Nothing to add to Jack’s excellent advice but if you do change to using Firefox there’s a useful little add-on called Paste Email Plus which stores all your passwords encrypted. You just have to right click in a password box and a list of all your passwords for different sites appears.
It’s one of my perks to running linux. People could write a key-logger for it, but so few people use linux, and even less use my distro of choice, that it’s mostly a non-issue. I did have a problem with a paypal account, but noticed and reported it when the first $10 charge showed up. I actually just went and added a bunch of security plugins now that I think of it, including one that gets rid of LSOs from flash content. @BradMajors: That could help to have a different and random password for every site, but it’s still storing the password somewhere. There’s no such thing as uncrackable encryption. Also, have a password on your computer (don’t just have it automatically sign into your account on boot), and lock your screen when you leave it alone for a couple of minutes.
Tattooing your passwords backwards on the inside of your upper lip, covered by a portion, seems the only real safe solution here.
The thing about linux is that it’s made to allow you to run your applications and do your work without requiring you to run under an administrative account , that way if you do get infected (which is a rare occasion like shikitohno said) a virus could only do harm to your account , it won’t be able to embed itself in the operating system and hide around. Even more , it’s not only that linux has a small market share as far as desktop computers are concerned but being open source means a lot of people looked at how it’s written and potential security risks were noticed and eliminated. I hesitated to mention it because most people have grown accustomed to Windows and wouldn’t switch out of habit , but if i think about it more I’ve managed to convince my parents (and my parents know nothing about computers) as well to move to Linux and they’ve been happy for the past two years. I’ve been even happier not having to clean up their computer so often , i just update the software from time to time. It won’t protect you from all attacks , but as far as viruses and malware go it’s light years ahead of Windows. Best of all it’s free (as in free speech and free beer). So go for it! You’ll be glad you did.
I’ll go so far as to say Linux is already being adopted and considered by many Fortune 500s. Many web servers are running open-source Apache on some version of UNIX, if not Linux. If Windows 7 has the same interprocess communications issues as Vista, a mass migration is going to happen, led by the big boys.
Servers and other things that are only handled by tech-savvy people, I can see becoming predominantly Linux-based. For general use though, I think it would have some big drawbacks. A lot of commands are safer and easier to run through the command line, but most people aren’t familiar with using a terminal at all, much less on a UNIX based OS. Also, the more one flavour of Linux becomes common, the more people are going to take the time to learn to write viruses for it, reducing one of it’s benefits. When someone who doesn’t know what they’re doing configures Linux, especially for an office setting, it can become real easy to break the installation. I can see the computer illiterate trying to use it because it’s cheaper, and following joke advice, like “su -c ‘rm -rf ~/’ will make your system run 25% faster.” It will become more common as more people use it, but right now, I imagine Windows licenses are cheaper than lost productivity, training people who’ve never used it before and the time paid for cleaning up after mistakes/data being lost.
Also, the more one flavour of Linux becomes common, the more people are going to take the time to learn to write viruses for it, reducing one of it’s benefits.
I have to disagree, as it stands “different flavors” or distributions are nothing more than the same Linux kernel and the same applications just that the initialization scripts and configuration files are possibly a bit different.It’s the same software in a different box. These differences are visible to you as a human beeing but what the virus needs is still the same across all distributions. Updates might be faster to come for one distro if the developers are careful , some vulnerabilities might be patched in that distribution before it reaches upstream and then goes back down the tree to all other distributions but the core remains the same , they all run the same software. Linux is not safe from viruses because few people use it , _most_ of the servers worldwide run Linux. And 90% of the software on those is the same as the software you’d have have installed on a desktop version of Linux. Linux is safe because of it’s principles , the most important being not running under an administrative account if you don’t need to. As in your example with ""su -c ‘rm -rf ~/’ " you need to input your super user account password to wipe the hard drive , that raises flags even for the non-technical. Windows XP by default drops you into an administrative account first thing after it’s been installed , few people even use a password. Anything you run has full powers over your computer. Another reason why it’s safe is because it’s open source. Security though obscurity rarely works. The software that runs on linux , and linux itself has been reviewd by thousands of people , and those people noticed possible security vulnerabilities and patched them up. On windows you can’t do that , it takes a lot of effort to find a vulnerability , and by the time microsoft actually does something about it , being a huge corporate machine , it’s already exploited by a dozen viruses roaming around the internet.
I imagine Windows licenses are cheaper than lost productivity, training people who’ve never used it before and the time paid for cleaning up after mistakes/data being lost.
As for linux on the desktop , it’s not so far fetched. It had huge success when Asus released the Eee Pc with linux installed and people bought it like crazy and liked it. For corporations willing to migrate you don’t have to teach your entire staff how to use a terminal , you just take the money you had to pay for licenses , save half of it and the other you use to pay a knowledgeable linux expert.He’ll maintain all the software on the computers and set them up such that your non-technical staff can just work on their stuff without being bothered by messing around with the operating system. I did this for a couple of people and they’ve never been happier. The thing is Linux is so customizable that you can make it fit your needs like a glove , windows is not so malleable.Even if most people already know how to work on windows their productivity will still be higher on a custom system designed for their needs than a generic system they know more or less. Linux is far easier to set up for redundancy as well , you can have constant backups for your data distributed all over your network , you just can’t do that easily on windows. And due to windows being so vulnerable to viruses it’s far more likely you’ll loose money for lost data on windows than on linux. Furthermore you save money not only on windows licenses but on anti virus software and updates. On office editing software as well. Linux again is easier to maintain over the network and you can do it for free. On Windows by default you have to either kick your working user from the computer in order to log on remotely or use a server version of windows that costs something like 1000$ per computer. You can patch it up manually but you break your EULA and loose support, again not good. That’s just my opinion , you are right though , all of this takes some effort and in that regard it’s sometimes easier to just stick with what you have.
snuffertony CommentTime7 days ago whisper# 8 @ LincolnSnuff, You should have had it returned to the UPS distribution center and then waited for the bastard to pick it up and shot him! One less scumbag on the Earth… I hate these people who try to gain from other peoples hard work and sweat. — Careful snuffertony! youll ahve the gun grabbing fake humanitarians flaming you in a minute!
Linux for the win! I’ve used it since 1997 with no problems.
here is one for the why do assholes do this file. Yesterday I saw a imbecial that shouldn’t drive back into another car. Gave the person that got backed into my phone # and stuff. The idiot bitch that backed into another car told her insurance company that she was parked and not moving. Glad I got to tell me story (and willing to do it again if I need to) but I have to ask how selfish can a person be. I just have to say I really do hate people that are that selfish I have trouble seeing them as human beings in all honesty.
There may be a difficult trade-off in Microsoft accommodation of the ‘benign’ data collecting of information of ‘legitimate’ businesses who want to make marketing and other business decisions, send you targeted ‘attractive’ offers; and malicious, less genteel, exploits of those accommodations. Penetrations to the kernel from Active X scripts may be a structural design issue in Windows, that won’t go away as long as Microsoft wants to keep the door partially open. Consider the toolbar wars of the summer of 2008. Consider that Adobe AIR is an extra-kernel interface layer vulnerability that bypasses User Access Controls in Vista and 7. Once upon a time, if you weren’t kiddie-retard-wanting-to-see the Paris Hilton video, you would be OK. Now, ‘accepting’ an Active X control is all it takes. This acceptance effectually defeats your security at your direction. How to know? There is a heavy reliance on ‘trust,’ a great deal of discipline required to refuse. Businesses who want to depart from patch-melodrama du jour, with a majority of patches being patches of patches, are implementing draconian restrictions extended to desktop, and browser plug-ins, to try to mitigate the security problem, while doing feasibility studies. Some may have eschewed IE 7 and 8 because of the inherent design extensions that complicate security maintenance. Long years ago, users had a ‘dumb terminal’ with all the processing taking place on the ‘host.’ Then, Windows became the replacement front-end, fueled by the precipitous drop in PC costs, followed by distributed processing to off-load the host, and now, due to intractable security problems, desktop PCs are becoming dumb terminals again in systems that must access the internet. Add to all this, security interprocess communication failures that disabled all firewalls, followed by still unreliable, hibernation interprocess communication failures of an insipid, propeller-head power management (no shutdown option by default) scheme that burned up more energy in troubleshooting and file corruption than saved ozone. It’s tellingly asinine that XP, until SP 3, couldn’t be reliably networked to Vista. Amazing. Many businesses ‘downgraded’ to XP for reliability, but that was fixed by XP being ‘updated’ to almost as squirrely as Vista. At least 7 has a way to shutdown without having to reconfigure in the control panel. To be somewhat fair, 7 has excellent touch-screen features, and some really cutting edge whiz-bang support of newer multi-core processors. Last, there may be a cost-benefit effect of the economy, where reliability and security are more important than ever. Massive outlays for a quad-core dumb terminal may not fly where people are still able to think to realize that word processing a 286, and browsing a fifty-buck ten year old single-core Pentium can handle is plenty. Importantly here, making the move to 7 would mean massive hardware replacements to realize its benefits; for what will never be more than a corporate dumb terminal, if it can’t be secured, by design. It’s an interesting situation. We’ll see.
If the attacker is an asshole, they’ll probable rip you off. I live in a road with a lot of elderly people, my parents included, all embracing this wonderful thing called the net. I’ve had a net connection of some kind for the last 15 years, and studied computer science. What I find alarming is the uptake in wireless networks that have been set-up by clueless t**ts, a friend of a friend did it, he’s good with computers you know!, yeah right! I tried telling a couple people in my road that “YOU ARE AT RISK” your friends son is a clueless t**t, “let me sort this out for you I said” it’s ok Shaun, we’ll be fine??? One elderly guy did say yes. He said “I’d like it if you came round and had at look at my router Shaun” When i said Jack, “I won’t need to be in the same house” he looked concerned. The next day I took him round his browsing history along with his PayPal (i guessed this one, same as the email), and eMail passwords(both the same short passwords, the name of his cat?, go figure). He was horrified, the whole road found out in about 0.3 of a second and now I’ve secured all the routers that needed doing. PEOPLE::: it’s not always your Googlemail or whatever that’s been compromised its your rubbish WiFi set-up. Once they’ve done your router it’s then just a case of monitor the network traffic (well, there’s a bit more to it than that but, I’m not going to tell, sorry). Google This For Me Please — War Driving – Backtrack3, and a Man in the Middle attact SET YOUR ROUTER UP PROPERLY, PLEASE. Or, Don’t use WiFi, plug in… If you need a secure place for passwords… this is a good little flash driveAES - 256 Bit EncryptionLike Jack Says, pick a strong one, a very strong one. Only reason people don’t is, they can’t remember them.
@Iceman: just out of curiosity , it sais it does the encryption in hardware and that no software is required , how exactly does one input the key on that flash drive? What i’d really like to see is a full hardware AES flash drive with a keypad on the back, now that would be nice. As far as wireless networks go you couldn’t be more right , the downside is not everyone is lucky enough to have white hats around , and those that do don’t listen until they’ve been stung. Some don’t listen even after they’ve been stung.
Hi Jack When you put it in for the first time it sets up and asks you for a user password that must be 6 -16 characters long. Set as uppercase, lowercase, letters and numbers. If you pull it out or get a power off, it locks down. If it feels a Brute force attack it deletes everything on the drive after 6 failed attempts. the encryption is hardware and no software is required its all on the drive. When you put the drive in you get a log-in pop up Not bad for a few quid! Shaun