Results 1 to 8 of 8

Thread: Browsers Bite Back

  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188

    Browsers Bite Back

    Some welcome news on the browser front folks. Some of the major browser suppliers are looking at including "security wrappers" in their next releases. This is an attempt to protect users from malicious sites an drive-by infections.

    http://www.theregister.co.uk/2008/06...load_defences/

    Opera and FF are the players, and AVG are looking to put the same sort of technology into their security offering.

    Not before time?


  2. #2
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    They could more easily make browsers secure by taking
    some technology out of their browsers. Why am I
    the only one who understands this?
    I came in to the world with nothing. I still have most of it.

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hey rcg,

    Why am I the only one who understands this?
    But the rest of us also understand that it is as feasible as uninventing thermonuclear weapons

    Sure, if you take all the bells and whistles out of browsers you would secure them, but would you like a 9,600 Baud dial-up modem to go with it?.............. I take it that you have a spare ISA slot?

    Apart from most websites needing this crap to display properly; what about sites like You Tube, Face Book, My Space and a whole raft of other sites?

    There is no way we could go back to the days of BBS.

    Anyways it isn't just browsers. Operating systems and other applications suffer from the same issues. The basic rule is that the more complex you make things the more likely they are to go wrong and the more vulnerable they are likely to be.

    If you think about it, DOS is a secure operating system compared to Windows. Single user, single task, and doesn't start a heap of services when you boot up

  4. #4
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    Why would you design a web browser to allow remote
    sites to alter important Operating System files, and then,
    as an afterthought, add another layer of software to
    prevent it from happening? Pure genius.

    Yeah, I think I have an ISA slot in the back of my head.
    I came in to the world with nothing. I still have most of it.

  5. #5
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Yeah, I think I have an ISA slot in the back of my head.
    That's strange: I thought it was a RS-232
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  6. #6
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Quote Originally Posted by rcgreen
    They could more easily make browsers secure by taking
    some technology out of their browsers. Why am I
    the only one who understands this?
    Amen! Spent last evening with an older friend getting her oriented on
    her new Vista-powered laptop. Criminy, IE in protected mode is outright
    painful. We had a dickens of a time just using her ISP's webmail, even
    after I added that site to the trusted zone. I need to put her in FF. I
    love the fact Vista's more secure. But it's a nightmare to use, especially
    for less tech-savvy users.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  7. #7
    Banned
    Join Date
    Jan 2008
    Posts
    605
    Why would you design a web browser to allow remote
    sites to alter important Operating System files
    It's privilege levels are always going to be at ring 3. And in order to install the drivers for that sort of thing you'll need administrator privileges anyway.

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    It reminds me of something I read the other day about our Department of Revenue & Customs (equivalent of the IRS). Apparently in the last couple of years they have fired over 600 people for looking at personal information they should not have done.

    This is not a question of an insecure system........... the little scumbags are perfectly entitled and empowered to look at these records. The issue is that they are abusing their empowerment. They should only look if required to do so as part of their job, and instructed by their superiors, not out of personal curiosity, and potential malicious intent.

Similar Threads

  1. Hacker Horror stories
    By gore in forum Tech Humor
    Replies: 8
    Last Post: January 23rd, 2008, 08:17 PM
  2. The Bastard Sys Admin From Michigan #12
    By gore in forum Tech Humor
    Replies: 13
    Last Post: April 29th, 2005, 05:53 PM
  3. Replies: 3
    Last Post: January 8th, 2004, 02:41 PM
  4. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  5. some favorite lyrics
    By rcgreen in forum Cosmos
    Replies: 32
    Last Post: September 13th, 2002, 02:27 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •