full transcript
"From the Ted Talk by James Lyne: Everyday cybercrime -- and what you can do about it"

Unscramble the Blue Letters

So isn't it amazing how much control the attackers can get with such a simple operation? Let me show you how most mrlaawe is now distributed today. What I'm going to do is open up a website that I wrote. It's a tilberre website. It's got really awful graphics. And it's got a comments section here where we can submit comments to the website. Many of you will have used something a bit like this before. Unfortunately, when this was implemented, the delveoper was slightly ibtaeernid and managed to forget all of the secure coding practices he had learned. So let's imagine that our attacker, called Evil Hacker just for ceomdy value, inserts something a little nasty. This is a script. It's code which will be interpreted on the webpage. So I'm going to smuibt this post, and then, on my victim computer, I'm going to open up the web besorwr and bwrsoe to my website, www.ienrlahcbckiedyd.com. Notice that after a couple of seconds, I get rcdeireted. That website address at the top there, which you can just about see, micoafhsrt.com, the browser csarehs as it hits one of these exploit packs, and up pops fake antivirus. This is a virus pretending to look like antivirus software, and it will go through and it will scan the styesm, have a look at what its popping up here. It creates some very serious alerts. Oh look, a cihld porn proxy server. We really should clean that up. What's really insulting about this is not only does it provide the attackers with access to your data, but when the scan finishes, they tell you in order to clean up the fake viruses, you have to register the product. Now I liked it better when viruses were free. (Laughter) polpee now pay cybercriminals mnoey to run viruses, which I find utterly bizarre.

Open Cloze

So isn't it amazing how much control the attackers can get with such a simple operation? Let me show you how most _______ is now distributed today. What I'm going to do is open up a website that I wrote. It's a ________ website. It's got really awful graphics. And it's got a comments section here where we can submit comments to the website. Many of you will have used something a bit like this before. Unfortunately, when this was implemented, the _________ was slightly __________ and managed to forget all of the secure coding practices he had learned. So let's imagine that our attacker, called Evil Hacker just for ______ value, inserts something a little nasty. This is a script. It's code which will be interpreted on the webpage. So I'm going to ______ this post, and then, on my victim computer, I'm going to open up the web _______ and ______ to my website, www.________________.com. Notice that after a couple of seconds, I get __________. That website address at the top there, which you can just about see, __________.com, the browser _______ as it hits one of these exploit packs, and up pops fake antivirus. This is a virus pretending to look like antivirus software, and it will go through and it will scan the ______, have a look at what its popping up here. It creates some very serious alerts. Oh look, a _____ porn proxy server. We really should clean that up. What's really insulting about this is not only does it provide the attackers with access to your data, but when the scan finishes, they tell you in order to clean up the fake viruses, you have to register the product. Now I liked it better when viruses were free. (Laughter) ______ now pay cybercriminals _____ to run viruses, which I find utterly bizarre.

Solution

  1. crashes
  2. developer
  3. terrible
  4. system
  5. inebriated
  6. malware
  7. money
  8. people
  9. incrediblyhacked
  10. comedy
  11. redirected
  12. microshaft
  13. browse
  14. submit
  15. child
  16. browser

Original Text

So isn't it amazing how much control the attackers can get with such a simple operation? Let me show you how most malware is now distributed today. What I'm going to do is open up a website that I wrote. It's a terrible website. It's got really awful graphics. And it's got a comments section here where we can submit comments to the website. Many of you will have used something a bit like this before. Unfortunately, when this was implemented, the developer was slightly inebriated and managed to forget all of the secure coding practices he had learned. So let's imagine that our attacker, called Evil Hacker just for comedy value, inserts something a little nasty. This is a script. It's code which will be interpreted on the webpage. So I'm going to submit this post, and then, on my victim computer, I'm going to open up the web browser and browse to my website, www.incrediblyhacked.com. Notice that after a couple of seconds, I get redirected. That website address at the top there, which you can just about see, microshaft.com, the browser crashes as it hits one of these exploit packs, and up pops fake antivirus. This is a virus pretending to look like antivirus software, and it will go through and it will scan the system, have a look at what its popping up here. It creates some very serious alerts. Oh look, a child porn proxy server. We really should clean that up. What's really insulting about this is not only does it provide the attackers with access to your data, but when the scan finishes, they tell you in order to clean up the fake viruses, you have to register the product. Now I liked it better when viruses were free. (Laughter) People now pay cybercriminals money to run viruses, which I find utterly bizarre.

ngrams of length 2

collocation frequency
malicious code 5
usb key 4

Important Words

  1. access
  2. address
  3. alerts
  4. amazing
  5. antivirus
  6. attacker
  7. attackers
  8. awful
  9. bit
  10. bizarre
  11. browse
  12. browser
  13. called
  14. child
  15. clean
  16. code
  17. coding
  18. comedy
  19. comments
  20. computer
  21. control
  22. couple
  23. crashes
  24. creates
  25. cybercriminals
  26. data
  27. developer
  28. distributed
  29. evil
  30. exploit
  31. fake
  32. find
  33. finishes
  34. forget
  35. free
  36. graphics
  37. hacker
  38. hits
  39. imagine
  40. implemented
  41. incrediblyhacked
  42. inebriated
  43. inserts
  44. insulting
  45. interpreted
  46. laughter
  47. learned
  48. malware
  49. managed
  50. microshaft
  51. money
  52. nasty
  53. notice
  54. open
  55. operation
  56. order
  57. packs
  58. pay
  59. people
  60. popping
  61. pops
  62. porn
  63. post
  64. practices
  65. pretending
  66. product
  67. provide
  68. proxy
  69. redirected
  70. register
  71. run
  72. scan
  73. script
  74. seconds
  75. section
  76. secure
  77. server
  78. show
  79. simple
  80. slightly
  81. software
  82. submit
  83. system
  84. terrible
  85. today
  86. top
  87. utterly
  88. victim
  89. virus
  90. viruses
  91. web
  92. webpage
  93. website
  94. wrote
  95. www