Paid Advertising
web application security lab

A Funny Look Into Our Future

I was having our weekly cigar meeting with the local security guys when we stumbled across a pretty funny thought. There’s a pretty good paper put out by Cybersource about trends for 2008 in which it had a graph showing that as a percentage of online transactions fraud was dropping. Whoah! That’s not what I expected to hear. But then in closer examination that’s a red herring, because total fraud is still increasing at the same rate it always has. Not so good after-all, it just means consumer spending is out pacing the bad guys. That makes it worth being in the business of online retailing, but spending will eventually taper off with population growth.

The funny part of the story is what if all the consumers finally hit a tipping point where they just decided to go home and stop using the Internet completely? What if we just had bad guys trying to phish bad guys, and spammers just trying to spam other spammers? What would the Internet be when every page was a scam and every person on it was desperate for money because all the people who they wanted to scam went outside to go play in the grass? A funny thought! Hey, we were having cigars, sue us for getting a little off topic!

14 Responses to “A Funny Look Into Our Future”

  1. Jon A. Longoria Says:


    “What would the Internet be when every page was a scam and every person on it was desperate for money because all the people who they wanted to scam went outside to go play in the grass?”

    You mean there are still legitimate websites on the Internet? I need to step up my surfing more… hahaha

    Your thought steers me to vaguely recall the Course of Empire theory, where technology will over take us to the point we’ll be reduced to using primitive tools to function or in this case entertain ourselves. I mean, thats primarily what the Internet is at this point right? One giant, entertainment device?

  2. Awesome AnDrEw Says:

    What was in these cigars and do you have enough to share with the group, rsnake? Perhaps it’s a skewed view on the internet, but weren’t most consumer-driven services really created due to the necessity caused as a direct result of pornographic websites? It’s a cliché, but “the internet is for porn”.
    Now this could be misinformation on my part, and I won’t state such claims as fact, but I was told at one point that a major reason such services exist (credit-card payments, online “banking” and PayPal type websites) was really because of the prevalence of individuals paying for access to premium adult content. All of this aside I don’t ever foresee this scenario becoming a reality. I am quite interested however in what the future of the internet holds since it is still relatively in its infancy (I’m referring to the start of the World Wide Web, and not ARPANET).

  3. Duncan Says:

    Though this is a bit far-fetched, I could see a less extreme version of this happening. Right now something like 98% of the people on the web surf with js turned on globally, and a lot of sites out there are starting to make no more than a token nod to usability with js off, if they even have a no-js interface.

    I’ve been doing some research into XSS and CSRF vulnerabilities because I’ve been building a fairly rich interface for a web application, and I realized I just didn’t understand the security implications well enough to have any confidence at all that I wasn’t leaving big holes, and that no one else working on this did either (in the past I’ve done mostly server-side programming). I really hadn’t realized just how dangerous things have gotten. I’m looking at a lot of the sites I use with new eyes now- an awful lot of them look easily compromisable to me. I’ve also been talking to other developers that I know, many of whom work in pretty senior positions for good-sized companies, and realizing that they don’t understand this stuff well enough either.

    So, I’m surprised that there haven’t been more incidents than there have been, and I suspect that in the near future there might be a lot of them. If that happens you might see a lot of people just turning js off, choosing to surf very conservatively, etc. I’ve always been unwilling to do things like bank or pay bills online, or use services that held important data on other people’s machines, and I wonder if more people might start to feel that way if we see a rash of compromises in the near future, as seems likely.

    So, I wonder what the effect would be if a sizable percentage of people turned js completely off, started being very careful about what sites they visit, and what they do there, etc. I imagine it would put a crimp in a lot of people’s business models.

  4. ikonoklasm Says:

    Sounds like some post apocalyptic, Mad Max stuff. Now if we could just visually model this “spammers spamming spammers” phenomenon we might get a good movie out of it.

  5. Felstatsu Says:

    We could also take a step further, and assume that people come back inside after they finish playing in the grass, to find the internet filled with only the best scammers left. The ones who make sites that look more legit than the actual legit sites, driven to this level of skill by having to spend so long scamming other scammers.

    Would people start learning more about web security and keeping their information safe if there was this break from the net for them, only to come back and find the internet filled with legit looking scams?

    Going back a bit in the example, what sort of new techniques would we see arise from this net of scams?

    While certainly fantasy, it’s not really off-topic unless you’re meeting was supposed to talk about a certain topic, and it does make you think about new things, like considering what new techniques would come up.

  6. Joe Says:

    I think we as serverside admins would just gather up and fight till there is nothing worth fighting for anymore.
    Its the simple mafia principle You hit us, we hit YOU.
    Concluding we will definitly see some online wars the future where Scammers try to scam and the Buisinesses kick the scammer asses =).
    And it all comes down to the browser anyway, take it away and your free to do whatever.
    Building a Sandbox is an easy thing considering your customers are downloading your product in order to securely enter their sites…. I’d do it.
    Sure then the main priority of spammers would be to actually hack the user in order to interfere with secure connections comming from those applications, resulting in rapid dying of the script kiddies and therefore a dropping in the number of Scammers overall.

    but anyway noone just “stops using the internet” … unless he got raped on it…

  7. RSnake Says:

    Is that the answer? Do we need to start raping spammers, phishers, malware writers and general miscreants?

  8. Joe Says:

    I thing the question is: “why aren’t we already” ?

  9. RSnake Says:

    Are you volunteering for rape duty?

  10. Joe Says:

    well of course i meant it in a more metaphorical way, but just imagine that at a certain point webmasters are fed up with an attacker and therefore decide to hack the hacker…

    Now i know its very hard to identify the attacker but it can be done. Once you did that you are sending the brutal force of your clustered data warehouse down on him just because he has attacked you too.

    Just because its “virtual” warfare the topic is not “as hot as it should be” and therefore not punished enough.

    Comming to the spammers, what if i dont know.. gmx or some Mailhoster has found out who is spamming their network and thus attacking the Spammers with Spam ( the full wrath of all their mailservers)?

    Credit Card thiefs:

    find out who they are and use their credit card

    Identity theft:

    use their identity

    and ongoing….

    See i think once you give the “bad guys” a taste of their own weapons the mostlikely “grow up” and stop or at least stop attacking the site that has “reattacked” them.

    In the future i predict wars between black hackers paid to hack a company and white hackers paid to protect the company…. China does it.. .no one is yet hacking back though…

  11. fifi Says:

    no hack please :) just forget about it okOK plz if you do it i gonna gie you a free website top quality i promess

  12. Crayon Says:

    Did I hear movie plot?

    The internet being run by virus ridden, insane, spamming, malware spreading, malicious computer supervillains going after your computer. Lots of them used to be normal users, driven into rage after their n’th computer meltdown.
    The few people left on the internet are paranoid, shifty users hidden behind big ass firewalls.

    Small rebel bands of former /b/ members and other self assigned internet end bosses scurrying across the internet since they got nowhere else to go, shouting meme’s at the emptyness and collecting scraps of porn from the ruins of broken firewalls and flooded forums. Original content a thing of the past.
    A few brave computer experts trying to fight their way back to the old days, searching for that last spark of hope while knowing that we’re really fucked this time.

    Gamers are long gone, fleeing to console gaming. MMO’s keep growing and growing, but the only players left are bots and chinese farmers, driving GM’s insane, launching them into manic depression, so many people and nobody to talk to!
    Microsoft will invest all resources in the Xbox 1440, which will eventually be found by virusses and spammers too, leaving a crippled gaming community.

    Eventually this will lead to an explosive grow rate of IRL violence, since the gaming community needs to find another kind of exhaust pipe for their rage. All ugly people hidden behind their computer will come outside of their houses. Seeing the sun for the first time in a long while they walk around in amazement, untill the sun burns them and they grow afraid of it. Watching from their windows they envy the daydwellers, planning sweet revenge on them in the cool shadows of their houses.

    Night falls…

    From this point, some sequel in the lines of ‘I am Legend’ takes over

  13. RSnake Says:

    @Crayon - I get the movie rights!

  14. jack Says:

    yea ive always been scared to do transactions online. i used to use my debit card until i knew better. at least most credit card companies have preventional methods
    -jack @ global payment services