Wireless is rather unsecure, but I think a 128-bit WPA encryption AND MAC address restricted wireless is enough. Never shop online/input personal data (credit card/SSN#) on wireless though, no matter how secure.
Bull. This is why TLS was invented. WPA2 can be compromised (well, -PSK can, a real hashed key can be too but it takes a hell of a lot longer and is not really viable), but somebody sniffing your network is going to encounter TLS-encrypted packets. MitM through ettercap or whatever won't work, because most browsers won't open websites where the SSL certificate is incorrect. The system is designed to foil the attack you are paranoid about, and a malicious user is simply
not going to break TLS for your credit card. It's worth all of $3.50 on the open market. Somebody who has a way to break TLS is going to use it on targets a hell of a lot more valuable than the credit card number you're using to buy your
My Little Pony DVD.
So your contention that you should not use wireless networks for sensitive data is, to be blunt, wrong.
He is right about Outlook though. In fact, go further, and uninstall Outlook entirely, as it has some rather bad security holes.
He's wrong, and so are you. The Trident renderer within Outlook runs in the same sandbox that IE7 and IE8 do, which has proven largely effective against malware. (Protected mode is why I look at
this exploit and shrug, because it can't deploy remote code on my system thanks to DEP and Protected Mode; it's labeled Critical for Vista/7 because that's the only way to get end users to install it.)
There may be something that can break through--but you might see the same bloody thing in any browser instance, so it's not the OH MY GOD MY FACE IS ON FIRE thing y'all would like it to be. Outlook is an integral part of a lot of user's experience and their work (yes, even "computer illiterates"--oftentimes they're better with Outlook and Exchange than
you are), and to say "hurr don't use it" is asinine, wrongheaded, and simply bad advice. Hell, the alternatives to Outlook--and I use "alternatives" loosely, nothing except Notes has the same feature set, and Notes kind of blows--
have their own major problems too.
Of course, if you're running XP, you don't have the benefit of Protected Mode. The answer is not to run screaming from Outlook, which is a well-behaved program; it is to run screaming from XP, which is on the verge of exiting all patch support entirely and is over a decade old. (Software does not age like wine; it turns into vinegar.)
But again: Stop the trolling and flaming responses.
Then perhaps he should research what he's saying before he posits it as true. He has failed to do so, and, for that matter, so have you.
Author
Topic: Computer security for the "computer illiterate" (Read 9026 times)