There are a lot of reasons why you should take the security of your computers at home seriously. There are various scams that target home users with a few real world examples of people just like you and me who got caught out.
It’s your credit rating, your internet connection, your bank account, your reputation. Microsoft, Apple, or whatever flavor of Linux you use have to accept some responsibility for their mistakes, but sooner or later, we also have to take some responsibility ourselves and keep our home systems patched, use the (often free) security software you can get, and make an effort. Or if all you want to do is play games, just trade your computer in for something more appropriate.
But it doesn’t happy to people like me anyway!
Nonsense. I’ve got a mailbox full of spam, phish and scams right here. It wouldn’t happen if there were not people falling for it. And – if it helps – I’ll admit I’ve fallen for a Phish email before now.
But I’m insured. Sure – checked the terms lately? Sure they include being ripped off on the Internet? Anything in there about taking due care and attention / appropriate precautions?
But I don’t know how to protect myself! Ok, this can be a fair point. So ask around, there are lots of places that offer help with securing your system. If you’re a home user, you can get free AntiVirus from the likes of Grisoft and Alwil. You can get free spyware scanners like AdAware or Spybot Search and Destroy, and you can get help in lots of places (like Microsoft Communities) with putting these together and keeping your computer working well.
And you thought it was just Microsoft products that needed to be patched.
Apple has announced the release of update 10.4.8 for 10.4 users and Security Update 2006-006 for 10.3 users.
I don’t normally bother posting such notices, but a couple of things here caught my eye, and I have to say that any OSX users reading this need to update to the appropriate patch level as a matter of extreme urgency.
Ouch. Seems like a big Phisherman’s friend to me. After all, you don’t need to supply a cert and the few users who know about SSL will be happy just to see the SSL lock appear. Hmmm. Any Mac using readers think their bank website looked a little odd when you were replying to their latest email?
It’s not all about Apple though. Seems Microsoft have a few interesting problems of their own, not to mention being accused of handling them in an interesting way. If you’re an Apple MS Office user, note that the issues behind those links apply to you too and act accordingly. It takes a special kind of mistake to exist on five different versions of a piece of software over two totally different platforms.
I really hope the NIST story about Microsoft’s handling of this is untrue, by the way. If it’s true, it’s a slap in the face for the AV community which has been in place long before Microsoft decided to muscle in. It’s a slap in the face for Windows users – aka Microsoft’s entire customer base, punishing them for not buying AV with an unknown (at best) pedigree from Microsoft, and let’s not forget, it undermines the security and reputation of Microsoft’s own platform.
It makes no sense for it to be true (which of course didn’t stop WGA being invented…).
Therefore it’s either not true (or at least not the whole story) or it’s an absolute disgrace, labelling any claims of “trustworthy computing” to be a joke and placing Microsoft’s approach to security only a few steps above Sony’s reputation for trustworthy music CDs that don’t try to root your computer every time you listen to them. BTW, I’m still not buying Sony since that event. Neither should you.