"A surprising number of governments are now deploying their own custom malware and the end result could be chaos for the rest of us, F-Secure's malware chief Mikko Hypponen told the TrustyCon ( https://www.trustycon.org/ ) conference in San Francisco on Thursday.
'Governments writing viruses: today we sort of take that for granted but 10 years ago that would have been science fiction,' he told the public conference. 'If someone had come to me ten years ago and told me that by 2014 it will be commonplace for democratic Western governments to write viruses and actively deploy them against other governments, even friendly governments, I would have thought it was a movie plot. But that's exactly where we are today.'
http://www.scmagazine.com/trustycon-malware-expert -mikko-hypponen-kicks-off-conference-on-trust/arti cle/336089/"
Well, Flash is a crossplatform delivery vector, and it appears that HTML5 will also be one.
So is Java.
It's true that the item delivered will need to be configured to run under your system, but if you're on the web, you can probably be compromised. If not this year, then next year.
Undoubtedly. But you see what I mean about how my computer isn't standard?
Doctor: "Do you hear voices?"
Me: "Only when my bluetooth is charged."
I use noscript as well and run FF within a sandboxie container. In linux i just use FF and don't really care.
What do you do when you want to buy something? Constantly run into problems because the site you are buying from is actually using 3rd party services. None of those are whitelisted and die horribly. Adding them to the whitelist causes data to be resent and could cause an error : /
I use (among other things) NoScript and RequestPolicy [mozilla.org], and when I want to buy something, of course I make sure to be aware of what is being allowed (both temporarily and permanently) and what is being blocked. In other words, I buy things online all the time and haven't had any problems or double charges. If a person doesn't understand how to use a chainsaw, that isn't the chainsaw's fault.
I'll take a look at RequestPolicy. You might also like https://www.eff.org/https-everywhere [eff.org]
Thanks, I'm already [soylentnews.org] using it, though I do appreciate the advice anyway.
Conclusion: if anybody wants to attack us soylentils (and pipedotters, technocrats & comp.miscfits), NoScript would be the perfect virus vector.
+1 Insightful, kingdom for mod points, you know the schtick.