-Filter Forums-
Loading posts...

Computer Nasties


Computer Nasties

Postby sci_fi » Fri Aug 29, 2014 2:29 pm

My friend has been trying to keep his machine "safe" and free from the viruses and malware etc.

I am interested in your contributions , suggestions, advice etc.

He is recovering from a recent Aust. Post (scam) email that looked almost legitimate.
security discussion
re PDF links - I have set my options to REQUEST PERMISSION to goto internet
or email from PDF

re email links - I cannot find option to request permission sim to PDF
setup, but HOVER over link label gives DISPLAY of link path PRIOR to
activating the CLICK.

re internet change of site. HOVER usually works.
my standard site option is
- no cookies
- no switch to another site
- no pop-ups

so I have to label some sites as TRUSTED to allow them to work properly.
my trusted sites allow cookies and pop-ups for dates and switching to
another site and executable downloads - eg for bank encryption.

Sometimes it is difficult to setup trusted site switch because I don't know
the NAME of the switched site - so it is not yet trusted, and won't yet run
properly. This means I have to change STANDARD permissions to allow all
these unsafe things, get new addresses, label them as trusted, change
STANDARD permissions back to my choice, perform test-run.

WINDOWS 7 has standard setup REQUEST PERMISSION before downloading any file,
and again before first-time activation of downloaded item. EXCEPT maybe
this is disabled in TRUSTED sites - not sure.

So I have several filters, plus NORMAN pre-check
Posts: 37

Re: Computer Nasties

Postby ilago » Fri Aug 29, 2014 11:05 pm

I can understand being anxious after having something like this happen. It's important to keep it in perspective though. The more a system is setup with this level of restrictions, the more difficult it becomes to use. There needs to be a balance between safety and usability. Troubleshooting connection problems becomes very difficult for example.

A little more information about what actually happened would be helpful.

Was the scam an email - like this example of a phishing scam? And what happened?

Was the email received in webmail (gmail, yahoo, Microsoft various used to be hotmail) - in a browser window or from an email client like Outlook or Thunderbird?

Receiving email in plain text is one of the best ways to prevent this happening - no images and no live links that can redirect.

I'm puzzled about the PDF reference. Most PDF readers have options builtin to disable live URLs in PDF files being opened. If the browser addon for PDF reader is being used and it is opening PDF files in a browser tab or window, it should probably be disabled so that PDFs are read outside the browser environment and in the more contained environment of a separate application.

The answer to the Trusted Sites problem is using wildcards. Microsoft help page on using wildcards

To allow links to multiple URLs within the same domain:
interestingsite.* will include .org, .net .info etc and .co the way it is used in .nz and .uk links
interestingsite.com.* will include all options such as interestingsite.com, interestingsite.com.au but will exclude interstingsite.co.uk and the .net.org .info type addresses

For links such as store.interestingsite.com.* you can use a second wildcard *.interstingsite.com.*

This is not what I'd do if it was my computer.
User avatar
Posts: 138

Re: Computer Nasties

Postby sci_fi » Mon Sep 01, 2014 3:35 pm

thanks Ilago,
We are digesting your points at the moment.
I agree there is a balance between "being safe" and useability. A practical trade-off is best.
Your comments are all relevant at the moment.
Will discuss particular queries soon
thanks again
Posts: 37

Return to Tech