VO-BB - 19 YEARS OLD!

anthonyVO · 14th Avenue Joined: 09 Aug 2005 Posts: 1470 Location: NYC

Reading the thread on everythingvo and Docs comments about its security holes, I decided to go check it out (I have above average protection).
I use FireFox and it allows me to accept cookies and certificates for only that Session - so I did.

In the middle of the night I got three straight spams - do you think they're related? I left my machine at home running a Norton scan. What exactly IS a certificate and can it do harm to my machine?

-Anthony

glittlefield · Posted: Wed Apr 19, 2006 6:59 am Post subject:

Valid SSL certificates are data files used by websites to basically verify that they are who they say they are. They're mostly used on secure, encrypted sites (like banks or anything else that deals with sensitive data), so I don't see why they would cause you to get spam unless the company you were dealing with is responsible for it.
_________________
Greg Littlefield
VO-BB Member #59

anthonyVO · 14th Avenue Joined: 09 Aug 2005 Posts: 1470 Location: NYC

Good to know, man.
My concern was this:

You know when you go to certain website forms and they ask you to fill in your email address - well, I know that IE sometimes saves this information and automatically populates that field for you. Well, even though I'm using FireFox (and keep it up to date), I'm concerned that some cookies/files can read this info and send it back to the source.
Sounds far fetched?

-Anthony

glittlefield · Posted: Wed Apr 19, 2006 7:24 am Post subject:

Not really, Anthony. Cookies are usually site-specific and I haven't heard of any sites that use existing cookies to extract information from your browser cache. (Doesn't mean it's impossible to do, though...) As far as I know, they only way they can get your information is either by you hitting the "Submit" button or by having agreed to have your passwords, etc. saved for a site.

I usually flush the entire cache in Firefox every other week or so. Yeah, it's a pain re-logging into sites, but it keeps you from building up too much info in one place.
_________________
Greg Littlefield
VO-BB Member #59

anthonyVO · 14th Avenue Joined: 09 Aug 2005 Posts: 1470 Location: NYC

yeah - i clear all in FireFox about every other day Shocked

you never know. i guess maybe the longer you have an email address the more likely you'll get spam - it's not as if I don't publish my email addy everywhere anyway - it just sucks when it comes in groups like that - you start to wonder "have I signed up for anything lately?"

-Anthony

billelder · Guest

On your Firefox and IE browser, you should go to your settings and select to never accept third party cookies. I don't know why this isn't done as a default setting but it isn't. This doesn't come from me but from Steve Gibson of Spin Rite and Shields Up.

Internet Explorer:
Tools/Internet Options. Click the "Privacy" tab and then "Advanced". Under "Third Party Cookies" select "Block".

Firefox:
Tools/Options. Select "Privacy" then "Cookies". Click the box that reads "for the originating web site only".

The other thing is to encourage your friends to stop sending mass e-mails to you and their friends. If they must, use Bcc, which is Blind Carbon Copy. When you e-mail to large groups of people, instead of putting all of our e-mail addresses in the "To" area, please put them under "Bcc". This will hide the addresses from the text message. Virus programmers get e-mail addresses from the "To" area to replicate itself. Wonder how a virus shows up in someone else's mailbox with your e-mail as the sender? This can lead to your friends accounts being blocked or even cancelled by their internet provider for something they didn't do!

So, then you want to mass e-mail here's what you do. In the "To" area put your own e-mail address. Then in the "Bcc" area put all of the addresses to whom you want to send the e-mail. They'll only see your e-mail address and you'll help stop the spread of your friends e-mail addresses for sinister use. It's a simple thing to do, but most people don't know about it. Thanks for your help!

Dave · Posted: Wed Apr 19, 2006 5:57 pm Post subject:

anthonyVO · 14th Avenue Joined: 09 Aug 2005 Posts: 1470 Location: NYC

hey, bill - thanks for posting that.

i already do all of that - except I take the cookie thing a step further, i ask to be prompted for every cookie. it's a pain, but i like to see what sites even ask - also, unfortunately, my NASCAR trackpass uses third party cookies so i have to accept those... i've since put them on my allowed list.

in reference to the bcc - you have no idea how many times i keep asking peeps to do this, but to no avail. some do it - most have no clue.

-Anthony

donrandall · Guest

Bill, when I send the same email to several addresses, I use a variation on your technique. The lone exception is this: In the "To" field, instead of using my email address, I just use some bogus nonsense. Of course that one bounces, but so what? The rest get where they are supposed to go just fine.

I have also installed a free progam called "C Cleaner" which gets rid of a lot of stuff we don't need hangin' around. And because I have been hijacked and zombied and otherwise abused in the past, I also loaded something called "History Kill" - I had to pay a small amount for that one, but it doesn't leave anything laying around for some malware artist to get a hold of.