Stupid hacking question

[TomR]

[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
From the standpoint of avoiding hacking, are you better off leaving your poker clients open or closed (when you're not using them)? Does it matter?

[/ QUOTE ]
I cannot think of any reason that you would be more secure leaving them open. There are minor reasons that leaving them open could be less secure. Personally I close them.

[/ QUOTE ]

One reason is that nobody can log in from another computer if you have the client open and logged in on yours.

That said, this is only desirable if your reasonably sure no one can control your PC either physically or remotely.

[/ QUOTE ]The OP asked: "From the standpoint of avoiding hacking".
If the bad guy has your password then most likely you have already been hacked. Your suggestion would work if someone had gotten your password from other than a hack of your computer and you want to avoid losing your funds. But in that case I would suggest changing your password would be much more effective. YMMV

[Dave I]

[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
From the standpoint of avoiding hacking, are you better off leaving your poker clients open or closed (when you're not using them)? Does it matter?

[/ QUOTE ]
I cannot think of any reason that you would be more secure leaving them open. There are minor reasons that leaving them open could be less secure. Personally I close them.

[/ QUOTE ]

One reason is that nobody can log in from another computer if you have the client open and logged in on yours.

That said, this is only desirable if your reasonably sure no one can control your PC either physically or remotely.

[/ QUOTE ]The OP asked: "From the standpoint of avoiding hacking".
If the bad guy has your password then most likely you have already been hacked. Your suggestion would work if someone had gotten your password from other than a hack of your computer and you want to avoid losing your funds. But in that case I would suggest changing your password would be much more effective. YMMV

[/ QUOTE ]

What if you have a key logger, don't know it, but always stay logged on? What if someone is trying to brute force your account? Both of these methods are stopped by staying logged in. The logged password is rendered useless BECAUSE YOU ARE USING IT the vast majority of the time. Couple this with regular password changes and you have an effective method of stopping a type of hack, that is, logging in from another PC using your password.

Yes, if you've been hacked you should fix the hole and change your password but then again most people don't know they have been hacked and this may buy time to find out BEFORE your cleaned out.

Of course, if they get remote/local control, well, your screwed. But, that is the case whether you stay logged in or not.

Listen, I'm not saying it's gonna stop all hacking but I was replying there is one valid reason to stay logged in. Security needs to be done in layers, there is no magic bullet.

[disjunction]

There is probably a correct answer, but I don't think this is an easy question. I'm not a security guy. Logically it seems like the issue is whether it is easier to:

(1) Remotely take over someone's computer completely, once
(2) Install a keylogger and have it go undetected for a day

?

My humble take is that both need to go through your firewall. #2 is subject to virus protection but #1 makes you as vulnerable as your most vulnerable time of day. I could be persuaded otherwise, I'm just trying to frame the issues.

[Percula]

[ QUOTE ]
There is probably a correct answer, but I don't think this is an easy question. I'm not a security guy. Logically it seems like the issue is whether it is easier to:

(1) Remotely take over someone's computer completely, once
(2) Install a keylogger and have it go undetected for a day

?

My humble take is that both need to go through your firewall. #2 is subject to virus protection but #1 makes you as vulnerable as your most vulnerable time of day. I could be persuaded otherwise, I'm just trying to frame the issues.

[/ QUOTE ]

The problem is that poker players can be worth enough money to attract serious hackers. Serious hackers do not use known tools, they write new ones, they do not use known exploits, they find new ones.

If a keylogger or torjan is not known, your security software is not going to catch it, and it is very likely that the hacker already knows how to disable the security software in order to avoid detection anyway.

[MicroBob]

Use two computers.
On one stay continually logged-on to the site.
On the other stay continually logged-off.

Best of both worlds. The hackers will NEVER get you that way.

[Gobgogbog]

[ QUOTE ]
Use two computers.
On one stay continually logged-on to the site.
On the other stay continually logged-off.

Best of both worlds. The hackers will NEVER get you that way.

[/ QUOTE ]

I spent a couple of minutes trying to make sense of this post before realizing it was a joke :/

[SpaceAce]

[ QUOTE ]
How would leaving it open make it easier for a hacker? They wouldn't be able to log in right?

[/ QUOTE ]

No, but leaving anything open that could even conceivably accept incoming connections is not to your advantage.

SpaceAce

[SpaceAce]

[ QUOTE ]
after reading the threads where people left their client open, left the room, and when they came back someone was playing on their computer (remotely), i think it's better to close it (few months ago)

[/ QUOTE ]

The only way that should happen is if you have some sort of BackOrifice-type exploit installed on your computer which allows people to manipulate your computer remotely. If that's the case, the person controlling your computer would be able to start the poker program at will, anyway.

SpaceAce

[berti5]

Found this in a similar thread on pokerstrategy
"Mike type the word somemore.info into google toolbar and you get the admin console for our tables. When the game is at the bubble or reaches final table for HPHM games right click the table and you will get a discovery icon. click this and it will show all hands. You should only use this to help with table disputes. Remember to send you activity forms to Pete by Tuesday AM at the latest.

I dont think this will give an advantage as it would be after the hand but it is a bit dubious to be putting an admin console on an insecure site (as this loads a poker client software with extra facilities). Anyone know what an HPHM game is?

[SamG]

I don't understand why this is a tough question. It's much, much better to keep the clients closed when you're not playing. If nothing else, it will prevent a friend or angry gf or something from playing on your accounts when they are actually at your house and you're not looking. If you have a keylogger on your machine, you're screwed either way because at some point you will have to reboot (power surge, to install a security patch, etc.) and login again anyway. At that point, the hacker has your password.