+1
I do the same, except I use a free account from one of those "disposable" email address providers.
I change the password used on the comment site ocassionally, but not much else.
7 publicly visible posts • joined 26 Mar 2014
I use it for mine and my 76 y.o. father's Macs.
Free, easy to set up and forget. Automatically updates itself and runs quietly in the background. No major performance hit seen thus far, but YMMV, depending on the age of the system and its condition.
Also, preventing the malware in the first place is BEST.
1. Disable Java plugins from all browsers as someone said before. Disable all unneeded plugins to reduce the "attack footprint".
2. I personally prefer to run Ffx with no java/flash and rely on HTML5 for videos/YouTube, etc.
3. I have my Pops on Chrome for its built-in Flash and PDF reader plugins, plus its automatic updates of both when needed without intervention. Then I added WOT and ABP to the mix and he's fine. Show her how to use things like WOT (Web of Trust) or similar, so she can avoid clicking on malware-baited search results.
Let me take a stab at your questions, @DaDoc:
Q: What's the client-side implication of all this? Is changing passwords after the server-side certs have been renewed enough?
A: Nope. The server's OpenSSL implementation has to be upgraded or re-compiled to get rid of the vuln. FIRST, then server-side cert renewal SECOND. You can change your passwords after that.
Q: Or are the libraries found in BYOD environments - what I'm saying is, is a leak inherently possible at either end, and equally dangerous?
A: Possibly. I've no clue. If the "client" is being logged into by others, then yes, I guess.
http://www.poetryfoundation.org/poem/175772
http://uncrunched.com/2014/03/28/this-is-intolerance/
http://uncrunched.com/2014/04/03/gun-toting-mozilla-employees-demand-ceo-step-down/
I'm pretty hard-pressed to continue to support Mozilla right now as I really think that all this was unnecessary.
I don't think or know if Eich tried to force his beliefs on anyone at Mozilla. If he had, then fire him. But 2008 was years ago. His support of that cause had/has nothing to do with his ability to work, code or contribute to the world. His support of that cause was actually the prevailing view of the majority at *that time*.
Lest we forget, without Netscape and/or Firefox, the Internet as we know it today wouldn't even exist. We'd all be running IE3. No innovation. No Web 2.0. Don't recall anyone taking his views to task when he created javascript.
It's not right imo to hound him on his views just because they differ from a select few or the apparent majority *today*.
What will tomorrow bring?
*shudders*
"They ran a Kickstarter campaign, only to FOUND AN OPERATION THEY IN TURN SELL FOR $2B and they are thank you for your support?
Disgusting scumbags."
Let's hope someone has the heart/conscience/common decency/common sense to refund the people's $.
Would be a nice gesture and all.