Pidgin saved me from being hacked!

Shlomi Fish shlomif at shlomifish.org
Thu Aug 2 07:05:27 EDT 2012


Hello Hermine,

On Wed, 1 Aug 2012 20:10:47 -0400
"Hermine Strand" <hermine.strand.writing at gmail.com> wrote:

> I'm serious. If I hadn't been using Pidgin for text chat, I would probably
> now have an infected computer and a drained bank account. Details are in my
> latest blog post as per my signature below. Pidgin is definitely getting a
> donation right now! Who doesn't love Pidgin?

Regarding
http://earthatory.wordpress.com/2012/08/01/security-alert-how-pidgin-saved-me-from-being-hacked/ :

1. You mention that Pidgin crashed while the scammer was sending you what you
believed to be the exploit. Well, Pidgin (or most other programs) should never
crash, so it's also indicative of a bug (though it is better than being
exploited, assuming the crash was not indicative of an exploit.).

2. "Security software" such as anti-virus/etc. cannot handle many types of
malware including unknown malware, and polymorphic viruses -
http://www.cknow.com/cms/vtutor/polymorphic-viruses.html , and you could
always be hit by a more targeted attack.

While there is no silver bullet for security, one good idea is to use more
secure UNIX-like operating system (such as the *BSDs or some distributions of
GNU/Linux) instead of Microsoft Windows (later versions of MS Windows
have improved in security, but with every desktop user working as
administrator - I'm not sure it's enough), and to work as an
underprivileged user instead of root.

----------------------------

Regards,

	Shlomi Fish

> 
>  
> 
> Hermine Strand a.k.a Lawry Street
> 
> Author
> 
> Website/Blog <http://earthatory.wordpress.com/> 
> 
>  
> 



-- 
-----------------------------------------------------------------
Shlomi Fish       http://www.shlomifish.org/
"The Human Hacking Field Guide" - http://shlom.in/hhfg

Chuck Norris once wrote a 10 million lines C++ program in Microsoft Notepad
without having to use the backspace key. And it compiled without errors or
warnings, and was 100% bug‐free.

Please reply to list if it's a mailing list post - http://shlom.in/reply .



More information about the Support mailing list