okay if you really tested that that’s good news, and thanks for posting
Who uses IE : ;D ;D ;D
I surf the Internet with Opera.
Hi Logos,
The difference with the script watcher has various implications, and it is striking that here there are not that many that comment on that particular striking difference, well apart from me and you and rdmalloy no-one realized it in this thread. Maybe because they live in an another world, they do not experience the IE ads on tele like we have in Europe where IE is pinching the Fx float to try to ridicule the Mozilla browser and get back some of their lost browser territory, and how the MS Indians are back on the same monopoly-road again as they have been before - positioning their browser versus third party browsers, because they sure feel the heat now of Fx and GoogleChrome. The days that users thought blue e was identical with surfing the Internet are slowly coming to and end, and it is funny that MS always come up with the same old answers…
polonus
thanks for posting Polonus, really appreciated yep MS must have felt they had to do something…losing more and more market share in Europe (with IE), while the masses are being told by their own governments how insecure Internet Explorer is, and are advised to switch to Firefox…there’s something goin’ on…seeing MS introduce a script blocker is quite an event ;D
so that everyone can see it ;D >>> screen shot (from the help files of 2.0 beta)
and…unrelated:
wrong, there’s a section to exclude any type of file for both on demand and on access scans.
Hi Logos,
And there is still a lot to be done, analyzed a particular media website and found fieldset. There was a fieldset bug in IE7 and IE8 that was not there in good old IE6, that is called a regression hole, isn’t it, see it described and the POC here:
http://www.quirksmode.org/bugreports/archives/2007/08/MSIE7_fieldset_bug.html
Is it still there? Unfortunately, this dialog, the “3rd trickiest” of the (only 3) available JavaScript dialogs in the web browser, is horribly broken… in fact, it hasn’t even been patched once since its original design, made available in 1995! (That’s 15 years ago for those without calculators!)
It was still there in May 2010: http://drupal.org/user/645062 see: http://drupal.org/node/311203
There is a solution for it here: http://www.mattheerema.com/web-design/2006/04/getting-fieldset-backgrounds-and-legends-to-behave-in-ie/
polonus
Hi malware fighters,
And then there is this issue: http://threatpost.com/en_us/blogs/rise-rogue-av-testers-070910
and they got a lot of critique: http://nsslabs.com/browser-security
The SmartScreen Filter in IE8. Microsoft’s browser got a unique URL blocking score of 89% and an overal protection score of 85%. “Internet Explorer 8 is by far the best browser where protection against csocial engineering malware is concerned.” The 30% increase in suspicious and malicious websites detectedshows it has a “superior feedback mechanism”. Other browsers in the test could hardly block more URL’s after five days…
Now what about Fx with NoScript installed and browsers with the avast shields active?
polonus
Its Firefox believers that believe it is the best. :
How many Firefox fixes have been issued lately ???
can you name the ten last flaws in FF (for the last month)?
That would be cheating. The test was of browsers, not addons and security products.
It’s also interesting to see that Opera fails horribly.
[b]Mozilla patches 16 security bugs in Firefox 3.6[/b]http://www.computerworld.com/s/article/9179504/Mozilla_patches_16_security_bugs_in_Firefox_3.6
There was a huge fix package issued very recently with a lot more than 10.
There are those that can count in decimal and know that 10 is more than 2
I see our Internet Explorer warriors are back on track ;D …yeah, just two so far, and counting ? ;D …you see guys, the problem with Firefox is that most security flaws that are found (in labs) rarely (or never) make it to the desktop, when at the opposite most of the Internet crap will land on your systems through…Internet Explorer (I hate swearing sorry, and I always got the feeling to swear when I say or write…I-N-T-E-R-N-E-T E-X-P-L-O-R-E-R… hope the forum software won’t censor that ;D ). And on a side note Yokenny, you know what you can do with your sarcasms, as usual >>>, yes, there
Internet Explorer has been - oh yes, indirectly, as the ultimate malware vector - contaminating tens of millions of computers world wide since it exists. Internet Explorer must be patched continuously, some of it is considered unpatchable (no solution, dixit Secunia). Let the carnage continue, and enjoy :
Until IE is totally separated from the OS integration, e.g. just a browser, then there will always be security issues as effectively if you exploit the browser you have exploited the OS. That is my reason for not using it as my primary browser.
If only I could get rid of it completely I would, but you can’t because of its OS integration, which forces you to keep IE up to date even though you don’t use it, to avoid OS exploits via the backdoor.
IE8 was well behind a bunch of 3rd party applications in the last year in the numbers of vulnerablities found. It no longer can be the whipping boy and really never should have been. I’ve even seen a few professionals in the field saying that IE9 will probably be the browser they recommend to their customers for security reasons.
If you didn’t know, the program with the most vulnerabilities was, once again, Firefox. The vendor with the most overall problems in their software was Apple.
Hi Logos,
To turn the tables again will take a lot of propaganda and making somehow you cannot go around the built-in software browser. It is always funny to see that where critique on IE is concerned some mainly US users almost react as if you attacked their home-base. One must admit that building their browser deep, deep into the OS brought Windows an important leap-start against competitive third party software browsers. It was a clever trick and brought competitor Netscape to its knees. Their slower browser got already half way up from boot time while the other browser was not even launched from the desktop. Google independent process per tab browsing was the answer to that trick, and also was cleverly anticipated and off course now imitated by the Mozilla browser. The as per default installation also brought that the masses thought that IE was the only way they knew to go unto the web, the EU regulations brought another landscape since their regulations.
After leaning back for a long, long time, after numerous mishaps like with the ActiveX disaster, still haunting us with malware, finally MS realized that if they did not invest and improve their IE it would endanger their revenue streams and they woke up with IE8 and are even improving further with IE9,
Alas there has not been any monopoly since the Roman Empire that lived forever and it seems Google for one could come as a serious threat to the Windows mono-culture.
And I really don’t know if IE would have NoScript, RequestPolicy and AdBlock+ extensions for it, I would consider going back to IE. For now the blue e browser is only for updates and upgrades because that is vital for the security of the OS. But I would not come running to defend any browser…
And about the many, many bugs in Mozilla, well I have been a Fx test-pilot for some time and they have a large developer base to file bugs, loads of them are made public and are quickly patched, also cause regressional problems, that has to be dealt with,
and open source and propriety source cannot be compared, as apples are no pears and both do not taste like bananas…
polonus
For now the blue e browser is only for updates and upgrades because that is vital for the security of the OS.
+1
There’s nothing more to do with it…
Here IE only gets the rights it needs to update, that’s it. Everything else is blocked…!
asyn
Here, I use all the major browsers:
IE, Firefox, Chrome and, Opera.
They all have some features not available in one or all of the others.
Browsers are a tool nothing more. They aren’t something to be worshiped or whipped.
I was also always of the impression that it was the folks who wrote the malware that where
responsible for making the internet unsafe. Without them, there wouldn’t be any exploits.
But, what do I know, I’m from the old school. ;D
Hi bob3160,
Right there are malcreants, they did it in the past to be better than others (in the past) and now they do it for Cybercriminals for illegal revenue, but there are always two sides of the coin, there is the cat and there is the bacon. If you have a lot of delicious bacon ready there you proverbially bind the cat to the bacon, you might be familiar with that good old proverb?. Well some developers make their software much easier exploitable as other developers. To say all browsers are browsers and it is only the evil ones to blame that try out “da evil code” against it, is just telling the story from one point of view, in that case the poor developers of browsers are left off the hook, for what can they do? … evil hackers you know. What a lame excuse for “the inventor” of DirectX in Internet Explorer. He should have you for boss, bob, “evil hackers, boss, not much we can do here…”. ;D “Sure, my friend, browsers are browsers you know”,
polonus
P.S. And to try the exploitable is always goin’ on: http://www.mikeonads.com/2008/07/13/using-your-browser-url-history-estimate-gender/