PDA

View Full Version : Internet security?


yauhui
9 May 2008, 15:09
Have you ever clicked on a link, and then thought about whether the link you just clicked on is safe or not..?

Or have you browsed a site that seems innocent but suddenly gets the feeling that something is wrong?

What do you do?

What do you feel?

Shadowmoon
9 May 2008, 15:32
This thread is pointless.

Anyway....

I have a progam that tells me wether a site is safe or not.

What do i feel? pain. I cry, and cry, and cry, because i'm afraid an evil virus will destroy my computer with its UB3R power.:p

.JeT
9 May 2008, 16:25
This thread is pointless.

And you say that with your 10 character limit thread. :p

Shadowmoon
9 May 2008, 16:38
And you say that with your 10 character limit thread. :p

People seem to be posting in it and voting, so its not pointless.:rolleyes:

super_frea
9 May 2008, 17:18
What do you feel?

I feel hurt. I can't describe it. It makes me feel anesthetized internally. Yes my heart is still beating but I'm lost. My self-purpose, me sense of any accomplishment in life has left my soul for ever and I feel that it may never return.

MrBunsy
9 May 2008, 17:39
I wasn't aware that simply clicking on a link with a decent browser could do any harm.

Muzer
9 May 2008, 17:50
Opera's phishing philter is enabled, and I never have visited a site like that.

Although, there was one, which when I browsed with IE automatically downloaded a virus, I was testing IE's security though at the time so it was completely isolated and caused no damage, it was a known dodgy site (can't remember the URL, and no, not dodgy as in porn). The same thing with opera and firefox just said "do you want to save or save this file? I'm a retarded browser so I'm not gonna let you just open it" (Firefox), or "Do you want to open or save this file, but to prevent viruses the save option is greyed out for a couple of seconds which makes a lot more sense" (Opera)

Sorry, just got a bit carried away on the Opera being infitiely better stuff.



I just say "poor are the people who use IE" and laugh for a day.

MrBunsy
9 May 2008, 17:58
Sorry, just got a bit carried away on the Opera being infitiely better stuff.



I just say "poor are the people who use IE" and laugh for a day.FF 2 does the same thing as your description of Opera :p. Agreed on IE though.

Muzer
9 May 2008, 17:59
I could've sworn it didn't, not with .exes anyway.

Shadowmoon
9 May 2008, 17:59
FF 2 does the same thing as your description of Opera :p. Agreed on IE though.

I use IE and FF. FF rules, though.

And i'm pretty sure browsers have spyware, and stuff like that, that protect your computer.....

Muzer
9 May 2008, 18:01
Um, what? Spyware is stuff that collects personal info without telling you and sending it to a server. With firefox and opera it asks you if you want to or not, thereby being not spyware.

Shadowmoon
9 May 2008, 18:04
Um, what? Spyware is stuff that collects personal info without telling you and sending it to a server. With firefox and opera it asks you if you want to or not, thereby being not spyware.

Yeah. FF's security is more advanced than IE's.........

I use firefox. Its one of the best browsers, in my opinion.

Muzer
9 May 2008, 18:06
I'm not sure if it was a typo or not, but I was referring to this:

And i'm pretty sure browsers have spyware, and stuff like that, that protect your computer.....

yakuza
9 May 2008, 18:20
Yeah. FF's security is more advanced than IE's.........


MYTH!

That's like saying lethal poison is safer than cars because more people die from car accident per year.

Shadowmoon
9 May 2008, 18:22
MYTH!

That's like saying lethal poison is safer than cars because more people die from car accident per year.

I have proof. I found it on some site that i'll try and find now.;)

Muzer
9 May 2008, 18:23
www.firefoxmyths.com

EDIT: Especially
Security

Myth - "Firefox is Secure" - Example

Reality - Firefox is anything but Secure with multiple unpatched vulnerabilities allowing exposure of sensitive data to local users. You only need one vulnerability to be insecure. Since Firefox v1.x was released, users have been exposed to over 295 security vulnerabilities and counting.

CVE - lists over (339) security vulnerabilities in Firefox. - Source

Mozilla - lists over (190) security vulnerabilities in Firefox. - Source

Secunia - lists (170) security vulnerabilities in Firefox, over (100) are rated Highly Critical. - Source

Notes - The number of Secunia "advisories" (45) does not equal the actual amount of "vulnerabilities" (170). Over 10 advisories have multiple vulnerabilities, look carefully. SA19631 - Lists 24 Vulnerabilities Alone!

"In the excitement that surrounded its launch last year, Firefox was unreasonably portrayed by some as having unbreakable security, but the vulnerabilities that have been detected in recent months are injecting a dose of reality into this myth, analysts say." - Source

"Firefox tops the list of applications that are well-known in the consumer space and are frequently downloaded by employees, often without the approval of IT departments - that contain critical, code-execution vulnerabilities." - Source


and


Most Secure Web Browser

Myth - "Firefox is the Most Secure Web Browser" - Example

Reality - Opera is currently the most Secure Graphical Web Browser in Windows. - Source


and also

Anti-Phishing

Myth - "Firefox 2's Phishing Protection is better than Internet Explorer 7" - Example

Reality - "Internet Explorer 7's Phishing Filter finished at the top of 3Sharp's list as most accurate anti-phishing technology, catching nearly 9 out of 10 phishing sites while generating no warning or block errors on the 500 legitimate websites tested." - Source - Source 2

"- They [Smartware, the company that authored the study for Mozilla] didn't make any attempt to score false positives. This is a critical omission, because a filter that produces significant numbers of false positives will quickly train users to ignore its legitimate warnings. (Interestingly, PhishTank's own FAQ agrees with me). IMHO any study that doesn't include false positive data is meaningless.

- The Firefox report mentions that IE can warn or block, but it doesn't credit IE with any actual warnings. This is a significant omission, although we can't tell how significant because...

- The Firefox report doesn't include any information about the actual URLs used. They promise to publish this data "soon", but without that there's no way to gauge the quality of their data. (I understand that they'll publish the data later today; it'll be interesting to see the raw stuff.) Of course, we published all our URL data in our report.

- Speaking of data: the Firefox team used 1040 phish from Phishtank, a community filtering system, gathered over a two-week period. That's a good number of phish, but the study period was awfully short, and the phish all came from one source. We used multiple sources, including honey pots and user reports, to generate the phish list we used.

- Because they used a community-generated feed of phish, there's no way to tell which of the phish had also (or already) been reported to other systems that may have fed into the "Ask Google" or Microsoft data feeds. By contrast, we took great pains to try to find phish that we knew hadn't been submitted to Microsoft's URL reputation service." - Source

"The two 'live' sites I visited in each browser hardly constitute a scientific sample, but it's still worth noting that IE7 flagged both pages as confirmed phishing sites, while Firefox 2 missed them both" - Source

Shadowmoon
9 May 2008, 18:25
www.firefoxmyths.com

What i really meant to say was that IE is more secure than FF.

Muzer
9 May 2008, 18:25
True

But opera is the most secure, see my edited post

yakuza
9 May 2008, 18:27
I have proof. I found it on some site that i'll try and find now.;)

I'd eat my hat if the guys at Mozilla were more prepared for security breaches in their browser than the dudes at Microsoft. I'll admit that I cannot really prove that IE has a better security system than FF does, but logic and sense tells me it does. It's like comparing Google to Yahoo, really.
The only reason IE users are victims of more spyware is probarbly based on the fact that 99% of spyware is created to exploit IE security, because 93% of internet users are IE users, simple as.

edit: I see Muzer paster all that, and even though that website is not completely accurate, I don't see how the point regarding security can't be.

Shadowmoon
9 May 2008, 18:29
True

But opera is the most secure, see my edited post

Yeah, i know that too. I've read the whole page. And opera is the most fast web browser.

Melon
9 May 2008, 23:22
The same thing with opera and firefox just said "do you want to save or save this file? I'm a retarded browser so I'm not gonna let you just open it" (Firefox), or "Do you want to open or save this file, but to prevent viruses the save option is greyed out for a couple of seconds which makes a lot more sense" (Opera)
This is meant to happen. You're actually supposed to click the save to file button that's greyed out to cause it to not be greyed out. I'll admit it wasn't very clear though. That's not the case with FF3 though, but it's still a beta so it's not really up for comparison as much.

Anybody else feel like this is gonna turn into another browser war thread?

Muzer
9 May 2008, 23:32
That's a bit crap then, having to click into menus to be able to open it. On my Windows installation, due to the large number of drives and files the device tree-related dialogs take the longest to appear so that would be more like a time waster to me. It takes about 20sec for it to be in a useable state. Making it greyed for a few seconds like with extension installation (although the time limit should be less) makes a lot more sense and still stops 99.9% of viruses.

PS: Opera's browse without CSS option is fun.

Melon
9 May 2008, 23:44
That's a bit crap then, having to click into menus to be able to open it. On my Windows installation, due to the large number of drives and files the device tree-related dialogs take the longest to appear so that would be more like a time waster to me. It takes about 20sec for it to be in a useable state. Making it greyed for a few seconds like with extension installation (although the time limit should be less) makes a lot more sense and still stops 99.9% of viruses.
Wait, what? What are you talking about?

What time delay? On FF2, you basically had to click the save to file button twice. That's it.

Also, clicking into menus. What? If you don't want to save it to disk, you can open it instantly (after clicking the button to ungrey it first). If you do save it to disk, you can open it instantly without browsing through your computer to find it. The only menu I've ever seen is the "would you like to open this now or save it first?" menu.

Sorry, maybe I'm a bit confused with your post and I'm missing what you're saying, but you've never had to wait 20 seconds to start downloading a file.

AndrewTaylor
9 May 2008, 23:58
This is meant to happen. You're actually supposed to click the save to file button that's greyed out to cause it to not be greyed out. I'll admit it wasn't very clear though. That's not the case with FF3 though, but it's still a beta so it's not really up for comparison as much.

Anybody else feel like this is gonna turn into another browser war thread?
I certainly never figured that one out, and I've been using Firefox on and off (with Opera) for years.

Both are better than Microsoft's "do you want to ask to open the file and be told you can't in case it's a virus, or save it somewhere where I will never let you open it in case it's a virus?".

franpa
10 May 2008, 11:01
What i really meant to say was that IE is more secure than FF.

Yes, IE is nice what with Active X controls that can completely dominate your security software and cripple your computer with 100's of spyware/viruses in seconds :)

I know a site that does that with IE6 (simply visiting it screws your pc up) and I haven't bothered testing IE 7.

Firefox is safer (over IE) from serious issues because it doesnt support the evil Active X >_<


No I can't post a link to the site i speak of because it is a keygen site :)

MrBunsy
10 May 2008, 11:23
I used to have a 'free cup holder' on my website years ago. IE would let a website open your CD drive. Good times :P

Steve14
10 May 2008, 11:40
If you use your brain while surfing, if you doesn't surf with user rights that let you remove any files on your system partition and if you only allow JavaScript and plugins on sites you trust, you won't ever have any malware, expect it exploits any security holes in your operating system, browser or any software running on your computer while you're surfing. That's why popular open-source software is better, cause you don't have to wait on any "patch-day" of any company.

franpa
10 May 2008, 12:06
Windows XP Home doesnt come with stuff that lets you make custom user accounts...

SupSuper
10 May 2008, 16:52
If you use your brain while surfing, if you doesn't surf with user rights that let you remove any files on your system partition and if you only allow JavaScript and plugins on sites you trust, you won't ever have any malware, expect it exploits any security holes in your operating system, browser or any software running on your computer while you're surfing. That's why popular open-source software is better, cause you don't have to wait on any "patch-day" of any company.It also means anyone can get and exploit the code.

Steve14
10 May 2008, 19:26
It also means anyone can get and exploit the code.

But also everybody can help fixing the security issues. :)