Anything Goes Discussions

Icon

News, Tips, Tricks

October 21, 2006 • 7:38 pm 0

Firefox 2.0 to Release October 24th

As I’ve seen printed in a few different places Firefox 2.0 is to be released on Tuesday October 24th (PC World). Normally, I beta test a few different programs, but with this release of Firefox I waited until yesterday to install RC3 on my production machine. The reason behind this is because of the Firefox extension compatibility problems in beta’s. The early beta’s and RC’s usually break a lot of extensions and it’s not worth the testing of minor features to kill my user experience. As of today, only one extension out of sixteen was broke when I installed RC3. That’s worth the wait on my production machine.

I do run a few virtual machines, so I have been testing Firefox for a while. Each VM runs different app’s, one does configuration testing for work, the other does beta testing of programs such as Firefox. As the beta’s and RC’s have progressed I’ve added my extensions to see which ones would work and which ones wouldn’t. By October 1st I felt comfortable with installing 2.0 on my production system, but just wanted to see when the extensions would get to under 5 broken. That happened early this past week and by the time I got around to installing 2.0 on my primary machine it was down to the one. The extension that is broken is Tabbrowser Preferences 1.2.8.9, which hasn’t been updated since April 2006. Blog This for Live Writer, which is not a Firefox extension, but a Microsoft extension for Firefox is broken also, but I don’t count it because I would expect that to be broken.

So if you feel up to it, I suggest that you go ahead and update today using RC3. You won’t be disappointed.

Filed under: Computer Software, Internet, Internet Explorer, Mozilla Firefox , , , , , ,

October 9, 2006 • 10:56 pm 1

Microsoft Playing With Double Edged Security Sword

Lately I’ve been reading the complaints from Symantec and McAfee that Microsoft is blocking them out of the Windows Vista kernel. Now, most complaints from end users and security experts are that Windows has been poorly written with security in mind, but when they start adding security they are hit by companies that have built a living off that poor programming. I have to say that I’ve used both companies products in the past, but wouldn’t use them unless I have to.

From my vantage point on the one side of the sword is, I’d rather have an OS that is secure and not have to worry about buying 3rd party products. If it takes securing the Windows kernel, so be it. You know we need to throw this antitrust bull out the window (no pun intended). True, MS has used uncompetitive practices in OEM dealings and needs to be punished for that, but a lot these complaints and lawsuits are just companies picking on the big guy. Let MS make an OS that is secure and let them be. Don’t make them make the OS insecure because you have companies that have been making money from those insecurities and see their cash cow drying up.

Now on the other side of the sword, MS always jumps into something and then lets it slide because the are have no competition, which isn’t a good thing either. Some good examples are Internet Explorer and Windows itself. They become the leader because they are behind in development or have a real good competitor. They work really hard to come up with a great product and once they crush that competition they slack off. Look at what FireFox did to them, it caused them to finally get it in gear to create IE 7. To go back and create a new version of IE that actually is a step forward instead of a creep like a snail. Windows was in direct response to Apple’s GUI. Windows is a knock off of the Apple GUI no matter how many different ways you spin it and I’ve heard them all. In the beginning it was a very poor knock off, but it got more play because Apple didn’t open their system and IBM did to make clones. So Windows thrives, crushes Apple in OS market and sits on it’s laurels to make an insecure OS that it is just now playing catch up with Vista. It’s really bad when MS is the OS leader and the OS X is the better overall OS.

What will Microsoft do with Vista and it’s security? Windows Defender, UAC, Protected mode in IE….will they all be good for a little while and then when the competition dies will they stop innovating or will they become a company that learns from previous mistakes? Will they continue to make improvements, will they be proactive instead of reactive?

These are questions I don’t have an answer for, but I do have a saying that is appropriate, “He who does not learn about his past is bound to make the same mistakes in the future”.

That’s what I think….What about you?

Filed under: Apple Computers, Computer Industry, Computer Software, Internet, Internet Explorer, Microsoft, Mozilla Firefox, Technology , , , , , , , , , , , ,

October 3, 2006 • 7:04 pm 2

Hacker’s FireFox Exploit A Joke

So the two idiots that put on a demonstration of a zero day exploit say it was all a joke. Maybe in their on little minds, but this presentation lead to many articles and media attention. Window Snyder the Chief of Mozilla Security states:

Mr. Spiegelmock admitted to the company that the presentation was meant to be humorous, and that he and Mr. Wbeelsoi had not actually achieved remote execution with the exploit code demonstrated at the show.

At the same time Snyder says that her team spent two days working on the problem.

Mozilla security researchers spent most of Sunday and Monday scrambling to determine whether exploit code revealed during a presentation by hackers Mischa Spiegelmock and Andrew Wbeelsoi at Toorcon over the weekend could allow someone to execute malicious code through a memory corruption attack on Firefox. Source: Mozilla Duped by Hacker’s ‘Humorous’ Presentation – Yahoo! News

So, as you can see their joke costs a company time in lost labor and effort which Mozilla should sue these two hackers for in damages. Mr. Spiegelmock in fact works for blogging-software maker Six Apart which stated:

Spiegelmock will not be terminated for his actions. “We all make mistakes,”

Yes, we all make mistakes, but not in front of billions of people around the world, cause major media coverage and cost 2 days lost labor to a major company. “Gee, I’m sorry mom I just wiped out the bank accounts of everyone at Black Hat Bank. I’m sorry that you are going to spend a lot of time and effort to fix the problem. My Bad….”

That doesn’t cut it with me, I think Six Apart should at the minimum suspend him without pay for the same amount of time that Mozilla spent on researching the hoax. If I owned the company he worked at, I would have fired him immediately. Jokes like this are not humorous.

That’s what I think….What about you?

Filed under: Computer Industry, Computer Software, Hacking, In The News, Internet, Internet Explorer, Microsoft, Mozilla Firefox, Technology , , , , , , , , , , , , ,

October 1, 2006 • 7:14 pm 0

Hackers Irresponsibly Release News of Zero-Day Flaw in Firefox

In an unbelievably irresponsible act two Back Hat hackers have revealed a zero-day flaw in Firefox. By releasing this flaw instead of taking their findings to Mozilla these two hackers have given all low life hackers around the world a way to exploit unwitting users computers as Botnets. The quote below says it all. It shows how much these two men don’t know about common sense or proper action in dealing with real problems. The last statement of the quote from one of the men just shows his lack of understanding.

An attacker could commandeer a computer running the browser simply by crafting a Web page that contains some malicious JavaScript code, Mischa Spiegelmock and Andrew Wbeelsoi said in a presentation at the ToorCon hacker conference here. The flaw affects Firefox on Windows, Apple Computer’s Mac OS X and Linux, they said…..Jesse Ruderman, a Mozilla security staffer, attended the presentation and was called up on the stage with the two hackers. “I do hope you guys change your minds and decide to report the holes to us and take away $500 per vulnerability instead of using them for botnets,” Ruderman said.

The two hackers laughed off the comment. “It is a double-edged sword, but what we’re doing is really for the greater good of the Internet, we’re setting up communication networks for black hats,” Wbeelsoi said. Source: Hackers claim zero-day flaw in Firefox | CNET News.com

This is a great example of why we have to protect ourselves with antivirus, antispyware and firewall software. These black hat hackers are not doing it for the greater good, they are doing it for their own selfish gratification.

That’s what I think….What about you?

Filed under: Computer Industry, Computer Software, Hacking, In The News, Internet, Internet Explorer, Laptops and Accessories, Microsoft, Mozilla Firefox, Technology , , , , , , , , , , , , , , , , ,

September 16, 2006 • 9:26 pm 0

The Exploit Issue IE Versus Firefox

Never trust statistics

Having a math background to go along with the IT, I learned early in high school that you don’t trust statistics because they can be massaged anyway you want them to come out. I was reading a recent article by George Ou at ZDNet about the reporting of exploits and whether it’s a fair measure of a browsers security.

The only way to show true vulnerability is raw data , i.e. the number of exploits during a set time period. Raw numbers are just that, raw numbers, and do not show certain intangibles like market share and hackers. This is the point you can massage numbers with such intangibles.

With that in mind here is the way raw data can be massaged to be skewed toward Opera as the browser everyone should be using. With 80 some percent of the market, IE is bound to have a lot of reported exploits. Firefox, although in the 13 to 15 percent range is the David to IE’s Goliath, so it gets as much attention or more than a product with that market share should normally get. Opera on the other hand isn’t even a factor at less than 3 percent so it doesn’t get the attention that the other two get and therefore looks like it is more secure. If you drop the market share numbers and report the high numbers for IE and Firefox, while at the same time trumpeting the low number of exploits for Opera you can boast that Opera is the most secure browser on the market.

Lastly, when looking at it as a whole, you have to remember hackers look at the big guys, not the insignificant. Windows, IE, Firefox, MS Office all get hit the most because they are the choice of the market. The hackers can make the biggest impact exploiting those programs versus all the others combined.

As an interesting side note, there is a great article on the history of the browser wars at Internetweek. Check it out…:-)

That’s what I think….How about you?

Filed under: Computer Industry, Computer Software, In The News, Internet, Internet Explorer, Microsoft, Mozilla Firefox, Technology , , , , , , , , , , , , ,

Legal Stuff

Anything Goes Discussions
Copyright © 2006 - 2009
Ray Ebersole

The Other Pages of Anything Goes Discussions

Subscribe

Add to Google


Add to My Yahoo!


Add to Technorati Favorites



Only Wordpress

WordPress link

Blogs of the Day
Top Posts of the Day
Growing Blogs



Page Views

  • 262,145 views

Anything Delicious