BearWare Comprehensive Security Plan

[James E. Morrow]

Indeed, and then it's all about trust in the poster, not trust in the
link based on the text characters it contains.

I'd have to agree with this. After many years of reading these
newsgroups I generally know what to expect of poster. I do click on
links, but not many of them. My rule is to think before I click. It is
better than regretting after clicking.

 

[Bear]

I'd have to agree with this. After many years of reading these
newsgroups I generally know what to expect of poster. I do click on
links, but not many of them. My rule is to think before I click. It is
better than regretting after clicking.

Or you could quickly submit the link to one of the many online services
available to check it. Not only is it fun, it's fast.

http://zulu.zscaler.com/
http://www.avgthreatlabs.com/sitereports/
http://online.drweb.com/?url=1

 

[p-00-h the cat]

http://zulu.zscaler.com/

URL: http://bearware.info/


Suspicious
56/100

BWAHAHAHAHA!!!!


User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)

Referer:

Submitted on 03/04/2012 at 01:26 PST

Status: finished


Redirections:

HTTP Status Code: 200 OK

Content Size: 75004 bytes

Content Type: text/html

IP Address: 82.197.131.46

Country: Germany

Web Server: Apache

 

[FromTheRafters]

Only to the gullible!

Exactly, one has to be vulnerable in order to be exploited - goes for
both the software and the user.

 

[Bear]

Exactly, one has to be vulnerable in order to be exploited - goes for
both the software and the user.

I /wish/ it were that simple. I just can't for the life of lil ole me
figure out why so many high level sites are hacked if it were so.

 

[FromTheRafters]

It's a choice both ways. You can choose how you post links and which posted
links you utilize. If you think links I post are unsafe...don't use them.

If you can show where I have posted a link ever that was unsafe...present
it.

I haven't made any such claim (at least not any more unsafe than any
other link) so why challenge me to produce one?

 

[Bear]

I haven't made any such claim (at least not any more unsafe than any
other link) so why challenge me to produce one?

Maybe the thread is out of sequence or sumtin...I was challenging David. I
agree you have not made such a claim, and if I miss posted...I apologize.

 

[FromTheRafters]

but...can you 'trust' any poster?

Nope, ya just spins th' wheel and ya takes yer chances.

To me, most posters are merely anonymous
sources of potential entertainment.
AFAIK I've tried to close any vulns my system would offer
to some lulz seeking git wanting to play with me.

Do you view any PDF files?

 

[Bear]

Do you view any PDF files?

I do, but I use the Chromes plugin for such:

"PDF functionality will be contained within the security sandbox Chrome
uses for web page rendering"

 

[FromTheRafters]

I /wish/ it were that simple. I just can't for the life of lil ole me
figure out why so many high level sites are hacked if it were so.

It *is* that simple at its core.

 

[FromTheRafters]

Maybe the thread is out of sequence or sumtin...I was challenging David. I
agree you have not made such a claim, and if I miss posted...I apologize.

Fair enough.

 

[ASCII]

Do you view any PDF files?

lots of 'em,
open with foxit or sumatra

 

[FromTheRafters]

lots of 'em,
open with foxit or sumatra

The PDF ingress vector is 'on the rise', and not exclusively an Adobe
problem. The average user has no need for JavaScript in PDFs so he can
protect himself by disabling JavaScript, but not all malicious PDFs use
JavaScript.