Most secure browser? [modified]
-
How's that? As far as I'm concerned the browser should not allow any executable to be run by the OS without the user's intervention. I'm also at a total loss how come Avast managed to warn me and even though I hit Quarantine it still proceeded. I'm a huge Firefox fan, but this has really suprised me. Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
Ashley van Gerven wrote:
Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
Right. Firefox is secure... See this fix put into v3.0.6[^]. Do you really think that Firefox has no more exploits in it?
-
I wonder if the Lounge is Lynx-compatible :confused: :)
-
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
Never mind which Browser is most secure. Which site did you get the infection from. Is it KSS enough for you to warn us, so that we can mitigate our chances of picking it up?
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
How's that? As far as I'm concerned the browser should not allow any executable to be run by the OS without the user's intervention. I'm also at a total loss how come Avast managed to warn me and even though I hit Quarantine it still proceeded. I'm a huge Firefox fan, but this has really suprised me. Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
That is an interesting expectation for the browser - to not allow executables to be run. It's a fair one. One could be just as fair and expect the operating system shouldn't allow the browser to run any executable it shouldn't be. Interesting! (to me anyway)
-
Never mind which Browser is most secure. Which site did you get the infection from. Is it KSS enough for you to warn us, so that we can mitigate our chances of picking it up?
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
I am willing to bet, my AV-less, anti-spyware-less and unfirewalled Vista would not pick that stuff up without human intervention. :)
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x)) -
How's that? As far as I'm concerned the browser should not allow any executable to be run by the OS without the user's intervention. I'm also at a total loss how come Avast managed to warn me and even though I hit Quarantine it still proceeded. I'm a huge Firefox fan, but this has really suprised me. Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
Ashley van Gerven wrote:
it's regarded widely as the secure alternative to the exploit-prone IE.
Who regards it as the secure alternative to IE? Apparently, only people who fall victim to the myths and propaganda. Take a look at this page, and scroll down to the "Security" section: http://home.comcast.net/~SupportCD/FirefoxMyths.html[^]
-
I am willing to bet, my AV-less, anti-spyware-less and unfirewalled Vista would not pick that stuff up without human intervention. :)
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x))Oh yes. I nominate myself as the most insecure browser. :)
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
Oh yes. I nominate myself as the most insecure browser. :)
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
Henry Minute wrote:
I nominate myself as the most insecure browser.
Do you get offended easily? Well do you, wimp? ;P
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x)) -
Well it definitely happened to my system - running latest Firefox. Avast's initial warning had a temporary internet folder path in the dialog, and I wasn't running any other browser. It could theoretically still be IE running in another app, but unlikely. I only have 6 addons installed - so I also doubt it was an exploit of a FF addon. So moral of the story - don't even put your full trust in Firefox :~
-
Henry Minute wrote:
I nominate myself as the most insecure browser.
Do you get offended easily? Well do you, wimp? ;P
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x))Stop it, or I'll fetch my mum.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
-
Ashley van Gerven wrote:
it's regarded widely as the secure alternative to the exploit-prone IE.
Who regards it as the secure alternative to IE? Apparently, only people who fall victim to the myths and propaganda. Take a look at this page, and scroll down to the "Security" section: http://home.comcast.net/~SupportCD/FirefoxMyths.html[^]
Interesting, it says Opera is the most secure. I still believe Firefox is more secure than IE though.
-
Ashley van Gerven wrote:
temporary internet folder path
FWIW, if it was <profile>\Local Settings\Temporary Internet Files, then IE had its hand in the matter somewhere. FF uses a different location for its cache / downloads.
You're actually right - I investigated the Avast log and it showed Temporary Internet Files\Content.IE5 :~ Now I feel really stupid for blaming Firefox :sigh: Thanks for the tip.
