Comments on: The Scrap Value of a Hacked PC, Revisited

By: Dan

Dan — Wed, 07 Nov 2012 05:57:09 +0000

… Bitcoin Mining…

By: Jason

Jason — Tue, 30 Oct 2012 07:09:15 +0000

Yeah, the part about JavaScipt and Java being different that he mentioned I missed somehow (I scanned over the article too quickly). But he does say:

“But disallowing JavaScript by default and selectively enabling it for specific sites remains a much safer option than letting all sites run JavaScript unrestricted all the time.”

Which seems to be suggesting to turn JavaScript off. Though you can do this, running software like NoScript is not something for anything but experienced users to do. There are far too many scripting options that come up and it is probably not obvious to most users, even sometimes advanced ones, that JavaScript has changed a site making it hard or impossible to use (most menus are JavaScript based, for example). I’ve used NoScript myself for a month or two and just ended up finding it more of a nuisance than anything.

I’m a computer teacher and I recognize what people can and will do. This isn’t a recommendation I’d agree with (turning JavaScript off by default and selectively turning it on) except possibly for advanced users. And even then, it makes using the web a lot more unpleasant.

By: matbog

matbog — Sat, 20 Oct 2012 23:25:48 +0000

If you want I can “pimp up” also this one

By: matbog

matbog — Sat, 20 Oct 2012 23:25:04 +0000

Can I do an italian language version of your graphic? (maybe a more attractive, less schematic one) ?

By: xAdmin

xAdmin — Thu, 18 Oct 2012 15:46:12 +0000

Good info. Reminds me of a former employer a few years ago, a small business (non-computer related) whose owner didn’t believe in using a simple firewall for their Internet connection and didn’t have any concern in securing the half dozen PC’s they used. His mentality was that there was nothing of importance on the PC’s and that no one would be trying to break into them from the Internet anyway. I carefully explained to him the threats at hand (like in the diagram) and offered my assistance to secure things. Sadly, end of the story, nothing was ever done. Shortly thereafter I left that job partly because of that. The ignorance out there is astounding at times.

By: Gary Rowe

Gary Rowe — Wed, 17 Oct 2012 16:34:23 +0000

You might want to update it with Bitcoin wallet harvesting. This assumes that the user has not bothered to encrypt it, or has used a weak password allowing the attackers time to crack it.

By: meh

meh — Wed, 17 Oct 2012 15:22:28 +0000

Even if they aren’t held personally liable, it is rare that someone with a pc is not going to have any personal info on it… The folks who fail to take any precautions and let themselves get extremely infected likely find their bank accounts bled dry and identity theft problems that more than make up for the problem.

It might not happen to all of them but I’d hate to take my chances on it.

By: Gabriele

Gabriele — Wed, 17 Oct 2012 10:17:57 +0000

Hi, may the picture be republished on commercial site, with link to the permalink of the original post?

By: Datz

Datz — Wed, 17 Oct 2012 09:55:07 +0000

Yes, in India the liability of the owner of the compromised system or network has been enshrined in the IT Act. As you said, the phrase “Reasonable Precautions” also finds mention here.

By: Uzzi

Uzzi — Wed, 17 Oct 2012 03:57:19 +0000

Knowingly or not the source is liable for every avoidable threat negligently caused to others in my world. .oO(In most cases that leads us to a company with a strange sense of justice and responsibility in Redmond, Washington, U.S. )