On Mon, Dec 14, 2009 at 11:49:30PM -0800, Bill Broadley wrote: > IMO hostbased firewalls offer very little protection, but if they reduce your > legal liability then by all means do it. Pretty much any firewall it turned > off by any of the popular malware if you happen to run it. So of course the > key is to not run any evil software. That means not responding to emails > claiming to show embarrassing videos of public figures, earthquake victims, > or pretty much anything that leads to opening a remote file. So browser > plugins, local apps, screen savers, cute little utilities, etc.
Worse is when it's phishing attempts: "Your facebook account has been locked due to security reasons. Run the attached EXE to re-enable your account." (Replace "facebook" with your ISP, your bank, etc.) The few times I've seen something that looks even remotely legit ("hey, _I_ have a 'sonic.net' account!"), the email is not usually coming from where it purports to. (e.g., why is Wells Fargo emailing me from a host called xyz.random.co.uk?) I'm also lucky because I use a plaintext email client (Mutt), so I don't see HTML email; not as live HTML, at least. (That helps reduce the chance of 'beacons' being used to determine that I even ever got the email. e.g., if the HTML of the email includes <img src="http://hackers.tld/invisible.gif" width=1 height=1>, they'd know the instant a user's browser or email client fetched that remote image from their server.) It was fun when I received some facebook phishing email... the form and links in the HTML all went to http://www.facebook.com.some.other.domain.tld/ I'm smart enough to not fall for that, but what percentage of the general public would understand the difference between ".com." and ".com/" in an URL? :( <snip> > Do you have to use IE? My best guess is that they are recommending whole disk > encryption, I can't think of anything else that could reasonably be called an > encryption device. Perhaps it's some kind of wifi-encrypting tent you erect over your laptop. ;) This might also be useful: http://geek-ware.blogspot.com/2008/04/laptop-privacy-sweater.html (More seriously, you could also get a cover for your screen that tweaks the optics such that only you (or anyone _directly_ behind you) can see what's on the screen. Most ATMs do this.) -- -bill! Sent from my computer _______________________________________________ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech