More security breaches via email

For discussions about security.
Post Reply
Message
Author
User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

More security breaches via email

#1 Post by Lobster »

:D

Today I found out by email that someone in Trumpland (formally USA) has ordered something or other via my Google email account.

Good news. I am glad to hear that my support for the capitalist system is being taken care of by phishers. :shock:

I was able to delete because if someone is having stuff delivered and has money to pay for it ... my credit status has just been upped. :roll:

Be safe guys. Scammers are getting smarter. Anything to start a dialogue AND fix your broken account ...
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#2 Post by 8Geee »

Crusty... you still D/L your mail??? :D

A few posts up Tallboy got a good idea on this stuff by enabling punycode in the browser ( I do this ). Yes, they got wizdum. And I just found screen-sharing turned ON by default in FF45 with a list of "acceptable" domains. :roll:

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
Lobster
Official Crustacean
Posts: 15522
Joined: Wed 04 May 2005, 06:06
Location: Paradox Realm
Contact:

#3 Post by Lobster »

8Geee wrote:Crusty... you still D/L your mail??? :D

A few posts up Tallboy got a good idea on this stuff by enabling punycode in the browser ( I do this ). Yes, they got wizdum. And I just found screen-sharing turned ON by default in FF45 with a list of "acceptable" domains. :roll:

Regards
8Geee
hi 8Geee :D

Google who like to sell my buying habits to anyone interested also has very good spam control. So I use it. :oops:

I don't download or probably allow email to run javascript or pdf or anything as far as I know or care. :shock:

Using a browser is probably the only way Puppy has been compromised, if having javascript, flash, html5 etc enabled. :shock:

What does that compromise consist of? Government checking if I am a Trump hater (I am) a religious fundamentalist (- Buddhist heretic, guilty there too) and Big Techno pan-globals adding to 'Lobster Database - (for Everyone's Eyes only - for the right price) :D

FUD is the mind killer. :wink:
Puppy is as safe as I can expect. Google-mail does me. Tin Hats are the mind destroyers.
Try modifying GROWL if you need extra Rottweiler (Puppy security buff) powers. :mrgreen:
http://smokey01.com/newsletters/2017/Ma ... 017.html#7
Puppy Raspup 8.2Final 8)
Puppy Links Page http://www.smokey01.com/bruceb/puppy.html :D

User avatar
tallboy
Posts: 1760
Joined: Tue 21 Sep 2010, 21:56
Location: Drøbak, Norway

#4 Post by tallboy »

All my email goes through the email servers at the uni in Oslo, so I generally have no problems at all, I just log in and open them in a browser. I made this post in another thread about browser slowing down from heavy load, so it is not dealing specifically with email issues, but rather the browser as a whole. I repost it here to show the links to modification HowTo's, for Firefox and it's relatives. The links are frequently updated, so don't care about the 2015 date in the links!

-----
Part of the problem is that many of you have a lot of bookmarks, open a lot of tabs, and want to have the services like using bookmarks and history to suggest completions to a site's address. If you have a browser with a status bar, you can see a lot of addresses fly by when you open a page, most of them totally unknown, but always Google analytics, there is an extension NO google analytics to turn that off. You have automatic Health reports sent to Mozilla, telemetry, datareporting to services you never even heard about, storage of visited sites, automatic updates of add-ons and extensions, network prefetching sites based upon your browsing history, etcetera, etcetera...All those services are activated when you visit a new site.

So the question is, what do you want your browser to do for you?

Most problems can be eliminated by settings in about:config. Don't be afraid to try, most setting have a Reset option in the menu.

http://kb.mozillazine.org/About:config_entries
http://kb.mozillazine.org/Category:Preferences

http://www.ghacks.net/2015/08/18/a-comp ... -settings/

http://12bytes.org/articles/tech/firefo ... ance-buffs

https://gecko.readthedocs.io/en/latest/ ... ences.html

http://www.ghacks.net/2015/11/11/list-o ... eferences/
(I use the PaleMoon 27.2.1 right now, setup is the same via about:config)

My list of sites is a couple of years old, these sites are mostly updated every day.

A lot of reading, some of it has the potential to turn your hair gray over night... :shock:
-----

Before doing any serious work in about.config, make a backup copy of the /root/.mozilla directory, rename it with the date included, something like 11-05-17-dot-mozilla. The prefs are written to prefs.js in the .mozilla dir, you may open it as text to browse the entries, but don't do any modifications directly into that file. You may use a text editor to write all your about:config mods to a /root/.mozilla/user.js file

I use some tricks when I play around with about:config entries, some keyboard shortcuts to speed up the search for an entry's documentation:
Setting it up:
1) In Prefrences -> Tabs, activate Insert related tabs next to current tab
2) In about:config, right-click browser.search.openintab, choose Toggle from the pop-up menu to set it to true
Using it:
1) In about:config, right-click the entry you want to know more about, choose Copy Name from the pop-up menu.
2) Press Ctrl-K to activate, or mark old text, in the little search bar next to the address bar/urlbar.
3) Press Ctrl-V to paste the copied entry name into the search bar
4) Press Enter, or click the symbol in the search bar, to make a new tab with hits
5) Press Ctrl-Tab to browse the tab with hits

I you don't like tabs, you could of course search by Ctrl-V-pasting the entry name into the address bar/urlbar instead, after pressing Ctrl-L to mark it, but you already knew that...

tallboy
True freedom is a live Puppy on a multisession CD/DVD.

User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#5 Post by rufwoof »

I've been using firejail recently. With the --private parameter is creates a totally new instance/container ... that is erased as closure, no addons etc. ... starts up as though a fresh instance. With the standard choice it acts as a sandbox with limited access to files/folders (such as the Download folder).

Nice and transparent, but means having a few more desktop icons
Attachments
s.jpg
(15.52 KiB) Downloaded 191 times

User avatar
tallboy
Posts: 1760
Joined: Tue 21 Sep 2010, 21:56
Location: Drøbak, Norway

#6 Post by tallboy »

A little warning regarding punycode set to true: My Palmoon definitely don't like it, some websites which usually uses https, behave unpredictable with punycode enabled. The extension is maybe not fully developed.

So I toggled it back to false with about:config: network.IDN_show_punycode false

tallboy
True freedom is a live Puppy on a multisession CD/DVD.

Post Reply