[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Wednesday 04 July 2007 09:42, george wrote: > A lot of negativity here guys. > > How many people on this list still use IE? If you run Windows, IE, etc. > then security is a nightmare. I know that you can never be 100% secure but > you sure as hell can make it difficult for the bad guys when it counts. I > do all my money laundering on-line and I want that as private as possible. > A distro on cd is an awkward way to go but it's better than people getting > into your bank account. And if you're a Windows user then it could be a > godsend. I know lots of people have had this idea before but I'll bet none > of them were Windows only users. > > And what is this about losing your bookmarks on a power cut, Tom? They are > burned onto a CD. Or on the USB module. Or you could have them on Google. How can the live distro burn its bookmarks onto the CD - kinda defeats the object as well? I change my bookmarks 'daily'. A live distro approach is fine in an 'internet cafe' approach but once you allow people to 'save' things then it becomes insecure again - good system management can alleviate the problems but never eliminate them. Computers will only be safe as long as you keep humans away from them, let homo missmanagmentum near them and you will have security problems as they will always prefer 'ease of use' (shorttermism) over security. Tom te tom te tom > Or on your backup that you do religiously every evening at 11.30. > > I'll preach to the converted. Security is a big issue. There is no simple > solution. There is no one super solution. We must do the best we can with > what we got. > > (What did I do with those tranquilisers? Damn. My blasted US spell checker > wants to spell it with a zed. Mutter, mutter, mutter) > > George > > On Wednesday 04 July 2007 08:15, Tom Potts wrote: > > On Wednesday 04 July 2007 00:16, Simon Waters wrote: > > > george wrote: > > > > http://www.itwire.com.au/content/view/13292/53/ > > > > > > Whilst I like the idea - I can think of one downside. > > > > > > The main reason Windows viruses don't try to mess with the BIOS is that > > > there is nowt to gain, and an infected host to lose from ones botnet. > > > > > > As soon a booting from an alternative media is widespread for banking, > > > some of the bots will try to hijack the BIOS so they can steal data > > > from the other operating system (or listen to the network traffic), or > > > hijack the router for similar (router meddling has the same downsides > > > as BIOS meddling for the abuser). > > > > > > Indeed subverting routers with Javascript has already been done, at > > > least as a proof of concept. The Javascript looked for routers, at the > > > manufacturers default IP address, with the manufacturers default > > > username/password (default passwords are a stupid idea! See Oracle and > > > "change on install" story). It would then login and change your routers > > > settings, which with things like DNS makes for a powerful kind of > > > phishing. So visiting a website with such Javascript led to exploit. > > > > > > > > > > > > I'm also surprised how many people don't know that by default IE allows > > > the copying of clipboard content by Javascript. > > > > Secure web browsing is a nice idea but at some time there will be a power > > cut and you will loose all your bookmarks and most people will grind to a > > halt then. > > Tom te tom te tom -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html