Most secure browser? [modified]
-
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
-
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
"None" or "none of the fully patched browsers allowed silent infections or exploitation beyond simple DoS attacks. All of the browsers stopped the latest malicious attacks available on the internet."[^]
For God so loved the world, that he gave his only begotten Son, that whosoever believeth in him should not perish, but have everlasting life.(John 3:16) :badger:
-
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
"Secure browser" is an oxymoron. Read here: http://www.codeproject.com/Lounge.aspx?msg=2674545#xx2674545xx[^] If you can install whatever plugin you want, with no user interaction, what's the point of talking about "security holes"? In the end, it's up to the user to stay away from malware (read "porno") sites.
Best wishes, Hans
[CodeProject Forum Guidelines] [How To Ask A Question] [My Articles]
-
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
lynx is probably the most secure.
Need custom software developed? I do C# development and consulting all over the United States.
If you don't ask questions the answers won't stand in your way.
Doing a job is like selecting a mule, you can't choose just the front half xor the back half so when you ask me to do a job don't expect me to do it half-assed. -
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
I'm guessing "Secure Web Browser (SWB) V1.1-12 for OpenVMS Integrity servers". :-D
-
lynx is probably the most secure.
Need custom software developed? I do C# development and consulting all over the United States.
If you don't ask questions the answers won't stand in your way.
Doing a job is like selecting a mule, you can't choose just the front half xor the back half so when you ask me to do a job don't expect me to do it half-assed. -
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
-
"Secure browser" is an oxymoron. Read here: http://www.codeproject.com/Lounge.aspx?msg=2674545#xx2674545xx[^] If you can install whatever plugin you want, with no user interaction, what's the point of talking about "security holes"? In the end, it's up to the user to stay away from malware (read "porno") sites.
Best wishes, Hans
[CodeProject Forum Guidelines] [How To Ask A Question] [My Articles]
Hans Dietrich wrote:
Read here
That's a bit different though - the installer is a program, not a malicious website.
Hans Dietrich wrote:
stay away from malware
Popups are one culprit, as are email worms which link to an .exe as a e-card or something (recently saw an incedent of that). But even if you steer clear of high risk sites / links, you could still get hit (e.g. by a site who's serving the malware without knowing - i.e. server compromised).
-
"None" or "none of the fully patched browsers allowed silent infections or exploitation beyond simple DoS attacks. All of the browsers stopped the latest malicious attacks available on the internet."[^]
For God so loved the world, that he gave his only begotten Son, that whosoever believeth in him should not perish, but have everlasting life.(John 3:16) :badger:
Well it definitely happened to my system - running latest Firefox. Avast's initial warning had a temporary internet folder path in the dialog, and I wasn't running any other browser. It could theoretically still be IE running in another app, but unlikely. I only have 6 addons installed - so I also doubt it was an exploit of a FF addon. So moral of the story - don't even put your full trust in Firefox :~
-
The problem is with your insecure OS, XP :)
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x))How's that? As far as I'm concerned the browser should not allow any executable to be run by the OS without the user's intervention. I'm also at a total loss how come Avast managed to warn me and even though I hit Quarantine it still proceeded. I'm a huge Firefox fan, but this has really suprised me. Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
-
lynx is probably the most secure.
Need custom software developed? I do C# development and consulting all over the United States.
If you don't ask questions the answers won't stand in your way.
Doing a job is like selecting a mule, you can't choose just the front half xor the back half so when you ask me to do a job don't expect me to do it half-assed.I wonder if the Lounge is Lynx-compatible :confused: :)
-
How's that? As far as I'm concerned the browser should not allow any executable to be run by the OS without the user's intervention. I'm also at a total loss how come Avast managed to warn me and even though I hit Quarantine it still proceeded. I'm a huge Firefox fan, but this has really suprised me. Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
Ashley van Gerven wrote:
Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
Right. Firefox is secure... See this fix put into v3.0.6[^]. Do you really think that Firefox has no more exploits in it?
-
I wonder if the Lounge is Lynx-compatible :confused: :)
-
*EDIT* After Shog's post I investigated and the Avast log shows the warning came from a IE cache folder, not Firefox. So an instance of IE must have been running withing Firefox or within some other malware. It could have been an IE tab within Firefox, although I don't recall switching a tab to IE. Nonetheless I feel really bad for publicly blaming Firefox, just because it seemed the obvious culprit - but I should have looked for proof. BTW I am running IE 7 and up to date with patches - so I'm baffled which security hole was exploited here. Firefox 3.0.6 seems to have a security hole. I guess I was wrong in thinking that the latest version of Firefox is secure enough to prevent malware installing itself on my computer. And on top of that Avast! didn't quite manage to prevent it either. It did give some warning, but didn't prevent 'XP Police' (a fake antivirus proggie) from installing itself and disabling Avast! and disabling Task manager. So from the command line I managed to kill it:
taskkill /F /IM xppolice.exeEDIT: Malwarebytes' scanner/fixer seems pretty effective (trial): http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html[^] So is Chrome more secure? Or which browser(s) are likely to be the most secure?modified on Friday, February 13, 2009 9:30 PM
Last modified: 30hrs 28mins after originally posted --
"For fifty bucks I'd put my face in their soup and blow." - George Costanza
CP article: SmartPager - a Flickr-style pager control with go-to-page popup layer.
Never mind which Browser is most secure. Which site did you get the infection from. Is it KSS enough for you to warn us, so that we can mitigate our chances of picking it up?
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
How's that? As far as I'm concerned the browser should not allow any executable to be run by the OS without the user's intervention. I'm also at a total loss how come Avast managed to warn me and even though I hit Quarantine it still proceeded. I'm a huge Firefox fan, but this has really suprised me. Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
That is an interesting expectation for the browser - to not allow executables to be run. It's a fair one. One could be just as fair and expect the operating system shouldn't allow the browser to run any executable it shouldn't be. Interesting! (to me anyway)
-
Never mind which Browser is most secure. Which site did you get the infection from. Is it KSS enough for you to warn us, so that we can mitigate our chances of picking it up?
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
I am willing to bet, my AV-less, anti-spyware-less and unfirewalled Vista would not pick that stuff up without human intervention. :)
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x)) -
How's that? As far as I'm concerned the browser should not allow any executable to be run by the OS without the user's intervention. I'm also at a total loss how come Avast managed to warn me and even though I hit Quarantine it still proceeded. I'm a huge Firefox fan, but this has really suprised me. Especially as it's regarded widely as the secure alternative to the exploit-prone IE.
Ashley van Gerven wrote:
it's regarded widely as the secure alternative to the exploit-prone IE.
Who regards it as the secure alternative to IE? Apparently, only people who fall victim to the myths and propaganda. Take a look at this page, and scroll down to the "Security" section: http://home.comcast.net/~SupportCD/FirefoxMyths.html[^]
-
I am willing to bet, my AV-less, anti-spyware-less and unfirewalled Vista would not pick that stuff up without human intervention. :)
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x))Oh yes. I nominate myself as the most insecure browser. :)
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
Oh yes. I nominate myself as the most insecure browser. :)
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
Henry Minute wrote:
I nominate myself as the most insecure browser.
Do you get offended easily? Well do you, wimp? ;P
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 beta 2 - out now!
((lambda (x) `((lambda (x) ,x) ',x)) '`((lambda (x) ,x) ',x)) -
Well it definitely happened to my system - running latest Firefox. Avast's initial warning had a temporary internet folder path in the dialog, and I wasn't running any other browser. It could theoretically still be IE running in another app, but unlikely. I only have 6 addons installed - so I also doubt it was an exploit of a FF addon. So moral of the story - don't even put your full trust in Firefox :~
