Snarkpit Forum Index » General Banter » FireFox Users
FireFox Users
1
2 next page »
Post Reply
Quote
 Re: FireFox Users
Posted by satchmo on Thu May 12th at 11:52pm 2005

If you use FireFox, you might want to download this update if you haven't done so already.

http://www.computerworld.com/securitytopics/security/story/0,10801,101676,00.html

[addsig]



Quote
 Re: FireFox Users
Posted by fishy on Fri May 13th at 12:21am 2005

but i thought firefox was oh so secure....... [addsig]



Quote
 Re: FireFox Users
Posted by satchmo on Fri May 13th at 12:48am 2005

Apparently not. In fact, I don't think it's possible to create something that's completely bullet-proof. Sooner or later, someone is going to find out an exploit and take advantage of it.

At least for now, it's better and more secure than IExplorer.

[addsig]



Quote
 Re: FireFox Users
Posted by DrGlass on Fri May 13th at 1:17am 2005

yeah fishy, way to be negative smiley

I love FF just for the TABs
[addsig]



Quote
 Re: FireFox Users
Posted by Crono on Fri May 13th at 1:18am 2005

? quote:
I don't think it's possible to create something that's completely bullet-proof.


To clear up your conception: it is impossible to make a bug free program. Now, you know it's not possible. [addsig]



Quote
 Re: FireFox Users
Posted by Orpheus on Fri May 13th at 1:26am 2005

? quoting Crono

To clear up your conception: it is impossible to make a bug free program. Now, you know it's not possible.

Crono, Perhaps you should borrow some of Leps skin cream. I bet your head aches from all that swelling. smiley

/runs

[addsig]



Quote
 Re: FireFox Users
Posted by fishy on Fri May 13th at 2:58am 2005

nah, i wasn't meaning to be negative, just a little mischievous. i was a little bored and thought i might kick some life into a FFF or two.

the whole 'what's the best browser' is something i care even less about than the possibility of being invaded by martians with pointy sticks.

[addsig]



Quote
 Re: FireFox Users
Posted by Dark Tree on Fri May 13th at 3:12am 2005

We are being invaded by martians with pointy sticks....oh no, wait....they are just some Japanese people pole riding on MXC. [addsig]



Quote
 Re: FireFox Users
Posted by Leperous on Fri May 13th at 8:22am 2005

Open source software intrinsically has a higher security risk, simply because hackers etc. can see the source code and more easily figure out vulnerabilities than something 'closed' or which is very difficult to get a hold of the source. But on the other hand, if you have a large enough number of skilled people working on it, then these holes can be found and fixed quicker, although you must still operate in a 'company' style framework to release a patch which will slow you down- and given that MS probably has more programmers working for them than 'official' FF people (I don't know any details) they should really be faster to patch things. Methinks there's some secret background agenda here, to be honest :P



Quote
 Re: FireFox Users
Posted by French Toast on Fri May 13th at 10:53am 2005

? quote:
yeah fishy, way to be negative

I love FF just for the TABs


IMO, the TABs are better in Opera. That's what I be using.
[addsig]



Quote
 Re: FireFox Users
Posted by G4MER on Fri May 13th at 10:55am 2005

I think I will stick with my MAXTHON. But thanks for the update info.. im sure some of the peeps here can use it. [addsig]



Quote
 Re: FireFox Users
Posted by fraggard on Fri May 13th at 11:52am 2005

? quote:
Open source software intrinsically has a higher security risk, simply because hackers etc. can see the source code and more easily figure out vulnerabilities than something 'closed' or which is very difficult to get a hold of the source.

Security through obscurity NEVER works. You can look around at the amount of spam being generated by spamzombies via various botnets if you want further proof.

? quote:
But on the other hand, if you have a large enough number of skilled people working on it, then these holes can be found and fixed quicker, although you must still operate in a 'company' style framework to release a patch which will slow you down

Very few Open Source products work like the corporates do. Gecko/Firefox itself has a somewhat unique dev process (involving someone called a Rotating Sheriff) who runs around approving and killing changes to the base code as he sees fit. Obviously, this job requires that the work be fast seeing as modifications to the source trees are very frequent, and contributions to the tree from external sources are very high. One drawback is that the process is very fallible since it depends entirely on one person, so his mistakes are very costly. But for a project like a browser, which is small compared to some other stuff, it most definitely works.

? quote:
- and given that MS probably has more programmers working for them than 'official' FF people (I don't know any details) they should really be faster to patch things. Methinks there's some secret background agenda here, to be honest

The whole point is that official FF people need to do very little. Community contribs count for a huge number of changes (in fact, most exploits themselves seem to be released with fix info). Methinks the secret agenda of the FF people is to make a bit of cash with a good browser.

Security is not a state, it is a process. No software can be secure if it is not updated continuously. IE fails to handle this process.

Opera, on the other hand, would be an excellent replacement, if it weren't adware.

</fanboy>




Quote
 Re: FireFox Users
Posted by Leperous on Fri May 13th at 12:21pm 2005

? quoting fraggard

? quote:
Open source software intrinsically has a higher security risk, simply because hackers etc. can see the source code and more easily figure out vulnerabilities than something 'closed' or which is very difficult to get a hold of the source.


Security through obscurity NEVER works. You can look around at the amount of spam being generated by spamzombies via various botnets if you want further proof.

Of course obscurity helps improve security! What better defence than not giving an enemy a clue about what you're doing or how you're going to do it? The amount of attention focused on h4x1ng Windows/IE dwarfs that thrown at Mozilla and others (simply because there are more benefits from doing so). What's easier to break into right now: phpBB forum software (c.f. recent world-wide h4xing) or my 'closed source' stuff?

But yes I do agree with you that M$ are failing to update their software fast enough, which was the 'secret agenda' I was referring to.

/still uses IE because it loads faster and has a Google toolbar, plus I don't visit too many pr0n websites that try to exploit vulnerabilities <img src=" SRC="images/smiles/icon_wink.gif">





Quote
 Re: FireFox Users
Posted by G4MER on Fri May 13th at 12:29pm 2005

LEP, if you like IE and want Tabbed browsing, try this... http://www.maxthon.com/

Its better than FireFox in my opinion.. I tend to try tons of software to find what best for me.. before I settle onto one. So this has been tested with 14 other browsers I have onmy machine.

[addsig]



Quote
 Re: FireFox Users
Posted by fraggard on Fri May 13th at 1:08pm 2005

? quote:
? quoting fraggard
? quote:
Open source software intrinsically has a higher security risk, simply because hackers etc. can see the source code and more easily figure out vulnerabilities than something 'closed' or which is very difficult to get a hold of the source.


Security through obscurity NEVER works. You can look around at the amount of spam being generated by spamzombies via various botnets if you want further proof.

Of course obscurity helps improve security! What better defence than not giving an enemy a clue about what you're doing or how you're going to do it? The amount of attention focused on h4x1ng Windows/IE dwarfs that thrown at Mozilla and others (simply because there are more benefits from doing so). What's easier to break into right now: phpBB forum software (c.f. recent world-wide h4xing) or my 'closed source' stuff?


That's like sticking a piece of tape across your keyhole and saying the lock can't be picked because you can't see it.

You don't need source to find an exploit... AFAIK there are other ways. I do not know much more about the h4x0ring side of things, but the common problems like buffer overflows, SQL injection, cross site scripting, and whatnot are easily done even with 'closed' software, it just needs a little knowledge and patience.

Hiding the source may make vulnerabilities a little harder to find, but once an exploit is out in the open , full disclosure and a quick patch are the best options. That sort of responsibility cannot be expected from a large company, but hundreds of eyes on the same bug can fix it very quickly.

Of course, the snarkpit is safer because of Leper Power ?. Can't beat that.





Quote
 Re: FireFox Users
Posted by OtZman on Fri May 13th at 1:45pm 2005

? quoting Leperous
/still uses IE because it loads faster and has a Google toolbar, plus I don't visit too many pr0n websites that try to exploit vulnerabilities



There's a nice Google toolbar in Firefox too, by default.
[addsig]



Quote
 Re: FireFox Users
Posted by Addicted to Morphine on Fri May 13th at 2:58pm 2005

Thanks for the heads up Satchmo. I switched over a few months ago and I definitely like FF. I've become so attached that it mildly annoys me when my friends use my computer and fire up IE not knowing about FF.
[addsig]



Quote
 Re: FireFox Users
Posted by SpiKeRs on Fri May 13th at 4:30pm 2005

Ive deleted any reference to ie from desktop start menu etc so only way peeps on my comp use it over ff is if they start searching away or use run.

One little thing that bugged me with previous updates of ff after installing them is when I open an html file to edit using "open with..." there is more than 1 reference to ff so I have to go and mess about in regedit to get rid of it.




Quote
 Re: FireFox Users
Posted by Loco on Fri May 13th at 4:30pm 2005

? quote:
There's a nice Google toolbar in Firefox too, by default.

Not just Google...
/looks at list of fifteen different search engines in own copy of FF
[addsig]



Quote
 Re: FireFox Users
Posted by Leperous on Fri May 13th at 4:52pm 2005

By 'nice', do you mean it can search the current website you're on, or just the country you're in, or images, or news, or can it translate a page, or check the spelling of what you're typing into a form (which I wish more people here used), or, most importantly to me, have the most genius button ever created: the 'up one level' button ?! The only good thing about FF search is that you can use it with multiple search engines, but it's hardly an improvement over having these places bookmarked.

Fraggard, I never said that you can't hack anything that isn't open source, I just said that it's harder to do so. Your analogy about tape over a lock is a bit bizarre and isn't what I was implying- rather, how about keeping the lock mechanism inside an opaque door, so you can't see the shape of the key you need to put inside it?!






1
2 next page »
Post Reply