| Author |
Message |
|
l3v1ck
What's a life?
Joined: Fri Apr 24, 2009 10:21 am
Posts: 12700
Location: The Right Side of the Pennines (metaphorically & geographically)
|
Not very CLICKYSafari was the first to fall, then IE8, then FF. And the iPhone isn't secure either. No mention of Opera though. So how safe do you feel online?
|
| Thu Mar 25, 2010 2:40 pm |
 
|
|
|
belchingmatt
I haven't seen my friends in so long
Joined: Fri May 15, 2009 3:16 am
Posts: 6146
Location: Middle Earth
|
I feel safe enough. Vulnerabilities should only become problems if you put yourself at risk.
_________________
Dive like a fish, drink like a fish!
><(((º>`•.¸¸.•´¯`•.¸><(((º>
•.¸¸.•´¯`•.¸><(((º>`•.¸¸.•´¯`•.¸><(((º>
If one is diving so close to the limits that +/- 1% will make a difference then the error has already been made.
|
| Thu Mar 25, 2010 2:44 pm |
|
|
|
soddit112
Spends far too much time on here
Joined: Thu Apr 23, 2009 6:12 pm
Posts: 2020
Location: Mute City
|
this, having a secure browser is one thing, but the best form of anti-malware is common sense 
|
| Thu Mar 25, 2010 2:58 pm |
|
|
|
forquare1
I haven't seen my friends in so long
Joined: Thu Apr 23, 2009 6:36 pm
Posts: 5150
Location: /dev/tty0
|
|
| Thu Mar 25, 2010 3:22 pm |
|
|
|
Linux_User
I haven't seen my friends in so long
Joined: Tue May 05, 2009 3:29 pm
Posts: 7173
|
How many exploits are killed by NoScript?
|
| Thu Mar 25, 2010 3:54 pm |
|
|
|
l3v1ck
What's a life?
Joined: Fri Apr 24, 2009 10:21 am
Posts: 12700
Location: The Right Side of the Pennines (metaphorically & geographically)
|
I don't know, it doesn't say. But I do feel safer online sitting behind NoScript.
|
| Thu Mar 25, 2010 4:30 pm |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
I feel fairly safe. I avoid dodgy sites if possible. It is just as people say common sense. Though I do try and use as much protection as possible.
_________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Thu Mar 25, 2010 5:59 pm |
|
|
|
davrosG5
I haven't seen my friends in so long
Joined: Fri Apr 24, 2009 6:37 am
Posts: 6954
Location: Peebo
|
Good to see some balanced coverage over at Macworld. Not a single mention in that article that Safari was hacked. Unbelievable, and I'm a Mac user. I don't need to be protected from finding out that Safari can be hacked.
_________________
When they put teeth in your mouth, they spoiled a perfectly good bum.
-Billy Connolly (to a heckler)
|
| Thu Mar 25, 2010 6:19 pm |
|
|
|
ChurchCat
Doesn't have much of a life
Joined: Sat Apr 25, 2009 7:57 am
Posts: 1652
|
So how does it all work? How does he get past the firewall or whatever it is that stops them getting in? Do they have to have physical access to the machine? I don't know the first thing about this sort of stuff.  _________________A Mac user 
|
| Thu Mar 25, 2010 6:28 pm |
|
|
|
belchingmatt
I haven't seen my friends in so long
Joined: Fri May 15, 2009 3:16 am
Posts: 6146
Location: Middle Earth
|
There is a mention of him hacking it last year.
_________________
Dive like a fish, drink like a fish!
><(((º>`•.¸¸.•´¯`•.¸><(((º>
•.¸¸.•´¯`•.¸><(((º>`•.¸¸.•´¯`•.¸><(((º>
If one is diving so close to the limits that +/- 1% will make a difference then the error has already been made.
|
| Thu Mar 25, 2010 6:38 pm |
|
|
|
big_D
What's a life?
Joined: Thu Apr 23, 2009 8:25 pm
Posts: 10691
Location: Bramsche
|
 They aren't allowed physical access to the machines.
They have to remotely execute code.
The iPhone hack "took 20 seconds", at CanSec West... It tool another 2.6 million seconds to set up the hack, ready for those 20 seconds. It uses social engineering to get the gullible user to visit a pre-prepared website.
The firewall is irrelevant, as the attack is started at the users request (they have to go to the infected website and tell it to download the exploit). Therefore the firewall won't do anything to stop it. Same for anti-malware tools, if it is a new exploit, chances are it won't even raise its eyebrows, let alone an alarm...
You need to be tricked into visiting a prepared site, or the hackers need to take over a safe site (like the New York Times and Digg advertising hacks last year and last week respectively).
It is the reason that I always use Firefox with NoScript installed and FlashBlock... I only use Safari, Chrome and IE as second string browsers, for visiting trusted sites. I'd switch to Safari or Chrome tomorrow, if they had an add-on to allow me to selectively run scripts, like NoScript does.
Edit: One other thing to note, a lot of the new attacks are "spear phishing" attacks, where they go after a specific target or targets, like the Google and 20 other targeted companies back at the end of last year, beginning of this year.
_________________
"Do you know what this is? Hmm? No, I can see you do not. You have that vacant look in your eyes, which says hold my head to your ear, you will hear the sea!" - Londo Molari
Executive Producer No Agenda Show 246
|
| Thu Mar 25, 2010 6:40 pm |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
The fact that they complemented the IE8 attacks shows that Microsoft have seriously upped the defences. Good for Microsoft. _________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Thu Mar 25, 2010 6:51 pm |
|
|
|
finlay666
Spends far too much time on here
Joined: Thu Apr 23, 2009 9:40 pm
Posts: 4876
Location: Newcastle
|
A lot are probably Flash based....so if you allow flash... quite a few Anyone for a Vi based internet browser? No risk of vulnerabilities as it can only display text!  _________________TwitterCharlie Brooker: Macs are glorified Fisher-Price activity centres for adults; computers for scaredy cats too nervous to learn how proper computers work; computers for people who earnestly believe in feng shui.
|
| Thu Mar 25, 2010 7:14 pm |
|
|
|
Amnesia10
Legend
Joined: Fri Apr 24, 2009 2:02 am
Posts: 29240
Location: Guantanamo Bay (thanks bobbdobbs)
|
I have click to flash and that blocks a lot of flash, particularly those annoying noisy ads. I have not managed to go NoScript running yet.
_________________Do concentrate, 007... "You are gifted. Mine is bordering on seven seconds." https://www.dropbox.com/referrals/NTg5MzczNTkhttp://astore.amazon.co.uk/wwwx404couk-21
|
| Thu Mar 25, 2010 7:36 pm |
|
|
|
Linux_User
I haven't seen my friends in so long
Joined: Tue May 05, 2009 3:29 pm
Posts: 7173
|
Flashblock FTW.
|
| Thu Mar 25, 2010 7:53 pm |
|
|
