|
Home > Archive > Mozilla Browser > April 2007 > The safest Browser is IE7
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
The safest Browser is IE7
|
|
| businessman@nomail.com 2007-03-30, 1:13 am |
| I hate to break this to everyone, but according to
http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
IE7 is now the safest browser.
Now that you are all beginning to delete Firefox and install IE7,
there is GOOD NEWS. The good news is that Firefox 2.0x is only a tiny
precentage of a point below IE7.
On the other hand, Opera comes in as the worst on all accounts.
What shocks me is that IE6 is safer than Firefox 1.x
Here is what they list:
Microsoft Internet Explorer 7.x
5.42% of all Microsoft Internet Explorer 7.x installations were
detected as being insecure.
This is based on 211,521 system installations.
---------
Microsoft Internet Explorer 6.x
9.94% of all Microsoft Internet Explorer 6.x installations were
detected as being insecure.
This is based on 132,336 system installations.
------------
Firefox 2.0x
5.47% of all Mozilla Firefox 2.0.x installations were detected as
being insecure.
This is based on 166,856 system installations.
------------
Firefox 1.x
38.16% of all Mozilla Firefox 1.x installations were detected as being
insecure.
This is based on 39,930 system installations.
--------------
Opera 9.x
12.39% of all Opera 9.x installations were detected as being insecure.
This is based on 46,034 system installations.
-------------
Opera 8.x
98.81% of all Opera 8.x installations were detected as being insecure.
This is based on 3,878 system installations.
------------
Opera 7.x
88.78% of all Opera 7.x installations were detected as being insecure.
This is based on 820 system installations.
| |
| john sumner 2007-03-30, 7:12 am |
| businessman@nomail.com wrote in
news:1d8p039i0h1nh6iksusc5vb0ccs3g5f9qi@
4ax.com:
> I hate to break this to everyone, but according to
> http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
>
> IE7 is now the safest browser.
>
> Now that you are all beginning to delete Firefox and install IE7,
> there is GOOD NEWS. The good news is that Firefox 2.0x is only a tiny
> precentage of a point below IE7.
>
> On the other hand, Opera comes in as the worst on all accounts.
>
> What shocks me is that IE6 is safer than Firefox 1.x
>
So are you a shill for bill gates. or are you bill gates trolling in news
groups.
| |
| businessman@nomail.com 2007-03-30, 1:12 pm |
| On Fri, 30 Mar 2007 06:53:16 +0000 (UTC), john sumner
<josumner1965@cs.com> wrote:
>businessman@nomail.com wrote in
> news:1d8p039i0h1nh6iksusc5vb0ccs3g5f9qi@
4ax.com:
>
>So are you a shill for bill gates. or are you bill gates trolling in news
>groups.
Neither. Just sharing what I found on the website link that I
included in my post. If you actually read my whole post, Firefox 2.0x
came in almost identical, just a fraction of a percent lower. On the
other hand Firefox 1.x did not come in good. On the other hand, Opera
was very poor.
I dont believe everything I read on websites, so I was hoping to get
some useful feedback on this. Unfortunately your reply did not fall
into the "useful" category.
| |
| john sumner 2007-03-30, 1:12 pm |
| businessman@nomail.com wrote in
news:e12q039kquehgge27c27f6h8dabjof94lv@
4ax.com:
>
> Neither. Just sharing what I found on the website link that I
> included in my post. If you actually read my whole post, Firefox 2.0x
> came in almost identical, just a fraction of a percent lower. On the
> other hand Firefox 1.x did not come in good. On the other hand, Opera
> was very poor.
>
> I dont believe everything I read on websites, so I was hoping to get
> some useful feedback on this. Unfortunately your reply did not fall
> into the "useful" category.
>
And your point being?
| |
| elaich 2007-03-30, 1:12 pm |
| businessman@nomail.com wrote in news:1d8p039i0h1nh6iksusc5vb0ccs3g5f9qi@
4ax.com:
> I hate to break this to everyone, but according to
> http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
>
> IE7 is now the safest browser.
A look at the source discounts this immediately. Also, this is the same
troll who argued for weeks about a moot point in an another group.
--
A: Because it disturbs the logical flow of the message.
Q: Why is top posting frowned upon?
| |
| businessman@nomail.com 2007-03-30, 1:12 pm |
| On Fri, 30 Mar 2007 13:05:11 +0000 (UTC), john sumner
<josumner1965@cs.com> wrote:
>businessman@nomail.com wrote in
> news:e12q039kquehgge27c27f6h8dabjof94lv@
4ax.com:
>
>
>And your point being?
Apparently you lack reading comprehension !!!!!
Now putting aside trolls such as yourself who only waste bandwidth,
Does anyone on here have any security facts to share. I'd like to
validify this. I find it kind of hard to imagine that IE6 was more
secure than Firefox 1.x. I have not tried IE7, so I can not
personally comment. I was always under the impression that FF was
pretty secure, at least that is what everyone kept saying, but if this
information is accurate, all versions of FF prior to 2.0x was not very
secure at all, and IE6 was actually more secure. If anyone has any
facts or know of other websites, I'd sure like to know what is true.
| |
| businessman@nomail.com 2007-03-30, 1:12 pm |
| On 30 Mar 2007 14:15:53 GMT, elaich <a@b.c> wrote:
>businessman@nomail.com wrote in news:1d8p039i0h1nh6iksusc5vb0ccs3g5f9qi@
>4ax.com:
>
>
>A look at the source discounts this immediately. Also, this is the same
>troll who argued for weeks about a moot point in an another group.
Trolls such as yourself are automatically added to my kill filters.
| |
|
| On Fri, 30 Mar 2007 00:47:51 -0500, businessman@nomail.com wrote:
> I hate to break this to everyone, but according to
> http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
>
> IE7 is now the safest browser.
>
> Now that you are all beginning to delete Firefox and install IE7,
> there is GOOD NEWS. The good news is that Firefox 2.0x is only a tiny
> precentage of a point below IE7.
<http://secunia.com/blog/4/>
One good thing about anyone that used
<http://secunia.com/software_inspector/> is "The results are then used
to advise you on how to update to more secure releases of the insecure
applications."
The good news is it's possible to have more than one browser
installed, and to use whatever browser(s) you want.
<http://secunia.com/search/?search=Internet+Explorer>
Found: 262 Secunia Security Advisories
<http://secunia.com/search/?search=Firefox>
Found: 160 Secunia Security Advisories
<http://secunia.com/product/12366/>
Vulnerability Report: Microsoft Internet Explorer 7.x
Affected By 9 Secunia advisories
Unpatched 78% (7 of 9 Secunia advisories)
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft
Internet Explorer 7.x, with all vendor patches applied, is rated
Moderately critical
<http://secunia.com/product/12434/>
Vulnerability Report: Mozilla Firefox 2.0.x
Affected By 6 Secunia advisories
Unpatched 50% (3 of 6 Secunia advisories)
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Mozilla Firefox
2.0.x, with all vendor patches applied, is rated Less critical
<http://secunia.com/product/11/>
Vulnerability Report: Microsoft Internet Explorer 6.x
Affected By 112 Secunia advisories
Unpatched 18% (20 of 112 Secunia advisories)
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft
Internet Explorer 6.x, with all vendor patches applied, is rated
Moderately critical
<http://secunia.com/product/4227/>
Vulnerability Report: Mozilla Firefox 1.x
Affected By 41 Secunia advisories
Unpatched 10% (4 of 41 Secunia advisories)
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Mozilla Firefox
1.x, with all vendor patches applied, is rated Less critical
--
Rom
| |
| Michel Doucet 2007-03-30, 7:13 pm |
| Le Fri, 30 Mar 2007 00:47:51 -0500, businessman a caressé son clavier pour
nous dire dans 1d8p039i0h1nh6iksusc5vb0ccs3g5f9qi@4ax.com ce qui suit :
> IE7 is now the safest browser.
Are you joking ?
--
Utiliser le butineur, le courrielleur, le lecteur de nouvelles
et l'OS avec lesquels vous vous sentez le plus sécurisé ;)
| |
| SteveG 2007-03-30, 7:13 pm |
| In-Reply-To: <pp8q031vl0pafs09ld9r56lhsp2hgnfpa6@4ax.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Lines: 45
Message-ID: <IOcPh.2813$NK2.1637@text.news.blueyonder.co.uk>
Date: Fri, 30 Mar 2007 18:38:32 GMT
NNTP-Posting-Host: 82.32.53.228
X-Complaints-To: abuse@blueyonder.co.uk
X-Trace: text.news.blueyonder.co.uk 1175279912 82.32.53.228 (Fri, 30 Mar 2007 19:38:32 BST)
NNTP-Posting-Date: Fri, 30 Mar 2007 19:38:32 BST
Xref: number1.nntp.dca.giganews.com alt.fan.mozilla:34213
businessman@nomail.com wrote:
> On Fri, 30 Mar 2007 13:05:11 +0000 (UTC), john sumner
> <josumner1965@cs.com> wrote:
>
>
> Apparently you lack reading comprehension !!!!!
>
> Now putting aside trolls such as yourself who only waste bandwidth,
>
> Does anyone on here have any security facts to share. I'd like to
> validify this. I find it kind of hard to imagine that IE6 was more
> secure than Firefox 1.x. I have not tried IE7, so I can not
> personally comment. I was always under the impression that FF was
> pretty secure, at least that is what everyone kept saying, but if this
> information is accurate, all versions of FF prior to 2.0x was not very
> secure at all, and IE6 was actually more secure. If anyone has any
> facts or know of other websites, I'd sure like to know what is true.
>
>
John may (or may not) lack comprehension skills but I have to tell you
that "validify" is NOT an English word. I'm guessing your American and
exercising your "right" to make up words just because you don't know the
correct one to use. Try "validate" instead :-)
<flame proof jacket now donned in anticipation of impending tirade> <BCG>
--
Regards
Steve G
| |
| SteveG 2007-03-30, 7:13 pm |
| businessman@nomail.com wrote:
> I hate to break this to everyone, but according to
> http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
>
> IE7 is now the safest browser.
>
> Now that you are all beginning to delete Firefox and install IE7,
> there is GOOD NEWS. The good news is that Firefox 2.0x is only a tiny
> precentage of a point below IE7.
>
> On the other hand, Opera comes in as the worst on all accounts.
>
> What shocks me is that IE6 is safer than Firefox 1.x
>
> Here is what they list:
>
> Microsoft Internet Explorer 7.x
>
> 5.42% of all Microsoft Internet Explorer 7.x installations were
> detected as being insecure.
>
> This is based on 211,521 system installations.
>
> ---------
> Microsoft Internet Explorer 6.x
>
> 9.94% of all Microsoft Internet Explorer 6.x installations were
> detected as being insecure.
>
> This is based on 132,336 system installations.
>
> ------------
> Firefox 2.0x
>
> 5.47% of all Mozilla Firefox 2.0.x installations were detected as
> being insecure.
>
> This is based on 166,856 system installations.
>
> ------------
> Firefox 1.x
>
> 38.16% of all Mozilla Firefox 1.x installations were detected as being
> insecure.
>
> This is based on 39,930 system installations.
>
> --------------
> Opera 9.x
>
> 12.39% of all Opera 9.x installations were detected as being insecure.
>
> This is based on 46,034 system installations.
>
> -------------
> Opera 8.x
>
> 98.81% of all Opera 8.x installations were detected as being insecure.
>
> This is based on 3,878 system installations.
>
> ------------
> Opera 7.x
>
> 88.78% of all Opera 7.x installations were detected as being insecure.
>
> This is based on 820 system installations.
The fact that "installations" are detected as insecure does not directly
reflect on the browser used. It's a measure of how users set up their
security systems more than anything else. If I decide not to use my
firewall and, as a consequence, make my system insecure how is that a
reflection on Firefox?
--
Regards
Steve G
| |
| john sumner 2007-03-30, 7:13 pm |
| SteveG <_@_._> wrote in
news:IOcPh.2813$NK2.1637@text.news.blueyonder.co.uk:
> John may (or may not) lack comprehension skills but I have to tell you
> that "validify" is NOT an English word. I'm guessing your American and
> exercising your "right" to make up words just because you don't know the
> correct one to use. Try "validate" instead :-)
>
> <flame proof jacket now donned in anticipation of impending tirade> <BCG>
I do have comprehension skills i just think this guy who started this is a
troll who is in love with microsoft
| |
| Michel Doucet 2007-03-30, 7:13 pm |
| Le Fri, 30 Mar 2007 10:03:51 -0500, businessman a caressé son clavier pour
nous dire dans jl9q03tiru715tb734b0lv49u9ia72u6al@4ax.com ce qui suit :
>
> Trolls such as yourself are automatically added to my kill filters.
*Your* post is *the* troll ....
--
Utiliser le butineur, le courrielleur, le lecteur de nouvelles
et l'OS avec lesquels vous vous sentez le plus sécurisé ;)
| |
| History Fan 2007-03-30, 7:13 pm |
| >>What shocks me is that IE6 is safer than Firefox 1.x
I find that VERY hard to believe.
| |
| John Thompson 2007-03-30, 7:13 pm |
| On 2007-03-30, businessman@nomail.com <businessman@nomail.com> wrote:
> I hate to break this to everyone, but according to
> http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
>
> IE7 is now the safest browser.
The common denominator on these seens to be Windows. Get rid of Windows
and your spyware issue vanishes.
--
John (john@os2.dhs.org)
| |
| businessman@nomail.com 2007-03-31, 1:13 am |
| On Fri, 30 Mar 2007 18:38:32 GMT, SteveG <_@_._> wrote:
>businessman@nomail.com wrote:
>
>John may (or may not) lack comprehension skills but I have to tell you
>that "validify" is NOT an English word. I'm guessing your American and
>exercising your "right" to make up words just because you don't know the
>correct one to use. Try "validate" instead :-)
>
><flame proof jacket now donned in anticipation of impending tirade> <BCG>
Thanks That word had me stumbling..... now I know !!!!
| |
| businessman@nomail.com 2007-03-31, 1:13 am |
| On Fri, 30 Mar 2007 19:09:00 +0000 (UTC), john sumner
<josumner1965@cs.com> wrote:
>SteveG <_@_._> wrote in
>news:IOcPh.2813$NK2.1637@text.news.blueyonder.co.uk:
>
>I do have comprehension skills i just think this guy who started this is a
>troll who is in love with microsoft
I am the guy that started this thread, and I amd not a troll, because
I DID NOT make the website that listed these facts and figures.
Why dont you go to the site yourself. Look at the bar on the left.
Each of these 3 browsers are listed with several versions. I am
trying to get opinions. I find it hard to believe that FF 1.x was
less secure than IE6. I will not say what I believe about IE7 since I
have not used it. I would hope that MS fixed the security issues, but
they dont always keep up with things.
GO HERE:
http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
| |
| businessman@nomail.com 2007-03-31, 1:13 am |
| On Fri, 30 Mar 2007 16:56:49 -0500, John Thompson
<john@vector.os2.dhs.org> wrote:
>On 2007-03-30, businessman@nomail.com <businessman@nomail.com> wrote:
>
>
>The common denominator on these seens to be Windows. Get rid of Windows
>and your spyware issue vanishes.
It's easy to talk, isn't it !!!!
I'd love to get rid of Windows, but these days one cant do much with
DOS, and OS2 is dead. Of course there's always the Macintosh if one
can afford them.
| |
| Peter.Potamus.the.Purple.Hippo@gmail.com 2007-03-31, 1:13 am |
| On Mar 30, 6:32 pm, business...@nomail.com wrote:
> GO HERE:http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
I don't think its fair to quote or listen to them. I mean, do you
know what msmvp stands for? Its "Microsoft Most Valuable
Professional." They're the "Ultimate Destination for Blogs by
Current and Former Microsoft Most Valuable Professionals."
So, of course those people will say IE is the best.
| |
| Leonidas Jones 2007-03-31, 1:13 am |
| SteveG wrote:
> businessman@nomail.com wrote:
/snip/[vbcol=seagreen]
> John may (or may not) lack comprehension skills but I have to tell you
> that "validify" is NOT an English word. I'm guessing your American and
> exercising your "right" to make up words just because you don't know the
> correct one to use. Try "validate" instead :-)
>
> <flame proof jacket now donned in anticipation of impending tirade> <BCG>
>
Actually, he probably meant verify. Hard to tell though. Maybe he's not
a native English speaker.
Lee
| |
| Leonidas Jones 2007-03-31, 1:13 am |
| businessman@nomail.com wrote:
> On Fri, 30 Mar 2007 16:56:49 -0500, John Thompson
> <john@vector.os2.dhs.org> wrote:
>
>
> It's easy to talk, isn't it !!!!
> I'd love to get rid of Windows, but these days one cant do much with
> DOS, and OS2 is dead. Of course there's always the Macintosh if one
> can afford them.
You never heard of Linux? Free distro's, if you've never tried it
Ubuntu is very user friendly:
http://www.ubuntu.com/
Lee
| |
| Zaghadka 2007-03-31, 1:13 am |
| On Fri, 30 Mar 2007 20:32:19 -0500, in alt.fan.mozilla, businessman@nomail.com
wrote:
>On Fri, 30 Mar 2007 19:09:00 +0000 (UTC), john sumner
><josumner1965@cs.com> wrote:
>
>
>I am the guy that started this thread, and I amd not a troll, because
>I DID NOT make the website that listed these facts and figures.
>Why dont you go to the site yourself. Look at the bar on the left.
>Each of these 3 browsers are listed with several versions. I am
>trying to get opinions. I find it hard to believe that FF 1.x was
>less secure than IE6. I will not say what I believe about IE7 since I
>have not used it. I would hope that MS fixed the security issues, but
>they dont always keep up with things.
>
>GO HERE:
>http://msmvps.com/blogs/spywaresuck.../22/701346.aspx
If you were seriously pooling opinions, your post would have been well served
by a simple question mark in the header.
i.e.: "The safest Browser is IE7?"
MSMVP stands for professionals who make the best money when everyone uses
nothing but Microsoft products. Any article on that site isn't even a biased
opinion. Their opinions are literally *twisted*.
I'd disregard the article and start over with some reasonable biased sources, a
few from each side of the software divide (proprietary vs. free).
The facts being based on "insecure installations" is the dead giveaway. If you
run on an MS system, especially pre-P2, it's an insecure installation because
of the platform. And I doubt the MSMVP's know a darned thing about what a
"secure" Linux installation looks like. They probably thought not having a
software Firewall installed makes the installation insecure, because you need
to have that with MS products, because the security model is so screwed up and
most folks run MS products as ROOT.
Start over if you're serious about opinions.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| Zaghadka 2007-03-31, 1:13 am |
| On Sat, 31 Mar 2007 02:05:29 GMT, in alt.fan.mozilla, Leonidas Jones wrote:
>businessman@nomail.com wrote:
>
>You never heard of Linux? Free distro's, if you've never tried it
>Ubuntu is very user friendly:
>
>http://www.ubuntu.com/
>
I second that, get Ubuntu. I dual-boot into it right now and it runs like a
dream, after you work out the kinks. It's very different from a Windows
environment, but you can find all the support you need on the web. The folder
structure is the most difficult thing to get used to, especially if you're used
to the level of direct control and user-centricity of the Windows/DOS model.
Things are not stored by app and vendor, but instead by function to the
computer system, divided by user.
And if you haven't drunk the "free software" Kool-aid, and want to get things
like restricted software and proprietary drivers, you will also want to look
into a script called "Automatix" that takes care of things like the Totem media
player, so you can play your DVDs.
Both ATi and Nvidia have good Linux video drivers, though I hear Nvidia's
better at it. I have an ATi card. They're a bear to install, and the module
needs to be rebuilt anytime you upgrade your kernel. But it's do-able, and
there are good step-by-step guides for everything.
Good luck.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| john sumner 2007-03-31, 1:13 am |
| businessman@nomail.com wrote in
news:47er03pk739981i5tpmeippqtqsh2r9bou@
4ax.com:
>
> I am the guy that started this thread, and I amd not a troll, because
> I DID NOT make the website that listed these facts and figures.
> Why dont you go to the site yourself. Look at the bar on the left.
> Each of these 3 browsers are listed with several versions. I am
> trying to get opinions. I find it hard to believe that FF 1.x was
> less secure than IE6. I will not say what I believe about IE7 since I
> have not used it. I would hope that MS fixed the security issues, but
> they dont always keep up with things.
>
Whatever you say bill gates.
| |
| Tony Raven 2007-03-31, 7:12 am |
| Leonidas Jones wrote on 31/03/2007 03:03 +0100:
> SteveG wrote:
> /snip/
>
> Actually, he probably meant verify. Hard to tell though. Maybe he's not
> a native English speaker.
>
Or maybe its shorthand for "validate and verify" ;-)
--
Tony
"The most savage controversies are those about matters as to which there
is no good evidence either way."
- Bertrand Russell
| |
| Tony Raven 2007-03-31, 7:12 am |
| businessman@nomail.com wrote on 31/03/2007 02:32 +0100:
>
> I am the guy that started this thread, and I amd not a troll, because
> I DID NOT make the website that listed these facts and figures.
>
Come on, you're a troll pure and simple. Or did you really miss the
Large Text at the top of the web page saying:
"Owned by Sandi Hardmeier - a Microsoft MVP since 1999 specialising in
Internet Explorer"
--
Tony
"The most savage controversies are those about matters as to which there
is no good evidence either way."
- Bertrand Russell
| |
| Tony Raven 2007-03-31, 7:12 am |
| Leonidas Jones wrote on 31/03/2007 03:05 +0100:
>
> You never heard of Linux? Free distro's, if you've never tried it
> Ubuntu is very user friendly:
>
In a relative sort of way. Still not good on many laptops.
--
Tony
"The most savage controversies are those about matters as to which there
is no good evidence either way."
- Bertrand Russell
| |
| Charani 2007-03-31, 7:12 am |
| On Fri, 30 Mar 2007 10:03:51 -0500, businessman@nomail.com wrote:
> Trolls such as yourself are automatically added to my kill filters.
Welcome to my killfile  ) I'm sure you'll enjoy the company )
IE7 is *not* the safest browser, except in the blinkered eyes of
Mickeysoft sychophants.
| |
| Charani 2007-03-31, 7:12 am |
| On Fri, 30 Mar 2007 20:36:22 -0500, businessman@nomail.com wrote:
> It's easy to talk, isn't it !!!!
Action's easy too!!!!
> I'd love to get rid of Windows, but these days one cant do much with
> DOS, and OS2 is dead. Of course there's always the Macintosh if one
> can afford them.
Macs are no more expensive than PCs (but you either haven't been to a
computer store or checked online recently).
Dell are now in the process of having PCs shipped with Linux
installed. Oh!! You haven't heard of Linux? I guess that's hardly
surprising really since you're in the business of trying to get people
with sense and intelligence who've dumped Windows to use it again so
as to bolster the latter's slow but steadily declining share of the
market.
| |
| default 2007-03-31, 1:12 pm |
| On Sat, 31 Mar 2007 03:23:52 GMT, Zaghadka <zaghadka@hotmail.com>
wrote:
>On Sat, 31 Mar 2007 02:05:29 GMT, in alt.fan.mozilla, Leonidas Jones wrote:
>
>I second that, get Ubuntu. I dual-boot into it right now and it runs like a
>dream, after you work out the kinks. It's very different from a Windows
>environment, but you can find all the support you need on the web. The folder
>structure is the most difficult thing to get used to, especially if you're used
>to the level of direct control and user-centricity of the Windows/DOS model.
>Things are not stored by app and vendor, but instead by function to the
>computer system, divided by user.
>
>And if you haven't drunk the "free software" Kool-aid, and want to get things
>like restricted software and proprietary drivers, you will also want to look
>into a script called "Automatix" that takes care of things like the Totem media
>player, so you can play your DVDs.
>
>Both ATi and Nvidia have good Linux video drivers, though I hear Nvidia's
>better at it. I have an ATi card. They're a bear to install, and the module
>needs to be rebuilt anytime you upgrade your kernel. But it's do-able, and
>there are good step-by-step guides for everything.
>
>Good luck.
Interesting. You come out in support of "easy" Ubuntu then relapse
into geekspeak describing the difficulties.
The live distro list:
http://www.livecdlist.com/?pick=Lin...sort=Votes&sm=1
I vote for Knopix. No problem - plug and play on two computers.
--
----== Posted via webservertalk.com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.webservertalk.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
| |
| Zaghadka 2007-03-31, 1:12 pm |
| On Sat, 31 Mar 2007 11:14:30 -0500, in alt.fan.mozilla, default wrote:
>On Sat, 31 Mar 2007 03:23:52 GMT, Zaghadka <zaghadka@hotmail.com>
>wrote:
>
>
>Interesting. You come out in support of "easy" Ubuntu then relapse
>into geekspeak describing the difficulties.
>
>The live distro list:
>http://www.livecdlist.com/?pick=Lin...sort=Votes&sm=1
>
>I vote for Knopix. No problem - plug and play on two computers.
I never once said Ubuntu is "easy." Nothing worthwhile ever is. I merely relate
the easiest way to get it running, and when you work out the kinks (and there
are DEFINITELY kinks), it'll be more stable than anything similar I've seen
produced in the past 20 years, including other distros.
Have a nice day.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| businessman@nomail.com 2007-03-31, 7:12 pm |
| On Sat, 31 Mar 2007 03:17:09 GMT, Zaghadka <zaghadka@hotmail.com>
wrote:
>On Fri, 30 Mar 2007 20:32:19 -0500, in alt.fan.mozilla, businessman@nomail.com
>wrote:
>
>
>If you were seriously pooling opinions, your post would have been well served
>by a simple question mark in the header.
>
>i.e.: "The safest Browser is IE7?"
>
>MSMVP stands for professionals who make the best money when everyone uses
>nothing but Microsoft products. Any article on that site isn't even a biased
>opinion. Their opinions are literally *twisted*.
>
No, I didn't know what MSMVP stood for.
Aside from all of this, I have still not found anyone on here that
actually has any factual information about browser security. Does
such data exist? I use both the latest Firefox and IE6. I never feel
very safe with IE, but there are times I need it. Either way, I'd
like to see some non-biased FACTS about security in all 3 of these
browsers, or at least Firefox and IE, (and several versions). I dont
really care much about Opera or want to use it, but it would be
interesting to see all of them compared.
>I'd disregard the article and start over with some reasonable biased sources, a
>few from each side of the software divide (proprietary vs. free).
>
OK, lets see some non-biased sources. Since this is a Firefox group,
I'd think that someone would at lest have some facts about FF, (but
not from Mozilla). And yes, I am well aware that browsers can be set
more or less securely. For example, I just read an article about AOL
having an flash ad on their site that was installing spyware called
WINFIXER that would pop up on a screen every few minutes. Flash
Player is something I avoid at all costs. It means I can not view the
videos on sites like YouTube, but who cares. Flash Player is a big
danger these days. I'd suspect ANY browser that runs Flash Player
would get this thing, so it comes down to security settings. But
there are also built in things (like activex) that affect the levels
and that is what I want to know about.
>The facts being based on "insecure installations" is the dead giveaway. If you
>run on an MS system, especially pre-P2, it's an insecure installation because
>of the platform. And I doubt the MSMVP's know a darned thing about what a
>"secure" Linux installation looks like. They probably thought not having a
>software Firewall installed makes the installation insecure, because you need
>to have that with MS products, because the security model is so screwed up and
>most folks run MS products as ROOT.
>
>Start over if you're serious about opinions.
| |
| businessman@nomail.com 2007-03-31, 7:12 pm |
| On Sat, 31 Mar 2007 03:23:52 GMT, Zaghadka <zaghadka@hotmail.com>
wrote:
>On Sat, 31 Mar 2007 02:05:29 GMT, in alt.fan.mozilla, Leonidas Jones wrote:
>
>I second that, get Ubuntu. I dual-boot into it right now and it runs like a
>dream, after you work out the kinks. It's very different from a Windows
>environment, but you can find all the support you need on the web. The folder
>structure is the most difficult thing to get used to, especially if you're used
>to the level of direct control and user-centricity of the Windows/DOS model.
>Things are not stored by app and vendor, but instead by function to the
>computer system, divided by user.
>
>And if you haven't drunk the "free software" Kool-aid, and want to get things
>like restricted software and proprietary drivers, you will also want to look
>into a script called "Automatix" that takes care of things like the Totem media
>player, so you can play your DVDs.
>
>Both ATi and Nvidia have good Linux video drivers, though I hear Nvidia's
>better at it. I have an ATi card. They're a bear to install, and the module
>needs to be rebuilt anytime you upgrade your kernel. But it's do-able, and
>there are good step-by-step guides for everything.
>
>Good luck.
Yes, i have heard of Linux and yes, I even tried it once. That was
about 10 years ago. I had run dos, win3.x, win95, and OS2. I was
able to use all of them. Then I tried Linux. My instant reaction was
"what a POS". I want to USE my computer. I want to use standard
software that I can buy or download and is compatible with the rest of
the world, and I DO NOT want to spend my whole life in front of my
computer trying to tinker with the OS. I'll leave Linux for some kid
who has no life outside of their computer. It reminds me of some kid
who builds their own car in their garage, but has to spend more than
half their life keeping it running. I buy commercial cars, and I will
stick to commercial software (at least the operating system, since I
do use some freeware and shareware). Windows has it's flaws, but it
works and dont need constant attention. Dos also works, and I still
use it too. OS2 was a challenge, but it worked quite well despite the
lack of software for it. If anything should have been further
developed, it should have been OS2, not Linux.
Half of what you said in your post I did not even understand. I
congratulate you for successfully using Linux, but it's not for me. I
have a life outside of my computer. Linux might be great for the geek
types whose entire lives are their computer, but it's not for me. If
windows ever becomes too much trouble, I'd turn my pc into a dos only
machine and get a Macintosh. However, I dont forsee that happening
since even if MS is a company I dont care to like, I know they do at
least attempt to keep up with things. At the same time, if they
abandon all OSs except Vista, I may change my mind. I have no
interest in Vista whatsoever. To be quite honest, I'm tired of having
to change and relearn software every few years. To me, a computer is
a tool. Yet it seems everytime I get real good at using a tool, I am
supposed to get a new tool and start all over. I cont like that at
all, and THAT is my biggest complaint about MS.
| |
| Zaghadka 2007-03-31, 7:12 pm |
| On Sat, 31 Mar 2007 13:37:44 -0500, in alt.fan.mozilla, businessman@nomail.com
wrote:
>On Sat, 31 Mar 2007 03:17:09 GMT, Zaghadka <zaghadka@hotmail.com>
>wrote:
>
>No, I didn't know what MSMVP stood for.
>
>Aside from all of this, I have still not found anyone on here that
>actually has any factual information about browser security. Does
>such data exist?
[snip]
No. It doesn't. You're dealing with an unknown, used in an unknown capacity, by
unknown people. i.e.: Exploits. You think the crooks are reporting their bread
and butter to CERN and Secunia?
What is known is that there are a slew of them for IE 6, few yet for IE 7, but
only because it is brand new. The latest exploit involves animated cursors and
affects both IE 6 and 7. God knows how long that one has been around for in the
wild, unreported, and possibly in use, because it's *old*. Check out secunia
for news on the latest exploits. http://secunia.com/
But you're asking for proof of a negative, which is a logical fallacy. No one
can prove that their browser *can't* be attacked. They can only state which
browsers have been attacked, with what, and how often. They can also state why
they think their security model is good, and which ones are bad.
ActiveX, the model at the core of IE, is known a disaster for security, and
..NET contines this fine tradition, by automatically accepting applications not
signed with authenticode in default security settings for the "internet zone."
In addition, the security of the browser is only as good as the underlying
security of the operating system, and the administrator who maintains that
system. There are things about the default Windows XP install (running as ROOT
for instance) that are inherently bad, and avoided like the plague in other
OS's.
If you really want a "secure browser," there is no substitute for learning a
bit about security yourself, and not counting on any single piece of software
to "protect" you. It can't.
Try this: http://security.web.cern.ch/security/recommendations/
Only you, by administering your system in a sane way, can protect *you*, and
even that comes down to what you are comfortable with.
Most people I know who have knowledge of computer security won't touch IE with
a 10-foot-pole, and a quick browse of "secunia" will tell you why.
That said, IE is perfectly safe for the average user, when used *only* to go to
known trusted sites. It always was and unless those sites get hacked, always
will be. It's proprietary features can be pretty cool within that context.
Netscape 8 was an attempt to recognize this.
>
>OK, lets see some non-biased sources.
There are none. :^(
I gave you a few places to start, but the real source of your own computer
security is YOU, not a browser choice.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| Zaghadka 2007-03-31, 7:12 pm |
| On Sat, 31 Mar 2007 14:13:00 -0500, in alt.fan.mozilla, businessman@nomail.com
wrote:
[snip]
>I
>have a life outside of my computer.
As do I. ;^)
Your reply has little to do with browser security, however. If you came here to
bash Linux, you came to the wrong group. Go to a Linux group, pick a distro,
and talk about it, and they will be able to tell you about what is wrong with
their implementation of Linux, and Linux in general, because there is plenty.
I will say that the underlying security model in Linux is better than that of
Windows, and that's why Windows has all those Admin context exploits on it.
When a software developer doesn't have the sense to keep the cursor rendering,
or the JPEG rendering, or Windows Metafile *rendering* out of the ROOT/Admin
context, anything can happen. ;^)
Windows has had exploits, both in GUI Plus (JPEG exploit), WMFs (backdoor), and
cursor rendering (arbitrary code launch) that will allow an attacker to take
control of your system. In other words, in Windows, you can get rooted just by
viewing a picture.
And don't get me started about the OS contexts in Windows that even *allow*
something like a "rootkit" to exist in the first place.
So are you sure about your choice of OS and how "easy" it is to operate, or are
you simply ignorant and lulled into a *false* sense of security?
Good, I'm glad you think you've made the right choice. But don't click on any
phishing links in your emails, if you can tell the difference, because your
choice is going to get your box zombied if you're not careful, and it may have
nothing to do with your choice of *browser*.
Sony would've rootkitted your machine just for autorunning a CD.
I run Windows XP as my primary OS as well, and it takes a *lot* of time and
work to secure it properly. It is, to my mind, no "easier" than Linux, and
certainly more dangerous.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| John Thompson 2007-03-31, 7:12 pm |
| On 2007-03-31, businessman@nomail.com <businessman@nomail.com> wrote:
[vbcol=seagreen]
> It's easy to talk, isn't it !!!!
> I'd love to get rid of Windows, but these days one cant do much with
> DOS, and OS2 is dead. Of course there's always the Macintosh if one
> can afford them.
Linux, *BSD, and Solaris all are free and quite capable operating
systems.
--
John (john@os2.dhs.org)
| |
| John Thompson 2007-03-31, 7:12 pm |
| On 2007-03-31, businessman@nomail.com <businessman@nomail.com> wrote:
> Yes, i have heard of Linux and yes, I even tried it once. That was
> about 10 years ago.
Linux has changed considerably in the last 10 years. There are even many
"live CDs" that allow you to boot and use linux without installing
anything on your HD.
> I had run dos, win3.x, win95, and OS2. I was
> able to use all of them. Then I tried Linux. My instant reaction was
> "what a POS". I want to USE my computer. I want to use standard
> software that I can buy or download and is compatible with the rest of
> the world, and I DO NOT want to spend my whole life in front of my
> computer trying to tinker with the OS.
What type of compatibility do you need? Firefox/Thunderbird give you
state of the art web browsing and email, OpenOffice.org gives you a
full-featured MS-Office compatible office software suite, gimp provides
versatile image editing capabilities, &etc.
> Windows has it's flaws, but it works and dont need constant
> attention.
Really? What about the continuous need to update malware protection,
"Patch Tuesday" and so on?
You really ought to try one of the live CDs other people here have
recommended, anyway.
--
John (john@os2.dhs.org)
| |
| John Thompson 2007-03-31, 7:12 pm |
| On 2007-03-31, businessman@nomail.com <businessman@nomail.com> wrote:
> Aside from all of this, I have still not found anyone on here that
> actually has any factual information about browser security. Does
> such data exist?
Secunia is as impartial a site for this information as I've found:
http://secunia.com/
They cover much more than just browser vulnerabilities, though.
The SANS Internet Storm Center diary is also good:
http://isc.sans.org/diary.html
--
John (john@os2.dhs.org)
| |
| John Thompson 2007-03-31, 7:12 pm |
| On 2007-03-31, Zaghadka <zaghadka@hotmail.com> wrote:
> That said, IE is perfectly safe for the average user, when used *only* to go to
> known trusted sites.
The only site for which IE should be used is the Windows Update site,
and even then only because you have no other choice.
--
John (john@os2.dhs.org)
| |
| businessman@nomail.com 2007-04-01, 1:13 am |
| On Sat, 31 Mar 2007 20:44:31 GMT, Zaghadka <zaghadka@hotmail.com>
wrote:
>On Sat, 31 Mar 2007 14:13:00 -0500, in alt.fan.mozilla, businessman@nomail.com
>wrote:
>
>[snip]
>
>
>As do I. ;^)
>
>Your reply has little to do with browser security, however. If you came here to
>bash Linux, you came to the wrong group. Go to a Linux group, pick a distro,
>and talk about it, and they will be able to tell you about what is wrong with
>their implementation of Linux, and Linux in general, because there is plenty.
>
>I will say that the underlying security model in Linux is better than that of
>Windows, and that's why Windows has all those Admin context exploits on it.
>When a software developer doesn't have the sense to keep the cursor rendering,
>or the JPEG rendering, or Windows Metafile *rendering* out of the ROOT/Admin
>context, anything can happen. ;^)
>
>Windows has had exploits, both in GUI Plus (JPEG exploit), WMFs (backdoor), and
>cursor rendering (arbitrary code launch) that will allow an attacker to take
>control of your system. In other words, in Windows, you can get rooted just by
>viewing a picture.
>
>And don't get me started about the OS contexts in Windows that even *allow*
>something like a "rootkit" to exist in the first place.
>
>So are you sure about your choice of OS and how "easy" it is to operate, or are
>you simply ignorant and lulled into a *false* sense of security?
>
>Good, I'm glad you think you've made the right choice. But don't click on any
>phishing links in your emails, if you can tell the difference, because your
>choice is going to get your box zombied if you're not careful, and it may have
>nothing to do with your choice of *browser*.
>
>Sony would've rootkitted your machine just for autorunning a CD.
>
>I run Windows XP as my primary OS as well, and it takes a *lot* of time and
>work to secure it properly. It is, to my mind, no "easier" than Linux, and
>certainly more dangerous.
You are right. I did not come here to bash Linux. I did not bring it
up either. I dont think I was bashing it when I said I want nothing
to do with it. I'll leave it for the high school crowd, which seems to
be where it gets used the most.
And for the record I dont click on ANY links in my email, in fact I
use a text only Win3.x email software and that is all I will ever use.
Outlook Express is pure garbage. In fact of all the Microsoft
software, I consider OE to be the worst of the worst. I completely
deleted it from my drive. I use email to communicate, not to look at
stupid and irritating smiley faces that dance around my screen. HTML
email is purely assenine.
Now back to determining which browser is the most secure !!!!
| |
| Leonidas Jones 2007-04-01, 1:13 am |
| Tony Raven wrote:
> Leonidas Jones wrote on 31/03/2007 03:03 +0100:
/snip/
[vbcol=seagreen]
> Or maybe its shorthand for "validate and verify" ;-)
>
You know, that could be a useful word!! ;)
Lee
| |
| Leonidas Jones 2007-04-01, 1:13 am |
| businessman@nomail.com wrote:
> On Sat, 31 Mar 2007 03:23:52 GMT, Zaghadka <zaghadka@hotmail.com>
> wrote:
>
/snip/[vbcol=seagreen]
/snip/[vbcol=seagreen]
>
> Yes, i have heard of Linux and yes, I even tried it once. That was
> about 10 years ago. I had run dos, win3.x, win95, and OS2. I was
> able to use all of them. Then I tried Linux. My instant reaction was
> "what a POS". I want to USE my computer. I want to use standard
> software that I can buy or download and is compatible with the rest of
> the world, and I DO NOT want to spend my whole life in front of my
> computer trying to tinker with the OS. I'll leave Linux for some kid
> who has no life outside of their computer. It reminds me of some kid
> who builds their own car in their garage, but has to spend more than
> half their life keeping it running. I buy commercial cars, and I will
> stick to commercial software (at least the operating system, since I
> do use some freeware and shareware). Windows has it's flaws, but it
> works and dont need constant attention. Dos also works, and I still
> use it too. OS2 was a challenge, but it worked quite well despite the
> lack of software for it. If anything should have been further
> developed, it should have been OS2, not Linux.
>
> Half of what you said in your post I did not even understand. I
> congratulate you for successfully using Linux, but it's not for me. I
> have a life outside of my computer. Linux might be great for the geek
> types whose entire lives are their computer, but it's not for me. If
> windows ever becomes too much trouble, I'd turn my pc into a dos only
> machine and get a Macintosh. However, I dont forsee that happening
> since even if MS is a company I dont care to like, I know they do at
> least attempt to keep up with things. At the same time, if they
> abandon all OSs except Vista, I may change my mind. I have no
> interest in Vista whatsoever. To be quite honest, I'm tired of having
> to change and relearn software every few years. To me, a computer is
> a tool. Yet it seems everytime I get real good at using a tool, I am
> supposed to get a new tool and start all over. I cont like that at
> all, and THAT is my biggest complaint about MS.
Man, you say you want to get rid of Windows. You say Mac is an option,
but you can't afford it. I suggest a Linux distro intended to work
easily for Linux newbies. You reply that you tried Linus ^TEN YEARS
AGO*, and couldn't get it to work.
Really, this is absurd!
Lee
| |
| Leonidas Jones 2007-04-01, 1:13 am |
| Tony Raven wrote:
> Leonidas Jones wrote on 31/03/2007 03:05 +0100:
>
> In a relative sort of way. Still not good on many laptops.
>
Interesting to know, I had never tried to install it on a laptop. The
again, I'm real happy with OSX.
I do find Ubuntu a great distro for Linux newbies. Most likely, Linuux
newbies would not be installing it on a portable machine.
Lee
| |
| Zaghadka 2007-04-01, 7:12 am |
| On Sat, 31 Mar 2007 17:18:14 -0500, in alt.fan.mozilla, John Thompson wrote:
>On 2007-03-31, Zaghadka <zaghadka@hotmail.com> wrote:
>
>
>The only site for which IE should be used is the Windows Update site,
>and even then only because you have no other choice.
You read Secunia too, I see. ;^)
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| Zaghadka 2007-04-01, 7:12 am |
| On Fri, 30 Mar 2007 19:54:36 -0500, in alt.fan.mozilla, businessman@nomail.com
wrote:
>On Sat, 31 Mar 2007 20:44:31 GMT, Zaghadka <zaghadka@hotmail.com>
>wrote:
>
>
>You are right. I did not come here to bash Linux. I did not bring it
>up either. I dont think I was bashing it when I said I want nothing
>to do with it. I'll leave it for the high school crowd, which seems to
>be where it gets used the most.
>
>And for the record I dont click on ANY links in my email, in fact I
>use a text only Win3.x email software and that is all I will ever use.
>Outlook Express is pure garbage. In fact of all the Microsoft
>software, I consider OE to be the worst of the worst. I completely
>deleted it from my drive. I use email to communicate, not to look at
>stupid and irritating smiley faces that dance around my screen. HTML
>email is purely assenine.
>
>Now back to determining which browser is the most secure !!!!
The bare minimum feature set that meets your needs is the most secure browser.
Period.
If you can get by browsing the web in console, Lynx is the most secure browser.
http://lynx.isc.org/lynx2.8.5/index.html
But if you need more, the only "secure" browser is a browser with a
knowledgeable administrator. The best security administrators choose browsers
like Firefox or Seamonkey for their needs, because they afford you more control
of the browsing environment, and don't load up with everything running. You add
what you need. Galleon is also very popular.
The more paranoid operators also run *any* browser with JavaScript turned OFF,
and no JRE runtime present. Some even blacklist problem domains to 127.0.0.1 in
their HOSTS file (Spybot S&D http://www.safer-networking.org/ will do this
automatically for you).
So *you* take whatever steps you feel are necessary to ensure your security.
If you're serious about IE security, then Microsoft is currently recommending
that you set the "Internet Zone" to "high" security level (no ActiveX, JS, or
JVM allowed) and white list domains you trust to the "low" level by adding them
to the "Trusted Sites Zone." You can thus protect yourself from yet
undiscovered exploits.
http://www.microsoft.com/athome/sec...ing_safety.mspx
If you do that, even IE is *reasonably* safe. But if you really want to be
safe, you need to lose any browser which uses ActiveX. Microsoft has made a
mess of things, they know it, and when they recommend such a pain-in-the-arse
procedure at their own website, you know they expect future problems.
Guess which browser doesn't allow ActiveX by default? Guess which one has it?
Do you know what a BHO is? For one thing, it's a great malware vector.
http://support.microsoft.com/kb/298931/en-us
Do you really want to go to all this trouble? I don't. I got sick of it once I
learned about all the dodgy crud IE passes off as "secure."
Guess which browser will not allow arbitrary .dll's to run at start up?
You get my drift? IE isn't as "easy" as you think. I chose Firefox because it
gives me a stripped down functional browser that I can run as lean as I like,
and limits my exposure much more easily with a high default level of
functionality.
If you choose Firefox, you will still have to add your *own* plugins and
extensions, which is largely a one-time "set it and forget it" process, rather
than an ongoing saga like IE is.
With IE, you had better make sure you're patched, and you had better keep up
with the unpatched security advisories and pay attention to the workarounds.
That's why Firefox is a good choice, flexibility and choice, not because it's
more "secure." Security largely depends on HOW you use and configure your
browser, and WHERE you connect to, and little else.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| Zaghadka 2007-04-01, 7:12 am |
| On Sat, 31 Mar 2007 17:00:20 -0500, in alt.fan.mozilla, John Thompson wrote:
>Really? What about the continuous need to update malware protection,
>"Patch Tuesday" and so on?
Ostriches have no need to worry about an avalanche? ;^)
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| SteveG 2007-04-01, 7:12 am |
| john sumner wrote:
> SteveG <_@_._> wrote in
> news:IOcPh.2813$NK2.1637@text.news.blueyonder.co.uk:
>
> I do have comprehension skills
>
John, I never doubted it for a moment :-)
--
Regards
Steve G
| |
| businessman@nomail.com 2007-04-01, 7:12 pm |
| On Sun, 01 Apr 2007 07:09:53 GMT, Zaghadka <zaghadka@hotmail.com>
wrote:
>On Fri, 30 Mar 2007 19:54:36 -0500, in alt.fan.mozilla, businessman@nomail.com
>wrote:
>
>
>The bare minimum feature set that meets your needs is the most secure browser.
>Period.
>
>If you can get by browsing the web in console, Lynx is the most secure browser.
>
>http://lynx.isc.org/lynx2.8.5/index.html
>
>But if you need more, the only "secure" browser is a browser with a
>knowledgeable administrator. The best security administrators choose browsers
>like Firefox or Seamonkey for their needs, because they afford you more control
>of the browsing environment, and don't load up with everything running. You add
>what you need. Galleon is also very popular.
>
>The more paranoid operators also run *any* browser with JavaScript turned OFF,
>and no JRE runtime present. Some even blacklist problem domains to 127.0.0.1 in
>their HOSTS file (Spybot S&D http://www.safer-networking.org/ will do this
>automatically for you).
>
>So *you* take whatever steps you feel are necessary to ensure your security.
>
>If you're serious about IE security, then Microsoft is currently recommending
>that you set the "Internet Zone" to "high" security level (no ActiveX, JS, or
>JVM allowed) and white list domains you trust to the "low" level by adding them
>to the "Trusted Sites Zone." You can thus protect yourself from yet
>undiscovered exploits.
>
>http://www.microsoft.com/athome/sec...ing_safety.mspx
>
>If you do that, even IE is *reasonably* safe. But if you really want to be
>safe, you need to lose any browser which uses ActiveX. Microsoft has made a
>mess of things, they know it, and when they recommend such a pain-in-the-arse
>procedure at their own website, you know they expect future problems.
>
>Guess which browser doesn't allow ActiveX by default? Guess which one has it?
>
>Do you know what a BHO is? For one thing, it's a great malware vector.
>
>http://support.microsoft.com/kb/298931/en-us
>
>Do you really want to go to all this trouble? I don't. I got sick of it once I
>learned about all the dodgy crud IE passes off as "secure."
>
>Guess which browser will not allow arbitrary .dll's to run at start up?
>
>You get my drift? IE isn't as "easy" as you think. I chose Firefox because it
>gives me a stripped down functional browser that I can run as lean as I like,
>and limits my exposure much more easily with a high default level of
>functionality.
>
>If you choose Firefox, you will still have to add your *own* plugins and
>extensions, which is largely a one-time "set it and forget it" process, rather
>than an ongoing saga like IE is.
>
>With IE, you had better make sure you're patched, and you had better keep up
>with the unpatched security advisories and pay attention to the workarounds.
>
>That's why Firefox is a good choice, flexibility and choice, not because it's
>more "secure." Security largely depends on HOW you use and configure your
>browser, and WHERE you connect to, and little else.
I wish I could keep Java script and activex turned off, and I often
do. But having them turned off means that many websites do not work.
For example, if Java script is off, I can not access most or all of
the discussion groups (not newsgroups) that I subscribe to. And if I
go to a site that provides a shematic or parts blowup for something, I
cant get those pictures. Some people say to just avoid sites that
dont work without Java script. There is some truth to that, but it's
not juat the malware and porn sites that require Java script and
sometimes activex. Just to read most of the news sites like CNN, FOX,
CBS, etc all require all this junk loaded. Add to that, these days
you have to have flash player to access some sites. A local tv
station recently said they upgraded their website. Formerly it was a
pretty simple html main page which worked fine, but did require java
script to open many of the articles. I could live with that. Then
they did their so called upgrade. The entire homepage was a flash
screen and without it, all I got was a blank page telling me to
download flash player. I do not and will not allow flash on my
computer. I contacted the station, told them that I used their webite
often and was extremely displeased with their new site, and why.
I was surprised when they actually fixed it. They put back a basic
html homepage. It contains a lot of flash screens, but the basic menu
is a html page once again, and was better than before. I felt obliged
to thank them, and when I did, they replied back saying that I was not
the only person to complain. Flash content is fine if people want
that stuff, but when the entire site is flash, those of us who refuse
to use it, can not access their sites at all. When I contacted them,
I explained that I went to their site to get news and weather and
reminded them that "this is the purpose of your site, not to make a
site that might be flashy, but is inaccessible to many users".
The bottom line is this: Too many sites use all their junk, and that
forces us end users to have to take the risks, or else abandon their
sites. I have designed several basic html sites that looked real
nice. They contain nothing but basic html code, but use text effects
and nice photos and a few animated gifs. Most if not all of this
activex, Java script, and flash content are not needed. When I go to
a website, I go there to access their information whether it be the
news, a weather report, some educational material, some photos, or
whatever else. All of this stuff can be created without the use of
all these scripts etc. Yet web designers keep making bloated and
complex sites which are dangerous and often take too long to load.
This makes no sense to me. Sometimes I think they are seeking an
award for creating the most complex web sites. Personally, I'll
reward those that create the most USEFUL sites that load quickly
without all the bloat. Eye appeal is a plus, but it can be achieved
with simple photos and creative use of text and color.
| |
| john sumner 2007-04-01, 7:12 pm |
| SteveG <_@_._> wrote in news:zpMPh.3731$NK2.18@text.news.blueyonder.co.uk:
>
> John, I never doubted it for a moment :-)
>
> --
> Regards
>
> Steve G
>
Me neither and i do comprehend that businessman is nothing but a troll.
| |
| Zaghadka 2007-04-01, 7:12 pm |
| On Sat, 31 Mar 2007 14:32:19 -0500, in alt.fan.mozilla, businessman@nomail.com
wrote:
>Personally, I'll
>reward those that create the most USEFUL sites that load quickly
>without all the bloat. Eye appeal is a plus, but it can be achieved
>with simple photos and creative use of text and color.
And now you're talking about REAL internet security. Your original question was
a red herring, but certainly understandable.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| elaich 2007-04-02, 1:12 am |
| john sumner <josumner1965@cs.com> wrote in
news:Xns9905AE8767D36josumner1964NOSPAMc
s@news.datemas.de:
> Me neither and i do comprehend that businessman is nothing but a troll.
So why did his thread get over 30 replies?
--
A: Because it disturbs the logical flow of the message.
Q: Why is top posting frowned upon?
| |
| john sumner 2007-04-02, 1:12 pm |
| elaich wrote:
> So why did his thread get over 30 replies?
I don't really know.
| |
| SteveG 2007-04-02, 7:13 pm |
| elaich wrote:
> john sumner <josumner1965@cs.com> wrote in
> news:Xns9905AE8767D36josumner1964NOSPAMc
s@news.datemas.de:
>
>
> So why did his thread get over 30 replies?
>
Perhaps the group's a bit slow at the moment and some of us need a
little light entertainment ;-)
--
Regards
Steve G
| |
| Zaghadka 2007-04-03, 7:12 am |
| On Mon, 02 Apr 2007 09:05:23 -0300, in alt.fan.mozilla, john sumner wrote:
>elaich wrote:
>
>I don't really know.
More importantly, why are we adding replies expressing consternation at the
number of replies?
DOH! Now I'm doing it!
(This reminds me of that Monty Python sketch where they keep trying to figure
out who's filming them.)
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| John Thompson 2007-04-04, 1:12 am |
| On 2007-03-31, businessman@nomail.com <businessman@nomail.com> wrote:
> I wish I could keep Java script and activex turned off, and I often
> do. But having them turned off means that many websites do not work.
That's where Firefox and NoScript shine. NoScript by default will block
all Javascript/Java/Flash and allow you to selectively enable them
explictly for those sites that truly require them.
--
John (john@os2.dhs.org)
| |
| Moz Champion (Dan) 2007-04-04, 1:12 am |
| John Thompson wrote:
> On 2007-03-31, businessman@nomail.com <businessman@nomail.com> wrote:
>
>
> That's where Firefox and NoScript shine. NoScript by default will block
> all Javascript/Java/Flash and allow you to selectively enable them
> explictly for those sites that truly require them.
>
I run with Javascript and Flash enabled all the time, I dont have any
active X plug in.
I go to every single Spam site sent my way, an go to many 'dubious'
pages/sites in regards to other having problems. Still, I dont see any
reason to turn off Javascript or Flash (aside from annoyance issues that
is).
Quite the opposite to your settings, I leave them ON all the time. I
have the extension QuickJava that allows me to kill them per page if
need be (for testing)
| |
| businessman@nomail.com 2007-04-06, 1:13 am |
| On Wed, 04 Apr 2007 01:22:41 GMT, "Moz Champion (Dan)"
<moz.champion@sympatico.ca> wrote:
>John Thompson wrote:
>
>
>
>I run with Javascript and Flash enabled all the time, I dont have any
>active X plug in.
>I go to every single Spam site sent my way, an go to many 'dubious'
>pages/sites in regards to other having problems. Still, I dont see any
>reason to turn off Javascript or Flash (aside from annoyance issues that
>is).
>
>Quite the opposite to your settings, I leave them ON all the time. I
>have the extension QuickJava that allows me to kill them per page if
>need be (for testing)
There recently is (or was) a nasty malware program on AOL in one of
the flash ads that really caused havok with computers. Even if you
hate AOL, they are a mainstream service and somehow that flash ad was
right on their main page. The malware is called Winfixer. It placed
a popup on the screen constantly every few minutes even when not
online. That's why I dont trust flash player, not to mention the
irritating flash ads on almost every site these days.
| |
| Moz Champion (Dan) 2007-04-06, 7:12 am |
| businessman@nomail.com wrote:
> On Wed, 04 Apr 2007 01:22:41 GMT, "Moz Champion (Dan)"
> <moz.champion@sympatico.ca> wrote:
>
>
> There recently is (or was) a nasty malware program on AOL in one of
> the flash ads that really caused havok with computers. Even if you
> hate AOL, they are a mainstream service and somehow that flash ad was
> right on their main page. The malware is called Winfixer. It placed
> a popup on the screen constantly every few minutes even when not
> online. That's why I dont trust flash player, not to mention the
> irritating flash ads on almost every site these days.
Here is the wikipedia page on Winfixer
Note that in ALL cases the user has to accept the installation of the
product - Hey, if you are going to install software on your machine then
its up to you to check it out first!
On the AOL/Flash problem. The conditions to be infected from such
1: Had to be an AOL member and sign on
2: Must have allowed (not blocked) ads
3: Must be running Flash
4: Must be running Active X
And even after all that, all the user got was an offer to
download/install the Winfixer program.
So yes, it caused havoc, on computers whose owners downloaded the
suppossed 'fix' program after getting the 'scare'.
Once again. running Java or Flash is simply not a security hazard
| |
| Zaghadka 2007-04-07, 1:13 am |
| On Fri, 06 Apr 2007 10:58:09 GMT, in alt.fan.mozilla, Moz Champion (Dan) wrote:
>Once again. running Java or Flash is simply not a security hazard
Right. Ignorant users are the security hazard. That's always been the case.
Users have to stop clicking "YES" and "OKAY" by reflex and think about it.
If you mindlessly okay the wrong dialogues, even Java isn't safe.
Most of all, if you don't need it, DON'T RUN IT.
--
Zag
"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550
"The Means Justify The Means" ~George W. Bush, c. 2000
| |
| businessman@nomail.com 2007-04-07, 1:12 pm |
| On Fri, 06 Apr 2007 10:58:09 GMT, "Moz Champion (Dan)"
<moz.champion@sympatico.ca> wrote:
>businessman@nomail.com wrote:
>
>
>
>
>Here is the wikipedia page on Winfixer
>
>Note that in ALL cases the user has to accept the installation of the
>product - Hey, if you are going to install software on your machine then
>its up to you to check it out first!
>
>
>On the AOL/Flash problem. The conditions to be infected from such
>1: Had to be an AOL member and sign on
>2: Must have allowed (not blocked) ads
>3: Must be running Flash
>4: Must be running Active X
>
>And even after all that, all the user got was an offer to
>download/install the Winfixer program.
>
This might be the case with THIS malware but is not always the case.
I can recall 3 incidents in the past where malware got installed on my
computer. In one case, a directory was created and malware program
was installed on my drive without my knowledge whatsoever. I never
did learn where it came from. The other case, I was supposed to
download a shareware file which was listed on several legit download
sites such as Tucows, Download.com, etc. It appeared legit. I was
redirected to "the authors site". While the intended file downloaded,
another malware program also downloaded and was installed. In a 3rd
instance, I downloaded what appeared to be a pretty innocent screen
saver with animal pictures. I dont generally use screen savers but
thought the kids would like to see it. The download contained both a
screen saver (as stated) and some malware that really caused a mess
until I finally managed to kill it. Both were in the same install
file, and the malware was actually 80% of the large file size. The
screen saver portion when zipped was very small compared to the full
download. NONE OF THESE WARNED ME OR GAVE ME ANY OPTIONS.
>
>So yes, it caused havoc, on computers whose owners downloaded the
>suppossed 'fix' program after getting the 'scare'.
>
>
>Once again. running Java or Flash is simply not a security hazard
| |
| John Thompson 2007-04-07, 1:12 pm |
| On 2007-04-07, businessman@nomail.com <businessman@nomail.com> wrote:
> This might be the case with THIS malware but is not always the case.
> I can recall 3 incidents in the past where malware got installed on my
> computer. In one case, a directory was created and malware program
> was installed on my drive without my knowledge whatsoever.
[...]
> The other case, I was supposed to
> download a shareware file which was listed on several legit download
> sites such as Tucows, Download.com, etc. It appeared legit. I was
> redirected to "the authors site". While the intended file downloaded,
> another malware program also downloaded and was installed.
Firefox by default does *not* automatically open downloaded files. If
these did install without any user intervention, they were probably
triggered by a script. Disabling Javascript will prevent this from
happening. Check out the NoScript extension.
> In a 3rd
> instance, I downloaded what appeared to be a pretty innocent screen
> saver with animal pictures. I dont generally use screen savers but
> thought the kids would like to see it. The download contained both a
> screen saver (as stated) and some malware that really caused a mess
> until I finally managed to kill it. Both were in the same install
> file, and the malware was actually 80% of the large file size. The
> screen saver portion when zipped was very small compared to the full
> download. NONE OF THESE WARNED ME OR GAVE ME ANY OPTIONS.
In this case I suspect that you explicitly ran the installation program,
which included a routine to install malware. This is not a browser
issue, but user error in uncritically approving installation. Did you
scan the downloaded file for malware prior to approving the
installation? If not, no browser software security measure can protect
you from this type of thing.
--
John (john@os2.dhs.org)
|
|
|
|
|