On Sat, Aug 07, 2010 at 09:30:49PM -0400, Richard Pieri wrote: > Believing that it is absurd does not magically make it not a threat. > Believing that you aren't worth targeting does not make you safe > from attack. Absolutely true. But it DOES dictate how you should respond to the threat. Security is not about keeping everyone out. Contrary to what you've said, it's not even about making it so hard that they'll move on to the next target. It's actually about balancing the risk of consequence against the cost of preventing the consequence. In essence, it's about minimizing cost. If it will cost you more to protect yourself from a threat than it would be to actually fall victim to that threat, then the only sensible action is for you to ignore the threat. The fact is, it's simply impossible for the average person to respond to such threats. And that matters, because the overwhelming majority of people on the Internet fall into that category. Most lack some or all of the inclination, resources, or ability to learn about them and stay on top of the latest developments, and install measures on their home network to protect against every conceivable threat. It's even not practical for most computer-savvy people to spend the effort to learn about how to protect themselves from the broad range of threats that are on the internet. As you no doubt have discovered, keeping up with them is a full-time permanent position. =8^) For the overwhelming majority of people, the only practical solution is to ignore the problem entirely, save for some basic security, like what Jarod has implemented. I would also advocate that people don't keep sensitive data (financial or medical records, for example) on any computer that they're going to connect to the Internet, and don't connect to sensitive services (like on-line banking) from public facilities, unless you can use some sort of VPN. Better still to avoid them entirely... do your banking in person (but even that has threats). Other than that, the *consequences* of a compromise, for the overwhelming majority of internet users, are that they'll have to reinstall their machine(s) once in a great while. That's annoying, but way, way less work than staying on top of all the latest security threats, and making efforts to protect yourself from them. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.