But some things are so obvious….
I'm sitting at my full updated and patched Linux computer, working on my stuff, and the phone rings.
Hello?
"Hello! I am ****** from *******. We are a computer security company."
Uh-huh.
"You know, lots of computers have vulnerabilities that users don't even know about. If you give us access to your computer, we can make sure it is secure."
….
"Hello?"
…yeah, I'm still here. I'm just marveling at the unmitigated gall of what you are asking.
"What do you mean?"
You are calling on the phone. Caller ID can be altered, and I have no way of verifying that the number on my caller ID is correct. I don't even know who you are, and you are cold calling me and asking for unrestricted access to my computer.
"You don't understand. We are offering you an incredible deal."
Yeah, but you are presenting yourself in the skeeviest way possible. You might as well show up outside my house, flash a gun, and offer to be a security guard. You aren't telling me what you are going to do, or even if what you are going to do will actually accomplish anything, and that assumes you aren't going to mine my system.
"But we're an expert computer security company."
Yeah, says you. But I don't know you from Adam. You are not getting access to my machine. No one does.
"Well, how do you know it's secure?"
Because I'm a garage programmer with other Linux nut friends. We will test each other's systems by trying to break into them and reporting any vulnerabilities we find. The girl with the dragon tattoo can't get into our machines. What's more, if my computer detects a cracking attempt, it gathers the information and asks me if I want to send it to the feds. Even if you aren't a scammer, do I sound like someone who needs your help?
"…well, you have a nice day, sir."
Of course, I forwarded what info I had to the cops. After all, that was a cold call. They are fishing for victims, and at least a little advance warning helps.
Which is also why I'm posting it here.
Spread the word.
We must look out for each other.
