[ale] nailing down firefox security and privacy - PT 1
David Tomaschik
david at systemoverlord.com
Thu Oct 13 17:16:50 EDT 2011
On Thu, Oct 13, 2011 at 3:58 PM, Pat Regan <thehead at patshead.com> wrote:
> On Thu, 13 Oct 2011 10:16:15 -0400
> David Tomaschik <david at systemoverlord.com> wrote:
>
>> I'd planned to stay out of this one -- as much as I like a good
>> debate, I've been busy lately, but I can't leave this part alone.
>> There have been a sufficient number of remote code execution
>> vulnerabilities that you can't say "Programs don't just auto-download
>> and open on the client system, even on something as insecure as
>> Windows."
>
> If the malware in question here were using an exploit, why would it
> bother trying to get the user to click on it?
>
> Pat
You've never seen "AntiVirus 2009" (and I imagine there is 2010, 2011,
etc., but I stopped doing any Windows support in 2009). It's malware
that pretends to do an AV scan, finds a list of things, and tells you
it can remove them... for $39.99. You go to their website, put in
their credit card details, and you're toast. I'm not sure if they
actually charge you $39.99, just capture your CC info, or both. Never
tried it to find out.
--
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com
More information about the Ale
mailing list