On 10/2/2013 12:24 PM, peasth...@shaw.ca wrote:
From: Joel Rees <joel.r...@gmail.com>
Date: Wed, 2 Oct 2013 15:30:26 +0900
On MSWindows XP, ... surfing the net as the primary admin user
... was the primary path of ingress and the primary cause of the
proliferation of 'bot nets.
A flaw in Windows to contrast with Debian?
No more so than running Debian (or any Linux distro) as root instead of
another user. But unlike Debian, full admin privileges was the default
for WXP.
And accessing your bank logged in as the same user that you use to
surf random sites is one of the primary causes of leaked bank account
numbers and passwords.
The banking information is stored in a cookie. Subsequently a site other
than the bank is allowed to read the cookie? A failure of the browser.
Correct? Prior to studying this thoroughly, I might stick to personal banking.
Not if your browser is working properly. Cookies can only be sent to
the domain which originated them (and, depending on the cookie options,
subdomains of the main domain).
But too many people use the same userid/password for multiple sites, and
a security problem on one site can expose those userids/passwords. This
makes it easy for a hacker to access one's banking account.
I use online banking all the time. But I have a unique userid/password
combination on each of my accounts. These are long, non-obvious, known
only to me and not stored on any computer.
<snip>
Jerry
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/524c4fa4.5010...@attglobal.net
