[ale] nailing down firefox security and privacy - PT 1

Scott Castaline skotchman at gmail.com
Thu Oct 13 22:28:10 EDT 2011


On 10/13/2011 05:16 PM, David Tomaschik wrote:
> On Thu, Oct 13, 2011 at 3:58 PM, Pat Regan<thehead at patshead.com>  wrote:
>> On Thu, 13 Oct 2011 10:16:15 -0400
>> David Tomaschik<david at systemoverlord.com>  wrote:
>>
>>> I'd planned to stay out of this one -- as much as I like a good
>>> debate, I've been busy lately, but I can't leave this part alone.
>>> There have been a sufficient number of remote code execution
>>> vulnerabilities that you can't say "Programs don't just auto-download
>>> and open on the client system, even on something as insecure as
>>> Windows."
>> If the malware in question here were using an exploit, why would it
>> bother trying to get the user to click on it?
>>
>> Pat
> You've never seen "AntiVirus 2009" (and I imagine there is 2010, 2011,
> etc., but I stopped doing any Windows support in 2009).  It's malware
> that pretends to do an AV scan, finds a list of things, and tells you
> it can remove them... for $39.99.  You go to their website, put in
> their credit card details, and you're toast.  I'm not sure if they
> actually charge you $39.99, just capture your CC info, or both.  Never
> tried it to find out.
>
>
For your info they do have a 2011 one. My wife's state laptop got bit a 
while back and shortly after everyone in her office got it. At quick 
glance it was quite convincing, but after a closer look it definitely 
started to look like it was time to, "Step away from the keyboard, do 
not touch that enter key!" (in my best impersonation of a cop shouting 
to suspect through bull horn type voice).


More information about the Ale mailing list