Trust No App!

Seriously though, why the heck would I type my password in some app? The second link is more scary of course.

http://blogs.computerworld.com/g_archiver_steals_your_passwords_and_cubocc
http://www.viruslist.com/en/weblog?weblogid=208187496

 

So it seems like nobody was really impressed (or scared) by these stories. Same ol' same ol'.

 

FWIW, I don't trust any web based applications. Yes, even those from security companies. Unless I wrote it, I don't trust it. Why do I use them? Because trust is relative.

 

What do you mean with "web based applications"?

 

Anything is related to the WWW (e.g., HTML, Javascript, VBS, TCP/IP, etc). Basically, anything that was created (software wise) after 1996 (which is when I first got online).

 

what if there is a trojan on a system32 file from Microsoft, but it will never be detected by any antivirus at all?
'scary.

 

Ohh--I like scary!!!

 

Microsoft injecting backdoors? Naahh... Unthinkable!

 

Anything is possible but most are rumor or unlikely. One thing I have noticed during the many years I have spent on security forums is that no matter how unlikely something might be it really gets beat to death by the members on said forums. Although not a bad thing, it does sometimes lead to some strange threads.

 

I must admit that I forgot about my email client (who is capable to connect to POP and webmail). And even browsers (like Maxthon/Avant) are able to make sneaky outbound connections. Better make sure that you can trust these tools for like 100%.

 

If you can't trust your browser, then better go back to the text based web access programs. No more GIFs, JPEGs, Flash, javascript, ActiveX, etc.

http://www.fdisk.com/doslynx/lynxport.htm