e-mail security
Thread Starter
Join Date: Apr 2010
Posts: 95
Likes: 0
Received 0 Likes
on
0 Posts
Google trawl their gmail databases for the purposes of delivering targeted advertising
Actually it would be interesting what kind of advertising certain key-words would prompt... well, not politically correct to type any, just a hyphthetical suggestion. Would I get politically incorrect advertising?
Join Date: Jan 2012
Location: .
Posts: 2,173
Likes: 0
Received 0 Likes
on
0 Posts
Its not just based on your e-mail contents. They also profile your online Goggle Documents, and your browsing habits (assuming you are logged into Google at the time)
I make a habit of using several browser at one time - Chrome for Google Apps and other webmail, Firefox and / or IE for everything else. But I don't log into anything on Firefox or IE. Browsing is kept separate from online apps and webmail
I make a habit of using several browser at one time - Chrome for Google Apps and other webmail, Firefox and / or IE for everything else. But I don't log into anything on Firefox or IE. Browsing is kept separate from online apps and webmail
Thread Starter
Join Date: Apr 2010
Posts: 95
Likes: 0
Received 0 Likes
on
0 Posts
Hm. Google Chrome is logged in my gmail then - as I organise the blogs there. Seems to be fastest, too (and I AM picky, sorry, due to working a lot). IE for business mail (looks most 'normal' there, log in/out every time) and somehow I don't like Firefox. Does that sound normal? (and I browse different things from wind farms to... well, personality traits, depending on the current translation/editing).
Join Date: Jan 2012
Location: .
Posts: 2,173
Likes: 0
Received 0 Likes
on
0 Posts
seems good
the benefit of using Firefox for browsing is that you can lock it down really tight using NoScript, Adblock plus, Ghostery and a few other toys which together make it much more resistant to attack
the benefit of using Firefox for browsing is that you can lock it down really tight using NoScript, Adblock plus, Ghostery and a few other toys which together make it much more resistant to attack
Join Date: Jan 2012
Location: .
Posts: 2,173
Likes: 0
Received 0 Likes
on
0 Posts
To harden Firefox you need the following
from https://addons.mozilla.org/en-US/fir...vacy-security/
NoScript
AdBloclk Plus
AdBlock Plus Popup Blocker
Ghostery
Better Privacy
Browser Protect (though there is a better version at Browser Hijack Protection for free - BrowserProtect.org)
Some people also like to install WOT/World of Trust, though personally I've never bothered
from https://www.eff.org/https-everywhere
HTTPS Everywhere
if the paranoias really kick in, then these two programs are useful
Spybot S&D Browser Hijack Protection for free - BrowserProtect.org
Spyware Blaster SpywareBlaster® | Prevent spyware and malware. Free download.
these last two are complementary - not alternatives - and both require manual updating a couple of times a week
In the tools > options>privacy settings for Firefox, set it to "do not track" and "never remember history"
Finally, in Windows Control Panel set Java to not keep temporary internet files.
Of course the assumption is that you have a working and up-to-date antivirus program on the machine
With that lot, Firefox should be as close to bullet-proof as its possible for a browser to be.. The only "extra" I can think of would be to disable Javascript in Adobe Reader
Comments anyone?
from https://addons.mozilla.org/en-US/fir...vacy-security/
NoScript
AdBloclk Plus
AdBlock Plus Popup Blocker
Ghostery
Better Privacy
Browser Protect (though there is a better version at Browser Hijack Protection for free - BrowserProtect.org)
Some people also like to install WOT/World of Trust, though personally I've never bothered
from https://www.eff.org/https-everywhere
HTTPS Everywhere
if the paranoias really kick in, then these two programs are useful
Spybot S&D Browser Hijack Protection for free - BrowserProtect.org
Spyware Blaster SpywareBlaster® | Prevent spyware and malware. Free download.
these last two are complementary - not alternatives - and both require manual updating a couple of times a week
In the tools > options>privacy settings for Firefox, set it to "do not track" and "never remember history"
Finally, in Windows Control Panel set Java to not keep temporary internet files.
Of course the assumption is that you have a working and up-to-date antivirus program on the machine
With that lot, Firefox should be as close to bullet-proof as its possible for a browser to be.. The only "extra" I can think of would be to disable Javascript in Adobe Reader
Comments anyone?
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
Comments anyone?
To harden Firefox you need the following......
Common sense.
Decent anti-virus.
Not running as Admin user.
That's it.
I've never really seen the point of installing half a ton of pointless add-on shareware / freeware programs to your machine. It ends up being almost as bad as the malware you're trying to avoid (eating up resources etc.). Plus no average Joe is ever going to keep all that software up to date like they should !
KISS as they say..... Keep It Simple Silly.
Join Date: Jan 2012
Location: .
Posts: 2,173
Likes: 0
Received 0 Likes
on
0 Posts
Of the items listed the only ones that need manual updating are Spybot and Spyware Blaster, and those two are probably not essential given the nature of the other plugins. They're effectively block lists, and given the behavioural scan techniques of the other products they are probably superfluous.
However the other products are needed.
"Common sense. Decent anti-virus" Doesn't wash nowadays, especially in the day of the supercoockie.
A large number of "safe" web pages are compromised nowadays, and a lot of A/V programs don't block web attacks. They should, but they don't.
As for slowing the system down - it does, but insignificantly.
The final point is that most current computer users either don't have the knowledge, or else are too thick, to browse safely. You HAVE to load the machine up to protect users from their own idiocy.
However the other products are needed.
"Common sense. Decent anti-virus" Doesn't wash nowadays, especially in the day of the supercoockie.
A large number of "safe" web pages are compromised nowadays, and a lot of A/V programs don't block web attacks. They should, but they don't.
As for slowing the system down - it does, but insignificantly.
The final point is that most current computer users either don't have the knowledge, or else are too thick, to browse safely. You HAVE to load the machine up to protect users from their own idiocy.
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
"Common sense. Decent anti-virus" Doesn't wash nowadays
And anyway, if you want to install all that, you might as well just install one commercial "endpoint protection suite" type programme.... at least then you'll only have one thing to troubleshoot and one reasonably optimised thing running in the background.
Trying to troubleshoot which one of twelve plug-ins is causing your system problems must be terribly frustrating and time consuming.
Oh, well, each to their own I guess.
Spoon PPRuNerist & Mad Inistrator
Mixture,
Perhaps you are overlooking the fact that the vast majority of corporates access the internet via a proxy such as websense that takes on most of that functionality - unlike home users, who have to provide it themselves.
Also, it is not by any means unknown for IT departments to deploy a few browser plug-ins for specific reasons - e.g. ad blocking. It's not a big deal to add these via a software / application deployment tool to a standard build / image.
SD
Perhaps you are overlooking the fact that the vast majority of corporates access the internet via a proxy such as websense that takes on most of that functionality - unlike home users, who have to provide it themselves.
Also, it is not by any means unknown for IT departments to deploy a few browser plug-ins for specific reasons - e.g. ad blocking. It's not a big deal to add these via a software / application deployment tool to a standard build / image.
SD
Join Date: Aug 2002
Location: Earth
Posts: 3,663
Likes: 0
Received 0 Likes
on
0 Posts
Saab,
Perhaps although not necessarily, especially in places which are increasingly adopting the BYOD (bring your own device) model.
My point about 12 things to troubleshoot vs 1 still stands, particularly for your average Joe with two left hands when it comes to IT.
Perhaps although not necessarily, especially in places which are increasingly adopting the BYOD (bring your own device) model.
My point about 12 things to troubleshoot vs 1 still stands, particularly for your average Joe with two left hands when it comes to IT.
Join Date: Jan 2012
Location: .
Posts: 2,173
Likes: 0
Received 0 Likes
on
0 Posts
Theres a heck of a difference between someone working in a corporate environment, and the average home user. And those "average joes with two left hands" are the problem.
They have not got a clue what "safe browsing" means. Yo have to lock their machines down to protect them from themselves. Of those plugins, the only ones that require manual updates are Spybot and Spyware Blaster. The only one which requires user input is NoScript - something easily learnt by most
The rest are invisible to the user.
I judge how successful things are by how often I get called back to sanitise machines I've previously worked on. The fact is, what I do works: I never need to reprise the protection on machines I've worked on.
They have not got a clue what "safe browsing" means. Yo have to lock their machines down to protect them from themselves. Of those plugins, the only ones that require manual updates are Spybot and Spyware Blaster. The only one which requires user input is NoScript - something easily learnt by most
The rest are invisible to the user.
I judge how successful things are by how often I get called back to sanitise machines I've previously worked on. The fact is, what I do works: I never need to reprise the protection on machines I've worked on.
Join Date: Nov 2010
Location: The World
Posts: 69
Likes: 0
Received 0 Likes
on
0 Posts
[quote] Milo Mindbender
Theres a heck of a difference between someone working in a corporate environment, and the average home user. And those "average joes with two left hands" are the problem.
They have not got a clue what "safe browsing" means. Yo have to lock their machines down to protect them from themselves. Of those plugins, the only ones that require manual updates are Spybot and Spyware Blaster. The only one which requires user input is NoScript - something easily learnt by most
The rest are invisible to the user.
I judge how successful things are by how often I get called back to sanitise machines I've previously worked on. The fact is, what I do works: I never need to reprise the protection on machines I've worked on. [quote]
Thank you for your post !
That answers much of the confusion created within us " two left hands " when the IT professionals disagree over various recommendations and we ( OK , I
) are reduced to doing nothing 
, through fear, ignorance and lack of understanding.
Theres a heck of a difference between someone working in a corporate environment, and the average home user. And those "average joes with two left hands" are the problem.
They have not got a clue what "safe browsing" means. Yo have to lock their machines down to protect them from themselves. Of those plugins, the only ones that require manual updates are Spybot and Spyware Blaster. The only one which requires user input is NoScript - something easily learnt by most
The rest are invisible to the user.
I judge how successful things are by how often I get called back to sanitise machines I've previously worked on. The fact is, what I do works: I never need to reprise the protection on machines I've worked on. [quote]
Thank you for your post !
That answers much of the confusion created within us " two left hands " when the IT professionals disagree over various recommendations and we ( OK , I
) are reduced to doing nothing , through fear, ignorance and lack of understanding.
Join Date: Aug 2003
Location: Mallorca
Posts: 309
Likes: 0
Received 0 Likes
on
0 Posts
Milo Minderbinder, you recommendation of BetterPrivacy a little earlier reminds me that Firefox no longer allows it or, for that matter, ExpatShield either. Has the poacher turned gamekeeper? They certainly seem steps worthy of a little suspicion....
Join Date: Apr 2002
Location: In the circuit
Posts: 177
Likes: 0
Received 0 Likes
on
0 Posts
I assume that everything in an email message is readable by someone else.
We use a secure FTP set up to transfer anything sensitive. simply add the info to a file, say Word, Excel, whatever, it doesn't matter.
The transfer is 256bit encrytped, the data on the server is 256 bit encrypted and the download to the recipient is also 256 bit encrypted. They need to use an agreed password before they can get the download.
No software for the recipient to download, and they can actually send files back to us using the same secure mechanism.
Even better we don't end up with our people using Exchange as a filing system, using system resources and saving cash.
We use a secure FTP set up to transfer anything sensitive. simply add the info to a file, say Word, Excel, whatever, it doesn't matter.
The transfer is 256bit encrytped, the data on the server is 256 bit encrypted and the download to the recipient is also 256 bit encrypted. They need to use an agreed password before they can get the download.
No software for the recipient to download, and they can actually send files back to us using the same secure mechanism.
Even better we don't end up with our people using Exchange as a filing system, using system resources and saving cash.
Join Date: Aug 2003
Location: Mallorca
Posts: 309
Likes: 0
Received 0 Likes
on
0 Posts
le PingouinI wonder if you've got the same information as I do. As soon as I updated Firefox to FF11 I got a box telling me that the two addons were incompatible with FF11 and had been disabled. I took the opportunity offered to get FF to look for a compatible version (something which has absolutely never worked, not even once, before) to be told that there was no compatible version of either. I fired up the new FF and checked "Addons" to find them both disabled with no box available to click to attempt to enable them. I presume that they are therefore duly disabled.
I only use the expat thingy to get access to some BBC stuff so haven't had cause to try it in the few hours since all this happened.
So far as BetterPrivacy is concerned, I can find neither hide nor hair of it. It's much more important than the other one so I'd love to hear how it appears on your machine....
Sorry probes if you're upset that I appear to have hijacked your very interesting thread but Milo Minderbinder brought it up in his excellent reply to you so I thought it was pertinent.
Well, here I am fifteen minutes later. All of the above is absolutely true and I have just reconfirmed it. Then I went to the BetterPrivacy website, saw that it (version 1.68) is still recommended by Mozilla for FF, so downloaded it afresh and it seems to be there.
ExpatShield is still shown as disabled and incompatible yet I've just tried it and it's working too. There are things in heaven and earth which pass all understanding!
Thank you for putting me up to it le Pingouin!
I only use the expat thingy to get access to some BBC stuff so haven't had cause to try it in the few hours since all this happened.
So far as BetterPrivacy is concerned, I can find neither hide nor hair of it. It's much more important than the other one so I'd love to hear how it appears on your machine....
Sorry probes if you're upset that I appear to have hijacked your very interesting thread but Milo Minderbinder brought it up in his excellent reply to you so I thought it was pertinent.
Well, here I am fifteen minutes later. All of the above is absolutely true and I have just reconfirmed it. Then I went to the BetterPrivacy website, saw that it (version 1.68) is still recommended by Mozilla for FF, so downloaded it afresh and it seems to be there.
ExpatShield is still shown as disabled and incompatible yet I've just tried it and it's working too. There are things in heaven and earth which pass all understanding!
Thank you for putting me up to it le Pingouin!
Last edited by Cameronian; 26th Mar 2012 at 18:25.
Join Date: Jan 2008
Location: The Land of Beer and Chocolate
Age: 56
Posts: 798
Likes: 0
Received 0 Likes
on
0 Posts
And yet they send out cheque books, statements, and remittance advices by normal mail which I would imagine less secure than email.