On Tue, 04 Mar 2008, in the Usenet newsgroup alt.computer.security, in article
<pd7qs3127cjocri9vejqv3bumpbss2sv7n@4ax.com>, Jim Watt wrote:

>(Moe Trin) wrote:

>> Malware is installed by users clicking on some icon because they
>> don't know what it means and just want to get the pop-up message
>> out of the way so they can surf.
>
>Thats mostly the cause, however I did come across one
>which was installed in a hidden iframe on a website
>and which installed a trojan silently on MY machine.

while you were running the system as... administrator?

>so shit does indeed happen.

[endeavour ~]$ uptime
12:51pm up 90 days, 21:56, 20 users, load average: 0.06, 0.03, 0.00
[endeavour ~]$

Those 20 users on this system are me, but under several usernames.
The name I'm posting as is one of those users, while another is a
special user named "notme". That user owns his own home directory,
a mail queue file, and that's it. (Actually, no normal user can do
anything to the 'system' files/directories.) The user has no 'write'
permission to anywhere else on the system except the /tmp/ directory
(and that is mounted 'no-execute') and users don't have permissions
to _read_ or even search the files/directories of other users. The only
thing "notme" can do is to trash his own home directory - which is
normally empty anyway, because that account is ONLY used for surfing.

>Have now switched to firefox for most browsing as
>it lacks many of the 'features' of IE ...

I have three browsers, and normally use the one with the least number
of features because it's a lot faster than the others. If a site
doesn't render correctly, I _may_ fire up a more capable browser, but
I'm much more likely to simply put the site on my "don't bother" list
as there are usually many other sites to choose from. This is
especially true if the site complains that I'm not using Internot
Exploiter, or that I need to enable some plugin to get the best
experience from the site.

Old guy