On Sat, Oct 17, 2009 at 00:19, Eben King <eben01@verizon.net> wrote:
> On Sat, 17 Oct 2009, Chuck Hast wrote:
>
>> On Fri, Oct 16, 2009 at 21:53, Eben King <eben01@verizon.net> wrote:
>>>
>>> On Fri, 16 Oct 2009, Ken Elliott wrote:
>>>
>>>> Robin 'Roblimo' Miller wrote on Friday, October 16, 2009 4:53 PM:
>>>>
>>>>> Chuck Hast wrote:
>>>>>>
>>>>>> Did anyone read this?? interesting piece of info...
>>>>>>
>>>>>> http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_mal
>>>>>> ware_bank_on.html
>>>>>
>>>>> No question. My wife once had someone access her business bank account
>>>>> and
>>>>> try to grab money (they failed) as a result of her accessing the
>>>>> Internet
>>>>> while running Windows. She uses Windows for Paint Shop Pro, but uses
>>>>> Linux
>>>>> for everything else, just as I use Windows for video editing (on a
>>>>> dedicated
>>>>> "video appliance" comouter) and Linux for everything else.
>>>
>>>> Let me add...
>>>>
>>>> Use a Linux or BSD Unix on a
>>>
>>> freshly booted
>>>
>>>> LIVE CD. Any hard disk-based OS is subject
>>>> to
>>>> compromise.
>>>
>>> Volatile data has to go somewhere. Memory structures in RAM can be
>>> changed.
>>>
>>> IMO these are all extreme precautions. Few people are actually going to
>>> take the time to shut down and reboot off a liveCD to access a web site.
>>> OTOH, booting a VM from an iso isn't _that_ much trouble, so you could go
>>> that route.
>>>
>> Remember that many of the keyboard loggers run at the driver level so even
>> though you have a iso running in a VM which is inside a windows machine, (if
>> that is what you are thinking) the keyboard logger is still scraping your
>> key entries.
>
> Actually I was only considering a Linux host and things you picked up while
> browsing and attacks on various daemons and the IP stack, but you're right.
> My words were ambiguous.
>
No problem, I noticed that in the comments section on both pieces he wrote
several people attempted to go that route using Windows, and of course they
were quickly brought back on track. Running Linux I would not worry so much,
but on a windows machine, that is scary...
-- Chuck Hast -- KP4DJT -- To paraphrase my flight instructor; "the only dumb question is the one you DID NOT ask resulting in my going out and having to identify your bits and pieces in the midst of torn and twisted metal."----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 13:51:13 EDT