[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] nailing down firefox security and privacy - PT 1
- Subject: [ale] nailing down firefox security and privacy - PT 1
- From: thehead at patshead.com (Pat Regan)
- Date: Thu, 13 Oct 2011 17:23:52 -0500
- In-reply-to: <CAOy4VzdPH0PKXYR64xu3y-1hmyb3bJAC_hvM96P383Uqvr=EOA@mail.gmail.com>
- References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CAOy4Vzf4Upwi0=tBY6E=R+oki8kKpXaWEkUNETKf9ghP699PKw@mail.gmail.com> <20111013145812.5673f0a2@zaphod> <CAOy4VzdPH0PKXYR64xu3y-1hmyb3bJAC_hvM96P383Uqvr=EOA@mail.gmail.com>
On Thu, 13 Oct 2011 17:16:50 -0400
David Tomaschik <david at systemoverlord.com> wrote:
> On Thu, Oct 13, 2011 at 3:58 PM, Pat Regan <thehead at patshead.com>
> wrote:
> > If the malware in question here were using an exploit, why would it
> > bother trying to get the user to click on it?
> >
> > Pat
>
> You've never seen "AntiVirus 2009" (and I imagine there is 2010, 2011,
> etc., but I stopped doing any Windows support in 2009). It's malware
> that pretends to do an AV scan, finds a list of things, and tells you
> it can remove them... for $39.99. You go to their website, put in
> their credit card details, and you're toast. I'm not sure if they
> actually charge you $39.99, just capture your CC info, or both. Never
> tried it to find out.
>
I understand the concept. What I'm saying is that any malware that
has to trick someone into installing it is almost certainly not making
use of any exploits. If it were, it wouldn't need to attempt to
socially engineer the user.
Pat