Is Your Email Safe? DistroTube
video description
Date: 2022-03-30
Related videos
Comments and reviews: 10
Peter
One of the craziest and most backward security decisions any company has ever made was Microsoft's decision to hide file extensions by default in Windows. This was certainly the case up to Windows 7, I haven't touched any of their crappy OSes since then to see if that is still the case.
Once a newbie user can see the file extension in Windows, it's easy to then explain to them what attachments will be safe from malware (.txt, .avi, .mp3, etc.) and which ones are not (.doc, .xls, .bat, ,exe, etc.)
As someone who came from a Commodore Amiga background before getting into Windows 3.11 (I was using UNIX at work about the time I had the Amiga), it shocked me how -backward- Windows was as an OS anyway.
The Amiga had the concept of -filetypes- and it didn't matter what the file name or extension was because, like UNIX and Linux, it read the file header itself to work out what the file actually is. In Windows, if you change the file extension, then you probably change the default program that opens that file.
reply
One of the craziest and most backward security decisions any company has ever made was Microsoft's decision to hide file extensions by default in Windows. This was certainly the case up to Windows 7, I haven't touched any of their crappy OSes since then to see if that is still the case.
Once a newbie user can see the file extension in Windows, it's easy to then explain to them what attachments will be safe from malware (.txt, .avi, .mp3, etc.) and which ones are not (.doc, .xls, .bat, ,exe, etc.)
As someone who came from a Commodore Amiga background before getting into Windows 3.11 (I was using UNIX at work about the time I had the Amiga), it shocked me how -backward- Windows was as an OS anyway.
The Amiga had the concept of -filetypes- and it didn't matter what the file name or extension was because, like UNIX and Linux, it read the file header itself to work out what the file actually is. In Windows, if you change the file extension, then you probably change the default program that opens that file.
reply
Henk
Given i use protonmails encrypted service exclusively trough the browser and am a IT tech heavily self trained on spam recognition i think i am pretty safe. All my colleagues always asked me if they where unsure and not only did i have a 100% hitrate on spam, i had 0 false positives And was able to recognise fake emails that where send to the users on purpose to sign them up to training if they clicked the link. Me being smart always changed a few characters in the vm so the link would misreg.
reply
Given i use protonmails encrypted service exclusively trough the browser and am a IT tech heavily self trained on spam recognition i think i am pretty safe. All my colleagues always asked me if they where unsure and not only did i have a 100% hitrate on spam, i had 0 false positives And was able to recognise fake emails that where send to the users on purpose to sign them up to training if they clicked the link. Me being smart always changed a few characters in the vm so the link would misreg.
reply
skaruts
Well, one situation sites probably will send you an email, is when their servers are compromised and they request users to change their passwords. Usually such emails come with a link to the site, which might be fake, if the email isn't legit. In such cases (which I agree, should be very rare) if you're not sure the email is legit, you can access the site through your preferred search engine, and then do whatever you were requested to do, or contact support about it.
reply
Well, one situation sites probably will send you an email, is when their servers are compromised and they request users to change their passwords. Usually such emails come with a link to the site, which might be fake, if the email isn't legit. In such cases (which I agree, should be very rare) if you're not sure the email is legit, you can access the site through your preferred search engine, and then do whatever you were requested to do, or contact support about it.
reply
spatrick1964
Another good question to ask, is your Linux distribution safe? Sure something like Linux Mint (Edit.. LM was compromised for a little bit) or Manjaro, Ubuntu, any attempt to sneak in spyware by the developers would be caught instantly, but what about all these -garage distributions-, how do you know they aren't sneaking in some bad stuff???? Or being coded by hostile foreign governments and put out as valid distributions??? Just a thought.
reply
Another good question to ask, is your Linux distribution safe? Sure something like Linux Mint (Edit.. LM was compromised for a little bit) or Manjaro, Ubuntu, any attempt to sneak in spyware by the developers would be caught instantly, but what about all these -garage distributions-, how do you know they aren't sneaking in some bad stuff???? Or being coded by hostile foreign governments and put out as valid distributions??? Just a thought.
reply
Lyks
Also be careful with PDF attachments. The PDF format isn't a very strict one, afaik PDF files don't have a clearly defined end of file and can contain lots of stuff anyway. This way, an attacker can hide executable code in a document that may get executed due to security flaws in PDF readers. This can be said about many formats, but PDF is especially notorious. At one point it even was a common way to jailbreak smartphones.
reply
Also be careful with PDF attachments. The PDF format isn't a very strict one, afaik PDF files don't have a clearly defined end of file and can contain lots of stuff anyway. This way, an attacker can hide executable code in a document that may get executed due to security flaws in PDF readers. This can be said about many formats, but PDF is especially notorious. At one point it even was a common way to jailbreak smartphones.
reply
Yazen
5:45 My last phishing email was from a script kiddie who said their group had webcam footage of me watching pr0n, and wanted -$1000 USD in BTC. Otherwise, they'd share the footage with my family and friends...
Sucks for them I have no family or friends
jk, I do not own a webcam ;)
reply
5:45 My last phishing email was from a script kiddie who said their group had webcam footage of me watching pr0n, and wanted -$1000 USD in BTC. Otherwise, they'd share the footage with my family and friends...
Sucks for them I have no family or friends
jk, I do not own a webcam ;)
reply
Penguin
Also never sign into anything via an email link. Always open up a browser and type in the main address to the website then you can be sure you are signing into your account fro the correct site. There are so many fake links sent via emails to get username and password combinations.
reply
Also never sign into anything via an email link. Always open up a browser and type in the main address to the website then you can be sure you are signing into your account fro the correct site. There are so many fake links sent via emails to get username and password combinations.
reply
shubham
Not all the people in old days have access to internet nor they had the skills so you can hack into any system thus it resulted to low security most people with bad intentions were roaming the streets rather than surfing on internet but today scenario is different
reply
Not all the people in old days have access to internet nor they had the skills so you can hack into any system thus it resulted to low security most people with bad intentions were roaming the streets rather than surfing on internet but today scenario is different
reply
Anzan
Thank you, Derek. I used to do the -only plain text- thing but nested conversations with multiple participants are much more legible with colours and so on from different participants, images and diagrams embedded where relevant and so on. Oh well.
reply
Thank you, Derek. I used to do the -only plain text- thing but nested conversations with multiple participants are much more legible with colours and so on from different participants, images and diagrams embedded where relevant and so on. Oh well.
reply
Steve
I use thunderbird but my emails go through hotmail servers. I know my emails are being scanned. I have had denial of service to my computer while typing emails while other computers connected have been fine. Government surveillance it's real.
reply
I use thunderbird but my emails go through hotmail servers. I know my emails are being scanned. I have had denial of service to my computer while typing emails while other computers connected have been fine. Government surveillance it's real.
reply
Add a review, comment
Other channel videos
