> How about this for instance? I am a net banking user. > I login to my bank > a/c from my non-superuser a/c. Malware, say a > keylogger, running on my > system can cause some damage - perhaps not to the > 'system' the way you > meant. But a compromised bank a/c is more damaging to > me than say, a > formatted hard disk. ;)
BTW, the end user today is really a small and insignificant fish to go after -- your bank account is 98% of the cases might be worth, what? A few thousand bucks? That is, if you're not drowning in debt like most people are. Most attacks today -- and I mean the professionals', not these single-user-script-kiddie-stuff attacks -- involve SQL code injection to get into the database back-end and get data out. Your bank account is much more easily retrieved from one such database with the proper attack vector than by wasting one's time writing some desktop malware. Yours and tens of thousands, if not hundreds of thousands other accounts that a bank might have. But you know what the really hard part is? It's not breaking in. The hardest thing to do is to clean up after oneself and leave no forensic traces. This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
