Browsing, the easiest way to get your pc compromised online.

Started by Gary, Oct 13, 2007, 10:44:35

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Gary

Here is a link to a  brief Q&A I read this morning. I thought I would post it as it shows that just browsing will become the new way to get compromised, not via email born Trojans and worms, the drive by download looks to be the way forward. The link underneath the first is from F-Secures senior security specialist, he claims user education in the end will not be enough.  :(

http://resources.zdnet.co.uk/articles/0,1000001991,39288246,00.htm

http://news.zdnet.co.uk/security/0,1000000189,39289980,00.htm
Damned, if you do damned if you don't

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Quote from: Rik on Oct 13, 2007, 10:45:41
Back to the dumb terminals idea, eh Gary? :(
Yes indeed, or back behind someone else's terminal maybe Rik ;)
Damned, if you do damned if you don't

Simon

All the more reason to have top notch security software. 
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

The problem is, Simon, that the informed take all the precautions, but there's a great mass who take none - and become 'bots capable of bringing the net to its knees. Eventually, something will have to be done about that.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

cavillas

My terminals is definately dumb.
It often refuses to spell correctly, never answers to its name and decides when it wants to run a prog, not when I tell it.
Am I doing something wrong?
Can I train it to behave better? :-\

Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it? ::)  I am definately sceptical about what they publish at times.  :-X

Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.
------
Alf :)

Gary

Quote from: Si6776 on Oct 13, 2007, 11:42:23
All the more reason to have top notch security software. 
Trouble is the security vendors say that they cannot guarantee to keep us 100% safe, I have to concede Vista has helped so far in the OS department, but its other applications and some that can be got to through your browser that are now getting to be a issue, its harder to browse safely these days even with top notch security  :( so as Rik says eventually something else will have to be done.
Damned, if you do damned if you don't

Gary

Quote from: cavillas on Oct 13, 2007, 12:00:25
My terminals is definately dumb.
It often refuses to spell correctly, never answers to its name and decides when it wants to run a prog, not when I tell it.
Am I doing something wrong?
Can I train it to behave better? :-\

Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it? ::)  I am definately sceptical about what they publish at times.  :-X

Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.
Brownies and boy scouts could get badges for it  ;)
Damned, if you do damned if you don't

Inactive

Quote from: cavillas on Oct 13, 2007, 12:00:25


Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it? ::)  I am definately sceptical about what they publish at times.  :-X

Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.

I agree with that, also Financial Institutions need to do far more for their customers.
Anything and everything that I post on here is purely my opinion, it ain't going to change the world, you are under no obligation to agree with me, it is purely my expressed opinion.

Rik

Quote from: cavillas on Oct 13, 2007, 12:00:25
Rik, compulsory teaching is the only way, we should have Internet Camps where people go for aweekend to learn all about security and pass a test.

I agree, Alf. I believe we need to have certificates of proficiency before people are allowed online, and maybe an annual security audit of their machines. It won't be cheap, but if we fail to take action, sooner or later the web will grind to a halt.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Quote from: cavillas on Oct 13, 2007, 12:00:25
Funny how it's only the Security software companies that come up with all this stuff, not anything to do with their core business is it? ::)  I am definately sceptical about what they publish at times.  :-X

Me too, Alf.  In fact, there are certain spyware removal programs that actually plant spyware on your PC, then demand payment for the software to remove it!
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

cavillas

Quote from: Si6776 on Oct 13, 2007, 12:12:46
Me too, Alf.  In fact, there are certain spyware removal programs that actually plant spyware on your PC, then demand payment for the software to remove it!

Oh! You caught me then. >:D
------
Alf :)

Gary

Quote from: Inactive on Oct 13, 2007, 12:05:21
I agree with that, also Financial Institutions need to do far more for their customers.
My bank has issued a gadget to make amending your online account really hard now without specific codes that only your bank card and the little calculator shaped thing can generate, but I agree more needs to be done to help the customer, same as with cashpoints that have faceplates put on them to harvest your card number and pin, surely there are simple ways to combat that! Like bothering to inspect the machines maybe electronically each day, cant be hard to have tamper proof sensors on them surely? I fear its the initial cost that worries the banks.  >:(
Damned, if you do damned if you don't

Rik

It's always the costs which worry the banks. :(

It's safer nowadays to get 'cash back' in a supermarket.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Damned, if you do damned if you don't

somanyholes

Hey All

More linkage as ever, http://www.sandboxie.com/

This can sandbox your browser, amongst other things, sandbox = secure ;)



Lance

Quote from: Killhippie on Oct 13, 2007, 12:40:53
My bank has issued a gadget to make amending your online account really hard now without specific codes that only your bank card and the little calculator shaped thing can generate,

It's not Natwest is it? Sounds very similar to what they have recently issued me.
Lance
_____

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Quote from: Lance on Oct 14, 2007, 00:03:54
It's not Natwest is it? Sounds very similar to what they have recently issued me.
Yes it sure is Lance, I was most surprised when I got what looked like a cardreader/calculator in the post  :)
Damned, if you do damned if you don't

Rik

I suspect all banks will move to these devices in time, they are very cost effective security.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Inactive

HSBC have been giving a similar item to their business account users for some time, but not to their " Joe Public " account holders... :(

There has to be a message there somewhere. ;)
Anything and everything that I post on here is purely my opinion, it ain't going to change the world, you are under no obligation to agree with me, it is purely my expressed opinion.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.