Doug Franklin wrote: > > Tim Øsleby wrote: > > Ann. Most likely your system already has XP service pack 2 installed. That's > > the one update you will need if it isn't. Without it your computer is very > > vulnerable. > > As someone who works on security software for Windows and Linux, I'd > strongly urge keeping up with Windows updates, even post XP SP2. You > only have to get "owned" once to have large amounts of your money > disappear from your bank account or get added to your credit cards or > your identity get stolen. I do review the updates that they try to > send, I keep good backups, I only install critical updates, and I always > refuse to let Windows Genuine Advantage or its updates install. But if > Microsoft is issuing a patch for it, there's a good reason.
I hvae no credit cards listed on the web, fortunately. I dont buy ANYTHING on line - well, I did once or twice, but I avoid it as a whole. IF someone tried to take "large amounts of money" from my bank account they would be in for a big surprise! LOL! I dont use explorer - I took it off the desktop so I couldnt even hit it by mistake. I installed Firefox right away. While much of what you say I'm sure is right, I can't even fathom it... When I get on line I only go to my personal homepage, my cafepress store, photo.net, ebay and craigslist. or to look at pics you guys put up. I never go to any sites have anything to do with entertainment or sports - I don't open attachments or forwarded mail. And I'm keeping my old dial up account for email - for a while at least. ann > > Some of the vulnerabilities, especially some of the ones in Internet > Explorer, are positively frightening, allowing "drive by" exploitation > of your system. That means the attacker plants the malware in such a > way that you get infected by simply going to a reputable web page that > has ads on it from a poorly defended or less than reputable ad system. > > It's happened, too. A year or two ago, the online IT technology (IT > geek) newspaper "The Register" (http://www.theregister.co.uk or > http://www.theregister.com) was using an ad service provider that got > exploited. Just going to "The Register" web page and being unlucky > enough to get one of the infected ads got your computer infected, IIRC, > by a password stealer or spam engine (if you didn't have the proper > patches installed). > > A lot of the "virus" hype /is/ hype. Shameless hype. But some of it > isn't. Over the past couple of years there's been a definite and > obvious shift in the motives of the purveyors of malware. It's gone > from more like graffiti or other vandalism to more like business (profit > motive). > > At the moment, there seems to be another shift underway, toward more > focused attacks rather than the "shotgun approach". The idea being to > get the malware "under the radar" of the security monitoring folks. > That means that, for example, the A/V engines don't get signatures for > them because either the "virus sensors" out in the Internet never see > the actual malware, or because the number of folks affected is "too small". > > There have already been several of these sorts of targeted attacks in > England and Scandinavia against specific banks. Through a partnership > with some customers, my development team is seeing a lot of this sort of > activity right now. > > -- > Thanks, > DougF (KG4LMZ) > > -- > PDML Pentax-Discuss Mail List > [email protected] > http://pdml.net/mailman/listinfo/pdml_pdml.net -- PDML Pentax-Discuss Mail List [email protected] http://pdml.net/mailman/listinfo/pdml_pdml.net
