So generally speaking, what's the consensus between you haxors?

[slayernine]

if you can actually see the raw passwords your users are entering/storing, then you have bigger issues to worry about.

No I can't see them but my users are the smart type who tell me their passwords even after I tell them I don't want to hear them...

 

[natto fire]

Should I switch from COMODO and Avast to these?

Also, how safe is software from torrents, say for the top torrents on PirateBay - the ones from trusted uploaders and with the most seeders?

Even if you don't end up getting a virus from the downloads, something else bad will happen to your computer, bad karma from stealing software.

 

[LiuKangBakinPie]

To download pron and malware

 

[jupiter57]

Download BonziBuddy.

:biggrin:

 

[Spacehead]

Lots of good advice here.

 

[TakeNoPrisoners]

Even if you don't end up getting a virus from the downloads, something else bad will happen to your computer, bad karma from stealing software.

Yes the karma gods will smite thee sinner.

 

[blackangst1]

Nothing specific, just if I have work documents or whatever on my laptop, I wanna make sure it's secure, you know?

If thats the case, you need whole disk encryption. If youre using Win7 Ultimate or Professional, use Bitlocker. If not, you can use Truecrypt.

Word of warning...read up on it...what it does, and how it works...before diving in. Just remember you only need to learn once.

 

[slayernine]

Even if you don't end up getting a virus from the downloads, something else bad will happen to your computer, bad karma from stealing software.

There is a lot more on pirate bay than just software. let me guess you are a software dev of some sort?

 

[natto fire]

There is a lot more on pirate bay than just software. let me guess you are a software dev of some sort?

No, I am an electrician, and I have been to tpb, so I know there is a lot more stuff there. Are you trying to say it is ok to ignore copyright law in some areas, but not others?

I don't really like the media industry as it stands now myself, but I am not going to use that excuse when I steal their products. There needs to be change in laws and how the industry works, particularly the music industry. You should be able to make a very lucrative living writing and performing music, it is the trail of leeches at the record companies that are clinging to most artists that are the problem. To say nothing of the "bands" that are cobbled together by these leeches to get money from a gullible age group. (teen pop, anyone?)

Really I could rant about this forever, but in the end we are facing a lot bigger problems than copyright law, IMO.

 

[gsellis]

Most user accounts don't have permissions to install programs and therefore viruses can't be installed/ran when you're on the user profile. It can make routine computer using more irritating but it's a good security measure. You can also set limits on which parts of the HDD those user accounts have access to. Again limiting the ability of anyone to poke around if they did somehow gain access to the machine.

This is generally true. But it is not a complete solution. There are occasionally privilege escalation attacks that can circumvent this. That is why updates are important.

 

[smakme7757]

Everything security has to do with how you conduct yourself online. If you visit dodgy websites then you can expect to be exploited. Even having an up to date AV can't help you if the malware has been freshly reconfigured.

Running as a standard user helps and encrypting your disks can mitigate losses if your laptop is lost or stolen.

Just find a nice balance between secure and useable .

 

[gsellis]

Everything security has to do with how you conduct yourself online.

This was true 5 years ago, but respected sites can also be exploited. The Russian Business Network and many other groups work daily on finding new and creative ways to inject code into 'safe' sites. One successful method is injecting exploits into ad services or even hit counters. There is usually a story a month where an exploit was served from a 'safe' and well-trusted site. This is one reason that the business uses M86 and BlueCoat engines on inbound content. At home, I use a host file "to make the internet not suck (as much)"

http://someonewhocares.org/hosts/

 

[Paperlantern]

One real good way to avoid at least having a virus that destroys your system is use something like Faronics Deep Freeze. Turns the computer into a dumb terminal that reverts back the way it was every time you reboot. So if you realize youve gotten a virus, just reboot, its goes away. This doesn't help with physical computer hackage, like someone actually compromising your machine by hacking INTO it, but this is VERY rare unless you call attention to yourself by opening a bunch of ports and running unsecured servers, etc.

 

[smakme7757]

This was true 5 years ago, but respected sites can also be exploited. The Russian Business Network and many other groups work daily on finding new and creative ways to inject code into 'safe' sites. One successful method is injecting exploits into ad services or even hit counters. There is usually a story a month where an exploit was served from a 'safe' and well-trusted site. This is one reason that the business uses M86 and BlueCoat engines on inbound content. At home, I use a host file "to make the internet not suck (as much)"

http://someonewhocares.org/hosts/

Very true, but at the end of the day it all comes down to risk management. I think we can agree that if you're surfing around the darker areas of the internet your chances of being exploited are increased substantially.

It also doesn't even need to be drive-by exploit code, it could be as simple (in relative terms) as the websites database is compromised leaking customer data which is a result of a fault in website design or flawed code.