The takeaway for me from that video above (thanks
@coxhaus!) is that to start going down that rabbit hole, the user has to be gullible enough to click on a phishing (or other) link.
There is
nothing on the web I want to see/connect to enough for me to click a link I may run across. Let alone click on a link in an email I received without asking for it previously.
When I used to ride motorcycles, I would spend a few days each season re-learning and/or practicing the skills required to ride a motorcycle at an expert level. Not because I was going to ride like that, but rather, because I wanted to have the reaction and re-learn the movements necessary to avoid potential hazards at speed. Of course, I didn't avoid all accidents during my riding days, but what I did do was survive them (and in one piece). And that was directly related to my viewing the machine for what it was: potentially, deadly.
I view online activity the same way. The 'weak' spot isn't my A/V, my OS, or my specific device (with the exceptions of phones; they are always, 100%, insecure). The biggest weak spot is always, potentially, me.
I surf with that knowledge at the top of my mind. And if I don't get to see 'something' I refuse to not click on, I don't sweat it at all.
The details of how to track down an infected machine as outlined in the video are interesting to me. However, I never want to be in that state in the first place. Which is why I find looking through logs 'boring'. It is much easier for me to spend less than 30 minutes and get a network/router in a good/known state than it is to spend a few hours/days viewing/decoding logs and having to do the same thing in the end anyways.
As I've mentioned before, it isn't surprising that we
can be hacked. It would be more surprising if attempts weren't made.
What is most surprising to me is a user not doing what they can to not get infected/hacked. That's like not learning to walk on the sidewalk, always facing traffic, while actually looking at the vehicles as they go by.
Interesting take on things... https://gist.github.com/joepie91/5a9909939e6ce7d09e29 Personally, I do use VPN (quite a bit) but that is inbound to my router from my clients when I'm outside - I do have a VPS in the cloud (DigitalOcean at present, I was on Oracle Public Cloud for quite some...
www.snbforums.com