I ask out of ignorance

On Wed, 21 Nov 2018 21:00:43 -0500, SilverSlimer wrote:

On 2018-11-21 6:57 p.m., Char Jackson wrote:
On Wed, 21 Nov 2018 11:17:56 -0500, SilverSlimer wrote:

On 2018-11-21 11:02 a.m., Weatherman wrote:
? Good Guy ? wrote:
All the evidence suggests that you are jobless, high on drugs and
habitual shop-lifter.* Who in their right mind would waste time on
you!!!!!!.

How charming. You must be a stupid Trumper.

More than half of the United States

Last I heard, Trump lost the popular vote by nearly 3 million votes.
That doesn't sound like more than half.

And how many of them were illegal voters, something that Democrats made
sure would be able to vote during the midterms as well?

Whether you like it or not, the Electoral College was designed to ensure
that the entire country got a say over who the president was. There's a
reason why IT was chosen over the popular vote because the founding
fathers knew that it would otherwise result in places like New York and
California, their cities being heavily populated and highly liberal,
deciding the fate of the country regardless of what the smaller areas
wanted. In Canada too, seats decide who leads the country and not the
popular vote because pure Democracy is extremely flawed and very much
prone to abuse as the Democrats keep showing us with their continued
attempts to steal elections, many of which they _certainly_ stole in the
midterms.

Besides, the United States is a _republic_ so the very fact that you
brought up "the popular vote" suggests that you have no idea how your
country works and that you bought into the leftist excuse your media
system has been pushing from day one as to why "The Chosen One" Hillary
didn't win.

Actually, I brought up the popular vote to point out that you were
incorrect when you claimed that "More than half of the United States"
voted for Trump. I know you meant eligible voters and not the entire US
population, but it's still wrong. I could bring up the existence of the
Electoral College, but it appears as if you've heard of it. That makes
your claim above all the more puzzling.

On 11/21/18 04:31, Paul wrote:
Basically, I rely on your lack of "Safe Hex", to help
me get what I need. You accept my Trojan Horse, and
now I'm inside your perimeter.

I've been calling that "Safe Surfing" for at least a decade. The rules
are simple:

a) don't surf the web or read e-mail with 'admin' login credentials

b) don't use a Micro-shaft web browser

c) If possible do your web surfing and e-mail reading with Linux or
FreeBSD. or OSX.

d) don't view mail as HTML. *EVAR*. And don't allow attachments to be
previewed inline, either.

e) if you MUST open an e-mail attachment, save it to disk first, THEN
open it up with the proper application (the one that deals with that
kind of file) using "file open" - do NOT trust "the shell" to do the
right thing. AND SHUT OFF FREAKING MACROS IF IT IS WORD OR EXCEL!

f) use a plugin similar to 'noscript' so that javascript ONLY runs for
things you SPECIFICALLY want it to run with.


(and so on)

Do these things and you should NEVAR have to waste any money, bandwidth,
or CPU time on virus scanners because those won't stop 'zero-day's but
"Safe Surfing" JUST MIGHT!


--
(aka 'Bombastic Bob' in case you wondered)

'Feeling with my fingers, and thinking with my brain' - me

'your story is so touching, but it sounds just like a lie'
"Straighten up and fly right"

On 21/11/2018 11:34, wrote:
What's to prevent the bad guys from accessing my hard drive via my IP
address?
SS

Words from Apple recently:-

Today, individuals, communities, and nations depend on the security and
integrity of our shared technological infrastructure. We at Apple hold
this responsibility sacrosanct, and we will continue to dedicate intense
focus on keeping ahead of the hackers, cybercriminals, and even nation
states that hope to steal data and harm user faith in the potential of
technology to build a better world.

Sincerely,

George Stathakopoulos
Vice President, Information Security

Ref: https://www.scribd.com/document/390316327/Letter

Wolf K wrote:

See also Bob Henson's post Shields Up, and I quote:

Visit Gibson research, run Shields Up and it will tell you if you have
anything to worry about. The probability is that you don't.

https://www.grc.com/x/ne.dll?bh0bkyd2

That will do a probe from outside in. If will find if there are
listeners on your host but you'll have to test the complete range of
ports (64K of them).

If you want to check what are the inside out connections, you need a
tool on your intranet host (e.g., SysInternals TCP View, Nirsoft
SmartSniff or CurrPorts, Wireshark, a 3rd party firewall to show current
outbound connections or history).

Shields Up will check at the time you check but that may not be when you
have listener processes running on your host.

On 22/11/2018 10:18, VanguardLH wrote:
Wolf K wrote:

See also Bob Henson's post Shields Up, and I quote:

Visit Gibson research, run Shields Up and it will tell you if you have
anything to worry about. The probability is that you don't.

https://www.grc.com/x/ne.dll?bh0bkyd2

That will do a probe from outside in. If will find if there are
listeners on your host but you'll have to test the complete range of
ports (64K of them).

If you want to check what are the inside out connections, you need a
tool on your intranet host (e.g., SysInternals TCP View, Nirsoft
SmartSniff or CurrPorts, Wireshark, a 3rd party firewall to show current
outbound connections or history).

Agreed 100%
Shields Up will check at the time you check but that may not be when you
have listener processes running on your host.

FYI, when I use Shields Up in normal course, I have no open ports.

When using a VPN, however, a number of ports ARE shown to be open. Is
this to be expected? If so, why?

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2018-11-22 at 12:26:00

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
119, 135, 139, 143, 389, 443, 445,
1002, 1024-1030, 1720, 5000

2 Ports Open
23 Ports Closed
1 Ports Stealth
---------------------
26 Ports Tested

Ports found to be OPEN we 80, 443

The port found to be STEALTH was: 139

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

I.Mackie wrote:

when I use Shields Up in normal course, I have no open ports.

When you don't have a VPN active SheildsUp tests your IP address

When using a VPN, however, a number of ports ARE shown to be open. Is
this to be expected? If so, why?

With an active VPN connection, ShieldsUp will test your VPN provider's
IP address, so it sees ports 80 and 443 of your VPN provider's web server.

A bit worrying that they have port 139 open to the world though ...

Andy Burns wrote:

A bit worrying that they have port 139 open to the world though ...

Forget that, it says "stealth" so they've probably explicitly blocked
netbios rather than just dropping it ...

"I.Mackie" wrote

| Words from Apple recently:-
|
| Today, individuals, communities, and nations depend on the security and
| integrity of our shared technological infrastructure. We at Apple hold
| this responsibility sacrosanct, and we will continue to dedicate intense
| focus on keeping ahead of the hackers, cybercriminals, and even nation
| states that hope to steal data and harm user faith in the potential of
| technology to build a better world.
|

He's even more saintly than Zuck. Zuck
just plans to save the world by getting more
rich selling ads. This guy wants to save the
world by selling Apple products. He's almost
as saintly as our hero, the squealingly noble
Timmy Cook, who champions goodness, virtue,
safety, gorgeous product design, your good
health, slave labor, incompatibility design,
no freedom of self repair,and tax evasion.

And he's beautifully blended emotional trigger
marketing with the Apple credo. (Is everyone
at Apple a salesman?):
People are too stupid and computing is to
dangerous. The only solution is for Apple to
control and oversee all computing. For the sake
of the world... Or, leastways, for the sake of
the people who are stupid and rich enough to
buy new Apple stuff on a regular basis.
AOL never died. They just became a sleazy
device company.

But you do make a point. Many of the people
I know who switched to Apple did it because they
didn't want to have to understand Windows security.
They just wanted to shop without worries. (The
rest probably switched because "everyone else
was switching and I felt embarassed sitting in
Starbucks with my Dell".)

As the younger generation comes up, less of them
think of a computer as anything more than a
consumption device. So Apple makes sense.
Google/Android is now learning the same lesson with
their phones that MS learned with computers: Usability
comes with risks. And risks can lower profits. People
who use devices mainly for "services" don't want hassles.
They want restaurant reviews and Uber rides.
As Lord Jobs said when his architect asked about
whether the windows should open in his new donut
HQ building: No. If you let people open things they
just break them.

On 11/21/2018 5:34 AM, wrote:
What's to prevent the bad guys from accessing my hard drive via my IP
address?
SS


How do the get through your router?

In article , Mayayana
wrote:

[There was a darkly humorous example awhile back.
A couple of undisputable winners were flying their
private plane to a private luxury cabin getaway, for
a private, luxury, hunting cabin weekend. The
cabin owner turned on the heat via his iPhone
during the trip, so the cabin would be toasty when
they arrived. Very slick. These are winners, after all.
Their whole life is slick.They arrived at the
cabin. Both were dead within minutes. A squirrel had
set up house in the furnace vent and the CO alarm
wasn't working. The two men were suffocated by
high CO levels when they walked into the house,
probably passing out before they even had time to
think.]

that story does not add up.

On Wed, 21 Nov 2018 06:34:39 -0500, wrote:

What's to prevent the bad guys from accessing my hard drive via my IP
address?

At its most basic, it is your operating system and any security
software layered on top that prevents unauthorized access. But let's
get a bit more in-depth than that, without getting too technical.

Simply knowing the IP address is not enough. An IP address is (sort
of; allow me some simplifications in this explanation) like a street
address. It gets you to your location, but once you are there, you
still need to get inside the building. You also need to specify what
port to use. Think of a port as a door into that building. Each
computer can have up to 65,000 ports, but most computers have just a
fraction of this number. Ports are created by the operating system or
applications; some common ones are 21 (FTP), 23 (Telnet), 80 (HTTP)
and 139 (NetBIOS). If an attacker attacks your IP and pounds on a port
that doesn't exist, he's not getting in, even were you to use
Windows95. He needs to use an open port.

Okay, so what keeps the attacker from getting in via an open port?
Here's where you security software - either that built into your OS or
a third-party application such as a firewall - comes into play (this
software may also be built into your router). A firewall will usually
block any inbound attempts unless you specifically allow it in;
alternately your OS may challenge any incoming connection attempts to
provide a username and password. Anti-virus suites sometimes also
monitor Internet traffic too and block anything that looks fishy.

So if all an attacker knows is your IP, you are safe, right? He can't
get in without knowing which of 65000 ports to use, right?
Unfortunately no; aside from the fact that most computers have a lot
of standard ports accessible to the world that the hackers already
know about, software also lets them quickly scan your PC to see if any
of the other 65000 probes are open too. So they can swiftly assess how
many open doors you have on your system.

Okay, so maybe they know the address (IP) of my computer and which
doors (ports) to pound on, but surely the security software will stop
them? And the answer here is mostly, "yes it will"... unless it is
poorly configured. Or it has a bug in the security software that lets
them trick it into giving you access. Or there is an easily guessed
password that lets you bypass the whole thing. It doesn't help that a
lot of software applications open additional ports to the Internet for
legitimate reasons - for file-sharing, or to download updates, or pull
in data from the web - which just opens up more doors that can be
probed. And if any of that applications have bugs or bad security,
those flaws can leveraged by hackers too, to trick that software into
giving access. And don't depend on your firewall to save you because -
as far as it is concerned - those applications have legitimate reason
to send data in and out of those ports. They can't tell if an
application has been suborned; all they see is data going in and out
from an app that has already been authorized to connect to the
Internet.

So what does that mean in the end? Are we all completely hosed? Yes,
and no. Ultimately, most consumer-grade PCs and operating systems are
vulnerable to a dedicated attacker; if he wants in, odds are he is
going to get access to your computer. Fortunately, most hackers have
neither the skill nor the inclination to bypass the security of even a
moderately locked-down PC; the reward usually isn't worth the effort.
If they do have the skills, they usually aim their considerable
abilities at corporate servers, where all the valuable data resides.
Like the antelope of the Serengeti, most home users survive simply by
looking "less tasty" and less vulnerable than other, more easily
hacked users.

So what can you do to minimize the chances you get hacked? The
following are a bunch of tips that you've probably read dozens of
times before, but that's because they work.

1) Keep your software up to date. Hackers can use bugs in your
operating system or applications to give them access. Patches and
updates close these doors so those tricks don't work anymore.
Unfortunately, there are always more bugs but there's no reason to
leave yourself vulnerable because you didn't patch out a bug that was
fixed six years ago.

2) Use security software such as firewalls and anti-virus. While these
are nowhere nearly as effective as their marketing indicates, it does
add an extra layer of protection - or at least notification - that
something has gone wrong.

3) Minimize the number of open ports on your computer. For instance,
if you don't use DropBox, there's no reason to have it installed on
your computer, offering a tempting door into your computer. Close
unnecessary services too. The fewer ports you have open, the less
opportunity hackers can get in. If you aren't sure how to do this,
it's okay to ask a more computer-savvy friend for assistance. Odds are
he still won't be able to make you 100% safe - security is hard even
for professionals specializing in it - but he can probably knock off
some of the low-hanging fruit.

4) Be careful what software you do install. Most malware these days
are basically just software that poses as legitimate software but
secretly open a port out to the Internet. When your firewall or
Windows UAC flashes a warning at you, that's often it telling you,
"hey, this software wants to open a port to the Internet, is that
okay?" Sometimes it is - you wouldn't get far on the Internet if you
didn't allow your browser to open a port to read the web, for instance
- but sometimes those warnings are legitimate. Does that nifty new
calculator app you just downloaded really need access to the Internet?

5) Be safe with your passwords. As mentioned, third-party software can
often punch holes in your security software and even if there aren't
any bugs, access is often only protected by a username and password.
So don't use weak or easily guessed passwords and don't re-use your
passwords.

----

But ultimately, if you are worried about hackers getting access to
your files, there is only one safe and proven method of preventing
Internet intrusions: disconnect from the Internet. Barring that
extreme, its just an issue of how well you can minimize the risk.

"Mathedman" wrote in message
...
On 11/21/2018 5:34 AM, wrote:
What's to prevent the bad guys from accessing my hard drive via my IP
address?
SS


How do they get through your router?

Exactly. The NAT (network address translation) software in a router should
prevent any unsolicited traffic from reaching one of the PCs on the LAN. If
your PC requests information (eg a web page, or a list of emails to be
downloaded) the reply will be routed to the PC because it is in response to
a request that the PC has made. If any other traffic arrives at the router,
it will not be in response to a request so it will be discarded.

Of course, that doesn't stop a rogue piece of software on the PC (a virus)
from issuing a request which allows a connection to be made between the PC
and an external computer, but that is covered by having good spyware and
anti-virus software.

Also you may set up a static WAN-to-LAN route (port forwarding) in the
router, in which case you have created a back door: then you place more
reliance on the PC's security to trap malicious traffic.

Mathedman wrote:

wrote:

What's to prevent the bad guys from accessing my hard drive via my IP
address?

How do the get through your router?

UPnP, if that is enabled on the router ans some malware is installed and
has requested a port be opened for it ...

On Wed, 21 Nov 2018 14:04:42 +0000, Stephen Wolstenholme
wrote:

On Wed, 21 Nov 2018 08:18:27 -0500, wrote:



Just concerned about my banking and associated password files
tx

SS

You should use a more secure password and don't put it in a file.

Steve

As we say in our computer club, "Put it on a piece of paper and put it
in your underwear drawer where you will always fling it!"

I use Windows Defender along with Malewarebytes Premium.

Ben

On Thu, 22 Nov 2018 16:21:48 -0000, "NY" wrote:

"Mathedman" wrote in message
...
On 11/21/2018 5:34 AM, wrote:
What's to prevent the bad guys from accessing my hard drive via my IP
address?
SS


How do they get through your router?

Exactly. The NAT (network address translation) software in a router should
prevent any unsolicited traffic from reaching one of the PCs on the LAN. If
your PC requests information (eg a web page, or a list of emails to be
downloaded) the reply will be routed to the PC because it is in response to
a request that the PC has made. If any other traffic arrives at the router,
it will not be in response to a request so it will be discarded.

Minor clarification: NAT provides absolutely no security at all. That's
not its function. NAT simply 'translates' one destination address to
another destination address. The part that provides security is the
stateful firewall that's usually present in the NAT router. The behavior
of the stateful firewall is what's being accurately described above.

Of course, that doesn't stop a rogue piece of software on the PC (a virus)
from issuing a request which allows a connection to be made between the PC
and an external computer, but that is covered by having good spyware and
anti-virus software.

Also you may set up a static WAN-to-LAN route (port forwarding) in the
router, in which case you have created a back door: then you place more
reliance on the PC's security to trap malicious traffic.