josterD opened this issue on Dec 09, 2010 ยท 15 posts
bagginsbill posted Thu, 09 December 2010 at 11:11 PM
PS: Account hijacking is often begun by a drive-by download into your browser. Once there, any web-based accounts for which you have told your browser to automatically remember your password are wide open.
The first thing to do is use two browsers. Use one for reading mail and rendo and such other sites that you trust, visit often, and need a password for.
For general browsing, use another browser. That way if it gets a drive-by, it doesn't matter, because that browser doesn't know any of your passwords.
I use Firefox for that purpose. As well, I run it in private browsing mode so cookies get deleted, history is cleared, etc.
http://www.securelist.com/en/analysis/204792056/Drive_by_Downloads_The_Web_Under_Siege
http://www.theregister.co.uk/2008/06/09/drive_by_download_defences/
http://lifehacker.com/5410941/protect-yourself-from-drive+by-browser-malware-attacks
http://www.zdnet.com/blog/security/google-android-vulnerable-to-drive-by-browser-exploit/2067
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)