I do tech support for a living, and of course my friends/family ask me about computer issues as well. However, I’m not quite familiar enough with networking to debunk the following probable Urban Legend which I have heard over the last two weeks from four unconnected sources:
Allegedly there’s a computer program available to “hackers”, but anyone who finds it can use it. What you do with this program is type in someone’s E-mail address. The program “backtraces” the e-mail address and can somehow tell if the person is on-line. If they are, it hooks your computer up to theirs (or in an alternate version starts spying on their computer). What it allegedly does is send you to the same websites that they’re going to, lets you see info typed into boxes (passwords and such), see what’s on their screen and so forth. The victim has no way of telling that he’s being spied on.
I strongly suspect that no such program exists, and if it did, it wouldn’t be able decrypt protected sites. When I pointed this out, I was told by one source that the purpose of the program is blackmail, not credit card swiping.
I heard about this mystery program about a year ago and didn’t believe it then, but it’s back now and I want some help in debunking it.
If you shop at Lands End site, you can get help from them through a program that puts your browsers webpage up on a terminal where the Lands End person can see. Then in a chatroom like box, the person at the other end can give suggestions on where to look for certain items.
Libraries are attempting to adapt this software for use in reference settings. However, it’s got a lot of bugs.
I don’t know if this is close to what you’re mentioning.
There are a couple of programs, Netbus and another who’s name escapes me at the moment, that do essentially what you’re talking about. However, they have to be started on your computer, usually through a trojan horse.
Well, out of curiousity, I tried a few tricks on my own e-mail address. I can’t finger myself (in the Internet sense, that is – I firmly decline to speculate on what senses this might be true), and in fact I can’t even do a whois on my node.
No doubt, there exist poorly-secured computers on which various people do have accounts (I average a UCE every other day, the majority of which have been routed through a system in New Zealand, Italy, or Resume Speed, Iowa). Equally, my computer, and many others, are quite secure.
First problem. The email address is not an address to a users computer. You might be able to backtrace to the ISP where the email account resides, but even that is iffy. Once they get to your ISP, they would have to have code running on the ISP server machine to see if you were logged in.
To connect to your computer, at the very least, they would have to obtain the IP address of your computer from your ISP, which means they would have to run another bit of code on the ISP server to match your login with your current IP. This software would then have to do something pretty darned tricky. It would have to ack as a sort of splitter / merger. It would have to take your output and split that to both the host site you were trying to visit and to the hacker’s machine. Then it would have to take the return data and do a similar thing, splitting it back to you and the hacker. Then the hacker’s machine would have to put the data from independent sockets back together… Again, the hacker has to somehow get this complex software running on the ISP machine undetected…
I agree that secure transactions would still be secure. Blackmail? What? Are they going to tell your Mom that you’ve been checking out internet porn sites if you don’t send them money? Doesn’t really make much sense to me. The majority of people on the web aren’t doing anything that they’d pay money to keep other people from knowing.
If I were a hacker, I wouldn’t waste my time figuring out how to spy on users, who are probably just looking at internet porn anyway, hoping to one day find something useful that I could blackmail someone with and risk exposure trying to claim my prize. It would be much easier and more productive to hack the service sites to steal credit card numbers and get free services…
All of the above is just my opinion and I apologize if I’ve insulted the intelligence of any hackers that may be listening in…
To manipulate someone’s computer, you need to know their IP address at that very moment, and they must be running some program which you can exploit. Most people use a dial-up account, which means their IP address is dynamic, not static. Therefore, it is different everytime they get online. But many IM programs like ICQ broadcast your IP address by default.
As SingleDad mentioned, hackers often get their needed exploit by sending you a trojan horse, typically through email. Keep your antivirus software up to date, download and install any security updates from your OS vendor, and run a personal firewall and you will be safe from most lamerz.
Let’s first define what we’re talking about. There are trojan horse programs like Back Orifice that could do what you described. Someone sends you a file that looks innocent enough. When you run it, it loads Back Orifice in the background and restarts everytime you reboot your machine. If Back Orifice is running, someone CAN access your computer and see what you are doing. Most anti-virus programs will alert you if this is the case.
Im pretty sure its not a lengend because a few months ago when they were flooding web sites, they did this by taking over several computers remotely & having them visit certain sites…it wasnt me.
Handy, what back oriface does, does not address the OP. Back oriface requires that the victim be running it (usually unknowingly.) The DoS attacks were done by exploting known weaknesses in the systems to allow the perps to remotely access the computer and place a daemon proccess to listen for a trigger command. When the trigger came, they would then execute a program also placed there for that purpose.
The OP seems to be a program that would be a combination TraceRoute/MAC address/Packet Sniffer program…probably do-able as long as one realizes that as pointed out earlier: A) If the user had connected PPP/SLIP the IP address would have changed. B) Encrypted data would still be unreadable, C) If it were using email addresses, would require a fair amount of user input to set up, since the email address is not always related to the computer getting the email. POP3 for instance, Narile@netscape.com is only going to return a netscape IP, not mine, since I don’t actually recieve network service from their systems.
There are a few other items that would make this fairly limited in its usability, so it might exist, but should be something to worry about.
It’s the name of one Loki’s kids (a wolf) in Norse mythology. When I was much younger, in my BBS days, I thought the name made me sound kewl. Now, I’m just used to it.
