Browsing, the easiest way to get your pc compromised online.

[Gary]

Here is a link to a  brief Q&A I read this morning. I thought I would post it as it shows that just browsing will become the new way to get compromised, not via email born Trojans and worms, the drive by download looks to be the way forward. The link underneath the first is from F-Secures senior security specialist, he claims user education in the end will not be enough. 

http://resources.zdnet.co.uk/articles/0,1000001991,39288246,00.htm

http://news.zdnet.co.uk/security/0,1000000189,39289980,00.htm

[Rik]

Back to the dumb terminals idea, eh Gary?

[Gary]

Back to the dumb terminals idea, eh Gary?

Yes indeed, or back behind someone else's terminal maybe Rik

[Simon]

All the more reason to have top notch security software. 

[Rik]

The problem is, Simon, that the informed take all the precautions, but there's a great mass who take none - and become 'bots capable of bringing the net to its knees. Eventually, something will have to be done about that.

[cavillas]

My terminals is definately dumb.
It often refuses to spell correctly, never answers to its name and decides when it wants to run a prog, not when I tell it.
Am I doing something wrong?
Can I train it to behave better?

Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it?  I am definately sceptical about what they publish at times.  

Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.

[Gary]

All the more reason to have top notch security software. 

Trouble is the security vendors say that they cannot guarantee to keep us 100% safe, I have to concede Vista has helped so far in the OS department, but its other applications and some that can be got to through your browser that are now getting to be a issue, its harder to browse safely these days even with top notch security  so as Rik says eventually something else will have to be done.

[Gary]

My terminals is definately dumb.
It often refuses to spell correctly, never answers to its name and decides when it wants to run a prog, not when I tell it.
Am I doing something wrong?
Can I train it to behave better?

Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it?   I am definately sceptical about what they publish at times. 

Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.

Brownies and boy scouts could get badges for it 

[Inactive]

Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it?   I am definately sceptical about what they publish at times. 

Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.

I agree with that, also Financial Institutions need to do far more for their customers.

[Rik]

Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.

I agree, Alf. I believe we need to have certificates of proficiency before people are allowed online, and maybe an annual security audit of their machines. It won't be cheap, but if we fail to take action, sooner or later the web will grind to a halt.

[Simon]

Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it?   I am definately sceptical about what they publish at times. 

Me too, Alf.  In fact, there are certain spyware removal programs that actually plant spyware on your PC, then demand payment for the software to remove it!

[cavillas]

Me too, Alf.  In fact, there are certain spyware removal programs that actually plant spyware on your PC, then demand payment for the software to remove it!

Oh! You caught me then.

[Gary]

I agree with that, also Financial Institutions need to do far more for their customers.

My bank has issued a gadget to make amending your online account really hard now without specific codes that only your bank card and the little calculator shaped thing can generate, but I agree more needs to be done to help the customer, same as with cashpoints that have faceplates put on them to harvest your card number and pin, surely there are simple ways to combat that! Like bothering to inspect the machines maybe electronically each day, cant be hard to have tamper proof sensors on them surely? I fear its the initial cost that worries the banks. 

[Rik]

It's always the costs which worry the banks.

It's safer nowadays to get 'cash back' in a supermarket.

[Gary]

True or use the cashpoint inside the bank.

[somanyholes]

Hey All

More linkage as ever, http://www.sandboxie.com/

This can sandbox your browser, amongst other things, sandbox = secure

[Lance]

My bank has issued a gadget to make amending your online account really hard now without specific codes that only your bank card and the little calculator shaped thing can generate,

It's not Natwest is it? Sounds very similar to what they have recently issued me.

[Gary]

It's not Natwest is it? Sounds very similar to what they have recently issued me.

Yes it sure is Lance, I was most surprised when I got what looked like a cardreader/calculator in the post 

[Rik]

I suspect all banks will move to these devices in time, they are very cost effective security.

[Inactive]

HSBC have been giving a similar item to their business account users for some time, but not to their " Joe Public " account holders...

There has to be a message there somewhere.

[Rik]

Yup, money speaks.