Nope, horse-puckey. This would be the same PIN data that their PCI compliance *cough* would disallow from storing after authorization for a transaction, just like the CVV codes which I think also got nabbed. Now, it is possible that they were all captured "in-flight" and not being stored against the rules, but it is very much verboten to keep even with encryption.

I think the toaster OS is NetBSD.

Oh sure, this shouldn't be the common use case for backups. There's no reason it can't be a useful alternative. Personally, I am tempted to mail postcards covered in optar-printed labels all over the place, just to drive people nuts. Some of them would have to contain Goatse images, others, possibly random data.

Actually, fire safes are a lot better for paper than CD/DVD media, which will be destroyed faster than paper chars.

Well, Debian Testing gets more frequent updates than Stable, but they are explicit about security patches being intended for the latter.
That said, your desktop environment is most likely to get owned through a browser glitch anyway if it has a firewall up, so it may not be that unreasonable.
It is nice to see that the latest Firefox came through in a timely fashion.

Mint LMDE is based on Debian, with rolling releases. I've only recently switched though, but seems good so far.

As well, you can export your LastPass data to another file, say one that you keep on your encrypted backups. No need to slag a very useful tool for nonsense reasons. (disclosure: premium subscriber here)

I was using Mint 13 for a good while, and loving it, but have now switched over to the newest Mint LMDE version. This is based on Debian's testing respository, not Ubuntu, so is more of a rolling update model. This puts me back to an improved version of what I had with my old stock-Debian desktop, having added some "just works" niceties from Mint.

If you have a well of your own, you can (and should) "shock" it from time to time. Best done before you are going to be away for a few days, to let the bleach water hang out in your household water pipes too.

Use of IE6 indicates that you are most likely an unimaginative corporate drone, who is likely using his dodgy old browser to post for other jobs while at work. Obviously, he will continue to do the same if you hire him. Use of cache correlation techniques to assess what *other* sites he goes to is an exercise for someone who isn't in HR.

Puppy is ideal for this purpose. It's familiar-enough to look at and start a browser, and since it runs from RAM after the initial CD boot, has no reason to touch anything on disk. Power down to clean up.

If you're feeling extra careful, put this device on a separate network chunk that can't reach anything internal (except maybe a printer).

If you don't understand the application-layer issues which might be present in your programs, then you won't necessarily understand what the tools (whichever) are trying to tell you. Read and learn, grasshopper. You can get a ton of info from OWASP (http://owasp.org) for free, including some issue-specific "cheat sheet" pages. Next, buy the Web Application Hacker's Handbook. Really, do it now, or at least after you've read the OWASP stuff. It's in dead-tree and e-book versions, now second edition.

Tool-wise, go to portswigger.net, and download the freebie version of Burp Suite. It doesn't have the scanner portion, but you can proxy all your traffic through it, and see what happens when you twiddle all the things that might be twiddled. Buy the pro version (few hundred bucks/year) when you're ready for the other features. By then, you'll know why you want them. The author is Dafydd Stuttard, one of the WAHH book authors. Great support, helpful and responsive.

Oh, and the suggestions for Nessus, OpenVAS and Backtrack/Kali aren't bad, they're good tools. Mostly for the infrastructure-level things such as the operating system and known services which are exposed, though this does include your web server. They mostly won't tell you much about your one-off apps though.

HAHAHAH. OK, fine. I'll go back to sleep now.

Mine's got a USB wifi card, and does just fine.

We already get taught to not trust people, and they're familiar. As robot behavior gets more complex, it'll be more apparently mysterious, and harder to trust.