More about Phishing and XSS–avoiding being a victim…and gmail…and google GADGETS

August 10, 2008 at 12:14 pm Leave a comment

That’s one of the latest and largest holes being exploited.  This article on eBay gives a hint of how it’s done, and one immediate check.  If you’re “talking” with someone online–live or by e-mail–and they mention Internet-based resources or business resources–search them (“Google” them, though that’s hardly the only search machine) and see if they exist.  There are several resources mentioned in that article that don’t; Yahoo Finance was perhaps the one that most struck my attention.

 

Believe it or not, I was going to let that one go.  I’ve seen three mentions so far of this vulnerability–gmail (which I use) and GOOGLE GADGETS.  It’s probably not too smart to use them or for that matter the Google Desktop.   As in, code is written to the browser.  This year, it’s generally been that then a link is deposited in the Startup folder (that one is supposedly fixed) or now in the desktop.  Reboot, or turn your computer back on in the first instance–you’re running someone else’s code.  In the second instance, what’s happened is a link you think you know, you don’t.  Quite likely, you’ll be loading among other things a keylogger.

 

I’m nearly exclusively using the Avant Browser.  I now know what happened while I was down, and why my computer was down when I got back into action.  You don’t have to do something stupid in order to get infected with a virus.  The reason I use the Avant Browser is because it’s easy to turn off Java, Active-X and half the other cool things–which makes it a bit less easy to mis-direct.  I’m also using Zone Alarm.  Note that these are in fact download links, as well, because there was quite a bit of DNS mis-direction apparently going on last week.

 

Oh, and another note.  When the fixes come…let Windows (or Leopard–hell, even Linusx) download and use the fixes.  That’s this Tuesday with 11 scheduled, if I remember correctly.  XP users may actually have or have had only one fix that applied.

–Glenn

Entry filed under: computers/tech, current news. Tags: , , , , , , .

a point Windows Internal Processes, presented by…

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed



%d bloggers like this: