I'll bet you use online banking but don't wait two days to open your
(what you consider to be safe) attachments, David. Just a guess.
I primarily use linux. The only software I install, has been digitally
signed by the developers (distribution released updates). Viruses and
trojans targeting linux are few and far between, and pretty much require
the user to provide the superuser (root) password, in order to install.
In some cases, I have installed software from companies other then
the distributor (i.e. Mandriva), but in those cases, I'm compiling
the programs myself, and at least skim through the source code, as
well as only run those programs while my online banking filsystem,
is not accessible. Those programs have always been around for a while,
before I get around to compiling and installing them, and being open
source, have had peer review.
I use a separate userid for my online banking, and keep all files for
that id in an encrypted filesystem, which is only accessible while I'm
logged on to that id. My regular home directory is also on an encrypted
file system (AES2048), with a passphrase that wouldn't be susceptible
to a standard dictionary attack.
I use this level of encryption, not because I'm worried about a hacker
getting access to my system, but primarily in case of theft of the
computer itself.
I also pay close attention to what processes are running, and regularly
boot from a livecd, to run root key detectors, just to be on the
safe side.
When I do boot into windows, usually to examine malware, I physically
disconnect the hd with my linux system on it. I'm not aware of any
windows software that will read, let alone write reiserfs file system
(never mind the encyrption), but don't want to risk having M$ itself,
mess with my mbr, or otherwise damage the partitions I use for linux.
The only time I'm likely to be at risk of a zeroday malware attack,
would be when I'm running a beta version of a new release. Again,
that is only done when the sensitive data is inaccessible.
As with any security implementation, the above doesn't guarantee
safety, but I've done what I consider to be prudent, given the likely
risks.
When I was running windows, I often disassembled attachements, and
examined the results. Usually this was being done to figure out
what known malware was doing, so I could help other people clean
their systems.
Although I haven't been very active in the virus newsgroups for a
while, I've been involved in analysing viruses and trojans, since
the days of fido, relaynet, nanet, etc.
The only time one of my systems became infected, was when I didn't
think to scan a brand new hard drive, before making it master.
Turned out it came with the ripper stealth boot sector virus
preinstalled. I found it after a program I'd written, failed it's
own crc32 selfcheck.
Regards, Dave Hodgins
