Many of the conferences are called both "Hacker conferences" and "Security conferences", i.e {Black Hat Briefings|Black Hat]] is advertised as a "Technical Security Conference". If we do want to include other conferences, we need to set standards for inclusion. Also, we may need to move the article, (I think I'm going to go ahead and do this) as I don't think some vendors will appreciate thier conferences being called hacker cons. Sephiroth storm (talk) 13:30, 23 April 2009 (UTC)

Donating material from website

I have a website I made a while ago [3], and when I heard that Geocities was shutting down[4], I wanted to give you Wikipedia guys a chance to copy out anything you wanted before it goes off the Internet.

I've lost control over the e-mail address listed on the site a while ago, so I can't update the site. I've always stated that "You may copy and use any of the information on this site as long as you give credit to the source." like it says on the bottom of the page, and that does include using under GFDL(any version) or CC-BY-SA(any version).

So basically take what you want from it before it's gone, taking into account that it's out of date in places. --ChrisLStubbs (talk) 05:38, 24 April 2009 (UTC)

Hello ChrisLStubbs. I'm sure we can't get all this information copied right away, but thank you for pointing this out to us. As further notice, an archive of your website is located here. We can use that if we'd like to use your site as a reference. Thank you for your contribution to the project! blurredpeace 17:39, 10 May 2009 (UTC)

Integration

I think it is high time we integrate these two projects WikiProject Malware and Computer and Information Security Task Force completely to one project and work for more featured articles --Naveenpf (talk) 14:31, 11 May 2009 (UTC)

Norton Internet Security as Feature Article

I have nominated Norton Internet Security as Feature Article. Feel free to add your reviews here: Wikipedia:Featured_article_candidates/Norton_Internet_Security/archive2 --Tyw7‍ ‍‍ (TalkContributions) Leading Innovations >>> 10:24, 4 June 2009 (UTC)

RfC started at WikiProject Computing

I've initiated an RfC concerning hierarchies and coordination of daugter projects at WikiProject Computing's talk page. I thought you all might wish to have a link to read the page and help gain a consensus that works for all. blurredpeace 11:48, 15 June 2009 (UTC)

LOD/MOD/Great Hacker War articles

I would like to bring these to the attention of the group. I know we have some great editors, if some of you could work on the referencing and POV issues in these articles, it would help. Sephiroth storm (talk) 07:09, 30 June 2009 (UTC)

Out of Control?

The project does not appear as though it is under control. The Discussion page needs a discussion page of its own. Entries in the page imply that there cannot be any NPOV, by reference to AV vendors. AV vendors, according to an article in Networking World eaerlier this year (that appeared to be based on interviews with "Security" vendors, stated that malware detection involves only about 20% of known malware. So, mentioning definitions, terms or categories that are used by a branded provider of AV would both limit content and eliminate any NPOV.

Also, the "Participants" entry of the article appears to be hosed. The subheading should be number 4, but number 4 contains only what looks like another subheading, which is number 5. The number 5 subheading is similar to "Participants".

FWIW, even if I knew how to roll the article back I wouldn't do it because there is an element of narcississm in the discussion page that I've seen in Wikipedia before. It is characterized by authors making entries without regard to what has been written. Remarking about a page being "a mess" is not helpful, neither it the use of mutiple exclamations and question marks. These things add hostility through the emotion they convey without improving understanding (in the case of discussion pages). Other examples, seen today, elsewhere in the computing-related articles include the "print-copy" use of profanity. Whether such words are literally spelled or not, they are expressions that are inappropriate. Using "print-copy" methods to express them is no different than profanity in a widely-spoken language. When the meaning is understood by someone, the sentiment is conveyed. If the meaning isn't understood it wastes space. --Kernel.package (talk) 17:55, 30 June 2009 (UTC)

WikiProject page fixes

I fixed the broken panel layout and the stats not updating. The navigation panel on the right side it not from our WikiProject (the entire page-layout was copy-pasted from Computing; this part simply hasn't been updated). Anybody up for that? --DanielPharos (talk) 11:16, 24 July 2009 (UTC)

Oh, forgot to mention: I activated archiving on this Talk page too. --DanielPharos (talk) 11:16, 24 July 2009 (UTC)

I have no idea how to do it. Sephiroth storm (talk) 22:51, 24 July 2009 (UTC)

The current panel is located here: Template:WPComputing sidebar Obviously, is the Computing one. We'll have to make a copy of it, and change it. I'll start doing that. --DanielPharos (talk) 11:32, 25 July 2009 (UTC)

Some input needed in Direct Revenue

Some IP editor is completely changing the point of view on the article Direct Revenue. On the other hand, some of the previous sources appear to fail WP:RS, are dead links, and the article was mostly WP:PROSELINE. I need some assistance on what to do with it. --HamburgerRadio (talk) 20:22, 12 August 2009 (UTC)

I don't have time to look at it more carefully right now, but you're right in that the edits do seem to favor Direct Revenue's case. I'd say: if the sources don't share this enthousiasm (and a Google-search indicates this probably isn't going to happen), revert the entire thing back to before the edits started. I see you already 'warned' the editor; if (s)he does it again, I guess we could ask an admin to semi-protect the page. (Also, glad to see you joined!) --DanielPharos (talk) 13:51, 13 August 2009 (UTC)

Black Hat Briefings

I was hoping we could see if we could add to this artcle, I thick we can defnatly add some material to it, Black Hat is almost always in the news when it comes around. I'll see what I can add tonight, but I have never been, so I would like to see a section on different events that go on. Sephiroth storm (talk) 19:07, 15 August 2009 (UTC)

Updated. I expanded the article, and attempted to add more NPOV, along with several third party references. I would appreciate someone taking a look. I upgraded the Class to C, but I really dont pay attention to the assessment scale. Sephiroth storm (talk) 20:49, 15 August 2009 (UTC)
I just did some random typo fixes. The article looks good. I've never been there myself, and am not up-to-date on this kind of current events, so I have no idea if all the important bits are there. Start- or C-class (depending on how much is missing, if any) seems about right. Maybe there are articles about specific exploits revealed on the conference, that we can link to? --DanielPharos (talk) 21:51, 15 August 2009 (UTC)
  • Side-note: CodeCon is up for deletion. Maybe that can be improved-to-keep in a similar fashion? --DanielPharos (talk) 21:53, 15 August 2009 (UTC)

External links

Hello, I would like to discuss how we should deal with external links. It's come up a few times and I would like to make sure I'm on the right track. A few cases that show what I'm considering:

Removing some news articles in addition to AV company sources. I think a well-written description from an expert in the field is a good link. Whereabouts should we draw the line on sources vs. spam links?

Is this a good application of WP:NOTHOWTO?

Does this fail WP:EL?

--HamburgerRadio (talk) 20:55, 25 August 2009 (UTC)

Koobface: If they really are 'sources', they should be inline cited, not added as a list below. So maybe some of them shouldn't be deleted, but integrated.
Bagle: Removing this is OK, IMO. The Rootkit page he's talking about in his edit summary is an exception, because it's about the difficulty to remove rootkits, not a specific rootkit. This section doesn't provide any information that's useful to know from an encyclopedian point of view.
Botnet: That website doesn't contain information at all, just a bunch of files. So IMO is does fail WP:EL. It's interesting, but not for Wikipedia. I'd remove it. --DanielPharos (talk) 13:18, 30 August 2009 (UTC)
Pretty much what I was thinking, and seems consistent with WP:EL too. I'll keep this in mind. --HamburgerRadio (talk) 16:13, 31 August 2009 (UTC)

List of computer viruses (all)

This list is confusing and repetitive. There is no way to edit it. It has no lead paragraph. The Table of Contents falls below the first list. I hope somebody will take care of it. I am marking it with an Expert Needed tag. Sincerely, GeorgeLouis (talk) 05:06, 30 August 2009 (UTC)

I have never seen that page, and I think it may need to be reviewed for content, much of it could probably be moved to List of computer viruses. Sephiroth storm (talk) 12:59, 30 August 2009 (UTC)
Couldn't be just nuke the entire thing (the categories are like this 'list', right?) and only keep a list of 'important'/'famous' viruses? Keeping a list of all viruses is the job of antivirus manufacturers, not Wikipedia. --DanielPharos (talk) 13:08, 30 August 2009 (UTC)
Personally, I agree, but there could be some notable ones in the list, I'd say add anyone that has an article already gets merged, the rest goes. Sephiroth storm (talk) 17:25, 30 August 2009 (UTC)

Social Engineering

Since when have we been calling criminals "social engineers" The proper term or label for those that invade the privacy, steal information with intent of using it for their gain is called "felony" not social engineering

Hello User:198.51.125.3 (talk), Welcome to wikipedia, and please sign your posts with 4 tildes(~). In answer to your question, The name likely came from the terms to describe the use of similar skills in the political and other areas, see Social engineering (political science) and Social engineering (security). As you can see from the above links, Social engineering is not always used for the purposes you described, and it is not always an illegal act. Thank you and welcome to Wikipedia. Sephiroth storm (talk) 13:23, 21 September 2009 (UTC)

New category created

Check out Category:Computer Security articles needing attention. And work on it! Sephiroth storm (talk) 23:36, 27 October 2009 (UTC)

Project banners

A few questions:

  1. Now that WikiProject Malware has been merged here, should remaining uses of {{WikiProject Malware}} be replaced with {{WikiProject Computer Security}}?
  2. Should the parameters for WikiProject Computer Security and the Computer and Information Security task force be merged in {{WikiProject Computing}}?
  3. This is at the project's discretion, of course, but why use a seperate banner when the appropriate parameters in {{WikiProject Computing}} can do the same job?

Regards. PC78 (talk) 13:55, 1 December 2009 (UTC)

1: Yes. Is there a way to do that automatically?
2: Yes. Well, merge... removing the Computer and Information Security is preferred (and switching over whatever articles that are still using it), I think.
3: Don't know. It was like that when I got here! :D --DanielPharos (talk) 17:43, 2 December 2009 (UTC)
1. Yes, yes, A bot can do it, but if I remember correctly, we need a complete (as possible) list of all categories under Malware and CCISTF, so the bot can go through and replace the templates.
2.Yes.
3.If you are talking just about the banners, I think there may be some topics that more refer to information security rather than computer security. Rather than splitting hairs, I think its better to just use a separate banner. Besides. Ours looks cooler. Sephiroth storm (talk) 14:35, 5 December 2009 (UTC)
I've already sorted #2, and I believe Tothwolf has taken care of #1. Regards. PC78 (talk) 14:46, 5 December 2009 (UTC)
Articles from the WikiProject Computing/Computer and Information Security task force and WikiProject Malware should now all be part of WikiProject Computer Security. I've redirected {{WikiProject Malware}} to {{WikiProject Computer Security}} and replaced {{WikiProject Malware}} with {{WikiProject Computer Security}} as I came across transclusions.
{{WikiProject Computer Security}} should not be replaced with {{WikiProject Computing}} using taskforce parameters. {{WikiProject Computing}} is currently a nightmare and is confusing for people to use. After spending so much time digging through this mess I fully intend to phase out most of the parameters in favour of individual project banner templates as I sort through the categories and continue to clean up this huge mess. --Tothwolf (talk) 17:32, 8 December 2009 (UTC)
Good job Tothwolf. Sephiroth storm (talk) 14:12, 9 December 2009 (UTC)