tag:blogger.com,1999:blog-6322916946732811685.post7551184219682541384..comments2024-03-28T16:31:54.494-04:00Comments on Borepatch: Do not bank online from a Windows computerBorepatchhttp://www.blogger.com/profile/05029434172945099693noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-6322916946732811685.post-46387874744185440882009-10-15T14:45:52.314-04:002009-10-15T14:45:52.314-04:00C'mon. By that criteria, no OS running on read...C'mon. By that criteria, no OS running on read/write media is safe. Which is hardly news.<br /><br />"A word to the wise: Do not click on attachments included in unsolicited e-mails, especially those that encourage you to act quickly or else suffer some scary fate: These are almost universally scams or attempts to plant malicious software on your computer. Also, note that the IRS has stated emphatically that it does not communicate with citizens via e-mail." I can't think of a real-world analogy to this behavior that really holds up, but it's sort of analogous to leaving the keys in the car when you park.<br /><br />There is no operating system or security system in the world that would have stopped this attack. Not clicking on the link/file (original story uses both terms) would have. It happens that the attack targets Windows machines and IE, because, as our host has noted, "that's where the money is". What happens when everyone takes the advice of switching away? The scammers will retarget.<br /><br />There is no technical solution for this, IMHO. Use of a OS boot CD is not a technical solution, it's a behavioral change. And it destroys one of the reasons to use a PC instead of a dedicated device. (It turns your machine into a dedicated device, essentially - since you give up your security the minute you open your browser anyway).<br /><br />Incidentally, using a USB stick is bo safer (conceptually) than just boothing off your HD - the device is still writable and consequently attackable.<br /><br />I don't have answers either. For a truly gloomy outlook, try reading Bruce Schneier.<br /><br />WV: vistaggr. The opinion of a lot fo people (but not mine)Ian Argenthttps://www.blogger.com/profile/03704336044732061128noreply@blogger.comtag:blogger.com,1999:blog-6322916946732811685.post-52839486554365551172009-10-15T12:53:12.515-04:002009-10-15T12:53:12.515-04:00Very interesting discussion and comments.Very interesting discussion and comments.NotClauswitzhttps://www.blogger.com/profile/14358707844087117280noreply@blogger.comtag:blogger.com,1999:blog-6322916946732811685.post-87460882408366698832009-10-15T12:37:50.917-04:002009-10-15T12:37:50.917-04:00Very interesting. All's I ever do is check my...Very interesting. All's I ever do is check my account level?NotClauswitzhttps://www.blogger.com/profile/14358707844087117280noreply@blogger.comtag:blogger.com,1999:blog-6322916946732811685.post-53540250568153917132009-10-15T07:15:08.210-04:002009-10-15T07:15:08.210-04:00Boot from a Linux live CD distro?
That's bril...Boot from a Linux live CD distro?<br /><br />That's <i><b>brilliant!</b></i> I think I have one around here somewhere, and if I don't, then I can burn one.wolfwalkernoreply@blogger.com