On 15/09/11 03:27, Richard Owlett wrote:
Provocative enough subject line?
Actually I'm *serious* !
I personally suspect that all these "security" features are trying to
protect users from there own culpable acts.
I take responsibility for my own well being by:
1. *DISABLING* {user.js *IS* your friend}
JavaScript
Cookies
2. *NOT* using an "always live" connection
3. a local *always LIVE* firewall set to _paranoid_
4. my ISP provides some firewall and anti-virus email protection
and "other" measures
Well, even with those measures, security updates are useful. The latest
case in point is the DigiNotar certificate authority, which was recently
broken into and used without its managers' knowledge to issue several
hundreds of bogus certificates for various domains such as google.com,
cia.gov, mossad.il, etc. etc. etc.
The security update (culminating in SeaMonkey 2.3.3, Firefox 6.0.2,
Thunderbird 6.0.2, etc.) consisted of removing all DigiNotar root and
intermediary certificates from Mozilla's store of "trusted"
certificates. None of the measures you mention above would have
protected you against a MITM attack using one of those counterfeit
certificates, especially if you happened to connect to a hijacked DNS
server. Since you are still using the obsolete SeaMonkey 2.0.8, you
could still fall victim to such an attack (though after Mozilla, Google,
Mocrosoft and others, including my Linux distro, took measures in
concert, the attacks have declined). If you used this browser in Iran
(where most, but not all, of the attacks were targeted), you may very
well have been one of the victims: in that case you should change your
Google etc. passwords and log out of any current session. Maybe also
restart SeaMonkey to clear the DNS cache.
Best regards,
Tony.
--
All [zoos] actually offer to the public in return for the taxes spent
upon them is a form of idle and witless amusement, compared to which a
visit to a penitentiary, or even to a State legislature in session, is
informing, stimulating and ennobling.
-- H. L. Mencken
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
