AnonTechie writes:
"A surprising number of governments are now deploying their own custom malware and the end result could be chaos for the rest of us, F-Secure's malware chief Mikko Hypponen told the TrustyCon ( https://www.trustycon.org/ ) conference in San Francisco on Thursday.
'Governments writing viruses: today we sort of take that for granted but 10 years ago that would have been science fiction,' he told the public conference. 'If someone had come to me ten years ago and told me that by 2014 it will be commonplace for democratic Western governments to write viruses and actively deploy them against other governments, even friendly governments, I would have thought it was a movie plot. But that's exactly where we are today.'
(Score: 1) by mrider on Friday February 28 2014, @11:53PM
To all of you that keep replying that the vulnerability can be hiding inside the kernel - or whatever - you miss the point. Unless my box is remotely exploitable, how do you deliver the virus? I almost certainly don't have the same vulnerability vectors as you.
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: 5, Informative) by HiThere on Saturday March 01 2014, @12:03AM
Well, Flash is a crossplatform delivery vector, and it appears that HTML5 will also be one. So is Java. I'm not sure about JavaScript, but with a few extensions (common) it probably is.
It's true that the item delivered will need to be configured to run under your system, but if you're on the web, you can probably be compromised. If not this year, then next year.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 3, Interesting) by mrider on Saturday March 01 2014, @12:10AM
Noscript.
Not installed.
Noscript.
Undoubtedly. But you see what I mean about how my computer isn't standard?
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
(Score: 3, Insightful) by tibman on Saturday March 01 2014, @12:38AM
I use noscript as well and run FF within a sandboxie container. In linux i just use FF and don't really care.
What do you do when you want to buy something? Constantly run into problems because the site you are buying from is actually using 3rd party services. None of those are whitelisted and die horribly. Adding them to the whitelist causes data to be resent and could cause an error : /
SN won't survive on lurkers alone. Write comments.
(Score: 4, Informative) by SMI on Saturday March 01 2014, @06:22AM
I use (among other things) NoScript and RequestPolicy [mozilla.org], and when I want to buy something, of course I make sure to be aware of what is being allowed (both temporarily and permanently) and what is being blocked. In other words, I buy things online all the time and haven't had any problems or double charges. If a person doesn't understand how to use a chainsaw, that isn't the chainsaw's fault.
(Score: 1) by tibman on Sunday March 02 2014, @08:33AM
I'll take a look at RequestPolicy. You might also like https://www.eff.org/https-everywhere [eff.org]
SN won't survive on lurkers alone. Write comments.
(Score: 2) by SMI on Sunday March 02 2014, @08:40AM
Thanks, I'm already [soylentnews.org] using it, though I do appreciate the advice anyway.
(Score: 5, Insightful) by Koen on Saturday March 01 2014, @01:06AM
Conclusion: if anybody wants to attack us soylentils (and pipedotters, technocrats & comp.miscfits), NoScript would be the perfect virus vector.
/. refugees on Usenet: comp.misc [comp.misc]
(Score: 0) by Anonymous Coward on Saturday March 01 2014, @07:29AM
+1 Insightful, kingdom for mod points, you know the schtick.
(Score: 1) by sjames on Saturday March 01 2014, @07:42AM
You'll get it in the BIOS itself, fresh fropm the factory that REALLY doesn't want to be 'audited'.