D'ling files on to your pc without consent?

[hmsnacker123]

Hey everyone, i was thinking.. (Since my pc got a virus by stupid people on the internet), How do hackers download files onto your pc without your consent on a web page, And i dont mean click here or anything. And what language they use (PHP, ASP, etc. etc.). I mean all of this in a innocent way, Heck i don't even own an internet site. Thanks in advance.

[jscheuer1]

Mostly they do it by the user (you in this case) surfing with IE with its security settings set too low. Safest thing though is to only surf with Opera or FF. You may still use IE for trusted sites where its features may be required/desirable, and for testing your own work.

[hmsnacker123]

I do use FF.

[Nile]

So I guess your safe.
Even though that you said without downloading anything - you may of downloaded something. One .txt file is all it takes.

[jscheuer1]

I do use FF.

I've never heard of such a thing in FF before. But it has often been said that the era of 'security through obscurity' of FF is now at an end due to its ever increasing popularity. However FF continues to add security with each new release, so stay current. And I'd suggest getting and maintaining a decent firewall. I use Spybot Search and Destroy's resident registry monitor, which will alert me if anything trys to install itself, as well as AVG 8, which is supposed to protect against viruses and malware. I keep them both up to date as well, security is nothing if it isn't maintained.

Stay away from warez and **** sites too, they are the worst offenders as far as hang outs for hackers goes.

[Twey]

They generally exploit a vulnerability in the Web browser or something it calls (such as a plugin or, in the case of Internet Explorer, which is tied very closely into the operating system making it exceptionally vulnerable, an operating system routine) to execute arbitrary code. The most common form of this at the moment is a buffer overflow attack, due mostly to the predominance of C, which encourages unnecessarily low-level programming. Such bugs are mostly eliminated in higher-level languages, since for almost all applications nothing need be checked but the compiler/runtime itself. There are still a wide class of bugs remaining, though, such as the traditional failure-to-escape bugs: most commonly seen in SQL injection attacks against webservers, such vulnerabilities can exist in any system where executable input is passed as a string (for example, executing shell code to call an external application). This is one of many reasons why working with any sort of code as a string in any sort of application is bad. While strings are very useful as the 'universal data exchange medium', they should not be generated directly: they should have 'smart' representations within the program which can be converted to string form where necessary, with the conversion function being responsible for safely escaping the inputs. This reduces the risk dramatically, since only the conversion function need be checked for vulnerabilities, and it is general enough that it should be very difficult to overlook one.

[boogyman]

I do use FF.

not that this is on topic, but Fx is the appropriate short term for Firefox, not "ff"

[jscheuer1]

not that this is on topic, but Fx is the appropriate short term for Firefox, not "ff"

It's not (on topic), but this is the lounge and I think we've covered this topic (the original one) about as much as we can. It's obviously against forum rules to give specifics on how to do this (hack someone's computer).

So on to Fx vs FF. I think it's a bit like isn't and ain't. The former used to be the only acceptable form, now both are in the dictionary and may be used. However, one does show oneself to be a little looser with the language when one uses the latter.

Oddly though, it seems (at least around here) that more people know what you mean if you use FF. And, unfortunately for sticklers in this case, Fx, or FX is already 'taken', it means effects, particularly special effects, as in TV and movies.

Now I do generally try to be as precise as necessary when giving advice, but also try to avoid unnecessarily confusing and correcting others if their meaning is obvious. Using FF is a case where the meaning is obvious. But if someone posts about Fx, and I know they mean Firefox, I'll use Fx in my reply if and where appropriate. If it were actual code, I would be more persnickety about it.

[Twey]

Unfortunately, 'FF' is generally taken to mean 'Final Fantasy' by gamers, of which the Web holds many

[jscheuer1]

Unfortunately, 'FF' is generally taken to mean 'Final Fantasy' by gamers, of which the Web holds many

I've never heard of the two being confused here though, perhaps in a gamer's forum. FX (effects) is a much wider used term than Firefox in the general language. FF (Final Fantasy) is a much narrower one.