Security and windows

I do not see how that would be a problem if I am the only one who has physical access to my computer.

Correct me if I am wrong.

There’s two ways it can be a problem:

  • If your hard drive is not encrypted and someone steal your machine, they can get your password.
  • If your machine is compromised by malware, your cleartext password can be exfiltrated.

Interesting. Thanks for the info.

If someone stole my machine, they could just install a new O.S.

In regards to malware, I never open emails from non-trusted persons or open attachments.

The #1 vector for malware is not email, it’s the web browser.
Also please note that unless you’re using enigmail or equivalent, “trusted person”+email = nonsense.
email is not an authenticated protocol, you can pretend to be any one person using email.

1 Like

I think you may be a little too cautious.

Someone can pretend to be someone I know, but they CANNOT know what a trusted friend would know.

Thus, a careful person will not be fooled.

My research did not find the browser as the #1 vector.

It is one of many vectors.

In the Windows O.S., file attachments account for much malware,virus, and trojans.

If you use social media the quoted statement requires qualification. If you have not yet come across the term “spear-phishing” look it up. The quality of targeted attacks today can be very high. Most people will only come across such things at their place of work - the “targeted” person has to be worth the effort required to mount the “attack”. This is one side of the world we live in. :frowning2:

1 Like

Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer.

This is how it works: An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims’ attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and

Key concept is in line 4.

If I get a message from someone I know, the content will indicate that they have recently spoke to me.

If I get a message that says Hi Andy and contains nothing that we have ever spoken about , then it is deleted.

It’s not rocket science.

I also use 2 firewalls and a 500k host file containing over 15,000 sites.

And the hosts file is updated frequently.

Block Spyware/Ad Networks - This reason is becoming a very popular reason to use the HOSTS file. By adding large lists of known ad network and Spyware sites into your hosts file and mapping the domain names to the 127.0.0.1, which is an IP address that always points back to your own machine, you will block these sites from being able to be reached. This has two benefits; one being that it can make your browsing speed up as you no longer have to wait while you download ads from ad network sites and because your browsing will be more secure as you will not be able to reach known malicious sites.

You can get it here.

http://winhelp2002.mvps.org/hosts2.htm

if you really believe what youve posted that indicates you know very little about network and internet security. if you believe youre safe through what youve done, you are WAY off.

having a huge hosts file is pointless because that doesnt stop ads or anything else, unless you totally turn of dns, rendering your system next to useless.

and downloading a hosts file from a third party. yeah…theres NO WAY that could ever be misused or edited maliciously.

and if the only way you answer or read an email from someone you know is by them putting some sort of ‘code’ about something you talked about recently, you must delete 99.99% of your emails. not to mention the fact that if your friends computer is hijacked, the link they send you will still be compromised, even with your ‘incredible security’.