ie's big hole

  • Thread starter secure computers today
  • Start date
J

Jan Il

isn't it time you started using a better ,secure browser
like mozilla.org 's 'firefox'?????
Click to expand...

That's actually a very soft based illusion. Wearing a bee suit does not
mean you can't get stung in a Killer Bee swarm.

Jan :)
Smiles are meant to be shared,
that's why they're so contagious.
 
F

Fuzzy Logic

http://www.pcworld.com/news/article/0,aid,119217,00.asp

isn't it time you started using a better ,secure browser
like mozilla.org 's 'firefox'?????
Click to expand...

If safety/security was the only thing that mattered we'd all be driving
Volvos. And guess what you can still get injured driving them.

Everyone has different requirements/needs and that's why we have choices. As
for 'better' what's best for me may be useless for you and vice versa. By
all means if you like Firefox use it. I've tried it and it's not for me. I
personally prefer Avant which use the IE rendering engine and has many of
the features of Firefox. I also don't drive a Volvo.

What's safe today will certainly be found to be unsafe in the future
(recalls/patches/updates). Security is a process not a piece of software.
Find a well supported browser YOU like, learn how to lock it down and do it.
Keep it patched (don't forget about the plugins) and practice safe surfing
skills. Regardless of what you settle on you will never be 100% secure. All
you can hope for is a level of security that YOU are comfortable with.

In my experience (computer security, user support) the browser security
incidents are the result of the user not the browser. The user either said
yes to a dialog box that they didn't understand or downloaded and installed
software they thought was freeware but contained unexpected 'extras'.
Switching to another browser will not prevent these types of incidents.

PS If you visit porn/warez sites you're just asking for trouble and watch
out for Tinyurl/Makeashortlink as this is a great way to mask potentially
harmful links. There are nasty people/places out there (both in the real
world and the Internet) and if you stay away from them you will greatly
reduce the risk of something bad happening to you.
 
G

Guest

I think the point is not so much that any given browser is so much more or
less secure than any other; rather, it's that a Microsoft browser, given
it's installed on something like 90% of the desktop PCs worldwide, is a
*much* bigger target, and consequently much more likely to be shot at. Most
(but certainly not all) virus makers and hackers aren't going to waste their
time finding exploits and holes in Firefox when seven out of ten internet
users are using IE (yes, that's a fake statistic, but you get my jist).

You'll never be secure no matter what brower you use, and yes, the best
defense is to be well patched and internet-savvy, but it can't hurt to make a
smaller target of yourself, either.

--LB
 
T

Tom Pepper Willett

~Robear:

The naive such as the OP come out of their shells once in a blue moon and
make such claims/posts because of their lack of knowledge ;-)

And their desire to be recognized for imparting information they actually do
not have.


Tom
| *No* browser is 100% secure and unexploitable.
| --
| ~Robear Dyer (PA Bear)
| MS MVP-Windows (IE/OE)
|
| secure computers today wrote:
| > http://www.pcworld.com/news/article/0,aid,119217,00.asp
| >
| > isn't it time you started using a better ,secure browser
| > like mozilla.org 's 'firefox'?????
 
J

Jan Il

Linda B said:
I think the point is not so much that any given browser is so much more or
less secure than any other; rather, it's that a Microsoft browser, given
it's installed on something like 90% of the desktop PCs worldwide, is a
*much* bigger target, and consequently much more likely to be shot at. Most
(but certainly not all) virus makers and hackers aren't going to waste their
time finding exploits and holes in Firefox when seven out of ten internet
users are using IE (yes, that's a fake statistic, but you get my jist).

You'll never be secure no matter what brower you use, and yes, the best
defense is to be well patched and internet-savvy, but it can't hurt to make a
smaller target of yourself, either.
Click to expand...

Unfortunately, that target is no longer as small as you might think, and it
is growing every day.
The following information was provided in another thread here just a few
days ago regarding a similar discussion:
:
Courtesy of PA Bear -



Netscape 7.x, Konqueror 3.x, Opera 7.x, Safari 1.x, Microsoft Internet
Explorer 5.01/5.5/6, Mozilla 0.x, Mozilla 1.0, Mozilla 1.1, Mozilla 1.2,
Mozilla 1.3, Mozilla 1.4, Mozilla 1.5, Mozilla 1.6, Mozilla 1.7.x,
Mozilla *Firefox* 0.x,
Mozilla *Firefox* 1.x

The problem is that a website can inject content into another site's
window if the target name of the window is known. This can e.g. be
exploited by a malicious website to spoof the content of a pop-up window
opened on a trusted website.

Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
http://secunia.com/multiple_browsers_window_injection_vulnerability_test/

Notes:
- The vulnerability has been confirmed in Mozilla 1.7.3 and Mozilla
*Firefox* 1.0. Other versions may also be affected.
- The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.
- The vulnerability has been confirmed in Safari version 1.2.4. Other
versions may also be affected.
- The vulnerability has been confirmed in Opera version 7.54. Other
versions may also be affected.
- The vulnerability has been confirmed in Konqueror version 3.2.2-6.
Other versions may also be affected.
- The vulnerability has been confirmed in Netscape 7.2. Other versions
may also be affected.

Solution: Do not browse untrusted sites while browsing trusted sites.

Netscape: http://secunia.com/advisories/13402/
Opera: http://secunia.com/advisories/13253/
Mozilla/Firefox: http://secunia.com/advisories/13129/
IE: http://secunia.com/advisories/13251/
Konqueror: http://secunia.com/advisories/13254/
Safari: http://secunia.com/advisories/13252/
Click to expand...
</paste>



Never under estimate the power of money, and those to covet it. Like a
cancer, it is indiscriminant, and fears no boundaries.



Jan :)

Smiles are meant to be shared,
that's why they're so contagious.
 
V

Vanguard

secure computers today said:
http://www.pcworld.com/news/article/0,aid,119217,00.asp

isn't it time you started using a better ,secure browser
like mozilla.org 's 'firefox'?????
Click to expand...


Another user intent on proving he is an idiot. Doesn't matter whether
one browser is better than another. That's not what this newsgroup is
about, so the off-topic post is a spam post and thus DETRACTS from that
validity of Firefox. The OP (who couldn't figure out a moniker for
themself) does a disservice to Firefox, but maybe that was his intent.
 
V

Vanguard

Paul Smith said:
How many big holes are sat in Firefox waiting to be exploited?
Click to expand...


There is a bug reporting database you can find if you drill around the
Mozilla web site. It has had plenty of security fixes. It just doesn't
accrue that many because there aren't that many users. Last I read,
Firefox is creeping up to about 2% of the browser market so there aren't
a whole lot of users employing the product or attacking it to discover
its failings. However, that doesn't mean it isn't a good alternative as
your primary or backup browser. But even an idiot using Firefox isn't
going to be saved by using Firefox.
 
V

Vanguard

Tom Pepper Willett said:
~Robear:

The naive such as the OP come out of their shells once in a blue moon
and
make such claims/posts because of their lack of knowledge ;-)

And their desire to be recognized for imparting information they
actually do
not have.


Tom
| *No* browser is 100% secure and unexploitable.
|
| secure computers today wrote:
| > http://www.pcworld.com/news/article/0,aid,119217,00.asp
| >
| > isn't it time you started using a better ,secure browser
| > like mozilla.org 's 'firefox'?????
Click to expand...


From a poster that hasn't been around here and other newsgroups to know
who are the regulars, or even bothers to do a Google Groups search on an
author to find out how many times that person has posted.

From the search results of a Google Groups search in microsoft.public.*
groups:

PA Bear: 29,100 (2,680 in this group)
Tom Pepper Willet: 6,900 (27 in this group)

You're losing the race, Tom.
 
V

Vanguard

Fuzzy Logic said:
in


If safety/security was the only thing that mattered we'd all be
driving
Volvos. And guess what you can still get injured driving them.
Click to expand...
...
Click to expand...


If ultimate safety was the real concern of the OP (rather than ego by
spouting, "Look at me, look at me, ain't I smart, hey, look at me"), why
isn't he using Lynx or some other text-only browser?
 
J

Jan Il

Vanguard said:
Another user intent on proving he is an idiot. Doesn't matter whether
one browser is better than another. That's not what this newsgroup is
about, so the off-topic post is a spam post and thus DETRACTS from that
validity of Firefox. The OP (who couldn't figure out a moniker for
themself) does a disservice to Firefox, but maybe that was his intent.
Click to expand...

On a personal note, I care not a whit about any disservice such uninformed
posters may do to FireFox or any other browser of their desire. My concern,
and ire, is the real disservice they do to posters here, and perhaps
elsewhere, by such spamming. Some posters also may not be that
knowledgeable about browsers and Internet use, and by giving them a false
sense of complete safety and security while browsing the Internet just by
using another browser, it will perhaps make them become too complacent
about their vulnerability, thus, becoming careless about where and how they
surf, and properly maintaining their machines which can result in serious
consequences.

If they are that hungry for attention, they should visit a few Usenet groups
and post their spam. <veg>

Jan :)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

"Search Assistant" Ad pollution 2
Texas and EFF sue Sony over intrusive DRM software on music CD's. 7
Something new: PayFREEware... 10
Super Browser Outdoes Internet Explorer 37
php worm spreading.... 1
Hotmail will boost its free storage capacity to 250 MB 5
Apple Boot Camp turns Intel Macs into PCs-only 11
More MS bugs 29

Top