Security: Thumb sucking, slurping, snarfing...

The Dictionary of Wacky Security Threat terms

Remember when thumb sucking was considered an innocent activity, except that if you did it as a young child you might need braces as a teen? Today you'd need a lot more than a mouthful of metal to protect from thumb sucking.

This phrase is one of the latest in a new genre of IT terminology: Wacky Security Threat Terms. While the incidents described by such terms are indeed serious, security vendors and others have broken the rules of spelling and relied upon double entendres to develop this new collection of buzz words that succinctly refer to the latest threats, with the hope that giving the threat a memorable tag will raise awareness.

"Putting a label on something that already exists is constructive, it helps people understand it better," says Tim Cranny, senior security analyst with security vendor Senforce, which claims to have come up with the term thumb sucking, meaning stealing corporate data by transferring it to a thumb drive. "It also helps to get the message out; if [the term] is boring it doesn't do much good."

Cranny doesn't take credit for coming up with the term thumb sucking; he says a salesman with the company had the idea. "It's one of those terms where you go `Of course!'" Cranny says.

Most of these terms refer to practices that involve misuse; such as taking an innocent thumb drive and turning it into an instrument of crime by using it to steal data. Just like your thumb wasn't meant to be sucked on endlessly during your developmental years.

Security vendors aren't the only ones doing it; hackers have also come up with a number of terms to describe how they pass their time, an exhaustive list of which can be found here.

While thumb sucking is one of the most recent terms to emerge, it may not be the wackiest of all -- below are some of the more popular phrases that we have compiled into the Dictionary of Wacky Security Threat Terms, First Edition. This edition does not claim to be complete, so we invite you to add wacky terms not listed here that describe some aspect of a cybersecurity threat, and please include a definition.

Phreaking (pronounced "freeking") -- According to the New Hacker's Dictionary, this is the "art and science of cracking the phone network" or breaking the security of any communications network. Among the oldest of these terms, it mainly refers to breaking into the telephone network to make free long-distance calls.

Pharming (pronounced "farming"), a related term that describes the act of redirecting visitors from the Web site they intended to visit to a bogus one.

Slurping or Pod Slurping -- using a detachable device (usually an iPod) to steal corporate data, much like thumb sucking. This term was coined in 2005 by Abe Usher, who at the time was at Sharp Ideas consultancy. His brother bought him an iPod, and Usher quickly realized the device's potential as a security risk, he says.

Shortly after receiving the iPod Usher developed a program called slurp.exe, a proof-of-concept application that demonstrates how data can be automatically downloaded from a networked PC to an iPod.

As for the term slurping, Usher says it's a holdover from his past. "As a kid I went to 7-Eleven quite a bit..." he admits.

Snarfing or Bluesnarfing -- using a Bluetooth connection to steal data from a wireless device. Not to be confused with Bluejacking, the relatively innocent pastime of embedding a greeting into Bluetooth phonebook contact that pops up on the contact's phone.

Spamdexing -- the practice of creating Web pages simply to increase page rankings in search engines by, for example, stuffing them full of keywords. A similar phenomena are splogs, blogs that exist only to point readers to Web sites. While neither of these practices pose security threats yet, they annoy and confuse Web site and blog visitors, not unlike when spam was simply a nuisance to e-mail users but over time developed into a serious, malware-laden threat.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Cara Garretson

Network World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?