[lug] Tell us how

Ferdinand Schmid ferdinand at schmidix.net
Thu Feb 14 11:42:55 MST 2013

I don't know the specific vulnerability here but always recommend the use
of multi-factor authentication.  Gmail is one service that offers it.  So
do most banks.

 On Feb 14, 2013 8:41 AM, "Davide Del Vento" <davide.del.vento at gmail.com>

> My neighbor's only mistake, it
>> seems, was clicking on a link while logged in to her Yahoo account.
> Call me paranoid but I use 3/4 separate browsers and never "mix" their
> purpose:
> 1) Chrome for work-related stuff - and "work-related" means strictly
> hosted by my employer. If they host something malicious, well, it affect
> only my work-related stuff and many of my coworkers will share the pain, so
> I'm not worried.
> 2) firefox with no-script for my personal accounts (which means only a
> handful of trusted website, e.g. google). I do click on stuff, but
> no-script aggressively prevents everything from running. Most of the time,
> the static text and the static images are enough to find the information I
> was looking for in that website. When not..
> 3) ... comes the third browser, more often than not an obscure one (in the
> past konqueror, currently rekonq), which I use for "throw-away" random
> browsing and does know nothing about myself and my accounts. If the website
> I am looking does not work in this browser, which sometimes happens, then I
> call it "crap" and it's not worth my time.
> 4) For more sensitive stuff (online banking and bills) I have use a
> *separate* computer, with a *dedicated* account which gets used *only* for
> online banking paying bills (usually with firefox again aggressively
> no-scripted against everything else just in case I mistakenly click
> somewhere...)
> I try to avoid online shopping, but when I cannot, I use the option 2.
> with throw-away gift-cards.
> Even my aging, computer-adverse mother seems to be happy with this
> arrangement. It required a little education, and some discipline, but
> nothing too complicated for most people (not too different than avoid
> losing or being stolen your wallet in the grocery store)
> See you tonight :-)
> Davide
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20130214/3ffea2b1/attachment.html>

More information about the LUG mailing list