Yet another serious IE flaw . .

Please Respond
Neil Jones
Posts: 661
Joined: Thu 11 Sep, 2003 20.03
Location: West Midlands

DJGM wrote:One thing worth bearing in mind is that while it's true that creators of malicious code will mostly target the most widely used browser, if Mozilla, Opera or any other non-IE browser were about as widely used as IE is at the moment (about 85%) they would find that they're quite a lot harder to crack, thanks to a number of reasons, particularly the technologies they don't support . . .
So you suggest that if Firefox is the dominant browser there would be no security breaches whatsoever? Yeah, right.
To be honest, I don't want ANY browser to be as dominant as IE is at the moment. Personally, I'd much prefer there to be a more level playing field between browsers, where IE has a share of around 40-50%, and the remaining percentage is shared between all the other browsers
Yes well it was never going to happen for two main reasons:

1) Bundling IE with Windows.
2) IE being the only browser on the installation CD for most major ISPs including Wanadoo, BT and AOL (ironically enough).
Neil Jones wrote: Mozilla and Opera prefer to release an entirely new version instead
of a patch which makes it more cumbersome to download . . .
And as more and more people are switching to broadband, that is fast becoming a non-issue.
Still an issue for 56k users like myself who live too far away from the exchange to make use of broadband.
Top
MarkN
Posts: 323
Joined: Fri 15 Aug, 2003 19.39
Location: South Wales

Neil Jones wrote:
DJGM wrote:...
So you suggest that if Firefox is the dominant browser there would be no security breaches whatsoever? Yeah, right.
Does he? Let's read DJGM's post again:
DJGM wrote:. . . if Mozilla, Opera or any other non-IE browser were about as widely used as IE is at the moment (about 85%) they would find that they're quite a lot harder to crack, thanks to a number of reasons, particularly the technologies they don't support . . .
As far as I can tell from his post, DJGM was not trying to suggest that "there would be no security breaches in Firefox whatsoever", but that it would (probably) be more difficult to find security holes to exploit, due to a lack of support of certain technologies (OCX, Visual Basic Scripting etc.).
Top
DJGM
Posts: 528
Joined: Fri 15 Aug, 2003 15.39
Location: Manchester
Contact:
Contact DJGM

Of course there'll always be security breaches of some form or another, no matter which internet software you use. Even though
it's a solid gold fact that Mozilla, Opera, Netscape, etc are a lot safer to use than IE, no one browser can ever be 100% secure.

Although MarkN hit the nail on the head, since most browsers don't support certain proprietary technologies, they are
a lot more to difficult to successfully exploit. Although not totally impossible, as Hymagumba said earlier, there have
been a small number of attempts to inject malicious code into the XPI files that Mozilla based browsers use to install
plugins and extensions. Even so, the Mozilla Foundation have already implemented a security feature in the latest
milestone release of the Mozilla Application Suite (v1.7) whereby XPI files will only download and install if they're
being obtained from trusted websites such as update.mozilla.org and mozdev.org. I'm not sure if this feature
has been implented into the latest Mozilla Firefox releases just yet. If not, it most likely soon will be . . .

Oh, BTW . . . a six year old, previously patched, IE security hole has ripped through the seams again . . .
Microsoft haunted by old IE security flaw
Last modified: June 30, 2004, 10:04 AM PDT
By Marguerite Reardon
Staff Writer, CNET News.com

A security flaw that had been fixed in older versions of Internet Explorer
has reappeared in the latest version of the browser software.

Security company Secunia issued a bulletin warning of the flaw in versions 5.01, 5.5 and 6.0 of IE.
The problem had been fixed six years ago, when it appeared in versions 3.0 and 4.0 of the IE browser.

"It's a concern that a company like Microsoft has a problem that's already been fixed in older
versions resurface in newer ones," said Thomas Kristensen, chief technology officer of Secunia.
Read the full CNet News.com article here . . .

Honestly, using IE is like hiding from an axe murdering psychopath, under a patchwork quilt . . . !
Top
DJGM
Posts: 528
Joined: Fri 15 Aug, 2003 15.39
Location: Manchester
Contact:
Contact DJGM

And another . . .
Top
Neil Jones
Posts: 661
Joined: Thu 11 Sep, 2003 20.03
Location: West Midlands

Yawn. Some things never change. Both in terms of IE and your posts. :)
Top
User avatar
Pete
Posts: 7631
Joined: Fri 15 Aug, 2003 13.36
Location: Dundee

Niether do yours Neil, it's so tiresome really between you two, It's like me and JM.

Anyhoo, on a related note. There has been a security bug found in Mozilla with the Windows shell: protocol. It's been fixed now and can be either gotten by downloading Mozilla 1.7.1, Firefox 0.9.2, Thunderbird 0.7.2 or by installing this patch.

(the above link made with the lovely new BBcode extension )and I'm using ER as I think it's vastly better than U.M.O.
"He has to be larger than bacon"
Top
DJGM
Posts: 528
Joined: Fri 15 Aug, 2003 15.39
Location: Manchester
Contact:
Contact DJGM

Here's an interesting article about the aforementioned (very quickly fixed) vuln.

:twisted: Read it and weep! :twisted:
Top
Neil Jones
Posts: 661
Joined: Thu 11 Sep, 2003 20.03
Location: West Midlands

Hymagumba wrote:Niether do yours Neil, it's so tiresome really between you two, It's like me and JM.
Yeah well our "war" is only on this issue, your "war" spills over into everything else. As your signature proves.
Top
User avatar
Pete
Posts: 7631
Joined: Fri 15 Aug, 2003 13.36
Location: Dundee

Neil Jones wrote:Yeah well our "war" is only on this issue, your "war" spills over into everything else. As your signature proves.
Yes but ours is just *sooooo* much better than yours.
"He has to be larger than bacon"
Top
James Martin
Posts: 1011
Joined: Sun 15 Feb, 2004 19.26

No it isn't. It's a pointless war spanning at least 3 forums and 4 before the James Ison forums closed.

At least I don't ram another browser down peeps' throats the moment they complain of a problem with IE!

For the record, I use both browsers now. I origninally used only Firefox as IE didn't work very well on my old PC, and I liked having tabbed windows and popup blocking. What I detested was an inferior rendering engine which didn't display several websites properly - indeed, it doesn't even display Metropol as intended.

Hate to say it but Planet Crossroads is about the only site I've been to that does look pretty much 100% consistent in both browsers throughout.
Top
User avatar
Pete
Posts: 7631
Joined: Fri 15 Aug, 2003 13.36
Location: Dundee

Flava wrote:At least I don't ram another browser down peeps' throats the moment they complain of a problem with IE!
No you ram your radio station down their throat the moment they speak.
Flava wrote:it doesn't even display Metropol as intended.
JM, I have to take issue with this one. You say this over and over again yet I see no difference between the rendering. Could you please take some screenshots to show where it looks better.

And taking into account I did a heck of a lot of tweaking on this site you'd think "as intended" would have an FF bias wouldn't you?
"He has to be larger than bacon"
Top
Please Respond

Return to “The Lounge”