Slashdot Mirror

← Back to Domains

Domain: secunia.com

Stories and comments across the archive that link to secunia.com.

Comments · 2,642

  1. Secunia advises against what he did by General+Lee's+Peking · · Score: 2, Insightful · on More Mac Vulnerabilities Than Windows In 2007?
    It was pointed out in one of the responses that the writer of the article did exactly what Secunia advised people not to do. From Secunia's Mac OS X vulnerability report:

    The statistics provided should NOT be used to compare the overall security of products against one another.
    So it seems there are three reasonable conclusions to draw here. The first is that the author is incompetent and should be disregarded. The second is that the author is dishonest and manipulative and should be disregarded. The third is both the first and the second.
  2. Re:Counting shows nothing by bunratty · · Score: 5, Informative · on More Mac Vulnerabilities Than Windows In 2007?

    Even Secunia itself says not to use their statistics to compare the overall security of products against one another.

  3. Re:the key to a (more) stable MS Windows install by wssddc · · Score: 1 · on The Advantages of Upgrading From Vista To XP

    > 6) Replace MS MediaPlayer with Media Player Classic.

    I liked Media Player Classic, but it has security vulnerabilities and is no longer maintained. See http://secunia.com/advisories/26806

  4. Re:Supporting by kripkenstein · · Score: 1 · on The Setup Behind Microsoft.com

    So you're saying IIS isn't secure? Please check your facts. No, my point was that (as I answered above) TFA reads like it was written by a fanboy.
  5. Re:Supporting by sid0 · · Score: 1 · on The Setup Behind Microsoft.com

    So you're saying IIS isn't secure? Please check your facts.

  6. Re:Go to Secunia.com by oatworm · · Score: 4, Informative · on Users and Web Developers Vent Over IE7
    To quote Secunia:

    PLEASE NOTE: The statistics provided should NOT be used to compare the overall security of products against one another. It is IMPORTANT to understand what the below comments mean when using the statistics, especially when using the statistics to compare the vulnerability aspects of different products.

    Secunia advisories often cover multiple vulnerabilities. Consequently, the number of advisories issued for a product does not always reflect the number of security issues that have been disclosed. For instance, in 2006 Secunia issued more than 5,000 advisories covering more than 9,000 vulnerabilities. This is counted AFTER removing duplicates generated by Linux distributions, issues in beta software, and what Secunia considers non-issues and fake issues that our competitors and other security vendors often write about.

    It should also be noted that some operating systems (e.g. certain Linux distributions) bundle together a large number of software packages, and are therefore affected by vulnerabilities, which do not affect other operating systems (e.g. Microsoft Windows) that don't bundle together a similar amount of software packages.

    Additionally, the number of Unpatched vulnerabilities for a product may be affected by the fact that certain products (product bundles) consist mostly or solely of third party software (such as Linux distributions). Secunia tracks the number of issues fixed by the product vendor and not the issues reported in the third party software; this affects the statistics looking at Unpatched issues A direct and fair comparison of Unpatched issues for e.g. Microsoft Windows and Linux distributions is therefore NOT possible using the aggregated Secunia statistics. Such a comparison can only be made by tracking the upstream third party software included in Linux distributions and combining this with Linux distributions' own patches before comparing this with the aggregated statistics for Microsoft Windows operating systems. Translation: You can't compare Secunia's Linux vulnerability counts with Secunia's Windows vulnerability counts. Secunia itself says so.
  7. Re:Slight problem with this approach by ChatHuant · · Score: 1 · on Microsoft Wants To Give You A Rorschach

    I need a record of my passwords outside my brain. Where should that record exist?

    For backup, on a piece of paper, maybe in your wallet. For quick access from your computer, get a password manager. PasswordSafe works great for me. Make sure you get a newer version, because some attacks have been found against older ones (but that's true about almost any security software).

  8. Re:And this is a firefox problem... by VGPowerlord · · Score: 1 · on Firefox Susceptible To QuickTime Security Flaw

    A fix implies a problem. I would challenge the notion that it's up to any one app to manage another's buffers, unless that is the application's specific and express intent.

    Further, a fix to FF will NOT fix the problem (the exploit will still exist in QT), it will only fix it if FF acts as a container for plugins, something that's caused no end of pain from IE.

    I agree. Lets just hope that Apple doesn't turn around and blame Mozilla like Mozilla Corp. did to Microsoft when they had a similar problem.
  9. Re:This explains a part of it (memory fragmenting) by Anonymous Coward · · Score: 0 · on Comparing Memory Usage of Firefox 2 vs 3

    "Ah, personally I'd choose Firefox. I lean towards the more technical side of things, anyway." - by Drive42 (444835) on Wednesday November 21, @12:45PM (#21437307) Don't you mean you lean to the INSECURE side of things? Or, is this data incorrect when comparing Opera to FireFox:

    =====
    SECUNIA DATA ON BROWSER SECURITY (dated 11/20/2007):
    =====

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (29% unpatched):

    http://secunia.com/product/12434/

    ----

    Perhaps you meant you like to surf SLOWER (as well as less secure), per this data:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds), right here:

    http://nontroppo.org/timer/kestrel_tests/

    To each his own... You claim to be more on the "technical side of things" & your choice indicates you are not very technical regarding security, OR speed/efficiency.

  10. Re:This explains a part of it (memory fragmenting) by Anonymous Coward · · Score: 0 · on Comparing Memory Usage of Firefox 2 vs 3

    "Ah, personally I'd choose Firefox. I lean towards the more technical side of things, anyway." - by Drive42 (444835) on Wednesday November 21, @12:45PM (#21437307) Don't you mean you lean to the INSECURE side of things? Or, is this data incorrect when comparing Opera to FireFox:

    =====
    SECUNIA DATA ON BROWSER SECURITY (dated 11/20/2007):
    =====

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (29% unpatched):

    http://secunia.com/product/12434/

    ----

    Perhaps you meant you like to surf SLOWER (as well as less secure), per this data:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds), right here:

    http://nontroppo.org/timer/kestrel_tests/

    To each his own... You claim to be more on the "technical side of things" & your choice indicates you are not very technical regarding security, OR speed/efficiency.

  11. This explains a part of it (memory fragmenting) by Anonymous Coward · · Score: 1, Informative · on Comparing Memory Usage of Firefox 2 vs 3

    http://blog.pavlov.net/2007/11/10/memory-fragmentation/

    An interesting read on how memory fragmentation adversely affects FireFox... & why/how.

    APK

    P.S.=> I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 11/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    ----

    Netscape 9.0.0.3 (0% unpatched)

    http://secunia.com/product/14690/

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (29% unpatched):

    http://secunia.com/product/12434/

    ----

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (37% unpatched):

    http://secunia.com/product/12366/

    ----

    Those %'s are the latest for FireFox 2.0.0.9, Netscape 9.0.0.3, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

    http://nontroppo.org/timer/kestrel_tests/

    Opera's just more std.'s compliant, faster, & more secure than the others... so, "where do you want to go today?"...

    apk

  12. This explains a part of it (memory fragmenting) by Anonymous Coward · · Score: 1, Informative · on Comparing Memory Usage of Firefox 2 vs 3

    http://blog.pavlov.net/2007/11/10/memory-fragmentation/

    An interesting read on how memory fragmentation adversely affects FireFox... & why/how.

    APK

    P.S.=> I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 11/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    ----

    Netscape 9.0.0.3 (0% unpatched)

    http://secunia.com/product/14690/

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (29% unpatched):

    http://secunia.com/product/12434/

    ----

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (37% unpatched):

    http://secunia.com/product/12366/

    ----

    Those %'s are the latest for FireFox 2.0.0.9, Netscape 9.0.0.3, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

    http://nontroppo.org/timer/kestrel_tests/

    Opera's just more std.'s compliant, faster, & more secure than the others... so, "where do you want to go today?"...

    apk

  13. This explains a part of it (memory fragmenting) by Anonymous Coward · · Score: 1, Informative · on Comparing Memory Usage of Firefox 2 vs 3

    http://blog.pavlov.net/2007/11/10/memory-fragmentation/

    An interesting read on how memory fragmentation adversely affects FireFox... & why/how.

    APK

    P.S.=> I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 11/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    ----

    Netscape 9.0.0.3 (0% unpatched)

    http://secunia.com/product/14690/

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (29% unpatched):

    http://secunia.com/product/12434/

    ----

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (37% unpatched):

    http://secunia.com/product/12366/

    ----

    Those %'s are the latest for FireFox 2.0.0.9, Netscape 9.0.0.3, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

    http://nontroppo.org/timer/kestrel_tests/

    Opera's just more std.'s compliant, faster, & more secure than the others... so, "where do you want to go today?"...

    apk

  14. This explains a part of it (memory fragmenting) by Anonymous Coward · · Score: 1, Informative · on Comparing Memory Usage of Firefox 2 vs 3

    http://blog.pavlov.net/2007/11/10/memory-fragmentation/

    An interesting read on how memory fragmentation adversely affects FireFox... & why/how.

    APK

    P.S.=> I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 11/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    ----

    Netscape 9.0.0.3 (0% unpatched)

    http://secunia.com/product/14690/

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (29% unpatched):

    http://secunia.com/product/12434/

    ----

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (37% unpatched):

    http://secunia.com/product/12366/

    ----

    Those %'s are the latest for FireFox 2.0.0.9, Netscape 9.0.0.3, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

    http://nontroppo.org/timer/kestrel_tests/

    Opera's just more std.'s compliant, faster, & more secure than the others... so, "where do you want to go today?"...

    apk

  15. Re:I wouldn't be too alarmed. by Anonymous Coward · · Score: 1, Interesting · on Using Google To Crack MD5 Passwords

    Yeah, but I'd expect a "security" blog to know better. WordPress's list of vulnerabilities is way too long and is often held up as an example of insecure PHP code. The whole thing is deeply flawed.

  16. Safari 3 by cuijian · · Score: 1 · on Firefox 3 Beta 1 Review

    If you care about security, speed and ease of use shouldn't you be running Safari? I always thought that the advantage of Firefox was its extensions model (which seems to be part of the reason for FF's memory and stability issues). Especially now that the new 3.0.4 release of Safari on Windows seems to fix the issues in the first Windows Beta.

    Security
    According to Secunia, the Safari team seems to be doing a much better job than Firefox. Safari didn't have any highly critical or moderately critical issues reported, Firefox had 8. Safari has a total of 3 less or not critical issues still to be resolved. Firefox has a total of 4 less or not critical issues still to be resolved.

    The Firefox team wins on the number of security issues fixed but only becasuse they had more security issues in the first place.

    http://secunia.com/product/12434/?task=advisories
    http://secunia.com/product/5289/?task=advisories

    Firefox - 6 Highly critical issues had been found (6 fixed)
    Safari - 0 Highly critical issues have been found

    Firefox - 2 Moderately critical issues had been found (2 fixed)
    Safari - 0 Moderately critical issues have been found

    Firefox - 6 Less critical issues had been found (3 fixed)
    Safari - 3 Less critical issues have been found (2 fixed)

    Firefox - 3 Not critical issues had been found (1 fixed)
    Safari - 3 Not critical issues have been found (1 fixed)

    Speed
    Apple claims that Safari's HTML rendering is 1.7x faster than FF and their JavaScript is 2.4x faster on Windows. On the Mac the difference is even greater - 3.1x and 2.7x.

    There are many ways to measure performance and that the results will vary on each but I have yet to see anyone show a benchmark where Firefox is faster than Safari. I've seen unscientific tests where someone with a blog and a stopwatch makes claims down to the hundredth of a second based on a tiny sample set, the variability of the live Internet, and a handpicked site or two to make their point but that doesn't have the same credibility to me as a benchmark developed by an independent 3rd party.

    Apple is the only company I've seen actually put up numbers, their testing configuration and the details about their benchmark. i-Bench was developed by Ziff Davis labs and was used regularly to compare IE and Netscape in PC Mag during the first browser wars. I had never heard lots of complaints about the benchmark until it was being used to show the Firefox was slow. The attacks would sound more genuine if the attackers would offer up a better alternative.

    http://www.apple.com/safari/
    http://www.apple.com/macosx/features/safari.html

    Ease of use
    This is what Apple products are all about. They might not have all of the advanced features of Firefox and IE but they excel at simple, easy-to-use interfaces.

        -cj

  17. Safari 3 by cuijian · · Score: 1 · on Firefox 3 Beta 1 Review

    If you care about security, speed and ease of use shouldn't you be running Safari? I always thought that the advantage of Firefox was its extensions model (which seems to be part of the reason for FF's memory and stability issues). Especially now that the new 3.0.4 release of Safari on Windows seems to fix the issues in the first Windows Beta.

    Security
    According to Secunia, the Safari team seems to be doing a much better job than Firefox. Safari didn't have any highly critical or moderately critical issues reported, Firefox had 8. Safari has a total of 3 less or not critical issues still to be resolved. Firefox has a total of 4 less or not critical issues still to be resolved.

    The Firefox team wins on the number of security issues fixed but only becasuse they had more security issues in the first place.

    http://secunia.com/product/12434/?task=advisories
    http://secunia.com/product/5289/?task=advisories

    Firefox - 6 Highly critical issues had been found (6 fixed)
    Safari - 0 Highly critical issues have been found

    Firefox - 2 Moderately critical issues had been found (2 fixed)
    Safari - 0 Moderately critical issues have been found

    Firefox - 6 Less critical issues had been found (3 fixed)
    Safari - 3 Less critical issues have been found (2 fixed)

    Firefox - 3 Not critical issues had been found (1 fixed)
    Safari - 3 Not critical issues have been found (1 fixed)

    Speed
    Apple claims that Safari's HTML rendering is 1.7x faster than FF and their JavaScript is 2.4x faster on Windows. On the Mac the difference is even greater - 3.1x and 2.7x.

    There are many ways to measure performance and that the results will vary on each but I have yet to see anyone show a benchmark where Firefox is faster than Safari. I've seen unscientific tests where someone with a blog and a stopwatch makes claims down to the hundredth of a second based on a tiny sample set, the variability of the live Internet, and a handpicked site or two to make their point but that doesn't have the same credibility to me as a benchmark developed by an independent 3rd party.

    Apple is the only company I've seen actually put up numbers, their testing configuration and the details about their benchmark. i-Bench was developed by Ziff Davis labs and was used regularly to compare IE and Netscape in PC Mag during the first browser wars. I had never heard lots of complaints about the benchmark until it was being used to show the Firefox was slow. The attacks would sound more genuine if the attackers would offer up a better alternative.

    http://www.apple.com/safari/
    http://www.apple.com/macosx/features/safari.html

    Ease of use
    This is what Apple products are all about. They might not have all of the advanced features of Firefox and IE but they excel at simple, easy-to-use interfaces.

        -cj

  18. " there are lesser minds who opt for Opera?" by Anonymous Coward · · Score: 0 · on Hackers Use Banner Ads on Major Sites to Hijack Your PC

    LOL! Ok, sure... lesser minds like to surf faster, & more securely, than they do with other browsers (AND, have all the features other browsers needs addons (which MAY or MAY NOT BE SECURELY CODED mind you)) to do!

    Evidences?

    ====
    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):
    ====

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    * NETSCAPE 9.0.0.3 also qualifies here, as does Opera, with 0% unpatched known bugs/issues!

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    ----

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    ----

    Those %'s are the latest for FireFox 2.0.0.9, Netscape 9.0.0.3 (decent one but not as natively fully feature packed without addons as Opera is, nor is it as fast overall), & IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24...

    All latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

    http://nontroppo.org/timer/kestrel_tests/

    Opera's just more std.'s compliant, faster, & more secure than the others... so, "where do you want to go today?"...

    APK

    P.S.=> We "lesser minds" of the net can only present the evidences noted above, vs. your great name-tossing wisdom... lol! apk

  19. " there are lesser minds who opt for Opera?" by Anonymous Coward · · Score: 0 · on Hackers Use Banner Ads on Major Sites to Hijack Your PC

    LOL! Ok, sure... lesser minds like to surf faster, & more securely, than they do with other browsers (AND, have all the features other browsers needs addons (which MAY or MAY NOT BE SECURELY CODED mind you)) to do!

    Evidences?

    ====
    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):
    ====

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    * NETSCAPE 9.0.0.3 also qualifies here, as does Opera, with 0% unpatched known bugs/issues!

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    ----

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    ----

    Those %'s are the latest for FireFox 2.0.0.9, Netscape 9.0.0.3 (decent one but not as natively fully feature packed without addons as Opera is, nor is it as fast overall), & IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24...

    All latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

    http://nontroppo.org/timer/kestrel_tests/

    Opera's just more std.'s compliant, faster, & more secure than the others... so, "where do you want to go today?"...

    APK

    P.S.=> We "lesser minds" of the net can only present the evidences noted above, vs. your great name-tossing wisdom... lol! apk

  20. " there are lesser minds who opt for Opera?" by Anonymous Coward · · Score: 0 · on Hackers Use Banner Ads on Major Sites to Hijack Your PC

    LOL! Ok, sure... lesser minds like to surf faster, & more securely, than they do with other browsers (AND, have all the features other browsers needs addons (which MAY or MAY NOT BE SECURELY CODED mind you)) to do!

    Evidences?

    ====
    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):
    ====

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    * NETSCAPE 9.0.0.3 also qualifies here, as does Opera, with 0% unpatched known bugs/issues!

    ----

    FireFox 2.0.0.9 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    ----

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    ----

    Those %'s are the latest for FireFox 2.0.0.9, Netscape 9.0.0.3 (decent one but not as natively fully feature packed without addons as Opera is, nor is it as fast overall), & IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24...

    All latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

    http://nontroppo.org/timer/kestrel_tests/

    Opera's just more std.'s compliant, faster, & more secure than the others... so, "where do you want to go today?"...

    APK

    P.S.=> We "lesser minds" of the net can only present the evidences noted above, vs. your great name-tossing wisdom... lol! apk

  21. Re:Yes, but... by Anonymous Coward · · Score: 0 · on Windows Vista SP1 Hands-On Details

    "UAC is basically SEWindows" - by ctr2sprt (574731) on Sunday November 18, @06:48PM (#21401669)

    No, this is more like it (& the 12 steps it uses to make Windows 2000/XP/Server 2003, & yes, even VISTA in many of its principles, more secured):

    http://forums.techpowerup.com/showthread.php?s=f4b0388085f46ffe45bbc0c4acf7b358&p=500261#post500261

    It works.

    APK

    P.S.=> It's as secure as I can make a Windows machine, & I hope you all try it (those of you that use Windows) & gain the same as I have... I would also add this onto it (stopping Java/JavaScript/ActiveX usage on the public internet since unfortunately, they are used against you @ times, even in adbanners the past few years now):

    AN IMPORTANT POINT:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA) On the PUBLIC internet, PERIOD!

    Why? Well, read on:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks (even thru adbanners!)). Some examples:

    http://www.wired.com/techbiz/media/news/2007/11/doubleclick

    &

    http://apcmag.com/5382/microsoft_apologises_for_serving_malware_to_customers

    If you MUST use Javascript (for instance, on a particular site like banking or shopping oriented ones)?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    * NETSCAPE 9.0.0.3 also qualifies here, as does Opera, with 0% unpatched known bugs/issues!

    FireFox 2.0.0.9 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.8, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST sta

  22. Re:Yes, but... by Anonymous Coward · · Score: 0 · on Windows Vista SP1 Hands-On Details

    "UAC is basically SEWindows" - by ctr2sprt (574731) on Sunday November 18, @06:48PM (#21401669)

    No, this is more like it (& the 12 steps it uses to make Windows 2000/XP/Server 2003, & yes, even VISTA in many of its principles, more secured):

    http://forums.techpowerup.com/showthread.php?s=f4b0388085f46ffe45bbc0c4acf7b358&p=500261#post500261

    It works.

    APK

    P.S.=> It's as secure as I can make a Windows machine, & I hope you all try it (those of you that use Windows) & gain the same as I have... I would also add this onto it (stopping Java/JavaScript/ActiveX usage on the public internet since unfortunately, they are used against you @ times, even in adbanners the past few years now):

    AN IMPORTANT POINT:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA) On the PUBLIC internet, PERIOD!

    Why? Well, read on:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks (even thru adbanners!)). Some examples:

    http://www.wired.com/techbiz/media/news/2007/11/doubleclick

    &

    http://apcmag.com/5382/microsoft_apologises_for_serving_malware_to_customers

    If you MUST use Javascript (for instance, on a particular site like banking or shopping oriented ones)?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    * NETSCAPE 9.0.0.3 also qualifies here, as does Opera, with 0% unpatched known bugs/issues!

    FireFox 2.0.0.9 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.8, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST sta

  23. Re:Yes, but... by Anonymous Coward · · Score: 0 · on Windows Vista SP1 Hands-On Details

    "UAC is basically SEWindows" - by ctr2sprt (574731) on Sunday November 18, @06:48PM (#21401669)

    No, this is more like it (& the 12 steps it uses to make Windows 2000/XP/Server 2003, & yes, even VISTA in many of its principles, more secured):

    http://forums.techpowerup.com/showthread.php?s=f4b0388085f46ffe45bbc0c4acf7b358&p=500261#post500261

    It works.

    APK

    P.S.=> It's as secure as I can make a Windows machine, & I hope you all try it (those of you that use Windows) & gain the same as I have... I would also add this onto it (stopping Java/JavaScript/ActiveX usage on the public internet since unfortunately, they are used against you @ times, even in adbanners the past few years now):

    AN IMPORTANT POINT:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA) On the PUBLIC internet, PERIOD!

    Why? Well, read on:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks (even thru adbanners!)). Some examples:

    http://www.wired.com/techbiz/media/news/2007/11/doubleclick

    &

    http://apcmag.com/5382/microsoft_apologises_for_serving_malware_to_customers

    If you MUST use Javascript (for instance, on a particular site like banking or shopping oriented ones)?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    * NETSCAPE 9.0.0.3 also qualifies here, as does Opera, with 0% unpatched known bugs/issues!

    FireFox 2.0.0.9 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.8, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST sta

  24. 5. Security without annoyances by Anonymous Coward · · Score: 0 · on Microsoft Windows 7 "Wishlist" Leaked

    "5. Security without annoyances" - by webmaster404 (1148909) on Tuesday November 13, @07:21PM (#21343909)

    Answer = http://forums1.techpowerup.com/showthread.php?s=9717b49a6f03fb3785d81d27ec523633&p=500261#post500261

    It works.

    1-2.5 hours of work, for YEARS of solid, safe, & fast uptime (with security & proofs + tools & tests to use to help you do it, that make it as simple as it gets).

    Simpler than SeLinux, & FAR BETTER than its defaults.

    And yes... On Windows 2000/XP/Server 2003 & even VISTA, using the same principals (the least on 2k, it's too "old & different" @ varying levels (including the recent RND function issue) from the others, but it still helps it even, a hell of a lot).

    Enjoy those of you that use Windows based OS once you apply it ALL fully...

    APK

    P.S.=> Add this to it? You're as safe as is needed on s single system (or, networked nodes even) online today, with good practices & secure softwares (especially browsers):

    AN IMPORTANT POINT:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA + FLASH too) On the PUBLIC internet, PERIOD!

    Why:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks).

    If you MUST use Javascript?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    (Banking sites is a good example that DEMANDS you use javascript)

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox 2.0.0.8 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.9, IE7 after TODAY, "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.ho

  25. 5. Security without annoyances by Anonymous Coward · · Score: 0 · on Microsoft Windows 7 "Wishlist" Leaked

    "5. Security without annoyances" - by webmaster404 (1148909) on Tuesday November 13, @07:21PM (#21343909)

    Answer = http://forums1.techpowerup.com/showthread.php?s=9717b49a6f03fb3785d81d27ec523633&p=500261#post500261

    It works.

    1-2.5 hours of work, for YEARS of solid, safe, & fast uptime (with security & proofs + tools & tests to use to help you do it, that make it as simple as it gets).

    Simpler than SeLinux, & FAR BETTER than its defaults.

    And yes... On Windows 2000/XP/Server 2003 & even VISTA, using the same principals (the least on 2k, it's too "old & different" @ varying levels (including the recent RND function issue) from the others, but it still helps it even, a hell of a lot).

    Enjoy those of you that use Windows based OS once you apply it ALL fully...

    APK

    P.S.=> Add this to it? You're as safe as is needed on s single system (or, networked nodes even) online today, with good practices & secure softwares (especially browsers):

    AN IMPORTANT POINT:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA + FLASH too) On the PUBLIC internet, PERIOD!

    Why:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks).

    If you MUST use Javascript?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    (Banking sites is a good example that DEMANDS you use javascript)

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox 2.0.0.8 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.9, IE7 after TODAY, "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.ho

  26. 5. Security without annoyances by Anonymous Coward · · Score: 0 · on Microsoft Windows 7 "Wishlist" Leaked

    "5. Security without annoyances" - by webmaster404 (1148909) on Tuesday November 13, @07:21PM (#21343909)

    Answer = http://forums1.techpowerup.com/showthread.php?s=9717b49a6f03fb3785d81d27ec523633&p=500261#post500261

    It works.

    1-2.5 hours of work, for YEARS of solid, safe, & fast uptime (with security & proofs + tools & tests to use to help you do it, that make it as simple as it gets).

    Simpler than SeLinux, & FAR BETTER than its defaults.

    And yes... On Windows 2000/XP/Server 2003 & even VISTA, using the same principals (the least on 2k, it's too "old & different" @ varying levels (including the recent RND function issue) from the others, but it still helps it even, a hell of a lot).

    Enjoy those of you that use Windows based OS once you apply it ALL fully...

    APK

    P.S.=> Add this to it? You're as safe as is needed on s single system (or, networked nodes even) online today, with good practices & secure softwares (especially browsers):

    AN IMPORTANT POINT:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA + FLASH too) On the PUBLIC internet, PERIOD!

    Why:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks).

    If you MUST use Javascript?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    (Banking sites is a good example that DEMANDS you use javascript)

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox 2.0.0.8 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.9, IE7 after TODAY, "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.ho

  27. Re:It's about CRITICAL MASS... Do your reseach. by awpoopy · · Score: 1 · on Fake Codec is Mac OS X Trojan

    Maybe you should check out "your OS" that you're so proud of with consistently open holes in their "data center" server. http://secunia.com/product/1174/?task=statistics Yes, I too once was a MS developer, blah, blah, blah. 20 years working with that crap.

  28. Re:It's about CRITICAL MASS... by El+Lobo · · Score: 1 · on Fake Codec is Mac OS X Trojan

    The fact is, it ISN'T easy to do because of the security measure Apple has consciously put in place.
    Oh, I understand: like the new fantastic Leopard firewall? Or one of these 105 critical unpatched vulnerabilities? Oh, and you wanted to see one virus for Makos? Meybe this macarena virus is the wonder that you were waiting for? Nahh,, it's imposible. We KNOW that the wonderful and incredibly secure makOs is invulnerable to kryptonite.
  29. Re:Hmm by Anonymous Coward · · Score: 1, Insightful · on Fake Codec is Mac OS X Trojan

    Okay, how about I do. iPhone runs MacOSX, right? Well, it does have a vulnerability that lets a malicious website or email content take complete control of the device. It's been there for a couple of weeks, is highly publicized and Apple has yet to fix it.

    Nothing like having a website able to dial 911 for you, eh?

    http://secunia.com/advisories/27213/

  30. Re:Disabling Script? by Anonymous Coward · · Score: 0 · on AntiVirus Products Fail to Find Simple IE Malware

    "I'm surprise to you can still use the web today without javascript... or at least you are missing a great part of it." - by JcMorin (930466) on Monday October 29, @04:01PM (#21160875)

    I can use the web just fine without scripting (unless its a banking site, or shopping site), & doing that in addition to what's here:

    http://forums1.techpowerup.com/showthread.php?s=13257d4e042c172538d3aa73872bc7e2&p=500261#post500261

    Allows me to do so, virus/spyware free, 110%... for more than a decade now.

    ----

    "I think the solution is to have secure browser... nothing more." - by JcMorin (930466) on Monday October 29, @04:01PM (#21160875)

    See my P.S., & ask, and ye shall receive... fastest one too!

    APK

    P.S.> Been saying this for years now:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA) On the PUBLIC internet, PERIOD!

    Why? Well, read on:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks).

    f you MUST use Javascript?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    (Banking OR shopping sites are good examples that DEMAND you use javascript)

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    ----

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox 2.0.0.8 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.8, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

  31. Re:Disabling Script? by Anonymous Coward · · Score: 0 · on AntiVirus Products Fail to Find Simple IE Malware

    "I'm surprise to you can still use the web today without javascript... or at least you are missing a great part of it." - by JcMorin (930466) on Monday October 29, @04:01PM (#21160875)

    I can use the web just fine without scripting (unless its a banking site, or shopping site), & doing that in addition to what's here:

    http://forums1.techpowerup.com/showthread.php?s=13257d4e042c172538d3aa73872bc7e2&p=500261#post500261

    Allows me to do so, virus/spyware free, 110%... for more than a decade now.

    ----

    "I think the solution is to have secure browser... nothing more." - by JcMorin (930466) on Monday October 29, @04:01PM (#21160875)

    See my P.S., & ask, and ye shall receive... fastest one too!

    APK

    P.S.> Been saying this for years now:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA) On the PUBLIC internet, PERIOD!

    Why? Well, read on:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks).

    f you MUST use Javascript?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    (Banking OR shopping sites are good examples that DEMAND you use javascript)

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    ----

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox 2.0.0.8 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.8, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

  32. Re:Disabling Script? by Anonymous Coward · · Score: 0 · on AntiVirus Products Fail to Find Simple IE Malware

    "I'm surprise to you can still use the web today without javascript... or at least you are missing a great part of it." - by JcMorin (930466) on Monday October 29, @04:01PM (#21160875)

    I can use the web just fine without scripting (unless its a banking site, or shopping site), & doing that in addition to what's here:

    http://forums1.techpowerup.com/showthread.php?s=13257d4e042c172538d3aa73872bc7e2&p=500261#post500261

    Allows me to do so, virus/spyware free, 110%... for more than a decade now.

    ----

    "I think the solution is to have secure browser... nothing more." - by JcMorin (930466) on Monday October 29, @04:01PM (#21160875)

    See my P.S., & ask, and ye shall receive... fastest one too!

    APK

    P.S.> Been saying this for years now:

    STOP JAVASCRIPT USAGE IN YOUR BROWSERS (along with ActiveX & JAVA) On the PUBLIC internet, PERIOD!

    Why? Well, read on:

    Fact is, that today? Well... Javascript's dangerous & can be used AGAINST you, as well as help you... it truly is, or can be, a 'double-edged sword'...

    (For example - if you follow security related news, you will see that JavaScript is the key avenue being used against you in today's attacks).

    f you MUST use Javascript?

    Try "NoScript" (the .xpi addon for FireFox/Mozilla/NetScape 9 etc.) & let it let YOU decide sites to use it on, & then DISABLE JAVA/JAVASCRIPT globally...

    (& if you use IE, trying to do the same can be a nightmare (as IE will "nag you to death" if you turn off javascript on sites that use it)).

    Opera has similar functionality, ALBEIT, built into it by default as a NATIVE tool!

    I.E.-> The ability to GLOBALLY block scripting tools like Javascript, BUT... to also allow it for sites you MUST use it on as exceptions to the GLOBAL rule set in Tools, Preferences menus it has on its menubar.

    (Banking OR shopping sites are good examples that DEMAND you use javascript)

    Opera has the NATIVE BUILT IN ABILITY to allow you to use it on sites you visit IF you must, via rightclicks on the page & "EDIT SITE PREFERENCES" popup menu submenu item that appears.

    Either way? It works, & I STRONGLY recommend this. I also recommend Opera for these reasons (less security holes period, & the 1 it had yesterday? Patched yesterday too... fast!)

    ----

    SECUNIA DATA ON BROWSER SECURITY (dated 10/20/2007):

    Opera 9.24 security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox 2.0.0.8 security advisories @ SECUNIA (25% unpatched):

    http://secunia.com/product/12434/

    IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (40% unpatched):

    http://secunia.com/product/12366/

    Those %'s are the latest for FireFox 2.0.0.8, IE7 after last "patch Tuesday" from MS with the "CUMULATIVE IE UPDATES" they have (see the security downloads URL I post in the 12 steps above to secure yourself), & Opera 9.24... all latest/greatest models.

    So, as you can see?

    Well, NOT ONLY IS OPERA MORE SECURE/BEARING LESS SECURITY VULNERABILITIES?

    It's faster too, on just about ANYTHING a browser does    , & is probably the MOST standards compliant browser under the sun (not counting HTML dev tools). This is borne out in these tests:

    http://www.howtocreate.co.uk/browserSpeed.html

    AND, yes others (most recently in Javascript parsing speeds, oddly enough, lol... given the topic of my post here that is), right here:

  33. Re:Introduction movie by Niten · · Score: 1 · on Ars Technica Reviews OS X 10.5

    I've never ever ever heard an end user observe that programs on Mac OS X "crash more" or "install adware more" than programs on XP or Vista. This could change, but when is it going to happen and how?

    There's no question that buffer overruns are at least as big a problem for Apple as they are for Microsoft. Just ask QuickTime. We could argue all day over why they aren't as widely exploited on OS X for now, but whatever the reason, it's no excuse for being complacent about the problem.

    These vendors don't give a flying fuck about .NET, and won't probably ever, and we have yet to see any .NET or managed-runtime competitors for them.

    In much the same way that Adobe and Microsoft don't give a flying fuck about Cocoa on OS X. Today's new software is by and large being developed on Cocoa and .NET; but of course all the big legacy applications are still based on the older frameworks, on their respective operating systems.

    Anyway, there's a whole lot more to a managed runtime like .NET than the corresponding security against memory corruption (which even by itself is significant). For example:

    • Portability. Suppose the PC industry altogether decided to switch from the x86 architecture to PowerPC. For pure .NET applications, we wouldn't have to suffer the burden of running them in Microsoft's anti-Rosetta until native PowerPC versions were shipped by each vendor; as long as there is a .NET runtime on that processor architecture, the apps would "just work", no fat binaries needed. A managed virtual runtime helps future-proof applications against unknown hardware requirements and advances.
    • Type safety. Program behavior can be better verified under the memory-safe conditions of a managed runtime. This may eventually lead to widespread changes in hardware and software architecture. See the Singularity project for more information.
    • Interoperability. Microsoft's CLI in particular provides a unified approach for handling exceptions, garbage collection, method invocation, and data passing in environments containing code written in a variety of languages.
    • Fine-grained security. .NET's Code Access Security provides fine-grained control through code validation and call stack inspection.

    It's not just "safety snobs" who see the managed runtime as the future. There's a whole world of benefit to be had in abstracting bytecode from the CPU, replacing some of the rigid complexity of the hardware with software's power and flexibility. And if the managed runtime proponents turn out to be right, Apple will have lot of catch-up work to do...

  34. Re:Theo is so full of himself he misses reality by LLuthor · · Score: 2, Informative · on Virtualization Decreases Security

    Lots of hypervizors and VM kernels are vulnerable, and can allow guest OSes to inject code into the host OS.

    See this for just a few examples: http://secunia.com/advisories/26890
    I can easily find several implementations that cause DOS and escalation attacks on older versions (these are fixed in the current versions, but you can bet more flaws will be found).

    Regardless of Theo's opinion of himself, he is right in that more complexity means more bugs.

  35. Huh? by RzUpAnmsCwrds · · Score: 1 · on Vista Runs Out of Memory While Copying Files
    Why is this newsworthy? Vista has a memory leak in the shell, and they offer a patch on request and will fix it in SP1.

    Anyone try using Firefox lately? Sitting here, doing ABSOLUTELY NOTHING, with 3 tabs open, it's at 69MB right now. I have seen it hit 300MB before, and the longer you have it open, the worse it gets.

    Memory leaks happen. They're called bugs. Bugs eventually get fixed.

    No, this has nothing to do with a bug in Vista. This has to do with the Slashdot editors throwing more red meat to the dogs. Just like the broadband stories that pop up every few weeks (how many times do we need to be told that the US isn't #1 in broadband?), and just about every other Vista story.

    You may notice something though - what hasn't been popping up. There are fewer vulnerabilities for Vista: Secunia reports just 15 vulnerabilities ever, compared with 24 for XP in 2007 and 45 for XP in 2006.

    People are complaining that Vista requires too much memory and doesn't have 100% hardware support. Well, 2GB of DDR2 now runs about $60, and pretty much any new hardware sold today is Vista-compatible (not to mention lots of older hardware, including everything in my 3 Vista PCs, all of which predate Vista).

    People won't care that Vista has higher hardware requirements. They will care that it's more secure and more robust. Ask anyone who has overclocked their GPU too much:

    • XP: Blue sceeen
    • Linux: X dies (along with your session), sometimes kernel panic
    • Mac OS X: Happy graphical kernel panic
    • Vista: Display goes black for a couple of seconds, GPU restarts with default settings, desktop reappears


    It may not seem like a big thing, but display drivers are very complex and they shouldn't be able to bring down the computer.
  36. Re:You gotta be kidding. by Allador · · Score: 1 · on OpenOffice.org 3.0 Wants to Compete with Outlook

    Please, I've seen at least 7 advisories this year on exploitable, unpatched buffer overflows in current versions of Outlook. I don't recall any that have been wormed, but if a worm is made to exploit an e-mail program and it spreads widely, you can bet it will only be affecting Outlook users. Interesting, because it looks to me like Secunia says differently.

    Those links show zero unpatched advisories in Outlook 2002/XP and Outlook 2007. It shows one unpatched advisory in Outlook 2003 that is 3 months old. It's mildly bad, but has some extenuating circumstances around it (must forward to trigger, etc).

    Also, since one of the service packs in Outlook 2000, its been trivial to force Outlook to render everything in plain text, which brings your vulnerability to pretty much zero.

    Combine that with a typical security policy where people aren't running as local admins, and its not too much of an issue.

    Real world experience shows this sort of thing to pretty much be a non-issue these days, and hasnt been for many years.

    It may be an old problem, but it is still a current one. Change tracking is not the only way data is mined from doc files. Regular .doc recovery programs as well as programs designed specifically for the purpose can often recover deleted parts of files and in some cases unrelated deleted data from the user's hard disk. I think you're stretching what we're talking about here. Undelete programs that recover freed sectors on the disk has nothing to do with Microsoft, or MS Office, or Windows. Thats a very typical file system problem, that is well understood, and has nothing to do with office programs.

    The well publicized information leakage problem present in older versions of Word, that came to light in several very public situations, is largely a non-issue nowadays, due to configuration and behavior changes in the software.

    Finally, Word suffers from the same monoculture problem as Outlook as seen with the targeted industrial espionage utilizing buffer overflows in Word and Excel, from earlier this year. In fact, those attacks were discovered by users whose company had standardized on StarOffice and thus questioned why their colleagues within the company were sending them .doc files. Although I hesitate to even respond to the silly 'monoculture' meme, your particular incantation of it isnt very relevant.

    All office programs have vulnerabilities, buffer overflows, remote compromises. It's par for the course for this type of software. The fact that most desktops in the world run 'some version' of MS Office doesnt magically grant extra vulnerability.

    Even with complete remote, own-the-box with no user interaction vulnerabilities, this magical monoculture thing doesnt kick in. I've seen things like Blaster and other more targeted attacks sweep through large organizations. And you know what? The response and effectiveness of the attacks within the windows 'monoculture' is highly non-uniform. The only predictable factor is that the well managed groups tend to have no problems, and the poorly managed groups tend to have problems.
  37. Re:You gotta be kidding. by Allador · · Score: 1 · on OpenOffice.org 3.0 Wants to Compete with Outlook

    Please, I've seen at least 7 advisories this year on exploitable, unpatched buffer overflows in current versions of Outlook. I don't recall any that have been wormed, but if a worm is made to exploit an e-mail program and it spreads widely, you can bet it will only be affecting Outlook users. Interesting, because it looks to me like Secunia says differently.

    Those links show zero unpatched advisories in Outlook 2002/XP and Outlook 2007. It shows one unpatched advisory in Outlook 2003 that is 3 months old. It's mildly bad, but has some extenuating circumstances around it (must forward to trigger, etc).

    Also, since one of the service packs in Outlook 2000, its been trivial to force Outlook to render everything in plain text, which brings your vulnerability to pretty much zero.

    Combine that with a typical security policy where people aren't running as local admins, and its not too much of an issue.

    Real world experience shows this sort of thing to pretty much be a non-issue these days, and hasnt been for many years.

    It may be an old problem, but it is still a current one. Change tracking is not the only way data is mined from doc files. Regular .doc recovery programs as well as programs designed specifically for the purpose can often recover deleted parts of files and in some cases unrelated deleted data from the user's hard disk. I think you're stretching what we're talking about here. Undelete programs that recover freed sectors on the disk has nothing to do with Microsoft, or MS Office, or Windows. Thats a very typical file system problem, that is well understood, and has nothing to do with office programs.

    The well publicized information leakage problem present in older versions of Word, that came to light in several very public situations, is largely a non-issue nowadays, due to configuration and behavior changes in the software.

    Finally, Word suffers from the same monoculture problem as Outlook as seen with the targeted industrial espionage utilizing buffer overflows in Word and Excel, from earlier this year. In fact, those attacks were discovered by users whose company had standardized on StarOffice and thus questioned why their colleagues within the company were sending them .doc files. Although I hesitate to even respond to the silly 'monoculture' meme, your particular incantation of it isnt very relevant.

    All office programs have vulnerabilities, buffer overflows, remote compromises. It's par for the course for this type of software. The fact that most desktops in the world run 'some version' of MS Office doesnt magically grant extra vulnerability.

    Even with complete remote, own-the-box with no user interaction vulnerabilities, this magical monoculture thing doesnt kick in. I've seen things like Blaster and other more targeted attacks sweep through large organizations. And you know what? The response and effectiveness of the attacks within the windows 'monoculture' is highly non-uniform. The only predictable factor is that the well managed groups tend to have no problems, and the poorly managed groups tend to have problems.
  38. Re:You gotta be kidding. by Allador · · Score: 1 · on OpenOffice.org 3.0 Wants to Compete with Outlook

    Please, I've seen at least 7 advisories this year on exploitable, unpatched buffer overflows in current versions of Outlook. I don't recall any that have been wormed, but if a worm is made to exploit an e-mail program and it spreads widely, you can bet it will only be affecting Outlook users. Interesting, because it looks to me like Secunia says differently.

    Those links show zero unpatched advisories in Outlook 2002/XP and Outlook 2007. It shows one unpatched advisory in Outlook 2003 that is 3 months old. It's mildly bad, but has some extenuating circumstances around it (must forward to trigger, etc).

    Also, since one of the service packs in Outlook 2000, its been trivial to force Outlook to render everything in plain text, which brings your vulnerability to pretty much zero.

    Combine that with a typical security policy where people aren't running as local admins, and its not too much of an issue.

    Real world experience shows this sort of thing to pretty much be a non-issue these days, and hasnt been for many years.

    It may be an old problem, but it is still a current one. Change tracking is not the only way data is mined from doc files. Regular .doc recovery programs as well as programs designed specifically for the purpose can often recover deleted parts of files and in some cases unrelated deleted data from the user's hard disk. I think you're stretching what we're talking about here. Undelete programs that recover freed sectors on the disk has nothing to do with Microsoft, or MS Office, or Windows. Thats a very typical file system problem, that is well understood, and has nothing to do with office programs.

    The well publicized information leakage problem present in older versions of Word, that came to light in several very public situations, is largely a non-issue nowadays, due to configuration and behavior changes in the software.

    Finally, Word suffers from the same monoculture problem as Outlook as seen with the targeted industrial espionage utilizing buffer overflows in Word and Excel, from earlier this year. In fact, those attacks were discovered by users whose company had standardized on StarOffice and thus questioned why their colleagues within the company were sending them .doc files. Although I hesitate to even respond to the silly 'monoculture' meme, your particular incantation of it isnt very relevant.

    All office programs have vulnerabilities, buffer overflows, remote compromises. It's par for the course for this type of software. The fact that most desktops in the world run 'some version' of MS Office doesnt magically grant extra vulnerability.

    Even with complete remote, own-the-box with no user interaction vulnerabilities, this magical monoculture thing doesnt kick in. I've seen things like Blaster and other more targeted attacks sweep through large organizations. And you know what? The response and effectiveness of the attacks within the windows 'monoculture' is highly non-uniform. The only predictable factor is that the well managed groups tend to have no problems, and the poorly managed groups tend to have problems.
  39. Re:Why bother? by gaspyy · · Score: 1 · on Microsoft Releases IIS FastCGI Module

    I'm no MS fan, but actually "few critical vulnerabilities" means NONE in this case.
    Secunia lists exactly 3 (THREE) IIS6 vulnerabilities, two of them Medium and one Low.

    Pretty impressive considering the mess that was IIS5.

  40. Re:Firefox? by ozmanjusri · · Score: 3, Informative · on Microsoft Flip-Flops On URI Protocol Handing Flaw
    Without Firefox, NOTHING was vulnerable.

    Rubbish.

    There's a whole shopping list of apps, including IE7 itself that were exposed to this vulnerability. Firefox was just the first to be accused.

    Microsoft's only changed it's tune because Adobe's on the case with the Acrobat vulnerability. It's one thing to force a FOSS competitor to unnecessarily patch, but they'll have no luck with trying to force Adobe to fix every PDF reader out there.

  41. Re:If it's only a problem on XP by ozmanjusri · · Score: 1 · on Adobe Confirms Unpatched PDF Backdoor
    From what I understand, and there isn't much in the way of technical details available, this is not an IE flaw.

    Secunia disagrees with you.

    What's disgraceful about this is that it's an exploit that's been known since April at least, and neither Microsoft nor Adobe have patched it.

  42. Re:ARGUE WITH FACTS... apk by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    The most common type of attack was denial of service (46%) followed by privilege escalation and the exposure of sensitive information. System access (remember, this was a factor in 54% of Windows 2003 vulnerabilities) made up 2% of linux kernel vulnerabilities. - by spuzzzzzzz (807185) on Sunday October 07, @05:17PM (#20890875) It seems you are stating these are not "critical" attacks...

    Funny - privelege escalation can be used from a buffer overflow attack, & if the app involved solicits connections from remote rigs?

    This can be used remotely as an attack vector... & for remote system access because of privelege escalation via buffer overflow exploits (and it can escape chroot jails too if the author so writes it to do so as well).

    Also, the 2nd most most common type of attack was denial of service (46%) per your own words...

    Is that not a remote attack as well, & one that can damage a site based on views/pagehits no longer being able to be made, to make money?

    (I'd call that MASSIVELY critical, as people are in business on the web, MAINLY to make money!)

    So much for that.

    Brush up on what you're about here, before you try to take me on!

    (OR when you try to take on those stats on that clearly show Windows & its peripheral wares (IIS 6x & SQLServer 2005, both with 0 vulnerabilities found) has less vulnerabilities than Linux & Apache (and probably ANY backend DB engines it has as well, which I did not include)).

    I'll "go out on a limb here/take a risk (little one)"

    Care to name one (a DB engine for Linux), so I can point out how much more vulnerable than SQLServer 2005 it is? Heck, I'll do it for you (with a commercial offering):

    ORACLE 11i:

    http://secunia.com/product/1916/

    Affected By 6 Secunia advisories
    Unpatched 17% (1 of 6 Secunia advisories)

    "Ok, so this was only the linux kernel; I'm not necessarily asserting that the whole *NIX software stack is secure" - by spuzzzzzzz (807185) on Sunday October 07, @05:17PM (#20890875) Damn right... the whole of LINUX is not even TESTED, & still it shows more "holes" (swiss cheese Linux) vs. how Windows Server 2003 had its ENTIRETY tested/exposed.

    APK

    P.S.=> "Take a closer look at the advisories instead of just counting them" - by spuzzzzzzz (807185) on Sunday October 07, @05:17PM (#20890875) FIRST OFF: I didn't count them, SECUNIA does.

    SECONDLY: I'd learn a BIT of comp. sci. before you attempt to interpret SECUNIA's findings above as you have... you are WAY off as to how they CAN be used, & yes, remotely... apk

  43. Tell you what... by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    You exceed the scores I post using CIS Tool then & on your *NIX system of choice (a challenge I freely provide & challenge *NIX users to here over 30x now in the past year)?

    I will eat my words on THAT part of the evidences I use, no problem. I have already exceeded the score I initially posted on my Windows Server 2003 SP #2 originally of 84.735/100, up to 85.185... & on Windows XP Workstation CIS TOOL tests, I can exceed 85.536/100.

    I also provide the photo evidence for it, & the methods to do so in the posts I did challenging the *NIX crowd here to, in the CIS TOOL test.

    Also - care to dispute & disprove the data from SECUNIA as well??

    (Nope... didn't THINK so!)

    APK

    P.S.=> "Also, to better harden your system I strongly suggest that you delete your web browser." - by Smallpond (221300) on Sunday October 07, @11:40AM (#20888281) By the way, I use OPERA:

    Opera security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox security advisories @ SECUNIA (43% unpatched):

    http://secunia.com/product/12434/

    IE 7 security advisories @ SECUNIA (56% unpatched):

    http://secunia.com/product/12366/

    So much for your statement I quoted... TOO easy! Want a SAFE(r) BROWSER today??

    Stop using JavaScript on EVERY website & also use a better browser (like Opera - fastest & safest one there is, as well as being compliant to many web development standards, & is also multiplatform too). Same with FRAMES on sites you can live without them (or, Javascript).

    APK

    P.S.=> I only REALLY care about facts, & NOT your b.s. "games" via semantics &/or word play about licensings... See, what I care about, like MOST folks, is valid, rational, undeniable evidences.

    Got those, vs. the data I put out?? Nope, again - didn't think so!... apk

  44. Tell you what... by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    You exceed the scores I post using CIS Tool then & on your *NIX system of choice (a challenge I freely provide & challenge *NIX users to here over 30x now in the past year)?

    I will eat my words on THAT part of the evidences I use, no problem. I have already exceeded the score I initially posted on my Windows Server 2003 SP #2 originally of 84.735/100, up to 85.185... & on Windows XP Workstation CIS TOOL tests, I can exceed 85.536/100.

    I also provide the photo evidence for it, & the methods to do so in the posts I did challenging the *NIX crowd here to, in the CIS TOOL test.

    Also - care to dispute & disprove the data from SECUNIA as well??

    (Nope... didn't THINK so!)

    APK

    P.S.=> "Also, to better harden your system I strongly suggest that you delete your web browser." - by Smallpond (221300) on Sunday October 07, @11:40AM (#20888281) By the way, I use OPERA:

    Opera security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox security advisories @ SECUNIA (43% unpatched):

    http://secunia.com/product/12434/

    IE 7 security advisories @ SECUNIA (56% unpatched):

    http://secunia.com/product/12366/

    So much for your statement I quoted... TOO easy! Want a SAFE(r) BROWSER today??

    Stop using JavaScript on EVERY website & also use a better browser (like Opera - fastest & safest one there is, as well as being compliant to many web development standards, & is also multiplatform too). Same with FRAMES on sites you can live without them (or, Javascript).

    APK

    P.S.=> I only REALLY care about facts, & NOT your b.s. "games" via semantics &/or word play about licensings... See, what I care about, like MOST folks, is valid, rational, undeniable evidences.

    Got those, vs. the data I put out?? Nope, again - didn't think so!... apk

  45. Tell you what... by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    You exceed the scores I post using CIS Tool then & on your *NIX system of choice (a challenge I freely provide & challenge *NIX users to here over 30x now in the past year)?

    I will eat my words on THAT part of the evidences I use, no problem. I have already exceeded the score I initially posted on my Windows Server 2003 SP #2 originally of 84.735/100, up to 85.185... & on Windows XP Workstation CIS TOOL tests, I can exceed 85.536/100.

    I also provide the photo evidence for it, & the methods to do so in the posts I did challenging the *NIX crowd here to, in the CIS TOOL test.

    Also - care to dispute & disprove the data from SECUNIA as well??

    (Nope... didn't THINK so!)

    APK

    P.S.=> "Also, to better harden your system I strongly suggest that you delete your web browser." - by Smallpond (221300) on Sunday October 07, @11:40AM (#20888281) By the way, I use OPERA:

    Opera security advisories @ SECUNIA (0% unpatched):

    http://secunia.com/product/10615/?task=advisories

    FireFox security advisories @ SECUNIA (43% unpatched):

    http://secunia.com/product/12434/

    IE 7 security advisories @ SECUNIA (56% unpatched):

    http://secunia.com/product/12366/

    So much for your statement I quoted... TOO easy! Want a SAFE(r) BROWSER today??

    Stop using JavaScript on EVERY website & also use a better browser (like Opera - fastest & safest one there is, as well as being compliant to many web development standards, & is also multiplatform too). Same with FRAMES on sites you can live without them (or, Javascript).

    APK

    P.S.=> I only REALLY care about facts, & NOT your b.s. "games" via semantics &/or word play about licensings... See, what I care about, like MOST folks, is valid, rational, undeniable evidences.

    Got those, vs. the data I put out?? Nope, again - didn't think so!... apk

  46. ARGUE WITH FACTS... apk by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    From the article post:

    "(and so inherently more secure in the longer term)" - Posted by CmdrTaco on Sunday October 07, @09:03AM, 00_NOP writes WINDOWS SERVER 2003 (ENTERPRISE):

    http://secunia.com/product/1174/

    Affected By 135 Secunia advisories
    Unpatched 8% (11 of 135 Secunia advisories)

    ----

    IIS 6:

    http://secunia.com/product/1438/

    Affected By 3 Secunia advisories
    Unpatched 0% (0 of 3 Secunia advisories)

    ----

    SQLServer 2005:

    http://secunia.com/product/6782/

    Affected By 0 Secunia advisories
    Unpatched 0% (0 of 0 Secunia advisories)

    ====
    vs.
    ====

    http://secunia.com/product/2719

    Affected By 132 Secunia advisories
    Unpatched 10% (13 of 132 Secunia advisories)

    (That's JUST THE KERNEL, & not including possible shell/usercode portions)

    ----

    Apache 2.2x:

    http://secunia.com/product/9633

    Affected By 5 Secunia advisories
    Unpatched 20% (1 of 5 Secunia advisories)

  47. ARGUE WITH FACTS... apk by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    From the article post:

    "(and so inherently more secure in the longer term)" - Posted by CmdrTaco on Sunday October 07, @09:03AM, 00_NOP writes WINDOWS SERVER 2003 (ENTERPRISE):

    http://secunia.com/product/1174/

    Affected By 135 Secunia advisories
    Unpatched 8% (11 of 135 Secunia advisories)

    ----

    IIS 6:

    http://secunia.com/product/1438/

    Affected By 3 Secunia advisories
    Unpatched 0% (0 of 3 Secunia advisories)

    ----

    SQLServer 2005:

    http://secunia.com/product/6782/

    Affected By 0 Secunia advisories
    Unpatched 0% (0 of 0 Secunia advisories)

    ====
    vs.
    ====

    http://secunia.com/product/2719

    Affected By 132 Secunia advisories
    Unpatched 10% (13 of 132 Secunia advisories)

    (That's JUST THE KERNEL, & not including possible shell/usercode portions)

    ----

    Apache 2.2x:

    http://secunia.com/product/9633

    Affected By 5 Secunia advisories
    Unpatched 20% (1 of 5 Secunia advisories)

  48. ARGUE WITH FACTS... apk by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    From the article post:

    "(and so inherently more secure in the longer term)" - Posted by CmdrTaco on Sunday October 07, @09:03AM, 00_NOP writes WINDOWS SERVER 2003 (ENTERPRISE):

    http://secunia.com/product/1174/

    Affected By 135 Secunia advisories
    Unpatched 8% (11 of 135 Secunia advisories)

    ----

    IIS 6:

    http://secunia.com/product/1438/

    Affected By 3 Secunia advisories
    Unpatched 0% (0 of 3 Secunia advisories)

    ----

    SQLServer 2005:

    http://secunia.com/product/6782/

    Affected By 0 Secunia advisories
    Unpatched 0% (0 of 0 Secunia advisories)

    ====
    vs.
    ====

    http://secunia.com/product/2719

    Affected By 132 Secunia advisories
    Unpatched 10% (13 of 132 Secunia advisories)

    (That's JUST THE KERNEL, & not including possible shell/usercode portions)

    ----

    Apache 2.2x:

    http://secunia.com/product/9633

    Affected By 5 Secunia advisories
    Unpatched 20% (1 of 5 Secunia advisories)

  49. ARGUE WITH FACTS... apk by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    From the article post:

    "(and so inherently more secure in the longer term)" - Posted by CmdrTaco on Sunday October 07, @09:03AM, 00_NOP writes WINDOWS SERVER 2003 (ENTERPRISE):

    http://secunia.com/product/1174/

    Affected By 135 Secunia advisories
    Unpatched 8% (11 of 135 Secunia advisories)

    ----

    IIS 6:

    http://secunia.com/product/1438/

    Affected By 3 Secunia advisories
    Unpatched 0% (0 of 3 Secunia advisories)

    ----

    SQLServer 2005:

    http://secunia.com/product/6782/

    Affected By 0 Secunia advisories
    Unpatched 0% (0 of 0 Secunia advisories)

    ====
    vs.
    ====

    http://secunia.com/product/2719

    Affected By 132 Secunia advisories
    Unpatched 10% (13 of 132 Secunia advisories)

    (That's JUST THE KERNEL, & not including possible shell/usercode portions)

    ----

    Apache 2.2x:

    http://secunia.com/product/9633

    Affected By 5 Secunia advisories
    Unpatched 20% (1 of 5 Secunia advisories)

  50. ARGUE WITH FACTS... apk by Anonymous Coward · · Score: 0 · on Linux on the Desktop Doubles in 2007

    From the article post:

    "(and so inherently more secure in the longer term)" - Posted by CmdrTaco on Sunday October 07, @09:03AM, 00_NOP writes WINDOWS SERVER 2003 (ENTERPRISE):

    http://secunia.com/product/1174/

    Affected By 135 Secunia advisories
    Unpatched 8% (11 of 135 Secunia advisories)

    ----

    IIS 6:

    http://secunia.com/product/1438/

    Affected By 3 Secunia advisories
    Unpatched 0% (0 of 3 Secunia advisories)

    ----

    SQLServer 2005:

    http://secunia.com/product/6782/

    Affected By 0 Secunia advisories
    Unpatched 0% (0 of 0 Secunia advisories)

    ====
    vs.
    ====

    http://secunia.com/product/2719

    Affected By 132 Secunia advisories
    Unpatched 10% (13 of 132 Secunia advisories)

    (That's JUST THE KERNEL, & not including possible shell/usercode portions)

    ----

    Apache 2.2x:

    http://secunia.com/product/9633

    Affected By 5 Secunia advisories
    Unpatched 20% (1 of 5 Secunia advisories)