From: FromTheRafters on
"ASCII" <me2(a)> wrote in message
> FromTheRafters wrote:
>>Just a little added note to this statement - the word "malware" should
>>replaced by the two words "known malware", that is to say, known to
>>detecting software (kaspersky) in this case. Keeping it updated is not
>>*not* a perfect solution, it is not, really, even possible (unless the
>>malware authors are nice enough to provide them with samples before
>>they are
>>otherwise released).
> Show some restraint,
> stash your nightly harvest in a holding pen for a few days
> to let the AV defs catch up then re-scan and run sandboxed.
> Even then you might get bit from time to time,
> just less likely.

Good point, the old 'cooling-off' period is now much shorter than it
used to be, mostly due to the focus on timely updates to antimalware
definitions. Most people can't show that constraint - they want it and
they want it *now*. :oD

From: FromTheRafters on
"ASCII" <me2(a)> wrote in message
> FromTheRafters wrote:
>>"ASCII" <me2(a)> wrote in message
>>> FromTheRafters wrote:
>>>>If a satellite fell to earth tonight, tomorrow's Google results for
>>>>satellite would probably be 70% malware - probably the latest rogue
>>>>security application.
>>> That doesn't make any sense.
>>> Are you saying that an HTML/text list
>>> of links in your browser for google hits is dangerous?
>>No, but more of them could lead to malware by redirection, especially
>>the "new malware" exploits browsers or their extensions. Some may get
>>high placement on google's list by artificial means (spamming links
>>instance). Like many anti-malware applications, Google can only warn
>>of ones it knows are suspect.
> I sometimes make a point of checking out 'google intercepted' links,
> wondering what's the big deal, never had any problems with any of
> them.
> Oh, and if there are any sploits for my browser, I'd sure like to
> know.

It's usually exploits against additional software implemented as browser
extensions or add-ons (PDF readers, script engines, flash support, and
image file processing). Not that text only browsers are bullet proof,
only very nearly so. I'm sure that commercial malware isn't aimed at
*you* specifically. :o)

It is only as dangerous as you are vulnerable.

From: Dustin Cook on
ASCII <me2(a)> wrote in news:4c104ff9.838828(a)EDCBIC:

> gufus wrote:
>>Same with PB (Pirate Bay).
> TPB and any other torrent source
> for what might seem too true to be good.
> The distributors know more vectors that I do,
> and I'm always looking' fer a freebie.

I can't speak for the others, but TPB does make use of a comment system. If
your unsure, check/read the comments left by others who took the swim

A fanatic is one who can't change his mind and won't change the subject
-Winston Churchill

From: gufus on
Hello, ASCII!

You wrote on Wed, 09 Jun 2010 19:41:39 -0700:

| gufus wrote:
>> Same with PB (Pirate Bay).
| TPB and any other torrent source
| for what might seem too true to be good.

Like anything on the www be-aware...

With best regards, gufus. E-mail: stop.nospam.gbbsg(a)