Even with AV software, how safe are passwords in T-bird, worried?
With the threat of the Zeus botnet, and even with AV software and alertness to phishing emails, how secure can passwords in TB be, if even a master password is only effective for one session? Surely, TB has no security in itself against such an attack. Comments please, Steve.
Solução escolhida
Item 1. If they can not keep up they have a problem. Thunderbird 17 November 20, 2012 Thunderbird 24 September 17, 2013 Thunderbird 31 Later in 2014
I hope they can keep up with new virus releases, because Thunderbird is almost down to once a year.
Item 2. Thunderbird stores your mail on your hard disk in plain text.
Item 3. Zeus is dead. http://www.usatoday.com/story/news/nation/2014/06/02/global-cyber-fraud/9863977/
Item 4. Nothing will protect you from Malware. Nothing short of disconnecting your computing device from the internet, all networks and all media. That is put the machine in a glass bubble. All that can be done is mitigate the risk, not remove it. Some years ago new USB keys were sold retail with Malware on them. How would you know, how would your anti virus program know, if this was the first appearance of such.
Item 5. Your data can be encrypted, there are lots of account and whole drive encryption products out there, but the data is useless even to you in that state. So when you log into your computer the data is decrypted so you can use it. Crypto locker or it's like comes along and encrypts your data. When you log off your operating system with reencrypt your already inaccessible encrypted data.
Item 6. "Please do not use the term Good AV Software." Reputable, yes but none of the anti virus programs we have are good. They rely on heuristics engines of questionable value and lookup lists of known viruses. Some of which have not been seen in the wild for 30 years, and daily updates. In some cases more frequent to spread their new definitions ahead of the infections.
Item 6. Thunderbird is written with security in mind. So, no support for remote images by default, no vbScript, no javascript and no Flash. All HTML is parsed and sanitized before you even get to see it. So the risk of reading any mail is very very low. I am sure there is an unknown exploit there somewhere, but the 6 weekly security and stability releases does get the serious ones closed in a timely manner.
Item 7. Most anti virus programs scan the data stream, be it HTTP for the web or IMAP or POP for mail, so if your anti virus program does not do that, and requires some sort of in program plugin, perhaps you need one that does.
Item 8. The greatest risk is attachments, as they are delivered just as they were sent. However to open an attachment, it first has to be recreated as a file and saved to your temp folder and then executed in the same manner as if you double clicked on a file on your desktop. If your anti virus can not discover and stop an issue either through the writing of the file, or it's subsequent opening it will be on no use for that threat anyway. So what is does or does not do in email is irrelevant.
Item 9. I have challenged security firms over why email scanning even exists, the best I can get from them is "another line of defense". That is right, they are aware of the fact that their resident scanners should detect anything that comes in via mail, the email stuff is just "another line of defense" a very troublesome one that causes most email problems. As for outgoing mail, that one really has me. They certify your machine clean and then scan outgoing mail for, I have no idea what. Your machine is clean.
Ler esta resposta no contexto 👍 1Todas as respostas (4)
Steve, what is your concern? the master password protects other programs or users from accessing your stored account passwords. It does not protect the e-mail that has been downloaded to your computer.
Depending on your provider, you might be able to use one-time passwords or application specific passwords (e.g. Google supports this).
What kind of attack are you worried about, and how would Thunderbird be different from other e-mail programs?
Hi Sander G, I don't know where you are in the world, but here in the UK we are being made aware (to create fear perhaps) of the threat posed by the Zeus botnet. Now, if I have all my email addresses and passwords in TB, how accessible are they, with or without a master password. Obviously once that is cracked my whole web activity is compromised. I do have good AV software installed, but unfortunately, having written to them about email protection, I have been told that they can't keep up with the rapid introduction of TB revisions. So it is incompatible with TB. Perhaps you could rationalise some of my concerns/fears. After all, the biggest threat is from the unknown, and therefore not being forewarned. And I'm not concerned about other email programs because I only use TB! Regards, Steve.
Solução escolhida
Item 1. If they can not keep up they have a problem. Thunderbird 17 November 20, 2012 Thunderbird 24 September 17, 2013 Thunderbird 31 Later in 2014
I hope they can keep up with new virus releases, because Thunderbird is almost down to once a year.
Item 2. Thunderbird stores your mail on your hard disk in plain text.
Item 3. Zeus is dead. http://www.usatoday.com/story/news/nation/2014/06/02/global-cyber-fraud/9863977/
Item 4. Nothing will protect you from Malware. Nothing short of disconnecting your computing device from the internet, all networks and all media. That is put the machine in a glass bubble. All that can be done is mitigate the risk, not remove it. Some years ago new USB keys were sold retail with Malware on them. How would you know, how would your anti virus program know, if this was the first appearance of such.
Item 5. Your data can be encrypted, there are lots of account and whole drive encryption products out there, but the data is useless even to you in that state. So when you log into your computer the data is decrypted so you can use it. Crypto locker or it's like comes along and encrypts your data. When you log off your operating system with reencrypt your already inaccessible encrypted data.
Item 6. "Please do not use the term Good AV Software." Reputable, yes but none of the anti virus programs we have are good. They rely on heuristics engines of questionable value and lookup lists of known viruses. Some of which have not been seen in the wild for 30 years, and daily updates. In some cases more frequent to spread their new definitions ahead of the infections.
Item 6. Thunderbird is written with security in mind. So, no support for remote images by default, no vbScript, no javascript and no Flash. All HTML is parsed and sanitized before you even get to see it. So the risk of reading any mail is very very low. I am sure there is an unknown exploit there somewhere, but the 6 weekly security and stability releases does get the serious ones closed in a timely manner.
Item 7. Most anti virus programs scan the data stream, be it HTTP for the web or IMAP or POP for mail, so if your anti virus program does not do that, and requires some sort of in program plugin, perhaps you need one that does.
Item 8. The greatest risk is attachments, as they are delivered just as they were sent. However to open an attachment, it first has to be recreated as a file and saved to your temp folder and then executed in the same manner as if you double clicked on a file on your desktop. If your anti virus can not discover and stop an issue either through the writing of the file, or it's subsequent opening it will be on no use for that threat anyway. So what is does or does not do in email is irrelevant.
Item 9. I have challenged security firms over why email scanning even exists, the best I can get from them is "another line of defense". That is right, they are aware of the fact that their resident scanners should detect anything that comes in via mail, the email stuff is just "another line of defense" a very troublesome one that causes most email problems. As for outgoing mail, that one really has me. They certify your machine clean and then scan outgoing mail for, I have no idea what. Your machine is clean.
Matt, thanks for your considered and informative reply. Not being involved with the workings of TB, I wasn't aware of all the security implementations. And as an end-user without insider knowledge I, along with most of the world, am reliant upon the news media for some sort of synopsis of the malware situation. That is part of the problem. But how does the public get truly informative warnings, even if they care! Consider my question answered, even if the problem isn't. Regards, Steve.