I use Mozilla engine browsers a lot, and with a well-trained noscript. I prefer browsing that way, and it has never let me down. I do not mind managing it, I will in network security and this is easy by comparison.

That said, if I am going to media sites that have a lot of scripts, I have a chromium engine browser to fall back on. Different kinds and levels of security for different levels of threat profile. There are a ton of sites I just do not GO to with any of these, I use my Android phone browser for the great threats. I would not mind reloading a laptop (I do that every few weeks for fun anyway), but even better is being able to have someone ELSE do the (phhone) reload for FREE, and if they fail you get a new phone!

On the "reloads" do you mean that if you get a virus you just install the OS again?

The last time my personal machines loaded a computer virus was 1984. I have been hit by other kinds of malware, including an encryption engine (extortionware) that force me to restore a few files from backup. I just mean that I like the idea that if my phone gets compromised I can just run over to the AT&T service center and say "fix it", and they will.

I reload my laptops from time to time, just because I like trying different Linux distributions. A LOT. If I ever do get something that bypasses all my protections, I will just reload the OS (or a different OS, whatever). The risk in trying to 'clean' a dirty system, taking a chance on missing something and compromising your data, is simply not worth the risk. Faster, more sure, safer just to scrub and reload. This is what I advise clients when they have an infected web server. Our web services are a pretty standard and secure build, and you about need to do something silly to get one compromised. Once compromised, it is better, faster, cheaper, just to replace everything than to try to fight the threat. Proper prevention is better than any cure.

My home servers receive regular probing by attackers in multiple zones (China, Africa, and a cell somewhere in northern Europe) that I would consider amusingly incompetent, except that they have been doing it for YEARS indicating that they find some level of success SOMEWHERE. (I crafted honeypots and 'played' with them a bit before I discovered fail2ban, now I just block them and graph the attempt and geographic sources for fun.) If you are not using secure browsing techniques, or are doing anything risky online, I presume that in time you WILL get bit. Unless you system monitor like a pro, you may not even know when you have been owned!

And no: I do not bank over the internet. The risk level is not really so high, but the consequences totally unreasonable. Just not worth the gamble. My wife is not 'techie', and online banking even makes HER uncomfortable!

1 members found this post helpful.

The last time you "know of" that is.

Most attacks are quite clever and don't reveal any trace.

Thanks for the explanation. I like that idea of just putting in a new OS. I have all these old computers that my company tosses and I put all different OSs on them. It's fun. And one last question. What I consider the safest way to go about "reloading" as you say is to just go into the BIOS and choose the option to put the new OS entirely (which will delete whatever OS was in there previously). And yet you said you "scrub" and reload. Am I missing something in terms of the way I look at it? In other words, what do you mean by "scrub"? Thanks much.

If I am just reloading for fun (or new/different features) then I only repartition the drive during the new install: no true scrub. If I am loading something like Windows or Dos over a partition that had the same OS, or if I suspect low-level malware, I do a real scrub. I have a Linux livecd with tools for that, but something like active@killdisk, eraser, or Disk Wipe will take some time but ensure that nothing on that drive will be able to come back on you.

(I do the same shred process if loading a drive to give away, just to ensure that none of my data falls into
'untrusted hands'.)

That may be overkill in most cases, but two things I believe are worth the work for the simple piece of mind:
1. backups. Followed by backups of my backups. Everything fails in time, expect it.
2. protect the data at the front end, AND at the back end. It makes no sense to run a firewall and use noscript, etc. if you are going to give your data away at a rogue site, or on an old hard drive (or on a 'broken' USB drive).

1 members found this post helpful.

Thanks wpeckham. I like to tinker with old computers (and buy them on Craigslist, that sort of thing) so your advice is really helping me. I really appreciate it.