Re: Please help us with a fraud situation

On May 29, 4:56 pm, "Sebastian G." <se...@xxxxxxxxx> wrote:
Newbie72 wrote:
12 For god sakes if your using microsoft wallet....stop it. Dont click
on the box to remember your usename and passwords either.
Says someone who abuses MSIE as a webbrowser...

      I dont abuse MSIE.

If you use it as a webbrowser, then you're obviously abusing it for a
totally unintended, unsuitable and trivially insecure functionality.

Welcome to the 90's, eh, I mean the 21st century. No one uses stateless
firewalls any more.
    Not all SOHO routers you buy at Best Buy/Circuit City/Comp USA or
other type stores are statefull.

Routers, by their very own nature, aren't firewalls. By their very own
nature their NAT implementation is stateful.

Bull***. In fact, the SSID should exactly be identifiable due to imposing a
clear privacy restriction.
    I would like to see a non-commercial use router that gives you
spot to put a confidentiality banner.... Linksys, Netgear and the
alike dont make them like that, or atleast I have not seen one Yet.
Security through Obscurity is not a fool proof Security practice. It
does however make it more dificult to hack what cant see.

An access point without SSID broadcast can be easily seen.

 > In the extra time you may get caught.

Yeah, those milliseconds really count, especially in comparison to
self-created Denial of Service.

In the most states in the US it is a crime to intentionally connect to
any computer or network that you do not have direct ressponablity
over.

Unless it directly implements offering such service.

6 Dont open attachments or emails from anyone you dont know
Why not? I expect my mail client to be able to handle this, since it
generally can't be avoided.
    Good luck with that! Must be some hell of an email client that can
differentiate what is a malicous attachment and what is not.

Why? It doesn't have to. I could open all this spam and malware stuff as I
please, because my mail client is fucking secure and doesn't do anything
else but decoding the headers and then displaying the stupid plaintext.

I really wonder why some people thing that security holes in mail clients
would be acceptable...

That is precisely my point about your comment on mail clients. A mail
client has no idea if the attachement that is attached to the email is
malicious or not. I dont know what OS or applications your using.
However, no application or OS can be trusted to 100% secure. Day 0
vulnerabilities are vulnerabilities that have not been found yet by "
THE VENDOR" who made them. I would geuss there are day 0
vulnerabilities in every application. Hence the need for defense in
depth.

I am glad we are on the same page about that. I was starting to get
confused as to your point.

Unless it directly implements offering such service.
In many cases these days, the states that have made connecting to
another networks or computers you do not directly own would require a
banner or other advertisement giving explicit permission. Just because
you can camp outside of somebodies house(or in reletive distance to
pickup their signal) for a day or 2 and use kismit or other like tools
to hack somebodies key does not give you permission to do so without
explicit permission.

In some states like California there are laws being passed which make
having the tools of the trade to do such activity is a crime in
itself, Acting on and using those tools is in some cases is the same
felony as murder.

An access point without SSID broadcast can be easily seen.
Ok. Any access point can be seen. It is radio waves. There is no
absolute plays to hide or exact procedure to protect yourself on
wireless.. you want secure wireless turn it off, then it is secure.

If you use it as a webbrowser, then you're obviously abusing it for a
totally unintended, unsuitable and trivially insecure functionality.
And I bet you use firefox because you think it is better and more
secure. We all know there have never been any vulnerabilities in
Firefox right? <wink>
Like these CVE-2007-0775, CVE-2007-0777,CVE-2007-2870,CVE-2007-1362
CVE-2007-1558 CVE-2007-1562 CVE-2007-2867 CVE-2007-2868 CVE-2007-2869
CVE-2007-2870 CVE-2007-2871,CVE-2006-4253, CVE-2006-4340,
CVE-2006-4565, CVE-2006-4566, CVE-2006-4567, CVE-2006-4568,
CVE-2006-4569, CVE-2006-4571- that only took me about 3 sec to find
those.... I sure if I went on SANS's site I could find more, but why
bother.

because my mail client is fucking secure and doesn't do anything
Why do you have to curse potty mouth? What mail client are you using?

have a great day.
.

Quantcast