Thursday, April 5, 2012

Speaking of wisdom...

In a recent post I discussed the difference between data, information, knowledge, and wisdom. And because we use tools that are primitive, we certainly need a lot of wisdom.

For example, let's say that I hate peanut butter ice cream, and that I therefore go to a web page with the title "Do you hate peanut butter ice cream?" The page includes numerous mentions of peanut butter ice cream, along with all of the reasons why we should hate it.

If that page happens to host advertisements - guess what product is likely to be advertised on that page?

Despite the knowledge that the advertisement pertains to the topic at hand, I need to have the wisdom to know that I would not be interested in the item being advertised.

Lewis Cunningham recently shared another example in which wisdom is required. One potential threat to Internet users (does anyone say "web surfers" any more?) is the possibility of ending up at a malware site masquerading as another site. You might think that you're looking at pictures of cute puppies, or going to a special security page at your favorite bank, or getting ready to look at hot pictures of Betty White, but instead you are redirected to a malware or phishing site or a site that shows hot pictures of Abe Vigoda.

Well, most modern web browsers are designed to protect you from such misdirections, and Cunningham received some helpful advice when he tried to navigate to a secure (https) page on a blog on the sun.com domain.

His browser warned him that the site was trying to redirect him from blogs.sun.com, and warned him of the possible consequences.

An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of blogs.sun.com. You should not proceed.

This warning was followed by two buttons - one labeled "Proceed anyway," and the other labeled "Back to safety." And just in case the paragraph of text was not explanatory enough, Cunningham could click on the text "Help me understand" to get a more thorough explanation of the disaster that was about to befall him.

The warning itself contained the domain of the potential target site - the one to which Cunningham was being redirected. As far as the browser was concerned, this site bore no relation to blogs.sun.com - hence the browser's dire warnings.

As you have probably already guessed, Cunningham was being routed from blogs.sun.com to a site in the domain *.oracle.com.

I'd be willing to say that 85% of North Americans and Europeans, and a majority of computer users in other parts of the world, had the wisdom to click "Proceed anyway," knowing that Oracle acquired Sun several years ago, and that companies often retire the domain names of companies that they acquire.

Incidentally, using my own web browser, I tried going to http://blogs.sun.com/ (note that I used http, not https) and got an error of my own:

There is a problem with this website's security certificate.

The security certificate presented by this website was issued for a different website's address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website.
Click here to close this webpage.
Continue to this website (not recommended).
More information


Unfortunately, my web browser's message neglected to state the "different website's address" to which the security certificate belonged.

Scary.
blog comments powered by Disqus