How can that possibly happen? If I click on a link, how exactly does that cause a malware to infect me? If it downloads a file, I'll delete it without executing it.
Link executes malicious JavaScript. Malicious JavaScript exploits a vulnerability in your browser's JavaScript implementation. Said vulnerability allows for remote code execution, so the malicious JavaScript downloads malware and then executes it once it has been downloaded. QED.
This is not a hypothetical scenario either. It has been seen in the wild and documented:
The trouble in Kiev and the Ukraine is more subtle than most media in the west is reporting. The decision to align with Russia for economic recovery instead of the EU came about after the EU said, pretty much, "It's the EU or Russia, not both." Russia was happy with a joint agreement, but the Ukraine government was forced into making the call. I don't know if it was the right or wrong call, because either way half of the country would be unhappy.
All browsers are insecure (or more precisely, no browser is completely secure). Some are more insecure than others. If I was truly 100% paranoid, I'd never surf the web at all. I'm not quite that paranoid, but I do take a fair number of extra precautions over and above keeping my browsers patched and avoiding obviously shady sites.
All browsers are insecure (or more precisely, no browser is completely secure). Some are more insecure than others. If I was truly 100% paranoid, I'd never surf the web at all. I'm not quite that paranoid, but I do take a fair number of extra precautions over and above keeping my browsers patched and avoiding obviously shady sites.
If your browser and software are 100% updated at all times, as mine are, this is a really really minor concern. The odds of having such a devastating 0-day vulnerability infect a major site that I'm actually visiting is next to nothing. Making the entire web browsing experience complete shit by using NoScript is certainly not a worthwhile exchange to defend against such a ridiculously unlikely vulnerability.
If your browser and software are 100% updated at all times, as mine are, this is a really really minor concern. The odds of having such a devastating 0-day vulnerability infect a major site that I'm actually visiting is next to nothing. Making the entire web browsing experience complete shit by using NoScript is certainly not a worthwhile exchange to defend against such a ridiculously unlikely vulnerability.
For the average person, you are correct. I have NoScript installed, but I rarely turn it on for that reason. Most of my security precautions consist of changing my browser settings such that enabling "click to run" for all plugins (especially Flash) that I've enabled, disabling/uninstalling plugins I don't need (such as Java), and avoiding software with checkered security history (such as Adobe's own Reader... and Flash) whenever possible. I could use NoScript full time if I really wanted to spend the time to configure its whitelists, but I'm not quite that paranoid.
However, if you're a security researcher/professional/etc., then the availability of NoScript does become a big deal. Heck, I know (by proxy) some security researchers who always have it on even on their personal machines that they never do any work on -- presumably because when your job is tracking down 0-days, you naturally become a bit more paranoid about them than the average person. Having NoScript as an option, even if it's not one needed by most people, is certainly better than not having it at all.
Back on the topic of teeth, my teeth are truly enviable. Aside from orthodontia (which involved roof spreading and jaw re-alignment), I have had exactly three procedures done on my teeth: removal of a baby tooth that wouldn't fall out on its own, wisdom teeth removal, and a sealant on a molar. For these reasons, I have never been worried about going to the dentist, but I can certainly understand the fear.
I had a problem on one of my WordPress domains where every header.php file in the theme directory that was writable had a malware JavaScript code added to it. WordPress was current and those were the only files being modified. Even unused themes had been hacked.
Chrome would go to the site and give me the warning page. IE gave no warning.
I never found out how the files were modified and after I locked them to be uneditable the problem went away. Also no other domains on the same server were impacted.
So yeah, chrome is the shit.
Also, I once ended up getting ransomware while using IE. The same malware attempted to infect me while using chrome but chrome did not let it infect me, took over the tab but after I closed the tab that was the end of it.
If you smell burning teeth your Dentist is doing it wrong.
Scott is right that once someone is put under general anaesthetic, Dentists will just put a gag in which keeps the mouth open quite wide to access the most surface area possible.
The injection which Rym got where he felt some gristling, was that on the inside of the upper arcade of the teeth or on the outside (the part of the gums which you can see when you lift up your lip?). If it was the latter the dude was just looking for landmarks to inject local anaesthetic to block the Maxillary nerve.
Your Dentists should always be giving nerve blocks otherwise it's going to hurt like all hell.
For cleaning, the hyperscaler (or "sonic scaler that shatters plaque and tartar") is the easiest to use and most efficient however if you give it to someone who doesn't know what they are doing, they can cut into the enamel of your teeth or go further and sometimes will cause gingival bleeding.
Like most professions you get dodgy dentists and good ones. It is an immensely stupid thing that the public cannot make it clear that they think a healthcare professional is trash or not. It results in people who are terrible to continue to practice Medicine / Dentistry / Veterinary Medicine as long as they keep paying their licensing fees.
e.g. I should have been referred to get braces when I was 10 but the guy gave me a "plate" for 2 years which was useless and I inherited my Dad's slightly crooked lower incisors. (I wasn't lucky enough to get my Mum's perfect teeth).
General Anaesthesia is not all that dangerous if you have half a brain you can perform anaesthesia successfully from the healthiest of individuals to a patient with liver, heart or kidney disease.
However you get bad health professionals who don't want to use the safest new drugs because they cost a little bit more money.
I think in the UK they revoked the ability for Dentists to carry out Anaesthesia without an Anaesthetist, is this the same in the US?
I'm changing dentist offices in the near future because they have a list of doctors, and one I've had twice I've judged to be an asshat. I didn't like him immediately, but my suspicions were validated when he broke a mirror in my mouth and didn't even notice (I was picking glass out of my mouth as he left).
I think the XKCD guy wrote a story once where he woke up in the middle of his wisdom teeth getting removed, and started taking notes on his hand until they noticed. Hilarious if true, that's a great reaction.
I was at the dentist recently and had a dental hygienist compliment my flossing, followed by her reminding me why I think dental hygienists and dominatrices/masters are very similar. It also seems that I need two crowns and possibly a root canal, yay.
I just got done listening to this episode and as someone who works for one of the big companies that sells and produces tech for dentists, I can speak to some of the points. Old dentists are horrible at tech. Getting them to buy anything new is like (pardon the expression) pulling teeth. They treat computers like they're another stock item in the operatory that they buy once and don't have to update for 20-odd years (like their x-ray heads or chairs). They don't get that computers and the tech that goes with them are not a single sunk cost, but a rolling expense that will need to be upgraded every five years or so (at minimum). If anyone has any questions about some of the tech you may have seen in a dentist's office, feel free to ask away. I'll try to answer as many as I can.
Old dentists are horrible at tech. Getting them to buy anything new is like (pardon the expression) pulling teeth. They treat computers like they're another stock item in the operatory that they buy once and don't have to update for 20-odd years (like their x-ray heads or chairs). They don't get that computers and the tech that goes with them are not a single sunk cost, but a rolling expense that will need to be upgraded every five years or so (at minimum).
Also, in regards to "What happened to trackballs?", we still see a lot of them in the dental world, in regards to the CAD systems that are used to design and create ceramic inlays, onlays, crowns, and bridges. They work great for 3D applications, where fine manipulation of the piece you're working on is key. Not so much for gaming, though.
Here's some more thoughts: Scott sounded a bit freaked out about the concept of dental implants. When a tooth is missing, that's just one way the issue can be handled. Sure, there's a potential for damage when the implant mount is inserted into the bone, but in this day and age that's akin to worrying about the front wheel falling off your car while driving down the Interstate - the chances of it happening are slim (unless you get your dental work done at "Crazy Eddie's Tooth-Yankin' Shack"). A good cosmetic dentist or prosthodontist will have a panoramic x-ray machine that can do what amounts to a CT scan on the head and jaw to aid in the planning and positioning of the implant post. If the patient doesn't want to go for a implant prosthetic they can instead opt for a bridge, but that procedure is just about as bad, considering that in the majority of them they have to grind down the two teeth opposite the missing tooth and put a crown on both of them, with the prosthetic tooth formed into the set of crowns.
The discussion about medals at the Olympics made me sad. I took 2nd place at the 7 Wonders tournament at PAX East last year where Scott was Enforcing. My friend got a silver medal for his 2nd place showing at the Peggle tournament earlier, so I was very sad that I didn't get one. And this episode just rubbed salt in the wound. America has taught me that I am a special snowflake so I should get a medal too.
I'm not one who's like "Fuck yeah dentists!" but every bit of major work I've had to have on my teeth were relatively uneventful. I don't quite understand this almost primal fear some people seem to have but then again being a standoff-ish malcontent I don't understand a lot about human culture.
The dentist I have is pretty up to date. They seem somewhat new and she seems to also be some sort of guest lecturer at the University of Washington on a frequent basis. It also doesn't hurt that shes a pretty attractive Dutch woman tee hee.
Yesterday I went to the dentist for my first checkup in about 9 years. Everything's fine, but I have to keep an eye on wisdom teeth.
I also had a full cleaning session, and my mouth and face was aching for the rest of the day. I broke a tooth off a few years ago and had it stuck back on, and the crack was getting more visible, but now it's polished again and looks as good as new.
I think I'll go a for a checkup every year now. And if I ever make a separate big claim on my health insurance, I'll get my wisdom teeth out in the same year, as then I won't have to pay for it. I got back about €300 last year for making no claims.
Comments
This is not a hypothetical scenario either. It has been seen in the wild and documented:
https://www.securelist.com/en/analysis/204792056/Drive_by_Downloads_The_Web_Under_Siege
http://www.iseclab.org/papers/inetsec09.pdf
However, if you're a security researcher/professional/etc., then the availability of NoScript does become a big deal. Heck, I know (by proxy) some security researchers who always have it on even on their personal machines that they never do any work on -- presumably because when your job is tracking down 0-days, you naturally become a bit more paranoid about them than the average person. Having NoScript as an option, even if it's not one needed by most people, is certainly better than not having it at all.
Chrome would go to the site and give me the warning page. IE gave no warning.
I never found out how the files were modified and after I locked them to be uneditable the problem went away. Also no other domains on the same server were impacted.
So yeah, chrome is the shit.
Also, I once ended up getting ransomware while using IE. The same malware attempted to infect me while using chrome but chrome did not let it infect me, took over the tab but after I closed the tab that was the end of it.
Scott is right that once someone is put under general anaesthetic, Dentists will just put a gag in which keeps the mouth open quite wide to access the most surface area possible.
The injection which Rym got where he felt some gristling, was that on the inside of the upper arcade of the teeth or on the outside (the part of the gums which you can see when you lift up your lip?). If it was the latter the dude was just looking for landmarks to inject local anaesthetic to block the Maxillary nerve.
Your Dentists should always be giving nerve blocks otherwise it's going to hurt like all hell.
For cleaning, the hyperscaler (or "sonic scaler that shatters plaque and tartar") is the easiest to use and most efficient however if you give it to someone who doesn't know what they are doing, they can cut into the enamel of your teeth or go further and sometimes will cause gingival bleeding.
Like most professions you get dodgy dentists and good ones. It is an immensely stupid thing that the public cannot make it clear that they think a healthcare professional is trash or not. It results in people who are terrible to continue to practice Medicine / Dentistry / Veterinary Medicine as long as they keep paying their licensing fees.
e.g. I should have been referred to get braces when I was 10 but the guy gave me a "plate" for 2 years which was useless and I inherited my Dad's slightly crooked lower incisors. (I wasn't lucky enough to get my Mum's perfect teeth).
General Anaesthesia is not all that dangerous if you have half a brain you can perform anaesthesia successfully from the healthiest of individuals to a patient with liver, heart or kidney disease.
However you get bad health professionals who don't want to use the safest new drugs because they cost a little bit more money.
I think in the UK they revoked the ability for Dentists to carry out Anaesthesia without an Anaesthetist, is this the same in the US?
Not sure if true, funny either way.
Old dentists are horrible at tech. Getting them to buy anything new is like (pardon the expression) pulling teeth. They treat computers like they're another stock item in the operatory that they buy once and don't have to update for 20-odd years (like their x-ray heads or chairs). They don't get that computers and the tech that goes with them are not a single sunk cost, but a rolling expense that will need to be upgraded every five years or so (at minimum).
If anyone has any questions about some of the tech you may have seen in a dentist's office, feel free to ask away. I'll try to answer as many as I can.
I also had a full cleaning session, and my mouth and face was aching for the rest of the day. I broke a tooth off a few years ago and had it stuck back on, and the crack was getting more visible, but now it's polished again and looks as good as new.
I think I'll go a for a checkup every year now. And if I ever make a separate big claim on my health insurance, I'll get my wisdom teeth out in the same year, as then I won't have to pay for it. I got back about €300 last year for making no claims.