From: BitTwister@mouse-potato.com   
      
   On Thu, 14 Jun 2012 13:51:27 -0400, Adam wrote:   
   >   
   > Bit Twister wrote:   
   >> On Wed, 13 Jun 2012 22:22:13 -0400, Adam wrote:   
   >>>   
   >>> My neighbors are close indeed, 11 other apartments within 50' and 100+   
   >>> apartments within 500' (or 15m and 150m if you prefer).   
   >>   
   >> Their system might get cracked and then tries to crack into yours.   
   >   
   > It took me a minute to figure out how that could be possible, but I see   
   > now.  Someone could use a wired connection to crack into my neighbor's   
   > system, and from that use my neighbor's Wi-Fi to access mine.   
      
   Wired or not, does not matter. Any cracked site visited could have   
   embedded malware in a media file that is viewed/played on a system.   
   That malware could create a tunnel back to a zombie machine where the   
   cracker can start cracking attempts.   
      
   >> o latest vendor installs of Firefox, Thunderbird, flash, jre.   
   >   
   > By "vendor" you mean getting them directly from the Mozilla, etc. site,   
   > instead of the Mandriva repository?   
      
   Yes. Repositories can be a few days behind the release. :(   
   Last report I saw indicated criminals generates exploits within 12   
   hours of a known exploit patch and start hunting for un-patched systems.   
      
   >> o I will be putting Windows 7 in a virtual box guest for doing   
   >>    TurboTax once a year.   
   >   
   > If the virtual system has no 'net access, then isn't it relatively safe?   
      
   I would say so. But useless for getting turbotax registered and latest   
   tax rules/schedule updates.  :)   
      
   >   Although I suppose someone who cracked your system could get the files   
   > the VM uses which would contain all your tax data.   
      
   Partially correct there. Process would be:   
   o Clone win7   
   o install turbootax cd and get any tax updates.   
   o copy my previous tax returns/data from my backup tax cd.   
   o run turbotax   
   o print tax return, save to cd, verify saved.   
   o delete VB clone   
      
      
   >  OTOH you may want   
   > the VM to have online access so you can submit your tax return online...   
      
   Not me. I'll mail it.   
      
   > so what do you do for additional security within the VM?   
      
   Not much. win7 would only connect to get updates. I would clone it for   
   any needed activity, then delete the clone. Clone is be behind 2   
   firewalls, router and shorewall, doze firewall and whatever malware   
   detector doze has would be enabled.   
      
   Running doze in a VM is a little safer because some of the smarter   
   malware will detect it is in a VM and will go dormant.   
      
   If you go to http://www.commtouch.com/security-center, click Malware   
   outbreak, and start clicking each selection, you will get the feeling   
   Anti-virus software is getting farther behind on the detection curve.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)