Thanks a lot for producing these videos funkyworms, they really are so informative! I was pleased to see that I already take some of the precautions you recommend, but there are a few things I'm not clear on:
No-Script
I don't have a clue about how scripts work, but I'd like to understand this better. You mentioned that if one were to use Firefox with No-Script it would be pretty much impossible to get infected from browsing YouTube. But then you allowed (white-listed) the youtube & ytimg domains. Does this mean that if a dangerous script were on that page, it would be listed as something other than those two?
Also, since I installed No-Script, I have only been to a handful of sites but have had to allow scripts at most of them. Right here for example, when typing this post, I had to white-list 2+2 before I could use the bold/italics buttons in the editor. As I'm not an expert on these things and, if I need to keep 'allowing' all the sites I want to visit then isn't it just like a novice who uses a personal firewall and clicks 'allow allow allow'?
I don't mean this to sound like an argument haha.
It's just that if I have to allow scripts at every forum, every site that has embedded videos, every site that uses flash etc, then it basically comes down to 'allow everything, but don't visit suspicious sites' which is just like saying 'don't install trash and you won't need to use something like Comodo'. Hopefully I have misunderstood how this works, and will be tutored shortly! I mentioned the firewall thing here because, for some time, I was doing exactly what you said - using Comodo and after deciding that I
will install something, then just clicking 'allow allow allow' which is pretty damn pointless lol.
Installing Software
Until I read your advice about osalt & sourceforge my usual procedure for finding new software was to select something and then upload it to Virus Total. If it came back clean I would trust it. Was this a really poor system?
Torrents & Rapidshare etc
Kerowo says "don't use 'em" and don't talk about them.
And one final query was about checking the 'remember my username/password' box in the PokerStars client. Does it mean my details are saved into the user.ini file? Is this not recommended?
Thanks again for all the advice you've given here!!
Last edited by kerowo; 07-18-2010 at 10:28 PM.
Reason: No torrent talk