Jump to content

Recommended Posts

Posted

from a recent news article

For all those that moved to Firefox because it was more "secure". You are mistaken. Same goes for apple users that don't patch.

If you like these minority vendors for other reasons, then fine. Just don't make security one of them because it is a total myth.

*****

Alexander Sotirov, a researcher at Redwood City, Calif.-based Determina Inc. who discovered the ANI flaw last December and reported it to Microsoft, said in the Determina Security blog that the popular Mozilla Firefox browser is also susceptible to the flaw.

His posting included a short flash video demonstrating an exploit against the ANI vulnerability in which he says, "It turns out that Firefox uses the same vulnerable Windows component to process .ani files, which means it can be exploited in a way similar to Internet Explorer."

The news may be disheartening to Firefox users who view the open source browser as a safer alternative to the much-attacked Internet Explorer.

Mozilla has already released a number of Firefox security updates this year. Mozilla security chief Window Snyder said in a recent interview that Mozilla tries to issue a security upgrade every six weeks or so.

"We're continuously looking for vulnerabilities and continuously fixing them," she said at the time. "Users don't have to wait for the next version of the product to get a lot of the benefits of the security work we're doing. They get it on a regular basis."

Posted

I may agree with you but as pointed in the article it only applies to windows based Firefox, so Mac/Linux/whatever other os is not concerned by it, seeing it's using a windows componant/api if windows is patched, so is Firefox... Another FUD spread in the wild.

Don't get me wrong i see your point and nobody shall think the computer is safe from everything because he/she is using linux/Mac os (or any *nix based os compared to windows). On the other hand, mozilla is very dilligeant to fix firefox so i think an update will be up soon.

Posted
I may agree with you but as pointed in the article it only applies to windows based Firefox, so Mac/Linux/whatever other os is not concerned by it, seeing it's using a windows componant/api if windows is patched, so is Firefox... Another FUD spread in the wild.

Don't get me wrong i see your point and nobody shall think the computer is safe from everything because he/she is using linux/Mac os (or any *nix based os compared to windows). On the other hand, mozilla is very dilligeant to fix firefox so i think an update will be up soon.

it also stated same applies to apple users who dont patch.

Posted

Ok, but we are talking about different type of 'flaws' here your argument was about one type of them that was affected by a windows only api.

I see your point as saying "no browser" is 100% secure, it has never been and it will never be. But frankly you are not going to be owned while browsing your usual well "know" and "respected" (unless they want to lose customers) website. It's more a matter of where you browse (you know all these dodgy websites with pr0n or illegal soft to download :o).

Posted
it also stated same applies to apple users who dont patch.

Please provide link to citation for that statement, thanks in advance.

Regards

i will post the link when i find itbut this isnt the first time its been affected

http://news.com.com/Hackers+claim+zero-day..._3-6121608.html

This article claimed all OS were affected by another flaw

Pardon?

Quote :-

Since the presentation, Spiegelmock has backpedalled on the zero-day claims

Quote from linked article:-

"The main purpose of our talk was to be humorous," Spiegelmock wrote. "I apologize to everyone involved, and I hope I have made everything as clear as possible."

Hm.. whilst accepting that all software has security issues it would be wise to review sources a little more carefully before posting. Further this is a discussion re the known zero day flaw, not the animated cursor issue for which MS issued {it's an OS issue} a patch today.

Regards

/edit add more info //

Posted

As stated above, no Browser or OS is 100% secure. Yet the fact remains that OSX is second only to BSD in security so far as operating systems go, and Firefox is a far more secure browser owing to it's lack of being part of the kernel.

Kyosuken was right on the money when saying this was just more FUD.

Posted

Well, i am not pro windows or macos (i have both at home even if i prefer from a professional standpoint and debatable tastes Windows). For now MacOs isn't so spread arround the globe so it doens't yet get the fire windows gets regarding hacking/viruses and so one. But it has been proven that social engineering works on Mac users too. Security is 99% about educated people using computer (or lack of) and 1% about the os itself.

Windows has a long history of security failure, but most notably because MS did deliver security bulletin about holes in its oses sometimes up to four weeks before the vulnerability was exploited (and in the meaningtime a patch for it), and in most case people who had their windows patched would not fear any problems. So i account the 1% left for zero days vulnerabilities and the like.

The security hole have and will always be the interface "chair/keyboard" (the human !).

Computers are, unfortunatly treated too "lightly", i am not saying people should get a licence to use one (like for driving a car) but it's not so far, seeing as complex as it is to properly use a computer.

Regarding the Secure browser thing, well Vista has taken the path of the *nix model for a couple of things, and so no more vulnerability of this kind as of yer with Vista. Windows XP is another beast, but if some people can manage to avoid getting nasty things on their computers then it shouldn't be that difficult

Posted

I think the OS being only 1% of the security solution is debatable. That's why I often recommend Macs to newbies or people who are technophobes because they are such low maintenance when it comes to security.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...