I'v had a box compromised via a web browser twice.
First time was the nimbda worm in september 2001 which exploited a vulnerability in Internet Explorer 5.
Second time was due to an out of date java runtime, probably around 2008. It was a virtual machine that I was using for some testing. The malware spewed email spam for a short time until I noticed.
I consider it to be a good idea to use separate devices for work and casual web browsing.
Probably an unpopular opinion but I liked the web better back when it was predominantly static (for the client) HTML with minimal/no imteractivity. It was more secure and it ran better even though we had slower connections and slower computers.
11 comments
[ 0.20 ms ] story [ 43.2 ms ] threadhttps://archivebox.io/
as mentioned in the cousin post.
First time was the nimbda worm in september 2001 which exploited a vulnerability in Internet Explorer 5.
Second time was due to an out of date java runtime, probably around 2008. It was a virtual machine that I was using for some testing. The malware spewed email spam for a short time until I noticed.
I consider it to be a good idea to use separate devices for work and casual web browsing.
Can someone elaborate what makes de Raadt so paranoid?
In fact, some people have argued that de Raadt (and the OpenBSD team) are not paranoid _enough_:
https://www.youtube.com/watch?v=3E9ga-CylWQ
"36C3 - A systematic evaluation of OpenBSD's mitigations"