"AL" wrote

| Very popular services can
| be more risky. Adobe Flash, Adobe Acrobat Reader
| browser plugin, freebie webmail, Skype, Wordpress
| websites.... Anything used by a large percentage of
| people is an attractive target. Flash gets targetted
| because it's buggy, but also because it's ubiquitous.
| Wordpress sites get hacked because there are lots
| of them and the bugs in Wordpress tools have been
| many. So the payoff for hacking them can be big.
| Yahoo email is a similar case. It's a very big target.
| So it's a good idea to avoid the popular brand when
| possible.
|
| That's quite a list. No paranoia though, huh...
|

Those are the most common attack "vectors". If I
remember correctly, Flash is currently #1. Wordpress
is preferred for driveby installing malware because
Wordpress sites are often easy to compromise. (I
get hackers several times a day at my own site. They
try various GET requests that they know might be
vulnerable, like wp-login.php, /wp-admin/...,
wp/content/..., etc. They just travel the Web doing
that, looking for unlocked doors.

I saw an apropos article in the NYT today. It seems
Yahoo has had a number of serious security breaches
under Marissa Mayer. She didn't want to risk that more
people might leave the email service due to inconvenient
security measures. And measures like encryption that
would prevent even Yahoo from reading your email would
have thwarted their targetted ad spyware. So they were
hacked repeatedly. The pro-Mayer crowd called the security
people the Paranoids. Eventually most of the Paranoids
were hired away by other companies.

Paranoid and tinfoil hat namecalling is almost always
"the first refuge of the ostrich".