In terms of network security precautions, I always believed in a principle - as long as the user security awareness is strong enough, the hacker is difficult to have an opportunity, and this sense of security, but also stronger than any one antivirus software .
Because I am a computer security background, so I think that their security awareness is good, and I am in the process of teaching undergraduate in, will also teach many of these some awareness to everyone, including my actual combat experience, but also I some detours traveled, it is hoped that the students themselves to avoid being attacked.
In fact, for us ordinary Internet users, in general it is quite difficult to come across in your personal attacks, the more we encounter every day in fact, some software companies in order to increase the installed capacity of their products, while using a series of induction installed trick. For example, I once taught in the second half of last year through our school sophomore "computer network" This course, which has submitted a job, I found an interesting case, I can share with you.
Our school has a special "network teaching platform", it usually homework is submitted here. When the teacher posted a job later, everyone can upload their own way of reporting, code, etc. uploaded to our platform, and then the teacher can get everyone's jobs package to download by the way. Which has one job, I was impressed, because a classmate had submitted such a document to me:
Because I asked you to submit test reports and source code files, but the job of the class file folder, but only to the students I submitted a file called "click-extracting .html" of. I feel after seeing very curious, so he double-click to open the file, then appeared the following interface:
In order to protect the privacy of the students here, I have to modify their Student ID name out. See this page, I feel very interesting, and instantly knew that the transmission of the disease, I think this page there are three places still doing quite tempting, we continue to break the psychological barrier, which is the first place the beginning of the body part:
The resources here that uses the "ultra-high compression ratio" compression, and software I installed "Can not decompress", you need to download the appropriate "Web plug-in" of resources "immediate recovery." On the one hand, this sentence is to emphasize my outdated software, is the latest technology it uses, the use of people's curiosity for new things or new technologies, to induce us to install. Second, it claims to be merely a "web plug-in" to prove that they are harmless, and thus dispel our concerns. In order to view the compressed content package as soon as possible, then the likelihood of users is bound to really install this so-called "plug-in" a.
Then the second place, that is red at the top right of the stamp:
We all know that 360 is of a well-known security companies, there's "360 antivirus", "360 security guards" and other products, can be considered a household name. And here the use of a such a big red stamp, the purpose is to prevent further dispel everyone's psychological, so that everyone "peace of mind" to go to download. But in my opinion, there was a bit "admitting their guilt" flavor.
Remember ten years ago, when I go online to download the software, then, generally do not go to the official website to download, but through a search engine keyword, drained to the third-party site to download. At that time, these third parties specifically for our Web site to download the software, in order to show their non-toxic very pure, a row of icons will be listed next to the antivirus software or software download link profile, he said he has passed the detection of these software so rest assured download just fine. But in fact, these download sites offer, or contain viruses, Trojans ingredients, or to install a "family bucket" Here, leading to millions of people fooled. And we just this red stamp on this page, it does make me have a trace of feeling across.
The final third place is the middle of the page content:
In my situation at that time, for example, I ask you to submit source code files and file test report, and here indeed show the names of these two files. So according to common sense, in order to change my job, it will naturally fall into the trap, to download and install the so-called "plug-in" a.
Thus, this page is through a series of "then surgery", step by step, to dispel all defensiveness, so that the majority of users willingly to click on the huge "immediately restore and extract" button on:
But after clicking this button, the download dialog will pop up:
After downloading, get this file:
Here I personally do not judge this software, the only thing I can say is that in this download process, indeed there have been induced installation of components. You may wish to upload the installation file to VirusTotal to detect what:
Can be found in 73 engines, a total of 52 engine detects this file, and many manufacturers directly detect the name of the custom sample for KuziTui or KuaiZip, explained that this is not a false alarm, but these manufacturers is to killing the software. And in the "tinder safe" official website, still retained a historical analysis of the software version.
Analysis of the software on here, in fact, under our today's complex network environment, we as ordinary Internet users, or a lot of time to polish their own eyes. Cite a simple example, if we want to download the Google browser, using the search engine keyword search, the following results:
Can be found in the top three search results contains "advertisement" word, the result was fourth point to Google's official download site. For many users do not understand the reasons which, I believe will be very naturally choose one of three results before downloading it, especially the first result, but also with the Google icon in the browser, but point to go see, but not at such a thing:
Even so, I believe that many users will still click on the "download", so he took down download this file:
For this program, I do not do too much explanation. If you return to the search results into the second, the page is as follows:
You can see, this "dual-core browser" icon and Google browser is also quite like.
About induced by means of the installation I've ever met, this time to introduce here, we believe that with the development of the times, like this "psychological warfare" means still are endless, and I will continue to make a summary for everyone .
