Dedicated Computer Used Solely for On-Line Investing?

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills
User avatar
Boglenaut
Posts: 3090
Joined: Mon Mar 23, 2009 7:41 pm

Dedicated Computer Used Solely for On-Line Investing?

Post by Boglenaut » Thu Mar 26, 2009 12:00 pm

I've gradually taken over my wife's laptop and seem to be using my desktop lately solely for my on-line accounts. I didn't do this on purpose...it just gradually happened.

It occurs to me this may be a good security feature going forward when I buy myself a laptop. If I only go to my accounts and security software update page with my desktop, and use the laptop for browsing, e-mail, etc., it seems much safer. Also, that computer doesn't even have wi-fi (of course encrypted either way).

Seem like overkill? Does anyone else have a computer set up solely for handling their on-line accounts?

User avatar
DaveH
Posts: 677
Joined: Fri May 16, 2008 10:35 am
Location: Los Angeles, Bangkok, Louisiana, New York City

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by DaveH » Thu Mar 26, 2009 12:07 pm

Boglenaut wrote:I've gradually taken over my wife's laptop and seem to be using my desktop lately solely for my on-line accounts. I didn't do this on purpose...it just gradually happened.

It occurs to me this may be a good security feature going forward when I buy myself a laptop. If I only go to my accounts and security software update page with my desktop, and use the laptop for browsing, e-mail, etc., it seems much safer. Also, that computer doesn't even have wi-fi (of course encrypted either way).

Seem like overkill? Does anyone else have a computer set up solely for handling their on-line accounts?
Seems like overkill to me. In fact, trying to secure/monitor/protect two machines may be harder overall.
The fewer our wants, the nearer we resemble the gods. — Socrates

User avatar
Boglenaut
Posts: 3090
Joined: Mon Mar 23, 2009 7:41 pm

Post by Boglenaut » Thu Mar 26, 2009 12:10 pm

Good point.

I'll wait until Windows 7 comes out for my new laptop, so I'll also need to weigh how secure XP is compared to Windows 7.

Like I said, I didn't do it on purpose...it just happened that way.

User avatar
DaveH
Posts: 677
Joined: Fri May 16, 2008 10:35 am
Location: Los Angeles, Bangkok, Louisiana, New York City

Post by DaveH » Thu Mar 26, 2009 12:17 pm

Boglenaut wrote:Good point.

I'll wait until Windows 7 comes out for my new laptop, so I'll also need to weigh how secure XP is compared to Windows 7.

Like I said, I didn't do it on purpose...it just happened that way.
Windows 7 will be substantially less secure until they go through a few iterations, service packs, etc. Keep things simple, apply best practices, and don't move to quickly into new technologies if you want to stay safe.
The fewer our wants, the nearer we resemble the gods. — Socrates

User avatar
bearwolf
Posts: 1718
Joined: Sun May 18, 2008 12:34 am
Location: Oklahoma

Post by bearwolf » Thu Mar 26, 2009 12:20 pm

Boglenaut wrote:Good point.

I'll wait until Windows 7 comes out for my new laptop, so I'll also need to weigh how secure XP is compared to Windows 7.

Like I said, I didn't do it on purpose...it just happened that way.
There is also the Mac alternative. We have been PC (windows) free for a couple of years and still love the lack of hassle.

BearWolf

User avatar
Boglenaut
Posts: 3090
Joined: Mon Mar 23, 2009 7:41 pm

Post by Boglenaut » Thu Mar 26, 2009 12:21 pm

DaveH, so it may not be overkill? ;)
Last edited by Boglenaut on Thu Mar 26, 2009 12:27 pm, edited 1 time in total.

User avatar
CyberBob
Posts: 3216
Joined: Tue Feb 20, 2007 2:53 pm

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by CyberBob » Thu Mar 26, 2009 12:26 pm

Boglenaut wrote:Seem like overkill? Does anyone else have a computer set up solely for handling their on-line accounts?
It kind of sounds like you're trying to protect your computer from 'bad things' on the internet but aren't entirely sure how to define what those threats actually are.

As someone knowledgeable in computer security, I would say that the best approach to computer security is knowledge, rather than the isolation or bunkering of a particular machine (which won't negate all potential threats anyway). Read a bit and gain some knowlege about how computers and operating systems work, how the internet and its various protocols work, and how your machine interacts with others, and the security threats and defenses against them, will start to become obvious.

Bob

User avatar
Boglenaut
Posts: 3090
Joined: Mon Mar 23, 2009 7:41 pm

Post by Boglenaut » Thu Mar 26, 2009 12:31 pm

Thanks CyberBob. Yes, I have current virus protection, firewall, anti-phishing, multiple anti-spyware, etc, on all machines.

I even put my 4 year olds' machine on Ubuntu once they stopped supporting Windows Me.

livesoft
Posts: 62917
Joined: Thu Mar 01, 2007 8:00 pm

Post by livesoft » Thu Mar 26, 2009 12:41 pm

I use 3 or 4 different computers for my online investing activity. Not a big deal. I am not paranoid, but that does not mean people aren't out to get me.

User avatar
CyberBob
Posts: 3216
Joined: Tue Feb 20, 2007 2:53 pm

Post by CyberBob » Thu Mar 26, 2009 12:52 pm

Boglenaut wrote:Thanks CyberBob. Yes, I have current virus protection, firewall, anti-phishing, multiple anti-spyware, etc, on all machines.

I even put my 4 year olds' machine on Ubuntu once they stopped supporting Windows Me.
Your kids machine doesn't have any open ports by default, so that's a good thing. Although, I would take away sudo and make a true root account, giving your kid only user privileges.

And since you have two computers, I'm guessing you have a hardware firewall of some sort, probably in your router. Don't forget that not having open ports for someone to walk right through solves a lot of problems and means that bad things (with a few exceptions) are only going to come past the firewall when you as a user invite them.

And even if you did have an open port or two, there has to be some vulnerability to exploit, so if you stay updated with software patches, that makes you an even smaller target.

And speaking of patches, I was just looking at the logs on my server where someone attempted an attack based on a vulnerability in a specific software package (which I wasn't even running). But the attack they were trying was for a vulnerability that was patched in 2006. So even if I was running that software, if I hadn't done any security patching since 2006, I'd surely just be asking for trouble ;)

Bob

JasonR
Posts: 567
Joined: Mon Nov 26, 2007 5:06 pm

Post by JasonR » Thu Mar 26, 2009 2:13 pm

Boglenaut wrote:I have current virus protection, firewall, anti-phishing, multiple anti-spyware, etc, on all machines.

I even put my 4 year olds' machine on Ubuntu once they stopped supporting Windows Me.
Your 4 year old has the most secure machine in the house.

baldeagle
Posts: 61
Joined: Sun Mar 04, 2007 6:23 pm
Location: Portland, OR

Post by baldeagle » Thu Mar 26, 2009 3:55 pm

Thanks CyberBob. Yes, I have current virus protection, firewall, anti-phishing, multiple anti-spyware, etc, on all machines.

I even put my 4 year olds' machine on Ubuntu once they stopped supporting Windows Me.
Boglenaut, try also running as a Limited User instead of as Administrator, which is what Windows defaults to. It adds yet another level of protection against malware.

User avatar
Boglenaut
Posts: 3090
Joined: Mon Mar 23, 2009 7:41 pm

Post by Boglenaut » Thu Mar 26, 2009 4:28 pm

Thanks.

I have software firewall now. CyberBob, any recommended router with hardware firewall?

baldeagle, yes, we got a bit lazy with each machine only having one user. I'll set up user accounts instead of admin.

User avatar
at
Posts: 539
Joined: Thu May 24, 2007 12:10 am
Location: Singapore
Contact:

Post by at » Thu Mar 26, 2009 5:08 pm

There's no effective way of preventing password theft from techniques such as hardware keyloggers or device-driver level keyloggers.

The best approach is to get accounts that have 2nd Factor Authentication. With 2FA, even if your passwords get stolen, the hackers will have a hard time if the 2FA devices are properly secured.

User avatar
speedbump101
Posts: 997
Joined: Thu Oct 18, 2007 10:54 pm
Location: Alberta Canada

Post by speedbump101 » Thu Mar 26, 2009 5:29 pm

One more thing... I always run Gibson Research's 'Shields Up' on any new computer installation... It's free and it will alert you if you have any open ports, at least in the first 1056...

Shields Up

As as aside, I have used his commercial 'SpinRite' for years... One of the best hard drive utilities out there... SpinRite isn't free, a Shields Up port scan is.

SB... happy computing!
"Man is not a rational animal, he is a rationalizing animal" -Robert A. Heinlein

sommerfeld
Posts: 1157
Joined: Fri Dec 12, 2008 8:02 pm

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by sommerfeld » Thu Mar 26, 2009 7:04 pm

Boglenaut wrote:It occurs to me this may be a good security feature going forward when I buy myself a laptop. If I only go to my accounts and security software update page with my desktop, and use the laptop for browsing, e-mail, etc., it seems much safer. Also, that computer doesn't even have wi-fi (of course encrypted either way).

Seem like overkill?
I think you'd be better served by avoiding microsoft. It's not that other operating systems don't have serious bugs -- it's that microsoft's dominance in the market means that miscreants get more bang for their buck by targeting windows.

If all you're doing is on-line investing via a web browser, try a linux or opensolaris livecd. If it works on your hardware, it will boot and run off of a write-protected medium (the CD) and thus be very difficult for malware to infect.

bluto
Posts: 510
Joined: Sun Sep 30, 2007 4:54 pm

Post by bluto » Thu Mar 26, 2009 7:47 pm

May I ask which internet security system people use? My Norton 360 subscription ends in a week. Is the $70 worth it or is there a better/cheaper alternative to internet security??

User avatar
OldSubmariner
Posts: 26
Joined: Tue Feb 27, 2007 12:29 pm
Location: San Diego

Post by OldSubmariner » Thu Mar 26, 2009 8:06 pm

Try Windows One Livecare. One subscription gives you coverage on up to three of your computers

Sidney
Posts: 6696
Joined: Thu Mar 08, 2007 6:06 pm

Post by Sidney » Thu Mar 26, 2009 8:09 pm

May I ask which internet security system people use? My Norton 360 subscription ends in a week. Is the $70 worth it or is there a better/cheaper alternative to internet security??
Firewall: Comodo

Antivirus: Avira

My experience with Norton is that it takes up a lot of computer resources. I am comfortable using Comodo as a firewall and it is not difficult to tweak.
I always wanted to be a procrastinator.

User avatar
speedbump101
Posts: 997
Joined: Thu Oct 18, 2007 10:54 pm
Location: Alberta Canada

Post by speedbump101 » Thu Mar 26, 2009 8:13 pm

bluto wrote:May I ask which internet security system people use? My Norton 360 subscription ends in a week. Is the $70 worth it or is there a better/cheaper alternative to internet security??
Avast (free) for antivirus, and Spysweeper ($30 a yr) for spam...
Have a look at The Virus Bulletin for product reviews. (free subscription for most data)

I totally agree about Norton being a resources hog.

SB...
Last edited by speedbump101 on Thu Mar 26, 2009 8:18 pm, edited 1 time in total.
"Man is not a rational animal, he is a rationalizing animal" -Robert A. Heinlein

User avatar
at
Posts: 539
Joined: Thu May 24, 2007 12:10 am
Location: Singapore
Contact:

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by at » Thu Mar 26, 2009 8:14 pm

sommerfeld wrote: I think you'd be better served by avoiding microsoft. It's not that other operating systems don't have serious bugs -- it's that microsoft's dominance in the market means that miscreants get more bang for their buck by targeting windows.

If all you're doing is on-line investing via a web browser, try a linux or opensolaris livecd. If it works on your hardware, it will boot and run off of a write-protected medium (the CD) and thus be very difficult for malware to infect.
It’s not at all clear-cut that Linux is more secured than Windows. Personally, I think that MSFT’s employees are more trustworthy than a disparate worldwide group of hackers; many of whom Linus has probably not even met. It’s very possible that Linus might slip on one late night programming and checked in a malicious patch submitted to him.

User avatar
Karl
Posts: 1074
Joined: Sun May 13, 2007 5:52 pm
Location: Milwaukee, WI

Post by Karl » Thu Mar 26, 2009 9:23 pm

Having only one computer, I never even think about such issues.

bluto
Posts: 510
Joined: Sun Sep 30, 2007 4:54 pm

Post by bluto » Fri Mar 27, 2009 5:08 am

SB, Sidney - thanks for the links!

I'm willing to abandon Norton. It seems expensive to pay $70/year to protect my 6 year old PC, and nothing to protect a new MacBook.

User avatar
stratton
Posts: 11082
Joined: Sun Mar 04, 2007 5:05 pm
Location: Puget Sound

Post by stratton » Fri Mar 27, 2009 6:18 am

Karl wrote:Having only one computer, I never even think about such issues.
You could do the same with a virtual machine and enough memory. I've thought about doing this. One totally locked down OS running in a virtual machine for finances only.

Paul

User avatar
at
Posts: 539
Joined: Thu May 24, 2007 12:10 am
Location: Singapore
Contact:

Post by at » Fri Mar 27, 2009 6:56 am

It's not a good idea to use a virtual machine. If either the host or the virtual machine gets a virus, you're doomed. It only makes the transactions more vulnerable.

User avatar
tetractys
Posts: 4596
Joined: Sat Mar 17, 2007 3:30 pm
Location: Along the Salish Sea

Post by tetractys » Fri Mar 27, 2009 7:15 am

bluto wrote:May I ask which internet security system people use? My Norton 360 subscription ends in a week. Is the $70 worth it or is there a better/cheaper alternative to internet security??
Very simple, just recognize how viruses are acquired, and then don't do that.

It's the same with phishing problems. If you don't cater to them they can't bother you.

Leave outside access to your computer turned off.

Keep in mind that viruses are a virus software company's best friend; it's a suckers game.

Secure without extras for years -- Tet
RESISTANCE IS FRUITFUL

kyuss
Posts: 161
Joined: Fri Feb 23, 2007 7:50 am

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by kyuss » Fri Mar 27, 2009 7:24 am

sommerfeld wrote:I think you'd be better served by avoiding microsoft. It's not that other operating systems don't have serious bugs -- it's that microsoft's dominance in the market means that miscreants get more bang for their buck by targeting windows.

If all you're doing is on-line investing via a web browser, try a linux or opensolaris livecd. If it works on your hardware, it will boot and run off of a write-protected medium (the CD) and thus be very difficult for malware to infect.
I had been considering trying Linux for some time, but keep coming across opinions like the one in the blog linked below that prevent me from taking any action. Plus no Quicken.

http://beranger.org/index.php?page=diar ... -from-linu

User avatar
at
Posts: 539
Joined: Thu May 24, 2007 12:10 am
Location: Singapore
Contact:

Post by at » Fri Mar 27, 2009 7:28 am

tetractys wrote:
bluto wrote:May I ask which internet security system people use? My Norton 360 subscription ends in a week. Is the $70 worth it or is there a better/cheaper alternative to internet security??
Very simple, just recognize how viruses are acquired, and then don't do that.
The biggest source of viruses comes from the Internet and disconnecting from the Internet is definitely not an option.

The original version of XP, for example, has security flaws that cause it to contact virus just by hooking up the network cables.

junior
Posts: 761
Joined: Wed Sep 10, 2008 6:14 pm
Contact:

Post by junior » Fri Mar 27, 2009 7:37 am

I've gotta imagine that a modern Windows Computer with a good antivirus product is pretty statistically unlikely to get a virus that results in identity theft. Most computers seem to run windows, including many businesses, and they seem to get by.

User avatar
Boglenaut
Posts: 3090
Joined: Mon Mar 23, 2009 7:41 pm

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by Boglenaut » Fri Mar 27, 2009 7:53 am

kyuss wrote: I had been considering trying Linux for some time, but keep coming across opinions like the one in the blog linked below that prevent me from taking any action. Plus no Quicken.
Ubuntu is great for my 4 year old browsing with Firefox. She only goes to PBS Kids, Disney, etc.

But I don't know how to use the command line to install new applications. I am not allowed to post links yet, but google this for a technology article on the subject:

Linux-Barbies-Battle-the-Command-Line

kyuss
Posts: 161
Joined: Fri Feb 23, 2007 7:50 am

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by kyuss » Fri Mar 27, 2009 7:58 am

Boglenaut wrote:Ubuntu is great for my 4 year old browsing with Firefox. She only goes to PBS Kids, Disney, etc.

But I don't know how to use the command line to install new applications. I am not allowed to post links yet, but google this for a technology article on the subject:

Linux-Barbies-Battle-the-Command-Line
Here's the link, very interesting:

http://www.technewsworld.com/rsstory/66623.html

TheEternalVortex
Posts: 2548
Joined: Tue Feb 27, 2007 9:17 pm
Location: San Jose, CA

Post by TheEternalVortex » Fri Mar 27, 2009 8:16 am

at wrote:There's no effective way of preventing password theft from techniques such as hardware keyloggers or device-driver level keyloggers.

The best approach is to get accounts that have 2nd Factor Authentication. With 2FA, even if your passwords get stolen, the hackers will have a hard time if the 2FA devices are properly secured.
At some point you have to figure that physical security is more important. If someone goes into your house and steals all your stuff, that's probably a lot worse than getting access to your online accounts. Particularly for credit card accounts, where you can't really do anything online.

TheEternalVortex
Posts: 2548
Joined: Tue Feb 27, 2007 9:17 pm
Location: San Jose, CA

Post by TheEternalVortex » Fri Mar 27, 2009 8:16 am

at wrote: The original version of XP, for example, has security flaws that cause it to contact virus just by hooking up the network cables.
That's impossible.

User avatar
rpike
Posts: 476
Joined: Mon Mar 19, 2007 10:14 pm
Contact:

Safer Surfing

Post by rpike » Fri Mar 27, 2009 8:17 am

junior wrote:I've gotta imagine that a modern Windows Computer with a good antivirus product is pretty statistically unlikely to get a virus that results in identity theft. Most computers seem to run windows, including many businesses, and they seem to get by.
Viruses are only one type of malware that can infect a computer. I have seen business computers running current AV and other protective software get infected due to unsafe practices of users. And I have seen instances where such malware spread more easily once inside the corporate network.

Shared PCs such as at Internet cafes or state re-employment resource centers often get infected. They typically use software that rolls back any system changes to a known good state upon reboot.

There are also tools like DropMyRights and Sandboxie that can be implemented to make for safer surfing (see http://www.techsupportalert.com/safe-surfing.php). DropMyRights can be used to lower the privileges when launching an application in a privileged account. And Sandboxie lets you run within an environment that gets reset when you exit. Some people use VMware player with guest "appliance" operating systems similarly.

Another Rick

User avatar
CyberBob
Posts: 3216
Joined: Tue Feb 20, 2007 2:53 pm

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by CyberBob » Fri Mar 27, 2009 9:54 am

Boglenaut wrote:But I don't know how to use the command line to install new applications.
apt-get install whatever

But you don't need to do it that way if you don't want to. Instead, just go to System > Administration > Synaptic Package Manager

Bob

junior
Posts: 761
Joined: Wed Sep 10, 2008 6:14 pm
Contact:

Re: Safer Surfing

Post by junior » Fri Mar 27, 2009 10:16 am

rpike wrote:
junior wrote:I've gotta imagine that a modern Windows Computer with a good antivirus product is pretty statistically unlikely to get a virus that results in identity theft. Most computers seem to run windows, including many businesses, and they seem to get by.
Viruses are only one type of malware that can infect a computer. I have seen business computers running current AV and other protective software get infected due to unsafe practices of users. And I have seen instances where such malware spread more easily once inside the corporate network.
Another Rick

Did these instances result in stolen passwords and identity theft?

I figure if I wanted to steal someones identity I'd invent a program that doesn't give the user a hint that it is on the system, something like a silent keylogger.

If these exist, how would you even know it if the AV doesn't detect it?

Its one thing to get a pop up ad embedded in internet explorer or a macro virus that deletes files, but I'm wondering if its particularly likely for an identity theft situation to occur on a windows pc.

User avatar
BlueEars
Posts: 3634
Joined: Sat Mar 10, 2007 12:15 am
Location: West Coast

Post by BlueEars » Fri Mar 27, 2009 10:40 am

I have the free version of Secunia on my PC which checks your software for whether it's up to date on patches. Seems to work nicely. After fixing a few items initially, it has rarely complained about a patch backlog and tells me 53 programs are up to date.

CaptMidnight
Posts: 757
Joined: Tue May 15, 2007 5:58 am

Post by CaptMidnight » Fri Mar 27, 2009 10:49 am

at wrote:It's not a good idea to use a virtual machine. If either the host or the virtual machine gets a virus, you're doomed. It only makes the transactions more vulnerable.
No problem. Just don't ever surf from the host machine. Why would you anyway? If a vm gets a virus it is no more dangerous than if a pc on your network gets one. Use one vm to access only banks and brokers and never access anything else. Use another, dirty vm running linux to access less safe sites. The dirty vm can be a boot from a Linux cd, for example. for maximum protection.

Run all the protection sofware on the host and all vms.
The history of thought and culture is ... a changing pattern of great liberating ideas that inevitably turn in suffocating straightjackets... | --Isaiah Berlin

sommerfeld
Posts: 1157
Joined: Fri Dec 12, 2008 8:02 pm

Post by sommerfeld » Fri Mar 27, 2009 12:07 pm

TheEternalVortex wrote:
at wrote: The original version of XP, for example, has security flaws that cause it to contact virus just by hooking up the network cables.
That's impossible.
According to http://aroundcny.com/technofile/texts/tec082904.html:
Windows XP users may be dismayed to learn that a new, unpatched Windows XP computer isn't likely to last more than 20 minutes before it succumbs to infections over the Internet.
I don't do windows.

User avatar
at
Posts: 539
Joined: Thu May 24, 2007 12:10 am
Location: Singapore
Contact:

Post by at » Fri Mar 27, 2009 3:45 pm

CaptMidnight wrote:No problem. Just don't ever surf from the host machine. Why would you anyway? If a vm gets a virus it is no more dangerous than if a pc on your network gets one. Use one vm to access only banks and brokers and never access anything else. Use another, dirty vm running linux to access less safe sites. The dirty vm can be a boot from a Linux cd, for example. for maximum protection.

Run all the protection sofware on the host and all vms.
The problem is, viruses can be contacted by means other than surfing the web. If the host gets infected by a keylogger, the keystrokes you enter into the VM will get trapped as well.

User avatar
Sunny Sarkar
Posts: 2417
Joined: Fri Mar 02, 2007 1:02 am
Location: Flower Mound, TX
Contact:

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by Sunny Sarkar » Fri Mar 27, 2009 4:15 pm

Boglenaut wrote:I've gradually taken over my wife's laptop and seem to be using my desktop lately solely for my on-line accounts. I didn't do this on purpose...it just gradually happened.

It occurs to me this may be a good security feature going forward when I buy myself a laptop. If I only go to my accounts and security software update page with my desktop, and use the laptop for browsing, e-mail, etc., it seems much safer. Also, that computer doesn't even have wi-fi (of course encrypted either way).

Seem like overkill? Does anyone else have a computer set up solely for handling their on-line accounts?
It can't hurt, but I think it's overkill. What is your specific concern?

Suppose you are doing the following...
* Firefox instead of Internet Explorer
* Thunderbird instead of Outlook
* WEP encryption on wireless router with firewall
* https , not http, on the website
* Weird usernames and good strong passwords, different for each account, changed once in a while
* Virus and other malware checking tools run regularly

That is pretty safe. It will take a lot to get through all that. There's a much higher chance that your information will get compromised by something like a clever phising email/phone-call or that un-shredded paper statement in the trash.

User avatar
modal
Posts: 1243
Joined: Tue Feb 20, 2007 3:57 pm
Location: USA

Re: Dedicated Computer Used Solely for On-Line Investing?

Post by modal » Fri Mar 27, 2009 5:10 pm

I have used a separate computer and also going with a separate hard disk or bootable flash stick.

User avatar
BlueEars
Posts: 3634
Joined: Sat Mar 10, 2007 12:15 am
Location: West Coast

Post by BlueEars » Fri Mar 27, 2009 5:16 pm

I use Firefox combined with DropMyRights (no administrator privileges so a bad click cannot install viruses).

Does anyone have any actual information on how much better Firefox is then IE at keeping viruses off systems?

User avatar
at
Posts: 539
Joined: Thu May 24, 2007 12:10 am
Location: Singapore
Contact:

Post by at » Fri Mar 27, 2009 7:04 pm

Les wrote:I use Firefox combined with DropMyRights (no administrator privileges so a bad click cannot install viruses).
Having no administrator privileges will protect you from most viruses. However, that does not mean that your PC is fail proof. It's possible for hackers to find some flaws in the code that exploit buffer-overrun security flaws. Most complex file formats such as video, music, html etc are vulnerable to such exploits. You can contact such hacks by just surfing the net or watching porn on your PC.

Personally, I feel that OpenSource programs such as FireFox where the code is made public for hackers to inspect could be ripe for abuse.

bluemonday
Posts: 263
Joined: Fri Dec 05, 2008 10:26 pm

Post by bluemonday » Fri Mar 27, 2009 7:24 pm

at wrote:
Les wrote:I use Firefox combined with DropMyRights (no administrator privileges so a bad click cannot install viruses).


Personally, I feel that OpenSource programs such as FireFox where the code is made public for hackers to inspect could be ripe for abuse.

This is just wrong. Microsoft is closed source, does that mean it's software is safer overall? Hardly. Cryptographic algorithms, to use one example, that are not open source, are not to be trusted, period. This is how you find out if an algorithm is any good, by opening it up to the world , to be beat on.

User avatar
Random Musings
Posts: 5315
Joined: Thu Feb 22, 2007 4:24 pm
Location: Pennsylvania

Post by Random Musings » Fri Mar 27, 2009 8:50 pm

Livesoft wrote:
I use 3 or 4 different computers for my online investing activity. Not a big deal. I am not paranoid, but that does not mean people aren't out to get me.
Yes we, I mean they, are.

RM

User avatar
Pres
Posts: 230
Joined: Thu Aug 07, 2008 4:25 pm
Location: Eurozone

Post by Pres » Fri Mar 27, 2009 8:51 pm

Using a separate computer seems overkill.

BUT if you have inexperienced users in the house, children, people downloading pirated software, surfing pr0nsites, etc. I'd make THEM use a pc that isn't used for important things and doesn't contain data that you don't want to be compromised or lost. Because they are at a high risk of spyware infections, which can for example install keyloggers.

CaptMidnight
Posts: 757
Joined: Tue May 15, 2007 5:58 am

Post by CaptMidnight » Sat Mar 28, 2009 6:53 am

at wrote: The problem is, viruses can be contacted by means other than surfing the web. If the host gets infected by a keylogger, the keystrokes you enter into the VM will get trapped as well.
How can you get a keylogger other than by surfing or installing software from an unreliablbe source?
The history of thought and culture is ... a changing pattern of great liberating ideas that inevitably turn in suffocating straightjackets... | --Isaiah Berlin

User avatar
CyberBob
Posts: 3216
Joined: Tue Feb 20, 2007 2:53 pm

Post by CyberBob » Sat Mar 28, 2009 12:15 pm

at wrote:Personally, I feel that OpenSource programs such as FireFox where the code is made public for hackers to inspect could be ripe for abuse.
bluemonday wrote:This is just wrong. Microsoft is closed source, does that mean it's software is safer overall? Hardly. Cryptographic algorithms, to use one example, that are not open source, are not to be trusted, period. This is how you find out if an algorithm is any good, by opening it up to the world , to be beat on.
If you don't write code, At's response certainly seems to be logical. But if you do write code, you'll realize that BlueMonday is right on target.

Imagine I take a letter, lock it in a safe, hide the safe somewhere, then tell you to read the letter. That's not security, that's obscurity.

On the other hand, if I take a letter and lock it in a safe, and then give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world's best safecrackers can study the locking mechanism - and you still can't open the safe and read the letter - that's security.

Bob

User avatar
at
Posts: 539
Joined: Thu May 24, 2007 12:10 am
Location: Singapore
Contact:

Post by at » Sat Mar 28, 2009 2:19 pm

CaptMidnight wrote: How can you get a keylogger other than by surfing or installing software from an unreliablbe source?
A PC can connect to a network by means other than a browser and without the user personally initiating it. Some of the services running in the background in XP bind themselves to ports listening to network traffic. If these services have defects in them, they could open themselves to attacks.

Post Reply