washingtonpost.com has a story about the latest Symantec Internet Security Report. Lot’s of other sites are covering the report, but this is the first one I’ve come across which links to the report itself. (PDF)
If you’re not using Firefox with Adblock, I have to warn you that it has one of the most irritating web ads I’ve ever seen! (Although I’m currently using Opera, I always miss Adblock when I come across pages like this!)
2nd EDIT: of course you might not get served up the same irritating ad- I didn’t when I checked my own link. I was refering to a buzzing mosquito animation, if anybody is wondering what I was on about.
No Ads for me, using FF + AdBlock + NoScript (without flash being blocked, Options, Advanced) and Java disabled (always). Didn’t see anything with Maxthon either, Java disabled, AdHunter enabled (but not the floating AD filter), all I got was a RSS feed is available for this page notification (Maxthon info) but no ads.
I usually use a non-IE dependant browser for “scouting” and if I am convinced that a site is O.K., I make a bookmark of it for an IE engine-based browser.
I didn’t know AdHunter Extension for Maxthon, thanks for the info, DavidR.
Sorry for being totally off topic, FWF but in the world filled with malicious 0-day attacks, we need to practice safe browsing in order not to be infected.
I doubt if washingtonpost.com carries malicious content (I mean, surely sites like this have defences against hacking and malicious third party ads?), but it does carry some very intrusive animated Flash ads. The one I was talking about also had sound- the sound of an angry mosquito. Very irritating. Even with just animated ads, it’s difficult to reads the page- definitely one to read in Firefox with Adblock.
I normally miss these because Enable/Disable Flash & Adblock Plus Filterset G Updater
in both Flock and FF, and if something annoys me I have RIP options to kill almost everything the webmaster may serve up & isn’t to my liking with one click.
When I see an occasional site in IE at my job, I am astounded what a evergoing long line of adverts the Internet has been turned into actually,
Was there some posts deleted about this report recently? Anyway, here is official response to what might have been headline for those into browser development
too long url
“Facts” can be many things, eye of the beholder… I strongly believe in learning from history and I guess so does Mozilla 8) “Nothing is secure” Ability to deal with problems is what matters when it comes to security.
Interestingly, I’ve seen some reports that Microsoft is fixing browser bugs without ever making the vulnerability public:
I've found this bug while creating a subset of the Hamachi fuzzer. So, I've decided to create a specific fuzzer that will find all possible orphan object referencing bugs. I've actually found over 15 crashes involving 8 different objects.
Last Tuesday Microsoft released a cumulative security update for Internet Explorer, MS06-042. I was surprised to find out that they were quick to fix the orphan objects issue, with no mention of fixing this vulnerability in the security bulletin.
As this vulnerability was silently patched and the orphan objects’ bugs cannot be exploited anymore, I’ve decided to stop my research on this issue and I’m releasing the fuzzer to the public.
These matters are not suited for Top 10 lists or X have had XXX vulnerabilities this year. You cant compare Opensource with a closed company like Microsoft. There are pros and cons to both but if security in general is about the ability to adjust, make changes/patches then MS will always be a bit behind/slow. Because of their size and responsibility as the big OS-maker. Is easier for Mozilla to patch their little not so integrated product. If there is a major evilness discovered right now Mozilla will fix it first no doubt. Unless of course Microsoft is already aware but wont tell until they have own patch ready
Mostly theory, not like world is suffering big time from MS being slow. They will look bad compared to more flexible projects. Just the way it is.
Last year Mozilla was slow in patching some vulnerability and a user made a little extension which took care of it. Or did they evaluate vulnerabiltiy as one which could wait? Not all vulnerabilities are created equal. Some more relevant to real life than others. Hard for end-users to be judges, easier to read headlines 8)