This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access CUPS I get a message that says in effect that it is a security issue and does not complete. This hack probably occurred in the last 3 or 4 days, and I apologize for any messages sent to the list from the Linux partition-- I may have sent one or two before finding the situation. I am writing this from Windows (ugh!) after running Avast Security on this partition. There is no AV software on the Linux partition, and I am having a terrible time trying to get and install something along this line. The closest I came is Eset, which requires a 32-bit lib, which I have found, and downloaded, but I'm not sure how to install it. (This is a 32-bit lib on a 64-bit file, somehow. Eset will not let me proceed without this.) If someone would like to assist, I will open the Linux system, write down as best I can what I am trying to do and then post it here in Windows, so as not to send any malware to the list. --doug PS: This version of Thunderbird is driving me crazy! -- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
On 03/02/2021 07.53, doug mack wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete. This hack probably
occurred in the last 3 or 4 days, and I apologize for any messages sent to the list from the Linux partition--
I may have sent one or two before finding the situation. I am writing this from Windows (ugh!) after running
Avast Security on this partition. There is no AV software on the Linux partition, and I am having a terrible time
trying to get and install something along this line. The closest I came is Eset, which requires a 32-bit lib, which
I have found, and downloaded, but I'm not sure how to install it. (This is a 32-bit lib on a 64-bit file, somehow.
Eset will not let me proceed without this.) If someone would like to assist, I will open the Linux system, write
down as best I can what I am trying to do and then post it here in Windows, so as not to send any malware to
the list.
What evidence do you have of being hacked? -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
On Wed, 2021-02-03 at 11:25 +0100, Carlos E. R. wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete.
This is a wild guess, but maybe you're accessing CUPS through the browser, using TLS, and the certificate is self-signed. Browsers would show that security dialog, but it does not mean that you've been hacked. Thanks, Robert
On 03/02/2021 11.51, Robert Munteanu wrote:
On Wed, 2021-02-03 at 11:25 +0100, Carlos E. R. wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete.
This is a wild guess, but maybe you're accessing CUPS through the browser, using TLS, and the certificate is self-signed. Browsers would show that security dialog, but it does not mean that you've been hacked.
If I try <https://localhost:631/> on my Leap 15.2 (he uses TW), I get an error right at the start: +++···················· Warning: Potential Security Risk Ahead Firefox detected a potential security threat and did not continue to localhost. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details. Learn more... [Go back (reccomended)] [Advanced] ····················++- Of course, Doug: if you are getting that, YOU HAVE *NOT* BEEN HACKED! GOSH :-/ "Learn more" is not illustrative, it leads to a generic external page that doesn't say why I'm getting the error. Advanced says, as expected: +++···················· Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for localhost:631. Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT View certificate [Go back (reccomended)] [Accept the risk and continue] ····················++- And only if I click "accept the risk I get the page. Then I try to change the paper size of a printer; it asks for login and password, I say root, and it works. However, neither ~/.cups/lpoptions or /etc/cups/lpoptions were modified. So no, I could not reproduce his paper size problem. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
On 2/3/21 5:51 AM, Robert Munteanu wrote:
On Wed, 2021-02-03 at 11:25 +0100, Carlos E. R. wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete. This is a wild guess, but maybe you're accessing CUPS through the browser, using TLS, and the certificate is self-signed. Browsers would show that security dialog, but it does not mean that you've been hacked.
Thanks, Robert Yes, I'm trying to access CUPS thru the browser (Firefox)--how else can one get there? --doug
On 03/02/2021 20.51, Doug McGarrett wrote:
On 2/3/21 5:51 AM, Robert Munteanu wrote:
On Wed, 2021-02-03 at 11:25 +0100, Carlos E. R. wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access CUPS I get a message that says in effect that it is a security issue and does not complete. This is a wild guess, but maybe you're accessing CUPS through the browser, using TLS, and the certificate is self-signed. Browsers would show that security dialog, but it does not mean that you've been hacked.
Yes, I'm trying to access CUPS thru the browser (Firefox)--how else can one get there?
I repeat: You have NOT been hacked. The security message you got in firefox is NORMAL, in this case. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
On 2021-02-03 14:24:09 Carlos E.R. wrote:
|On 03/02/2021 20.51, Doug McGarrett wrote: |> On 2/3/21 5:51 AM, Robert Munteanu wrote: |>> On Wed, 2021-02-03 at 11:25 +0100, Carlos E. R. wrote: |>>>> This is probably off-topic, but I have evidence that my machine |>>>> has been hacked. When trying to access CUPS I get a message |>>>> that says in effect that it is a security |>>> issue and does not complete. |>> This is a wild guess, but maybe you're accessing CUPS through the |>> browser, using TLS, and the certificate is self-signed. Browsers |>> would show that security dialog, but it does not mean that you've |>> been hacked. | |> Yes, I'm trying to access CUPS thru the browser (Firefox)--how else |> can one get there? | | |I repeat: You have NOT been hacked. The security message you got in |firefox is NORMAL, in this case. | | Just to be clear, you're getting that message because you used https instead of http in your link to CUPS. That's not necessary, since you're connection to CUPS doesn't leave your computer, it's an internal (localhost) link.
Leslie Linux pinto 5.3.18-lp152.57-default #1 SMP Fri Dec 4 07:27:58 UTC 2020 (7be5551) x86_64 x86_64 x86_64 GNU/Linux openSUSE VERSION = 15.2 --
On 2/3/21 5:25 AM, Carlos E. R. wrote:
On 03/02/2021 07.53, doug mack wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete. This hack probably
occurred in the last 3 or 4 days, and I apologize for any messages sent to the list from the Linux partition--
I may have sent one or two before finding the situation. I am writing this from Windows (ugh!) after running
Avast Security on this partition. There is no AV software on the Linux partition, and I am having a terrible time
trying to get and install something along this line. The closest I came is Eset, which requires a 32-bit lib, which
I have found, and downloaded, but I'm not sure how to install it. (This is a 32-bit lib on a 64-bit file, somehow.
Eset will not let me proceed without this.) If someone would like to assist, I will open the Linux system, write
down as best I can what I am trying to do and then post it here in Windows, so as not to send any malware to
the list. What evidence do you have of being hacked?
Reporting from Linux--hope that I am not sending malware with this post! 1. I attempted to access CUPS and got a message that there was a security problem, and I could not access CUPS. (I just accessed CUPS today, from the older system I am now running, and it works. Maybe I did something wrong the last time and it complained--it was quite late at nite.) 2. Went to reboot machine and it barfed. I had to select the second boot option, and select an earlier system, which I am now using. 3. In the last two days have received email stating that an order was received from me to Amazon for a $3000 camera, and that it would be delivered Wednesday, along with a phone number to cancel the order. I did not place such an order, and called Amazon to straighten this out, which they did. It had my full name on it. I forget if it had my house address. Then I got an email for something--I forget what--that would renew annually at a cost of $500, again with a phone number to cancel. I deleted it. Wrote it up on Kate, but apparently Windows Kate file is not readable from Linux. So maybe this version of the OS is not hacked--I hope not--but that's the story. Would still like to install Eset AV program, which requires glibc locale-32bit. This is supposed to be available at https://opensuse.pkgs.org/tumbleweed/opensuse-oss-x86_64/glibc-locale-base-3... but I can't figure out how to download the file. --doug
On 2021-02-03 20:08, Doug McGarrett wrote:
So maybe this version of the OS is not hacked--I hope not--but that's the story. Would still like to install Eset AV program, which requires glibc locale-32bit. This is supposed to be available at https://opensuse.pkgs.org/tumbleweed/opensuse-oss-x86_64/glibc-locale-base-3...
but I can't figure out how to download the file.
It's in the normal repo. from command line: zypper install glibc-locale-base-32bit -- /bengan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-ID: <25f8284e-f352-c68d-6fdf-9f1c115fccc1@Telcontar.valinor> On Wednesday, 2021-02-03 at 14:08 -0500, Doug McGarrett wrote:
On 2/3/21 5:25 AM, Carlos E. R. wrote:
On 03/02/2021 07.53, doug mack wrote:
This is probably off-topic, but I have evidence that my machine has been hacked. When trying to access
CUPS I get a message that says in effect that it is a security issue and does not complete. This hack probably
occurred in the last 3 or 4 days, and I apologize for any messages sent to the list from the Linux partition--
I may have sent one or two before finding the situation. I am writing this from Windows (ugh!) after running
Avast Security on this partition. There is no AV software on the Linux partition, and I am having a terrible time
trying to get and install something along this line. The closest I came is Eset, which requires a 32-bit lib, which
I have found, and downloaded, but I'm not sure how to install it. (This is a 32-bit lib on a 64-bit file, somehow.
Eset will not let me proceed without this.) If someone would like to assist, I will open the Linux system, write
down as best I can what I am trying to do and then post it here in Windows, so as not to send any malware to
the list. What evidence do you have of being hacked?
Reporting from Linux--hope that I am not sending malware with this post!
1. I attempted to access CUPS and got a message that there was a security problem, and I could not access CUPS. (I just accessed CUPS today, from the older system I am now running, and it works. Maybe I did something wrong the last time and it complained--it was quite late at nite.)
That sdecurity message is NOT indicative of any problem whatsoever. You must learn to read correctly the messages. There is no security issue at all in there. You probably accessed <https://localhost:631/> instead of <http://localhost:631/> and you got this expected error: +++···················· Warning: Potential Security Risk Ahead Firefox detected a potential security threat and did not continue to localhost. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details. Learn more... [Go back (reccomended)] [Advanced] ····················++- This, in this case, means NOTHING.
2. Went to reboot machine and it barfed. I had to select the second boot option, and select an earlier system, which I am now using.
Well, you are always getting problems...
3. In the last two days have received email stating that an order was received from me to Amazon for a $3000 camera, and that it would be delivered Wednesday, along with a phone number to cancel the order. I did not place such an order, and called Amazon to straighten this out, which they did. It had my full name on it. I forget if it had my house address. Then I got an email for something--I forget what--that would renew annually at a cost of $500, again with a phone number to cancel. I deleted it. Wrote it up on Kate, but apparently Windows Kate file is not readable from Linux.
Who knows why you got that. Probably not related to your Linux. I hope that you did not phone the number you got on the email, as that could be another scam... Of course, you must change your Amazon credentials.
So maybe this version of the OS is not hacked--I hope not--but that's the story. Would still like to install Eset AV program, which requires glibc locale-32bit. This is supposed to be available at https://opensuse.pkgs.org/tumbleweed/opensuse-oss-x86_64/glibc-locale-base-3... but I can't figure out how to download the file. --doug
As almost always, you only need to stop searching internet, and search in yast instead for "glibc-locale-base-32bit". - -- Cheers, Carlos E. R. (from openSUSE 15.2 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCYBsSmxwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVSfIAn3D/x10YUrmyAFSx7Blv lErRgEJiAJwOf3hNz7XvMow4IEL2texWNqtiPw== =sI0t -----END PGP SIGNATURE-----
3. In the last two days have received email stating that an order was received from me to Amazon for a $3000 camera, and that it would be delivered Wednesday, along with a phone number to cancel the order. I did not place such an order, and called Amazon to straighten this out, which they did. It had my full name on it. I forget if it had my house address.
Am 03.02.21 um 20:08 schrieb Doug McGarrett: 1) i would be very carefully with such mails. IF this mail IS a fake YOU call fake people (not the real amazon people) and (maybe) give them the rest of your personal data (bank account or password or something else) -> I would never answer to such a mail. i would read carefully and then SEARCH OUTSIDE the mail for a contact. here in germany its not normal that you get a PHONE number from amazon. so i would say you where falling in their trap. only idea i have is now to hope you have NOT give them any account information (bank, or amazon passwords) (real support people will never ask you about this type of information) you could with google try to search for this phone number. sometimes such numbers are know for spam or other bad things. 2) your full name could come from maybe this list (if somebody read here) or some OTHER computer who has your emailadress and mail was hacked, or some marketplace or something else was hacked. i receive sometimes mails from people i know, but the mail is not from them. and i am pretty sure (never 100%) that nobody up to now has hacked my systems. SOMEWHERE a emailadressbook was hacked where i and some other contacts of me where in. you could go to https://haveibeenpwned.com/ and follow the instructions. therefore you could see if your data is inside a !!KNOWN!! hacker list. (of course with this you will not know if your computer was hacked.) 3) !!!!for security reasons, change NOW imidiately zour login data for amazon!!!!! and if you use the same combination of password and loginname somewhere else, change all !!! -> NEVER use same password and login name by different accounts!!!! 4) there are usb boot sticks for download from known anti-virus sides avira f-prot mcaffee (only examples, not checked if they still offer it for free) with this you could boot a possible infected system and search for KNOWN virus - OF COUSRSE you should donwload and safe to stick this on a computer who is sure not infected. 5) if you receive a file inside a mail you are not sure it is free of maleware you could upload it to www.virustotal.com (and if only one scanner reports a problem i would not open the file. i receive about one time a week mails with pretty new viruses. sometimes (1 or 2 times last year) i am the first who uploaded this type of file (maybe the virus is known inside the file) but the file itself in this combination was never uploaded before. and there are always only a hand full scanners who detect it. ( a couple of weeks later mostly the rate increased) simoN -- www.becherer.de
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2021-02-04 at 07:55 +0100, Simon Becherer wrote:
Am 03.02.21 um 20:08 schrieb Doug McGarrett:
3. In the last two days have received email stating that an order was received from me to Amazon for a $3000 camera, and that it would be delivered Wednesday, along with a phone number to cancel the order. I did not place such an order, and called Amazon to straighten this out, which they did. It had my full name on it. I forget if it had my house address.
1) i would be very carefully with such mails. IF this mail IS a fake YOU call fake people (not the real amazon people)
Exactly. This is what I'm afraid that happened.
and (maybe) give them the rest of your personal data (bank account or password or something else) -> I would never answer to such a mail. i would read carefully and then SEARCH OUTSIDE the mail for a contact. here in germany its not normal that you get a PHONE number from amazon. so i would say you where falling in their trap.
Absolutely.
only idea i have is now to hope you have NOT give them any account information (bank, or amazon passwords) (real support people will never ask you about this type of information) you could with google try to search for this phone number. sometimes such numbers are know for spam or other bad things.
Good idea.
2) your full name could come from maybe this list (if somebody read here) or some OTHER computer who has your emailadress and mail was hacked, or some marketplace or something else was hacked. i receive sometimes mails from people i know, but the mail is not from them. and i am pretty sure (never 100%) that nobody up to now has hacked my systems. SOMEWHERE a emailadressbook was hacked where i and some other contacts of me where in.
Yes, I also got email from somebody with full names, his and mine, but the content was "weird", and his mail address was not his. It can be his computer (he uses Windows), or some other of his contacts that got hacked, or some webmail that got hacked. I'm absolutely sure that it was not me. Also, ID theft is more common in the USA than in Europe, so perhaps some other person can chime in and advice on that danger.
you could go to
and follow the instructions.
therefore you could see if your data is inside a !!KNOWN!! hacker list. (of course with this you will not know if your computer was hacked.)
3) !!!!for security reasons, change NOW imidiately zour login data for amazon!!!!! and if you use the same combination of password and loginname somewhere else, change all !!! -> NEVER use same password and login name by different accounts!!!!
This is VERY important. I would also check closely the bank account, possibly change the credit/debit card.
4) there are usb boot sticks for download from known anti-virus sides avira f-prot mcaffee (only examples, not checked if they still offer it for free) with this you could boot a possible infected system and search for KNOWN virus - OF COUSRSE you should donwload and safe to stick this on a computer who is sure not infected.
5) if you receive a file inside a mail you are not sure it is free of maleware you could upload it to www.virustotal.com (and if only one scanner reports a problem i would not open the file. i receive about one time a week mails with pretty new viruses. sometimes (1 or 2 times last year) i am the first who uploaded this type of file (maybe the virus is known inside the file) but the file itself in this combination was never uploaded before. and there are always only a hand full scanners who detect it. ( a couple of weeks later mostly the rate increased)
Some mail providers include virus scanning in their automatic services. - -- Cheers, Carlos E. R. (from openSUSE 15.2 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCYBvg9xwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVnF0AmgIbYB84qcJ0BFrJCfGV XE+ZmssrAKCQBPd6reU4F12ryJX69H5yeo0q1A== =7kcI -----END PGP SIGNATURE-----
On 2/4/21 1:55 AM, Simon Becherer wrote: > > Am 03.02.21 um 20:08 schrieb Doug McGarrett: > >> 3. In the last two days have received email stating that an order was received from me to Amazon >> for a $3000 camera, and that it would be delivered Wednesday, along with a phone number to cancel >> the order. I did not place such an order, and called Amazon to straighten this out, which they did. >> It had my full name on it. I forget if it had my house address. > 1) > i would be very carefully with such mails. IF this mail IS a fake YOU call fake people > (not the real amazon people) > and (maybe) give them the rest of your personal data (bank account or password or something else) -> > I would never answer to such a mail. i would read carefully and then SEARCH OUTSIDE > the mail for a contact. > here in germany its not normal that you get a PHONE number > from amazon. so i would say you where falling in their trap. Well, I did not talk to anyone at that phone number, I called Amazon. So I do not give any bank information over the internet, I won't even deal with my banks over the net. It is, however, obvious that I have to provide real entities with my credit card number and address and phone number. A couple of times there has been something suspicious about a credit charge and I follow that up right away. I have had bills cancelled and cards replaced, which the credit card companies are very helpful in doing. > > only idea i have is now to hope you have NOT give them any account information > (bank, or amazon passwords) (real support people will never ask you about this type > of information) > you could with google try to search for this phone number. sometimes such numbers > are know for spam or other bad things. > > 2) > your full name could come from maybe this list (if somebody read here) or > some OTHER computer who has your emailadress and mail was hacked, or some > marketplace or something else was hacked. i receive sometimes mails from people > i know, but the mail is not from them. and i am pretty sure (never 100%) that > nobody up to now has hacked my systems. SOMEWHERE a emailadressbook was hacked > where i and some other contacts of me where in. > you could go to > > https://haveibeenpwned.com/ > > and follow the instructions. I Have vaguely heard of that operation, and I will follow it up. Twice I have received mail purpoting to be from someone I know, but that always gave itself away one way or another, and I have informed the people who were impersonated so they could take whatever action they thought was desirable. > > therefore you could see if your data is inside a !!KNOWN!! hacker list. > (of course with this you will not know if your computer was hacked.) > > 3) !!!!for security reasons, change NOW imidiately zour login data for amazon!!!!! > and if you use the same combination of password and loginname somewhere else, > change all !!! -> NEVER use same password and login name by different accounts!!!! > > 4) there are usb boot sticks for download from known anti-virus sides > avira f-prot mcaffee (only examples, not checked if they still offer it > for free) with this you could boot a possible infected system and search for > KNOWN virus - OF COUSRSE you should donwload and safe to stick this > on a computer who is sure not infected. Yes, good idea! I hadn't thought about running an AV routine from an external source. I will have to follow up on that. > > 5) if you receive a file inside a mail you are not sure it is free of maleware > you could upload it to www.virustotal.com (and if only one scanner reports > a problem i would not open the file. > i receive about one time a week mails with pretty new viruses. sometimes (1 or 2 times > last year) i am the first who uploaded this type of file (maybe the virus is known inside > the file) but the file itself in this combination was never uploaded before. > and there are always only a hand full scanners who detect it. ( a couple of weeks > later mostly the rate increased) I don't think I've ever received a file inside a mail, even from family, unless it was obvious what it referred to. And if it was NOT from family, I would certainly not open it. Thank you for your interest. You have definitely given me some thigs to think about and some steps to take. --doug > > simoN > >
In data venerdì 5 febbraio 2021 03:06:23 CET, Doug McGarrett ha scritto:
On 2/4/21 1:55 AM, Simon Becherer wrote:
Am 03.02.21 um 20:08 schrieb Doug McGarrett:
3. In the last two days have received email stating that an order was received from me to Amazon for a $3000 camera, and that it would be delivered Wednesday, along with a phone number to cancel the order. I did not place such an order, and called Amazon to straighten this out, which they did. It had my full name on it. I forget if it had my house address.
1) i would be very carefully with such mails. IF this mail IS a fake YOU call fake people (not the real amazon people) and (maybe) give them the rest of your personal data (bank account or password or something else) -> I would never answer to such a mail. i would read carefully and then SEARCH OUTSIDE the mail for a contact. here in germany its not normal that you get a PHONE number from amazon. so i would say you where falling in their trap.
Well, I did not talk to anyone at that phone number, I called Amazon. So I do not give any bank information over the internet, I won't even deal with my banks over the net. It is, however, obvious that I have to provide real entities with my credit card number and address and phone number. A couple of times there has been something suspicious about a credit charge and I follow that up right away. I have had bills cancelled and cards replaced, which the credit card companies are very helpful in doing.
only idea i have is now to hope you have NOT give them any account information (bank, or amazon passwords) (real support people will never ask you about this type of information) you could with google try to search for this phone number. sometimes such numbers are know for spam or other bad things.
2) your full name could come from maybe this list (if somebody read here) or some OTHER computer who has your emailadress and mail was hacked, or some marketplace or something else was hacked. i receive sometimes mails from people i know, but the mail is not from them. and i am pretty sure (never 100%) that nobody up to now has hacked my systems. SOMEWHERE a emailadressbook was hacked where i and some other contacts of me where in. you could go to
and follow the instructions.
I Have vaguely heard of that operation, and I will follow it up. Twice I have received mail purpoting to be from someone I know, but that always gave itself away one way or another, and I have informed the people who were impersonated so they could take whatever action they thought was desirable.
therefore you could see if your data is inside a !!KNOWN!! hacker list. (of course with this you will not know if your computer was hacked.)
3) !!!!for security reasons, change NOW imidiately zour login data for amazon!!!!! and if you use the same combination of password and loginname somewhere else, change all !!! -> NEVER use same password and login name by different accounts!!!!
4) there are usb boot sticks for download from known anti-virus sides avira f-prot mcaffee (only examples, not checked if they still offer it for free) with this you could boot a possible infected system and search for KNOWN virus - OF COUSRSE you should donwload and safe to stick this on a computer who is sure not infected.
Yes, good idea! I hadn't thought about running an AV routine from an external source. I will have to follow up on that.
5) if you receive a file inside a mail you are not sure it is free of maleware you could upload it to www.virustotal.com (and if only one scanner reports a problem i would not open the file. i receive about one time a week mails with pretty new viruses. sometimes (1 or 2 times last year) i am the first who uploaded this type of file (maybe the virus is known inside the file) but the file itself in this combination was never uploaded before. and there are always only a hand full scanners who detect it. ( a couple of weeks later mostly the rate increased)
I don't think I've ever received a file inside a mail, even from family, unless it was obvious what it referred to. And if it was NOT from family, I would certainly not open it.
Thank you for your interest. You have definitely given me some thigs to think about and some steps to take. --doug
simoN
You should use Amazon with U2F (which can be Nitrokey (nitrokey.com) or yubikey (yubikey.com) or even, less (much less) save with sms 2nd Factor token on cell phone. This makes it very difficult even for malware to interfere and remember: passwords are a thing of yesterday (actually of middle ages, it seems). You can put activate this once you have your hardware token (or tokens one for you an your wife) in Settings of amazon. Works very well, although their implementation does currently not allow to avoid password all together (like the very good setup of mailbox.org does). So you put your password and after a window ask you for the one time password that is generated on you hardware token, is always different and cannot be extracted. I guess that is what you would like. On the website of nitrokey you find a neat explanation and can see the offer, to get a deeper understanding. Currently I switched to the use of U2F with at least 5 commercial sites. Unfortunately the trains services and banks in Germany are dispiriting for their delay and their tendency to discharge responsibility of fraud to the user. They just "downplay it". So the main part of the sites working with a good U2F are US or CH. And German webmail sites. But it takes moment. SMS token: bear in mind that identity theft is also often done with withdrawal of control over the own mobile phone number and that annihilates the protection of the second factor. So were offered you should prefer U2F over token.
On 2021/02/05 11:11, Stakanov wrote:
You should use Amazon with U2F (which can be Nitrokey (nitrokey.com) or yubikey (yubikey.com) or even, less (much less) save with sms 2nd Factor token on cell phone. This makes it very difficult even for malware to interfere and remember: passwords are a thing of yesterday (actually of middle ages, it seems).
--- Actually, if you never trust links or phone numbers in emails, and just go to the website manually, you should be safe.
On 16/02/2021 04.34, L A Walsh wrote:
On 2021/02/05 11:11, Stakanov wrote:
You should use Amazon with U2F (which can be Nitrokey (nitrokey.com) or yubikey (yubikey.com) or even, less (much less) save with sms 2nd Factor token on cell phone. This makes it very difficult even for malware to interfere and remember: passwords are a thing of yesterday (actually of middle ages, it seems).
--- Actually, if you never trust links or phone numbers in emails, and just go to the website manually, you should be safe.
Problem is, even the same bank that tells me not to trust links in emails and such, then sends me emails with links. Happens with many companies. Others send PDFs in emails with redacted versions of invoices and other data, without encryption. They don't have a security culture across the organization. -- Cheers / Saludos, Carlos E. R. (from 15.2 x86_64 at Telcontar)
participants (10)
-
Bengt Gördén -
Carlos E. R. -
Carlos E.R. -
doug mack -
Doug McGarrett
-
J Leslie Turriff -
L A Walsh -
Robert Munteanu -
Simon Becherer -
Stakanov