Date: Mon, 29 Sep 2008 11:01:52 -0400
From: "Mike B." <omni at omniphile.com>
To: WSFA members <WSFAlist at KeithLynch.net>
Subject: [WSFA] Re: "One-Man Star Wars Trilogy"
Reply-To: WSFA members <WSFAlist at KeithLynch.net>

Michael Walsh wrote:
>>> "Mike B." <omni at omniphile.com> 9/29/2008 10:17 AM >>>
>> Michael Walsh wrote:

>> If you don't have scripting, flash or whatever enabled,
>
> Obviously I do, but then I hide behind all sorts of protection provided by =
> JHU.

I doubt they have enough to protect you if you hit the wrong site.
Virus checkers, firewalls and other such things only protect against
some of the threats.  Others need to be handled by just not running
certain technologies from untrusted sites (or trusted sites that have
been compromised...which is another whole kettle of worms).

There's a new threat out there called "clickjacking", where a bad site
can make you click on things automatically and without your knowing it
has happened.  Apparently doesn't rely on Javascript.  All browsers
other than Lynx (or other similarly limited browsers) are vulnerable.
Firefox, with NoScript enabled and configured with default settings and
then to block IFRAMEs, in the plugin's settings, is apparently safe.
IE, and the rest are scratching their heads and saying, "wow, that's
going to be hard to prevent...".  Details of how it's done are being
kept to the browser development community, to limit implementation of
exploits.

-- Mike B.