[ale] nailing down firefox security and privacy - PT 1
Scott Castaline
skotchman at gmail.com
Thu Oct 13 22:28:10 EDT 2011
On 10/13/2011 05:16 PM, David Tomaschik wrote:
> On Thu, Oct 13, 2011 at 3:58 PM, Pat Regan<thehead at patshead.com> wrote:
>> On Thu, 13 Oct 2011 10:16:15 -0400
>> David Tomaschik<david at systemoverlord.com> wrote:
>>
>>> I'd planned to stay out of this one -- as much as I like a good
>>> debate, I've been busy lately, but I can't leave this part alone.
>>> There have been a sufficient number of remote code execution
>>> vulnerabilities that you can't say "Programs don't just auto-download
>>> and open on the client system, even on something as insecure as
>>> Windows."
>> If the malware in question here were using an exploit, why would it
>> bother trying to get the user to click on it?
>>
>> Pat
> You've never seen "AntiVirus 2009" (and I imagine there is 2010, 2011,
> etc., but I stopped doing any Windows support in 2009). It's malware
> that pretends to do an AV scan, finds a list of things, and tells you
> it can remove them... for $39.99. You go to their website, put in
> their credit card details, and you're toast. I'm not sure if they
> actually charge you $39.99, just capture your CC info, or both. Never
> tried it to find out.
>
>
For your info they do have a 2011 one. My wife's state laptop got bit a
while back and shortly after everyone in her office got it. At quick
glance it was quite convincing, but after a closer look it definitely
started to look like it was time to, "Step away from the keyboard, do
not touch that enter key!" (in my best impersonation of a cop shouting
to suspect through bull horn type voice).
More information about the Ale
mailing list