bad news for Firefox and KDE....

[kenny]

Some sites are targeting firefox now...
A client of mine got a virus from a java that was installed from a site
using firefox.

So well for the security claims.. As I have said... When people use you, you
are a target.

And about KDE? Read here:

KDE flaws put Linux, Unix systems at risk

http://news.com.com/KDE+flaws+put+L...+risk/2110-1002_3-6029297.html?tag=html.alert


I keep hearing people complaining that MS is patching windows all the time.
They do not understand that patching is a universal thing... for any OS or
program
that is a target. And again.. a target is something that is used by many
people.

Linux is NOT immune!

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

Some sites are targeting firefox now...
A client of mine got a virus from a java that was installed from a
site using firefox.

What do you mean by "a java"? Of course, if you click 'ok' to let
an applet install, it could be anything, but that goes for any
browser with a Java plugin.

So well for the security claims.. As I have said... When people
use you, you are a target.

And about KDE? Read here:

KDE flaws put Linux, Unix systems at risk

http://news.com.com/KDE+flaws+put+Linux,+Unix+systems+at+risk/2110-
1002_3-6029297.html?tag=html.alert

I keep hearing people complaining that MS is patching windows all
the time.

They complain more about MS leaving known flaws unpatched for long
periods of time. I'm sure you'll be keeping an eye on how quickly
Konqi's js problem gets fixed. Oh, wait, I see it's already been
fixed. That was fast.

They do not understand that patching is a universal thing... for
any OS or program that is a target.

What makes you think people don't understand that? People
understand it fine, but they also generally understand that
Microsoft's record of patching things quickly and effectively is
much worse than other organizations'.

And again.. a target is something that is used by many
people.

Was Konqi even a target? AFAICT, this was patched before anyone
exploited it in the wild. ICBW, but it's not worth googling to try to
find out.

Linux is NOT immune!

Of course it isn't. That's why Linux users are so happy with its
built-in defenses against arbitrary code execution hosing the system
itself and with the speed of the devs in fixing flaws once they are
known.

AFAIK, no one has claimed that nothing bad can happen to a computer
running Linux (though you are welcome to continue to knock that straw
man down), only that it's much less likely than with some other
systems.

 

[Gordon Darling]

On Fri, 20 Jan 2006 22:04:26 +0200, kenny wrote:

,snippage>

And about KDE? Read here:

KDE flaws put Linux, Unix systems at risk

http://news.com.com/KDE+flaws+put+L...+risk/2110-1002_3-6029297.html?tag=html.alert


I keep hearing people complaining that MS is patching windows all the time.
They do not understand that patching is a universal thing... for any OS or
program
that is a target. And again.. a target is something that is used by many
people.

Linux is NOT immune!

Nobody ever said it was. Microsoft's problem is "time to patch"

"eEye's Upcoming Advisories page is unique in the security research
business because it not only lists reported vulnerabilities, but also
shows how long it's been since Microsoft confirmed the bug. One
vulnerability was acknowledged by Microsoft as far back as March 29, 167
days ago. Three others have slipped past the 100-day mark (130, 125, and
112 days, respectively)."
http://informationweek.com/shared/printableArticleSrc.jhtml?articleID=170702565

And from http://www.eeye.com/html/research/upcoming/
The first three listed are

EEYEB-20050505
Days Overdue: 200
Vendor: Microsoft
Severity: High (Remote Code Execution)
Date Reported: May 5, 2005

EEYEB-20050627
Days Overdue: 147
Vendor: Microsoft
Severity: High (Remote Code Execution)
Date Reported: June 27, 2005

EEYEB-20051011
Days Overdue: 41
Vendor: Microsoft
Severity: Medium (Denial of Service)
Date Reported: October 11, 2005

Regards
Gordon

 

[kenny]

What do you mean by "a java"? Of course, if you click 'ok' to let

an applet install, it could be anything, but that goes for any
browser with a Java plug-in.

Yes, however.. there were not so many viruses with Java before firefox!
They saw that people started getting smart and using firefox to access their
sites,
and they were immune to active X viruses and exploits, so the made Java
ones!

So if there was no firefox, there would be no increase of java viruses.

They complain more about MS leaving known flaws unpatched for long
periods of time.

No they don't... they say that XP is still in beta that's why they keep
sending patches.. lol.
Look around.. someone SELDOM says what you are saying if he/she is a linux
user.
Only windows users MAY complain, but most don't. You have to be careful when
you release a patch, or
It can create more problems... that's why it needs time to test it.
MS was wise to send the WMF patch after they tested it thoroughly (although
a early version got out too soon and they pulled it).

Of course it isn't. That's why Linux users are so happy with its
built-in defenses against arbitrary code execution hosing the system
itself and with the speed of the devs in fixing flaws once they are
known.

And I say if linux was the mainstream OS there would be viruses that could
bring it to its knees!
Remember... there have been hackers that have been able to access military
defense computers.
Hackers that get into super security computers that have banking data...
You think a desktop linux machine is safe? And remember the most venerable
link, is always the user.
No matter what OS you have if the user is not careful he can be hacked and
attacked.

Was Konqi even a target? AFAICT, this was patched before anyone
exploited it in the wild. ICBW, but it's not worth googling to try to
find out.

Oh yeah.. that browser is used from 0.001 of the population of the computer
user world!
Safari is based on that.. but MAC computers have always been ignored by
hackers.

Even linux users use firefox!

 

[kenny]

Gordon... the things linux fanatics through at MS change over time.

First it was that windows was unstable, an Linux was rock solid.
But then XP came out.. that was stable enough.
Linux fanatics shut up about that.

Then it was the patches.. Linux at first didnt have those, so it was
patch ridicule. "Oh windows is still in beta thats why they keep patching
it"
But then Suse and Ubuntu started having live updates and patches.. so
they could not continue saying that.

Now we have patch delay bashing... lol

When they fix that, it will be something else!

I am just trying to say that Linux is just an OS, that has its flaws like
Windows does.
And can be attacked if people wanted to do so.

But linux users hate to hear that!

 

[kenny]

Correction : through = throw

Gordon... the things linux fanatics through at MS change over time.

First it was that windows was unstable, an Linux was rock solid.
But then XP came out.. that was stable enough.
Linux fanatics shut up about that.

Then it was the patches.. Linux at first didnt have those, so it was
patch ridicule. "Oh windows is still in beta thats why they keep patching
it"
But then Suse and Ubuntu started having live updates and patches.. so
they could not continue saying that.

Now we have patch delay bashing... lol

When they fix that, it will be something else!

I am just trying to say that Linux is just an OS, that has its flaws like
Windows does.
And can be attacked if people wanted to do so.

But linux users hate to hear that!

 

[Steve H]

On Sat, 21 Jan 2006 01:20:31 +0200, "kenny" <-> wrote:

And remember the most venerable
link, is always the user.

Yes folks...nine out of ten Popes recommend Linux...

Regards,

 

[Gordon Darling]

On Sat, 21 Jan 2006 01:26:31 +0200, kenny wrote:

I am just trying to say that Linux is just an OS, that has its flaws like
Windows does.
And can be attacked if people wanted to do so.

But linux users hate to hear that!

No, only fanatics and, regretably, there are fanactics on both sides of
the fence!

Regards
Gordon

 

[nobody]

Some sites are targeting firefox now...
A client of mine got a virus from a java that was installed from a site
using firefox.

So well for the security claims.. As I have said... When people use you,
you are a target.

And about KDE? Read here:

KDE flaws put Linux, Unix systems at risk

http://news.com.com/KDE+flaws+put+L...+risk/2110-1002_3-6029297.html?tag=html.alert

There's still eComStation (OEM OS/2), which I use, or regular OS/2 Warp
4,52 (if IBM is still selling it.) Security is good, but javascript is
javascript, and perhaps could cause problems. It can be turned off in
browsers, but some sites require it, and I don't know if you can
selectively enable it for particular sites.

The biggest problem with eCS-OS/2 is that we don't have nearly the variety
of available apps and games that Windows does. For instance, there's no
Real Player for OS/2 (I asked once if they could make one, and never got a
reply), and the offical Flash for OS/2 is 5 (there's an unofficial Flash 7
for OS/2 floating around the web.) So, I occasionally boot to my Win98SE
if there's a video I want to see. Overall, I've been very happy with
OS/2, and now eCS, since I first started using it at version 2.11 (I still
use Dos and Win 3.1 apps along with OS/2 apps, which do what I need done.)


Alan


--

----------------------------------------------------------------------
** Please use address alanh77[at]comcast.net to reply via e-mail. **

Posted using registered MR/2 ICE Newsreader #564 and eComStation 1.21

BBS - The Nerve Center Telnet FidoNet 261/1000 tncbbs.no-ip.com
----------------------------------------------------------------------

 

[Why Tea]

So if there was no firefox, there would be no increase of java viruses.

That's a strange argument. If that's true, the reverse must also be
true. That will mean:

In order not to increase Java viruses, there should be no other
browsers (except IE).

MS will like that.

 

[Why Tea]

No, only fanatics and, regretably, there are fanactics on both sides of

the fence!

Absolutely true. Very often, it's those who know little about what's
going on at both side of the fence.

 

[=?ISO-8859-1?Q?=BBQ=AB?=]

Yes, however.. there were not so many viruses with Java before
firefox! They saw that people started getting smart and using
firefox to access their sites,
and they were immune to active X viruses and exploits, so the made
Java ones!

So if there was no firefox, there would be no increase of java
viruses.

Even if it's true that there's been an increase in malware delivered
via Java (and you provide no evidence of the claim), it's no
justification for your FUD Subject "bad news for Firefox".

No they don't...

Yes they do.

they say that XP is still in beta that's why they
keep sending patches.. lol.

Some do, based on the sheer number of critical patches that are needed
for Microsoft operating systems after their release.

Look around.. someone SELDOM says what you are saying if he/she is
a linux user.

Most Linux users don't bother to fight FUD. That's true for users of
any OS, BTW. But if /you/ look around, you'll find plenty of them
saying what I've noted, and only a few trolls making the claims you
attribute to "Linux users".

Only windows users MAY complain, but most don't.

It doesn't do any good when they do complain, unless they are large
corporations. The home user effectively has only the choices of living
with it or switching to a more secure OS.

You have to be careful when you release a patch, or
It can create more problems... that's why it needs time to test
it. MS was wise to send the WMF patch after they tested it
thoroughly (although a early version got out too soon and they
pulled it).

That argument works well when you are talking about patches that are
released within days of the 0-day exploits, but not so well when
talking about the 260+ days that at least one critical vulnerability
has been waiting for a patch from MS.

And I say if linux was the mainstream OS there would be viruses
that could bring it to its knees!

An easy claim to make since you cannot test it, and one that completely
ignores the points I made just above, among many others.

No matter what OS you have if the user is not careful he can be
hacked and attacked.

No one has claimed otherwise, yet you continue to argue against the
straw man. Again, one important difference is that a Linux user who is
successfully "hacked and attacked" would not have his OS broken or have
his OS turned into a zombie for malware propagation or spam spewage.

Oh yeah.. that browser is used from 0.001 of the population of the
computer user world!
Safari is based on that.. but MAC computers have always been
ignored by hackers.

Even linux users use firefox!

A lot of them still use Konqi -- it's a pretty good browser, and
actively developed. If it had 90% of the overall market, I don't doubt
that more flaws would be found, but I also don't doubt that the devs
would continue to patch them in the same timely manner.

Also, pointing out a flaw in a third-party browser such as Konqi, and
using it to say "flaws put Linux, Unix systems at risk" is exactly like
saying that Firefox or Opera flaws "put Windows systems at risk".
You'd have an absolute fit if people started doing that WRT Windows
apps, yet you easily use it to jumpstart more Linux FUD.

 

[Lord Possum]

Some sites are targeting firefox now...
A client of mine got a virus from a java that was installed from a site
using firefox.

So well for the security claims.. As I have said... When people use you, you
are a target.

And about KDE? Read here:

KDE flaws put Linux, Unix systems at risk

http://news.com.com/KDE+flaws+put+L...+risk/2110-1002_3-6029297.html?tag=html.alert

I keep hearing people complaining that MS is patching windows all the time.
They do not understand that patching is a universal thing... for any OS or
program
that is a target. And again.. a target is something that is used by many
people.

Linux is NOT immune!

============================

Remember Commodore? Radio Shack Trs-80? In the old days, the operating
system was on a chip. Virus? Har Har Such might come across the
internet for the moment, but, turn off the computer, turn on again ...
no more virus. Aren't we being told that the next Windows OS might be
RAM based, booting up from chips? Sounds like full-circle to me.

 

[dszady]

Some sites are targeting firefox now...
A client of mine got a virus from a java that was installed from a site
using firefox.

So well for the security claims.. As I have said... When people use you, you
are a target.

And about KDE? Read here:

KDE flaws put Linux, Unix systems at risk

http://news.com.com/KDE+flaws+put+L...+risk/2110-1002_3-6029297.html?tag=html.alert


I keep hearing people complaining that MS is patching windows all the time.
They do not understand that patching is a universal thing... for any OS or
program
that is a target. And again.. a target is something that is used by many
people.

Linux is NOT immune!

kenny, just use Linux on another partition for awhile and make an
intelligent decision. Intelligent would not make you such a target.
Unless you want it that way.
Damn it! I responded to a rare Windows TROLL.

 

[elaich]

Some sites are targeting firefox now...
A client of mine got a virus from a java that was installed from a site
using firefox.

It figures that a friend of yours got a virus while using JAVA.

Moron. JAVA is a security risk. Using it in Firefox is not an indictment of
Firefox. It's an indictment of JAVA, idiot.

 

[elaich]

I keep hearing people complaining that MS is patching windows all the
time. They do not understand that patching is a universal thing... for
any OS or program

I don't understand why you are so loyal to a multi-billion dollar company
that is trying to control the computing world with Gestapo-like tactics,
unless you are on their payroll.

 

[Le Loup]

kenny a écrit :

When they fix that, it will be something else!

Maybe the fact that Linux is free ? not Windows.

Cordialement,
Hervé LOTH

 

[kenny]

I have had linux on partitions for years, and on vmware.. I still do.

and my very intelligent opinion is that it still stinks!
Im no windows troll. You think everyone who has a different opinion than
yourself,
to be a troll? Wow...

talk about intelligence!

 

[kenny]

You fool!

Microsoft is nothing next to the real people who are controlling the world.
And I mean economically. And that means everything.
Microsoft is just a software company. Its just that you can point a finger
on MS,
while you cannot do so on the clever powers who know how to remain hidden.
These are the people who decide everything, including what kind of software
and
hardware you have and can buy.

 

[kenny]

Yes but the increase in java exploits are the reaction the hackers had to
the increase of Firefox use!

If firefox had some kind of protection against it, like IE now has for
active X
then the problem would be solved since the hackers would not have an easy
way to intrude with Java. Thus there would be no increase in java attacks!

In order to install activeX now you have to go through a loop, with the
yellow pop up infobar. You have to deliberately right click it and select
YES INSTALL THIS.

In firefox there is no such security.. a pop up windows can say.. "Press yes
to upgrade windows" .. so a user not understanding the threat, just presses
YES.

You are the idiot, not me! I have proved that again and again...