Go Back   Computer Forums > General Computing > Software and Operating Systems
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 06-28-2004, 10:30 AM   #61
Guru
 
Lord Kalthorn's Avatar
 
Join Date: Dec 2003
Location: Britain
Posts: 13,293
Send a message via MSN to Lord Kalthorn
Default Re: mac of pc?

Quote:
Originally Posted by iamroot
Yeah right. That's kind of crap... Mozilla is a far better designed browser than the official worst browser in the world, IE.
I think we can all agree that Internet Explorer is not the Official Worst Designed Browser in the World - that baton must be kept by Netscape, closely followed by AOL.

However, I don't believe as many on here would also say that Mozilla - as it is now - could cope with the Hacking Focus of which Internet Explorer is in all the time. It is not in that focus becasue of it being the easiest - it is in that focus because it is the most common. And you take the successful hacking record of Internet Explorer and the successful hacking record of Mozilla, and put it against the number of Users using each. You'll see - there is not that much difference.
__________________

__________________
A Knight is sworn to Honour. His heart knows only Virtue. His blade defends the helpless. His might upholds the Weak. His word speaks only truth. His wrath undoes the Wicked.
Lord Kalthorn is offline   Reply With Quote
Old 06-28-2004, 11:18 AM   #62
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,004
Default Re: mac of pc?

I have to agree with Lord K, if there were as many people poking at Mozilla then more holes would be uncovered, Infact people are starting to poke more at these different browsers and people are seeing spyware specifically targetting mozilla browsers.
The only difference is the time it takes to get these problems fixed.
If microsoft fixed things even half as quick as the open source community fixes things then people would not have things to moan about.

The biggest problem (after the actual exploits) is the the response time, here Microsoft is it's biggest enemy, there are people sitting on bug lists that are making anti IE websites, look on any forum, you'll see people linking to the same sites.

Microsoft should have fixed the errors long ago, it'd be a lot less convincing argument if people linked to a site with three errors on it! (still I notice that even after the errors have been fixed for years some people still harp on about them)

Sometimes it is difficult to distinguish the remainnig errors from the errors that are just there to pad out the page on these anti MS sites.
__________________

root is offline   Reply With Quote
Old 06-28-2004, 11:56 AM   #63
Guru
 
Lord Kalthorn's Avatar
 
Join Date: Dec 2003
Location: Britain
Posts: 13,293
Send a message via MSN to Lord Kalthorn
Default Re: mac of pc?

Quote:
Originally Posted by root
I have to agree with Lord K, if there were as many people poking at Mozilla then more holes would be uncovered, Infact people are starting to poke more at these different browsers and people are seeing spyware specifically targetting mozilla browsers.
The only difference is the time it takes to get these problems fixed.
If microsoft fixed things even half as quick as the open source community fixes things then people would not have things to moan about.

The biggest problem (after the actual exploits) is the the response time, here Microsoft is it's biggest enemy, there are people sitting on bug lists that are making anti IE websites, look on any forum, you'll see people linking to the same sites.

Microsoft should have fixed the errors long ago, it'd be a lot less convincing argument if people linked to a site with three errors on it! (still I notice that even after the errors have been fixed for years some people still harp on about them)

Sometimes it is difficult to distinguish the remainnig errors from the errors that are just there to pad out the page on these anti MS sites.
I don't believe the 'Open-Source Community' as you quantly put it can get out updates to their customers as fast as Microsoft can and does and has for years now. Is there even an efficient Update System inplace for Linux, or do you need to get another Version of the OS to update it?

There are, though, too many bugs in many of the Microsoft products. Even I agree with this. I blame it on stagnation. Microsoft Programmers are no longer so proud to be Microsoft Programmers - some as I have previously said will go home and use their Microsoft Pay Cheque to feed their Linux Programming Activities.

There are few ways to stop this but from the top - and all I can hope is that they realise it before I get a team of Microsoft Programmers to lead into Virtual Battle. Cause they will get a shock if something doesn't change in them before then.
__________________
A Knight is sworn to Honour. His heart knows only Virtue. His blade defends the helpless. His might upholds the Weak. His word speaks only truth. His wrath undoes the Wicked.
Lord Kalthorn is offline   Reply With Quote
Old 06-28-2004, 12:19 PM   #64
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,004
Default

Mozilla have a list of known vulnerabilities on their site,

of the 65 known errors.
9 have
Code:
None.
as the known work around.

of the 56 remaining.
29 have
Code:
Disable JavaScript
as the known work around

of the 27 remaining.
3 have
Code:
Disable Java
as the known workaround. (seems applets have the ability to invoke java applications).

of the remaining 24.
3 say
Code:
Disable Cookies
1 has
Code:
Disable Password Manager
another has
Code:
Do not store passwords
1 has
Code:
Don't open *.hta or application/hta files
Code:
Disable JavaScript, do not visit vbscript: or vnd: URLs from untrusted sources
another classic workaround for problems caused when browsing the internet
Code:
Turn off images
!!!

instead of fixing problems when downloading POP3 messages they suggest
Code:
Do not use POP mail
- helpfull eh?

if you're having buffer overflow problems when using Mozilla software and email, why bother fixing it when you can tell your users.
Code:
Do not attach files of unknown content to mail/news messages
More mail goodness!
Code:
Disable JavaScript and do not click on imap: links
Trouble with exploits when connecting to POP servers...
mozilla says...
Code:
Do not connect to untrusted POP3 mail servers
(this one comes with my own personal rant)
In order to prevent the spread of virusses through out the internet, microsoft have restricted the attachments that can be sent through exchange servers, and restricted the type that can be open from within...
Mozilla say...
Code:
Do not open attachments from untrusted sources
When Microsoft said this they were shrugging their corperate responsibility!

having problems with Javascript security... why fix it when you can tell your users
Code:
Do not click on "javascript:" links in dialogs, or bookmark them
(with another rant)
When people found a way to spoof the address displayed in the address bar so that it displays one name, whilst actaully being directed to another unsecure site, where you may be asked to enter sensative information Microoft fixed the problem with their browser...

mozilla says...
Code:
Check the Page Info dialog and lock icon before entering sensitive data on a web page
(this appears twice)

Having crosslinking trouble... heres a GEM from the mozilla work around...
Code:
Disable XSLT
an error, which the description describes as...
Code:
Some non-tier1 platforms (BeOS) do not truncate cache files properly which could result in a page that is a mix of old and new, which could result in unwanted purchases
has workaround
Code:
Clear cache before going to a page you have visited before
Now don't get me wrong, everyone should be carefull when prurchasing online, but a problem as simple as, there may be cached pages, in what should be a secure area. the browser should force refresh these pages by it's self, not rely on the user to delete files before they start browsing.

now it seems that this problem is caused by the service providers, but I've not heard of this error on IE before.

this one is classic, say you want to add a security policy to your browser. Well it might not actually work!
Mozilla says
Code:
Do not add or change configurable security policies; the defaults are safe
No the defaults are not good enough, thats why the user wants to add their own, there is obviously something lacking in the defaults. don't try to fob me off telling me something like that.

Hackers may be able to spoof pages when you browse through a proxy...
mozilla don't fix this problem they say.
Code:
Do not use proxy, or Check the Page Info dialog and lock icon before entering sensitive data on a web page
So how exactly do I win? I can't apply a security policy on the actual browser software, because it doesn't work (see above) and I can't apply a security policy through the use of a proxy serer because it opens up a security vulnerability!

Seems there are authentification troubles concerning mail servers and HTTP authentification. mozilla says
Code:
Memorize the real mail server password prompt and do not enter your password if the dialog is not exactly the same
And finally, .hta files are excecutable, whe microsoft were faced with this problem, a securioty patch was released that fixed the vunerability...
mozilla says...
Code:
Don't open *.hta or application/hta files
Most exploits run without the uers knowledge, and they try really hard to hide themselves. they don't generaly come with links that say...
Click here, it's going to run a really bad thing that will break your computer. there is a strong possibility that your browser will be open to this form of atack, and funnily enough this is exactly what I wanted. Now click here, everybody knows that fixing your computer is fun, everyone loves to have to spendtime running virus scanners, and spyware detectors... Just click it'll be fun. I promise

Took me a long time to compile that!

you can find the list in it's original format here.
Have fun.
root is offline   Reply With Quote
Old 06-28-2004, 12:22 PM   #65
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,004
Default Re: mac of pc?

in response to the question does linux / mozilla organisations have an effictive metohod for tracking problems...

Yes, more open-source software. Bugzilla
root is offline   Reply With Quote
Old 06-28-2004, 01:01 PM   #66
Guru
 
Lord Kalthorn's Avatar
 
Join Date: Dec 2003
Location: Britain
Posts: 13,293
Send a message via MSN to Lord Kalthorn
Default

Haha! I think I'm to ignorant to even think for a moment that Open-Source is better than Closed-Source. I will continue to believe this even if, which is seriously doubtful, Open-Source gains more than 51% of all Computers.
__________________
A Knight is sworn to Honour. His heart knows only Virtue. His blade defends the helpless. His might upholds the Weak. His word speaks only truth. His wrath undoes the Wicked.
Lord Kalthorn is offline   Reply With Quote
Old 06-29-2004, 04:10 AM   #67
Daemon Poster
 
iamroot's Avatar
 
Join Date: Apr 2004
Posts: 580
Default Re: mac of pc?

Please read this Kalthorn...

http://news.com.com/IE+flaw+may+boos...?tag=nefd.lede
__________________
Install GNU/Linux and be Free!
iamroot is offline   Reply With Quote
Old 06-29-2004, 07:32 AM   #68
Guru
 
Lord Kalthorn's Avatar
 
Join Date: Dec 2003
Location: Britain
Posts: 13,293
Send a message via MSN to Lord Kalthorn
Default

Yes yes yes; we've all heard about the vultures. They speak big, but can they actually do what people like to think they can do?
__________________
A Knight is sworn to Honour. His heart knows only Virtue. His blade defends the helpless. His might upholds the Weak. His word speaks only truth. His wrath undoes the Wicked.
Lord Kalthorn is offline   Reply With Quote
Old 07-01-2004, 04:03 AM   #69
Daemon Poster
 
iamroot's Avatar
 
Join Date: Apr 2004
Posts: 580
Default Re: mac of pc?

I believe they are much more qualified to speak on the matter than you.
__________________
Install GNU/Linux and be Free!
iamroot is offline   Reply With Quote
Old 07-01-2004, 12:07 PM   #70
Guru
 
Lord Kalthorn's Avatar
 
Join Date: Dec 2003
Location: Britain
Posts: 13,293
Send a message via MSN to Lord Kalthorn
Default

Of course they are, even I realise that, but the day Mozilla has a larger percentage of the Internet Browser Market will truly be a dark day; if indeed it ever happens.

Even, as I have noticed when using Mozilla, our favourite Reply Box, like the one I am using now, does not work as well as it does on Internet Explorer; if I click Quote, it asks me what I want to quote and then puts it at the end of what I'm writing. If I'm making something bold and can't be bothered to put in the tags it asks me what I want to make bolder; and if I highlight it - it still asks me.

Also, Internet Explorer on SP2 - I do';t know when the full version is out but the Beta is good enough - is far more secure than the previous one; allowing ActiveX which is a good program in all and very useful but locking it without your aproval, also allowing many websites to work faster and more efficently - I have seen many even Java *shudder* based, Chatrooms especially, items not work on Mozilla at all.

Then there's the Longhorn Internet Explorer; Longhorn of course being the light at the end of the tunnel that always happens when a new Line of Operating Systems is made: Windows 3 (everybody used 3.1 or 3.11), Windows 95) but it is always followed by an OS which is brilliant in the face of the lessons learnt from the previous version (Windows 3.11, and Windows 98 of which many even prefer to XP now). What I have seen from the Reviews of only the Longhorn Alpha of the Longhorn Internet Explorer is brilliant even now.

All in the future though, and until then I'm sure these vulture like creatures will continue to blaspheme against Microsoft Products however much they themselves use them.
__________________

__________________
A Knight is sworn to Honour. His heart knows only Virtue. His blade defends the helpless. His might upholds the Weak. His word speaks only truth. His wrath undoes the Wicked.
Lord Kalthorn is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 09:38 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0