Slashdot Mirror
There Is No Safe Web Browser
Michael writes "David Sheets has up an interesting article on browser security, and I have to agree with his conclusion: no web browser is safe. The article details the recent Netscape fiasco, and touches on the whole Firefox/Internet Explorer debate. From the article: 'So if it sounds as if we're all at the mercy of hackers just looking for some new challenge, that's partially true. As law enforcement officers will tell you, crime finds you if it wants you bad enough, no matter what preventative measures you take. But the vast majority of criminals have an Achilles' heel: They prefer convenience to challenge. For now, it's more convenient for them to pick on Internet Explorer.'"
As is telnetting to port 80 and interpreting the HTML in your head.
David Sheets meet lynx
Lynx meet David Sheets
Are we friends now?
While I understand the point that Mr. Sheets is making, however, I disagree with his definition of safe.
The implication of this article stems in the absolutes of security: can it ward off intruders or not. This is a flawed approach, and while seemingly a logical one, denounces another reality of this level of breach: the lion's share of these breaches are not of the most malicious sort (read: that stupid data miner which causes popups, search bars from hell, etc). These kind of easily hackable sections of Internet Explorer are less prevalent in Firefox. Market forces of the sheer user base would dictate that if this were not so, more spyware would have been ported to Firefox by now. 25 million downloads, right? That's a sizable chunk for any malware vendor, or aspiring intruder, to infiltrate.
One must acknowledge the reality of security by statistics alongside security by absolutes.
The Crimson Dragon
I'd say this one is fairly safe...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
And IE was last updated when?
MS are sinking for sitting back in the way they have \o/
David Sheets has up an interesting article on browser security, and I have to agree with his conclusion: no web browser is safe
No program that accepts input is safe. Even some programs that don't accept input aren't safe either. It is the nature of how complex software really is and how little of it we understand.
...at least not one you'd want to use. Sorry people, Linux is not "safe." Mac OS/anything is not "safe." There are a very few OSs that are pretty safe, but the only reason Mac and Linux fans can brag right now is that they're ignoring all the patches, hacks, etc that already exist for their OS of choice.
TW
I think you could easily transfer these findings into the OS world. Mac's and Linux are generally safe because they are a much smaller target. It wouldn't make the news as quickly, or as widespread as it does when they hammer Windows with viruses. It is not only more convenient, but more damaging to flood Windows with viruses.
I would be willing to wager a very large bet that if Mac OS X was the industry leader there would be the same difficulties with viruses, and other criminal activities that are currently associated with Microsoft's products.
It also definitely comes down to how adept the user is too, and how knowledgeable they are in internet/computer security (such as not opening email attachments unless you know how sent it, or using up-to-date virus protection).
Water is wet ...
Short of a static html type browser, nothing will be safe until we all agree upon some standards. Listening Microsoft?
I think that this author has finally gotten it right. Note the increasing instances of popup ads that are tailored for firefox users etc.
As firefox gains in popularity, expect that the number of exploits aimed towards it will continue to rise.
That being said, the nice thing about firefox (and OSS), is that lots of eyeballs can look at, and fix, the code in a timely manner.
I'd give this article an Obvious -1 simply because it is axiomatic, and everybody should have realized by now that There is no 'safe' web browser. Especially how after it was demonstrated that a Firefox exploit allowed infection of IE when IE itself would have blocked the malware site. Cute!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Perhaps it needed to be said, but it seems to me like this post is a statement of the obvious.
I'm sure I'll be modded down for just posting my blunt thoughts in responst to the post.
so they talk about IE, netscape, and mozilla/firefox. that's 3 browssers. reeeeal thorough article.
ed
Newsflash! There's no such thing as perfect security, who would have thought it? Whether it be through a flaw in the code (which we all try to fix, when they are found), or stupid users running crap they oughtn't.
I for one use Firefox, because it is MUCH more secure than IE. It may not be perfect, but it's by far good enough for regular use.
That's like saying that houses aren't secure, even the new model homes with electronic alarm systems. No crap, but that doesn't mean sell the alarm systems and leave your front door unlocked (like IE).
-Jesse, disliking alarmist poop articles.
Nothing says "unprofessional job" like wrinkles in your duct tape.
Obviously, nothing out there is perfect...not even...LINUX! Yes, I said it, linux isn't perfect you wannabe nerds, but we shouldn't JUST be using web browsers. That's retarded. Preferable, some AV software and something like webroot's spysweeper running in the background would be perfect, I've got both of those, and it keeps me safe.
When a webbrowser is integrated with the OS, this greatly increases the ways a hacker can damage the system. Hence, while no browser is secure, one can is MORE secure simply because it is NOT woven into the OS. Of course, having updates frequently and being in more active development are good things as well.
=-=-=-=-=-=-=-= - The Celtic - =-=-=-=-=-=-=-=
Oh my God, what have we done? Why Lord?
Seriously, is this supposed to be news?
"I think this line is mostly filler"
Don't forget to wear a condom for safe browsing...
Like Netscape's stupidity at basing Netscape 8 on Firefox 1.0.0 when current was 1.0.4 shouldn't be used to disparage Firefox.
I'll bet my browser on OSS anyday of the week. This is personal choice, but for security sake, OSS has the benifit of being open source. It's free and open for all to see, and while that might make it easier to exploit, in my book it also makes it easier to fix. We all know there are no intentional back doors, and no malicious code segments(those of us that still trudge through the code for fun anyway).
It's firefox all the way for me.
Every had a user download a rootkit and mess with the system?
Only a sith lord deals in absolutes. I will do what I must.
Just write a browser to send all data to a cache location before it is displayed, like most browsers do. I suggest /dev/null for linux.
In God we trust, all others require data.
Browsers can be totaly safe, as much as I hate to say it, IE can be pretty safe too. just follow these rules:
1:USE A FIREWALL
2: update your browser
3:disable ActiveX, any site that uses it is a site you should learn to live without.
4: (the one most often broken) DONT CLICK YES ALL THE TIME, warnings are there for a reason.
5: Dont DL and run STUPID executables
Most Browsers do a decent job of protecting you fron the bad stuff, but NOTHING can protect you from yourself, short of cutting the cable, and if you do that, dont run with scisors
-- Thou hast strayed far from the path of the Avatar.
This guy seems to think there are no browsers othr than IE, Netscape, or Firefox. I use konqueror almost exclusively, because it has many advantages, the biggest being an excellent integration between the local file system and the web. My case may be anecdotal, but I have never had any problem regarding security.
This article got me thinking right away and I was trying to come up with a snarkish analogy to the car, that there is no 'safe' car (people still die, a lot) but that does not mean that there have not been vast improvements since the conception nor does it mean that a car cannot be safe when used properly under certain conditions.
But then that got me to thinking even more, there really isnt a 'safe' anything is there? So whats the point of pointing such things out?
Firefox can be the mostest secure webbrowser evar tomorrow if it wants. Just include the "su"/"runas" functionality to drop down to a non-privileged user on startup. With, say, read/write permissions to only its own directory. Done. Anyone want to add this feature request to bugzilla, or is it already in there?
This is much harder to achieve with respect to internet explorer, because it's more deeply entrenched in the operating system. Its HTML control (the actual renderer) is used in zillions of places where it shouldn't be, like in outlook (express) to render e-mail.
You need to run internet explorer as an administrator to use (manual) windows update! How lame is that?
SCO employee? Check out the bounty
A "manual" web browser is safe. That is, you print out and manually inspect all the data being transmitted, including all the HTTP headers and the what not. That way, if you see anything fishy, just burn the print out :)
Yeah, it's really hard to animate the flash stuff and streaming media though. Brings a whole new meaning to dropping frames.
'nuff said.
So rise up, all ye lost ones, as one, we'll claw the clouds.
What hackers like, among other things, is the challenge. Crashing or discovering bugs in IE is probably fun, and a lot of people get screwed. But since Firefox is open-source, when you find a security breach, it's probably as fast to fix as using it. And there will be recognition from the programming community. If you find a bug in IE, what can you do? Send an email to bill.gates@hotmail.com?
Lynx or links!
-carl
. We've got computers, we're tapping phone lines, you know that ain't allowed - Talking Heads, "Life During Wartime"
::Sigh:: How do these people get jobs where they're paid a lot more than me for stating the bloody obvious.
There's no safe browser? Wow, the next thing this guy will discover is that secure software doesn't exists and that all software has bugs. Welcome to the world of software development, dude.
AFAIK, Firefox has quite good security track and fixes things fast. That's what matters. Firefox is a "secure" browser by any measurements, and unlike other browsers, they deserve the reputation they have.
And one of the reasons why Firefox has security bugs is because it's a evolving product. Internet explorer however is a 3-years-old code base which has not changed almost nothing. Mozilla and firefox have been being updated for years to support modern standards etc, Internet explorer has done nothing.
(Actually, it's suprising that after so many time people still finds bugs in internet explorer. It shouldn't have so many bugs left - look at sendmail, bind etc, they're crappy software from a security POV, but their code base is _so_ old that it's very hard to find more security problems. Internet explorer must be really buggy to keep such bad security track)
> Lynx is pretty safe...definitely haven't gotten any spyware from it.
:)
You might be lucky. I don't trust any other browser than telnet
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
Actually, it's more secure if you travel to the server where the information is stored, remove the hard drive, and perform forensics on it to determine what the data you are seeking is.
I design user interfaces for a free network management application,
Another bozo who sees security only in absolutes. Saying that there is no "safe web browser" is like saying there's pick-proof lock. Technically true, but should you secure your valuable with a $2 lock? Security is not about absolute guarantees, it's about making life as hard for the bad guys as you can manage. Mozilla-based browser have security holes, but at least their designers attempt to design them with security in mind. Internet Explorer, by contrast, does not have security designed in, and has cruddy QA to boot. Which is reflected in the dozen or so reported security problems in Mozilla, and the hundreds of reported security problems in IE.
It strikes me that the turnaround time for patches to Firefox is significantly quicker than many other options. After these little bugs were found, they had patches out in short order. While it may not be impregnable, at least they are plugging the holes faster.
Why they hell hasnt someone told me! All this time I thought it was safe to click attachments, and enable activex and java script!
If you mean: ``not the easiest target for the bad guys'', then most browsers are safe, most of the time.
I'd say that any browser which consistantly avoids being the lowest-hanging fruit is as close to safe as most of us need. To achieve that, all you need is a development team that emphasises security, even at the expense of convenience, and gets useful patches out, fast.
I can think of one browser with a large market share which fails both those tests, and I suspect there are several with smaller market shares which do fairly well on both those criteria.
See what I've been reading.
ObResponseToTFA: Every piece of software has bugs, some serious. The key questions are:
Mozilla, Firefox, etc. still come out on top, largely because they are _not_ integrated into the OS. Their developer communities are pretty responsive to bugs (security bugs particularly) and the scope of damage related to exploits is relatively small compared to MSIE.
Actually, it's more secure if you travel to the server where the information is stored, remove the hard drive, and perform forensics on it to determine what the data you are seeking is.
PAH! That's patently unsafe. What if you crash on the information super highway and die?
There Is No Safe Web Browser
:P
Your web browser is absolutely safe as long as your computer doesn't have a network connection and you don't load any unsafe software (i.e., Windows). That reminds of the good old days of the Altair.
Yes, but thats a good thing! The more hackers checking our software the marrier. What did he expect? That one can get away with a such a crap like ActiveX in IE??
Cfx
You have 2 nucular Moderator Points! Use 'em or loose 'em!
without loosing functions. Who cares totally safe, ourselves are the most unsafe factors.
There is a spark in every single flame bait point.
I tell my students that the purpose of security is not absolute proteciton -- for that, you can encase your box in cement and drop it in a deep lake. The point of security is to make it so hard for an attacker that (s)he goes hunting for a better target (easier and/or juicer). Currently (as he points out), Firefox makes it harder on most attackers, so it's the better bet for most users.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
I love all the arguments about it being the number of systems. It is rarely about that. It is normally about what is the easiest target. The same applies to Linux vs. Windows. If Longhorn should become more secured than apple and Linux, then as the old Windows disappears, the crackers/viruswritters will aim at a new target; say Linux or Apple.
I prefer the "u" in honour as it seems to be missing these days.
All these "IE vs. Mozilla" or "IE vs. FireFox" or "Netscape vs. IE" or "Opera vs. IE" discussions (pick your poison) are irrelevant.
First off, it amazes me that I have run across paranoid *NIX sys admin friends who are very mindful of what runs as "root" on servers they control but then turn around and operate day to day on Windows desktops as an administrator.
Well, gee dip sh*ts, no wonder you're screwed if rogue code enters your system.
If people used limited accounts and then used impersonation (ever hear of "runas") under Windows, all of these discussions would go the way of the dodo bird.
More to the point they would be TRULY irrelevant. Sure send me to some baddie site, won't do much on my system. Whatever malware sent down the pipe to me can't do anything to change my system (C:\WINDOWS).
This is how I operate, i.e. a limited account desktop. The admin account is just that, for ADMINISTRATION, e.g., setting up new apps.
Amazingly, this approach is "novel" among even tech types since I keep hearig these discussions even on Slashdot.
The principle of least privilege is ANCIENT. Impersonation is part of Windows. Just as it is with other OSes.
The Windows NT kernel has had security since its inception. On the file system, registry as well as synchronization mechanisms such as mutexes, semaphores, etc.
Do you want to know why MS doesn't leverage it? Cost. Plain and simple. If WinAmp (which doesn't work under a limited account) stops working for someone on account of MS automatically setting up limited accounts for people, guess who is likely to start receiving support calls? "But it always worked on Windows 9x!!!"
Yes, it boils down to money. This is NOT a technical problem. MS alongside companies peddling its wares (Dell, Gateway et al) simply do not want to deal with the potential legacy costs of supporting misbehaved apps and/or apps whose designers were myopic and assumed the ability to write to any part of the file system and/or registry.
The great thing is, even with a limited account desktop you can still readily run WinAmp. You just have to know how.
All of this seems like "rocket science" to everyone. And I guess it is, since this discussion keeps rearing its head, namely browser security. The point is, a browser is another app that inherits default credentials from your login. Don't operate as administrator geniuses (sarcasm in case you didn't figure that out).
In the case of WinAmp. I simply defined an admin account that I leverage to run that application on my limited desktop (use the command line "runas" facility or change the properties on the shortcut through the "Advanced" button). I might mention that Shoutcast servers are capable of sending URLs (think JavaScript) that WinAmp will readily execute via IE totally disrespecting your browser choice. So taking another page from what Windows has offered from the start, I changed the ACLs for the IE executable such that my "WinAmp User" has absolutely no rights to the IE executable. Not even the ability to read that file. In this manner I short circuit this potential threat vector. In addition I changed the ACLs on C:\WINDOWS and some other directories so that this "WinAmp User" could only read from these directories.
Here's the moral of the story folks, use a limited account. Plain and simple. End of story. End of this not very worthwhile discussion (among tech people).
Yes I use LINUX, I use Cygwin's X server and readily use LINUX Mozilla complements of the latter. Not just a little, a lot. This IN ADDITION to the fact that I use a limited account for day to day activities.
I have never had spyware or a virus on my system. EVER.
-M
If everybody uses the same browser, then everybody is vulnerable to the same exploit.
So how about not everybody using the same browser? How about having a very diverse browser population? Ignoring design flaws (such as the one in IDN earlier), if all browsers were used in relatively equal proportions, it would make it at least marginally less effective to attack any one single browser.
Sure lynx is safe, but let get serious for a moment. Does anyone think that your average user is going to switch to an all text browser that is no where near user friendly, loose their ability to view pictures, flash, and all the webs multimedia goodness for the sake of being safe? Don't get me wrong I have used lynx quite a bit but you won't find me on lynx when I just want to mindlessly surf and entertain myself. I want graphics, DHTML, JavaScript, CSS, and pretty layouts just as much as the next person. Call me not as hard-core but then, the whole point is trying to get your average users to use a "safer" browser right?
Perhaps the article should have concluded: There is no safe PRACTICAL browser.
0.5 percent of all web browser market share agree!
...
Plus, by turning off all those nasty things and having a non-standard browser, it's a lot harder to become infected - unless you actually click that link and save the file
-- Tigger warning: This post may contain tiggers! --
you mean frequency of vulnerability exploitation is relative to market share?! NO FUCKING WAY!! Oh man, i'm glad someone pointed this out for me. Very insightful, indeed. I mean, it's only been pointed out a few thousand times before on slashdot.
your OS shouldn't give a fat rat's patootie about anything anyone does, ever. protected memory, process management, yadda yadda, that's how you really stay safe.
[B]- slurpee[/B]
- emilio
neurostyle dot net - it's all in your head
Silly Matrix Reference +1
My other car is a slashdot UID.
It's had a hole here and there, sure... but come on... how many hackers out there are trying to hack the Mac?
Even safer... (gulp) IE for Mac.
So.... I guess i should just change my browser identification string to say FireFox 1.04
[Fuck Beta]
o0t!
A large number of browser exploits seemed to be based on buffer overflow issues, which is a result of manual memory allocation in lower-high-level languages such as C/C++. Perhaps if a web browser would be written in a language with automatic memory allocation and management, like Java, Perl, Tcl, and the like, we would see fewer security problems. C/C++ is good for systems programming, like low level graphics and OS libraries, but I dont think it is the ideal choice in many cases for applications.
"Market forces of the sheer user base would dictate that if this were not so, more spyware would have been ported to Firefox by now. 25 million downloads, right? That's a sizable chunk for any malware vendor, or aspiring intruder, to infiltrate."
If 1 hack hits 90% of the market, spending more money to get a hack for the rest may not be worth the effort even if Firefox has as many holes as IE. Simple economics.
Vote for Pedro
I think Netscape 8's case was overblown by the media. I believe NS8's patch could have easily appeared the next day on their website, without any fuss.
It seems to me that other interests are served here; somebody may have orchestrated the "Netscape embarassed" story, replicated it in a few places (e.g. blogs) and let it be blown out of proportion.
Before Firefox was released preceded by a veritable sea of never-ending hype it was going to be "perfect" and if you didn't exchange it for IE then you were most certainly dumb. Check out your brain at the tabs, kthx.
Now that a few million people outside of the geek circles have downloaded and installed Firefox, suddenly "there is no safe browser" and "just be careful" and if you get 0w3nd it's because you were stupid or careles or didn't patch when you were supposed to, not because the Mozilla developers shipped a browser with a vulnerability, much like Microsoft tends to do. My, how times change. Now we actually need to make excuses and hope that millions of clueless users suddenly educate themselves. No silver bullet, here. Apparently.
People who use IE and have never been affected by a vulnerability (like me) and people who use Firefox or whatever and are in the same situation are safe because they know what they're doing and have a fairly good understanding of how this inherently unsafe interface between my computer and the evil outside world works. You can use the most insecure, unpatched crappy browser in the world and still never get nailed. But now there are people using this wonder of a browser who will get nailed because they are ignorant. It doesn't matter what browser or OS they use. This was true before and after FF, and it will continue to be true until the computer truly becomes an appliance.
But my, how times change.
Firefox's first major flaws turned up earlier this month. Its Version 1.0.3 exhibited at least two errors that, when manipulated together, enabled hackers access to the user's computer. The flaws prompted a Version 1.0.4, which was issued three days later. Netscape 8.0's developers, it turned out, had used components of Firefox 1.0.3 in their framework. That Firefox sported cracks in its shining veneer seemed inevitable, browser experts warned....
I'm trying to see where the problem is, especially when noting how Microsoft handles inevitable flaws that make their way into every software package.
The Mozilla team discovers flaws and gets out a new package in 3 days.
The Microsoft Internet Explorer team discovers a flaw (or more likely, is told about about a flaw), and it takes, weeks or months for a patch to be released.
Now, what strikes you as the more hazardous situation?
Though the focus of the article seems to be that every browser has problems, he seriously downplays the Mozilla's aggressive stance on solving those problems as opposed to Microsoft.
Seems like FUD to me...
The source code for Firefox and Netscape are available. How much more convenient could it get for the hackers?
Deleted
just plugging a network cable into your computer suddenly makes it "unsafe". But Mac and Linux are significantly safer, which is an important distinction.
I've been managing Macs on the network for almost a decade, and have yet to deal with spyware. Viruses, I think I've had 5 or 6 incidents, and most of those were Word macro viruses, which are relatively benign on the Mac because of the different file system structure.
I disagree due to personal experience with two former roomates of mine. After I married, they stayed on at the bachelor pad downloading Pr0n fileswapping and visiting shady websites in order to get free Pr0n. After rebuilding their Windows XP boxes once every three months, (easier on me and less frustrating that using spyware removal crap), I finally had enough and revoked admin rights to them at their own computers. All that did was expand the 3 month lifespan to 4 months before a trash, re-install was applied.
Finally I had enough. I installed Slackware, set it to boot to X, setup Fluxbox to display a menu with like 5 items on it. Browser, Email, Chat, FTP, PDF Viewer, OpenOffice. I did not give them root on the box. Then I installed Windows XP and set it to dual boot. After a week of hitting them with a figurative stick every time they booted into XP to do anything but play thier games, they got the point. They use Linux for everything they do but play games, they use Windows (all patches, w/ firewall/AV) for playing their games and only playing their games. I haven't heard a complaint from them, nor have either their linux or windows boxes needed my attention to this date...six months later.
I would say that is a marked improvement. I don't know wether it's considered 'safe' or not, but my linux workstations at home running firefox don't have any problems what so ever, and I haven't rebuilt them in so long, I can't remember.
I don't buy into the whole Linux has less marketshare, therefore it has less viruses, malware, spyware argument. While that might be true in the case of a shady ad company hiring a virus writer to hawk their product, I don't think market share weighs heavily on the mind of the case of the virus writer. Not to mention, look at the tools virus writers have under MS Windows, with VB for applications and WHS, MS might as well release Visual Virus Writer Pro, and sell it.
Talent plays a huge part in the viruses, malware and adware that are released into the wild. I'm pretty sure that the distribution of talent capable of writing these nuisances is heavily weighted to the MS side. It's just not as difficult to exploit an MS box as it is to exploit a Unix/Linux/BSD/MacOSX box. That's why Windows is under heavier attack than Unix. Except for the Ad angle, there is nothing else that points to "market share".
Be Safe! Sleep with a Marine. Semper Fi!
It's really rather sad that we've given in to the idea that writing secure large-scale software is essentially impossible. It's not. It's only impossible in the paradigm we use.
Here is how security works on every major OS and in every major programming language today:
Here's how it should work:
This is called Capability-Based Security. Hopefully it is easy to see why the latter would make security much easier to manage. If not, you can read this discussion of the concept.
CBS allows you to execute code without trusting it. In Unix, you'd have to create a new user with no permissions to run your code, which is way too much work for most purposes. In CBS, you can set up every single program to have a different set of permissions based on that program's needs. Furthermore, the program can internally manage those capabilities to insure that only a small amount of the program's own code has access to them. Then, as long as that code is secure, the program is secure, but even if it isn't, the worst it can do is abuse the capabilities you explicitly gave it.
How does this relate to web browsers? Well, a web browser really only needs the capability to render to its GUI window, read its install files, and read/write its config and cache. So don't give it any capabilities beyond that. Voila, now it does not matter what malicious program takes over your web browser, because it can't do a thing to your system.
I just wrote a little HelloWorld.cpp to demonstrate the problem to admins of a cluster on our campus. Basically, there was a problem in <ostream>. (Interestingly enough, the problem could be "worked around" by using <iostream>.)
Ben Hocking
Need a professional organizer?
Ok... the conclusion is simple then: Monoculture is bad
this is true, but linux is a monoculture as well.
Excuse my ignorance (and my bad spelling). How does one browse with telnet, and since you aren't the first one to mention it, how can this be secure when using telnet is insecure to start off with?
I apologize and will go hide my head in shame if I missed the joke.
Konqueror mostly, Mozilla on ocassion, Firefox on lesser occasions. I tend to like the swiss army knife abilities of konqueror (ftp, fish, far better tab control than Firefox without installing extensions, overall integration with kde, etc) over Mozilla and Firefox. I guess I pick Mozilla over Firefox because of composer and I'm just used to Mozilla a lot more than Firefox simply due to familiarity and length of use.
What I can state is that since I've been using Konqueror (khtml, like Apple's browser) on Linux, I've never had an issue with spyware or adware. Never. I've never had a problem with security, even though there have been security alerts for konqueror as well as the other browsers. Konqueror makes it simple to surf without images turned on (one button click on top of window without going into drop down boxes to turn images on), makes it simple to surf without javascript turned on (simple and fast two step process to turn it on for a web site, can specify in settings which web sites to turn on javascript by default if needed regularly), and makes it a satisfying all-around experience in using the web.
I help adjust/maintain/bugfix windows for another user and I just can't understand how windows users can possibly put up with the spyware/adware. Taking a look at server logs, I can't believe how many people's browsers are infected with FunWeb, something else "Fun", and other spyware.
If you are a windows user, do yourself a favor and visit a friend's website (after alerting them) and ask them to send you a copy of the log entry from your visit. If your browser is infected with spyware, it just may show up as part of the browser identifier.
The ability of spyware/adware to infect a windows computer is a serious security problem. If you've been infected, you are running a system that is insecure. Please re-read that last sentence. If you've been infected with spyware/adware, you are running a system that is insecure.
-Waiting
-Rebooting
-CLICKING "YES" or "OK" ON STUPID REQUESTERS THAT SERVE NO PURPOSE WHATSOEVER.
When using windows, one very quickly develops a habit of clicking OK or YES everytime some stupid fucker pops up just to get rid of it and continue trying to use the friggin puter.
God damn I hate those stupid alerts, reminders and other forms of user harrassment. Focus stealing, mega-annoying friggin useless requesters - the Windows way! I was happily typing the last page of this 20page document when the fucker decided it's a good time to pop up stupid shit asking whether I'd like to reboot now (OF COURSE NOT! WHO WANTS TO REBOOT THEIR PUTER? YOU TURN IT ON, YOU TURN IT OFF; REBOOTS ARE SILLY BULLSHIT) - and the requester stole focus, and had [YES] as default. I hit enter at end of line and VOILA! The Windows way! I'd pay for the privilege of stabbing the fucker who invented those requesters to death - with a SPONGE, so it would take longer.
M$ should replace all those fucking "Do you want to reboot now"-requesters to "We know you don't want to reboot now but you're gonna have to anyway! Now bend over [OK]".
It's better to silently fuck up than to let the user decide whether to fuck up now or whether to show another fucked up requester 1 minute from now asking the very same thing.
This message must have broken some F-word record but fuck, I hate windows.
'Once scientists, even the dim-witted social scientists, get muzzled, the Western Civilization is finished.' - oldhack
It confirms no such thing, you muppet - it's just some statements that happen to accord with your prejudices, and which you therefore have chosen to accept uncritically. Oh, and if you think hackers are not seeking ways to exploit Linux, which runs countless servers, has millions of home-users, and has a large presence in Fortune 500 companies, then you need your head read.
I telnetted to port 80 once, and interpreted the HTML in my head.
Unfortunately there was a infinitely recursive Java script function on there.
I'm still not quite myself.
The Internet is full. Go Away!!!
Ways to browse safely:
1) Use a browser that has no design or implimentation bugs. Not gonna happen with any modern full-featured browser.
2) Browse in a "disposable" sandbox environment - possible with adequate firewalls, but not going to happen on most home PCs any time soon.
3) Browse in a read-only environment, with output limited to the screen, legitimate requests for web pages, and temporary disk space. A firewall will need to reject any illegitimate port-80 outbound traffic. This is the best solution for kiosks.
Even these conditions aren't immune from server- or DNS-level compromises to hostile fake web pages that trick users into revealing personal information.
#2 is the most realistic medium-term home-user solution - the OS should put the web browser in a "jail," restirct its network permissions, and only let it and its helper programs read and write to certain directories while browsing, limit CPU utilization, and otherwise protect the machine. Configuration changes and other "out of jail" activities can be done by an auxilliary special-purpose (less code = less change of bugs and general weirdness) process in a separate memory space. Jails is they should be easy to "terminate with extreme prejudice" should the need arise.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
there's NO WAY I'm going to code for your whacked out HTML rendering too.
That's one serious difference, you can turn off Java and Javascript in all the browsers, but when you do it to IE, you kill all the other Microsoft apps that also use scripting, which leads you to turn it back on and leave it.
Bavarian Purity Law of Rice Krispie Squares: Rice Krispies, Marshmallows, Butter, Vanilla.
How safe is Linux? A dedicated hacker on a mission could take down my system within an hour. But that's different to Windows, which doesn't even require a person, it's all automated. Just visit a dodgy website or open an email or talk to someone over IM.
I'd still say the biggest danger to my fc3 box is myself. Yesterday I ran rm * in my home directory (since then I have set some safety aliases in my shell) and last week I formatted one of my hard drives, but forgetting that I had yet to back up it's data onto the other one.
The FIRST aspect of "security" is limiting the avenues of attack. You sort of touched on that, but I'll say it explicitly.
If FireFox doesn't run ActiveX, then that is one avenue that is NOT available for an attack.
As others have pointed out, lynx is very secure and that is because it completely blocks so many avenues of attack.
Exactly. Now, from TFA:
If they say that, then they are wrong.
Look at the typical junkie on the street. He's be happy to rob a bank. But the bank's security system is beyond his capabilities to SUCCESSFULLY attack.
So he picks easier targets with LOWER payoffs (mugging pedestrians).
Which brings me to the SECOND aspect of security: Build the defenses on the available avenues to defeat the attacks.
Sure, there are criminals out there who can pick any lock and defeat any alarm system. But they are very few and very far between. The odds that you, specifically, will be targetted by one of them is less than the odds of you winning the lottery.
So, contrary to what TFA says, crime will NOT find you if it wants you bad enough. It has to want you bad enough AND be intelligent enough AND be skilled enough.
Sort of. More accurately, they're lazy. The "vast majority" will NOT spend time and effort to learn how to bypass alarm systems. If there's an easier target, they'll go for it.
If your (and your neighbor's) defenses are more than they can bypass, they'll leave the area.
No. While it is more "convenient", that is NOT the reason that IE is subject to all the attacks.
The reason is that the level of skill/intelligence required to successfully attack IE is SO VERY LOW. ANYONE with a bit of programming skill can write an exploit for IE.
Sure, any junkie can get a knife, and a knife is good enough for a mugging. But that knife isn't going to get you very far in a bank robbery.
Again, it isn't about the POTENTIAL targets.
It's all about the AVAILABLE targets in your SKILL RANGE.
Which is why Open Source has such a great security rep. There aren't any market forces or deadlines to deal with. It's ready when it is ready.
This gets back to your statement on statistics and "the absolutes of security".
Sure, my system is vulnerable.
An attacker has to get to Seattle.
And into the office building.
And disable the cameras.
And disable the alarm system.
And break into the office.
And blow the server room door.
And then steal the server.
I'm not losing any sleep.
Now, if well we can say that no matter how unsafe is to climb the himalaya with beach clothes compared with staying in your house (a meteor could fell over you, after all) you are not complelely safe, these are very different kind of probabilities, and experience tolds us that in average you are i.e. far unsafe playing with MS IE/Outlook/Windows than with Firefox/Opera/Thunderbird/Linux.
Excuse my [...] bad spelling
;)
:)
English isn't my native language either
telnet is more than an (insecure) protocol. It's also a tool to directly write on a port.
telnet <hostname> 80
80 usually is the port for http. telnet connects you . Now you need to know http (rfc 2116). YOU now are talking to the server and the server responds to you as text/html.
You can do the same for other protocols (SMTP (port 25) and FTP (port 21) are quite easy to learn)
This is useful for testing/learning purposes. But if it's possible it's definately not usable.
For example, there are no hyperlinks, you get the html text (<a href="...">) and need to manually craft the GET request with that link if it's a local link. If it's a link to another site server, you need to manually connect to that server (that is, open another telnet session).
So you will be totally crazy to do that
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
Now lets take a peep at Linux. There are 200+ distros. The majority of distros apply custom patch-sets to their kernels. Heck, people are always whining about the fact that software packaged for one distro won't work on the others! And then there are the dozens of Desktop Enviroments and common library versions that people will have. In short, Linux installs tend to be greatly more heterogenous than the bland armies of XP clones, and as such, an exploit targetted at one is less likely to work on another. Of course, if there is ever a "one true distro" (if this occurs, by bets would be on Ubuntu or SUSE), then Linux will be much closer to a monoculture - except that the very rapid development and release rate of Linux means that somewhere who joins up late in the game will have a very different system to that of someone who downloaded and installed siz months ago.
In short - I doubt Linux will ever be the "monoculture" than Windows is.
Sure send me to some baddie site, won't do much on my system. Whatever malware sent down the pipe to me can't do anything to change my system (C:\WINDOWS).
It still can transform your machine into a zombie host spreading spam and performing dDoS attacks. Or change some numbers in your precious documents. Or insert a backdoor into the piece of code you just wrote.
The "Don't work as superuser" doctrine is often greatly overestimated.
OS Reviews: Free and Open Source Software
First, I don't know that many Mac users who "brag" about not having all the security problems that Windows users have to confront. As someone who uses Macs, Windows, and Linux, I'm happy when I don't have to screw around with security-related issues, and what I find is that occasionally I have to deal with a security issue on my Linux server. I have to deal with all manner of crap with Windows, and I simply periodically update OS X using software update.
So far in twenty years of using Macs, I've only had one security problem. An OS 8 machine I was using at work caught the Stoned virus. Come to think of it, over the years, I've also had one or two Word macro viruses that forced me to install Microsoft's macro-scanning software. That's it.
Bragging about using a computer that has fewer security problems would be like bragging about the off-the-showroom-floor car you just purchased. You didn't make it, you just bought it.
So I'm not bragging when I say that in my experience Macs allow me to focus on working with my computer, rather than on security problem after security problem. In general I have to spend more time dealing with security issues on the Linux server than with my Mac, but I still spend easily five times as many hours each year with Windows as with Linux.
Read the EFF's Fair Use FAQ
An interesting concept to do exactly what you describe in #2 - create a sandbox to trap all the nasties.
The safest web browser is the one nobody else is using.
Isn't this missing the point. Just because the Windows/Firefox combination has some insecurities does not mean Firefox is equally insecure on Linux/OS X. How can it be? The exploits attributed to Firefox so far are largely confined to the Windows platform. That's the real issue. I'm tired of listening to claims that OSS is insecure simply because there are problems with the Windows version. OSS should be evaluated in its natural environment - Linux/*BSD/OS X.
What about lynx?
You see? You see? Your stupid minds! Stupid! Stupid!
Note the increasing instances of popup ads that are tailored for firefox users etc.
With Firefox and Adblock, I guess I must have missed this exciting development.
But at least there are more secure http://www.mozilla.org/products/firefox ones...
Insanity: doing the same thing over and over again and expecting different results.
What about human mind vulnerabilities? Like DOS by too complex html, various dizzying ascii image patterns? Leave alone vulnerabilities in telnet?
http://www.pinetreeline.org/photos/pagwa/pagwa109. jpg
They prefer convenience to challenge. For now, it's more convenient for them to pick on Internet Explorer.
It's not really a question of convenience, it's that Internet Explorer is on a majority of Windows systems. If you're a criminal trying to exploit a browser vulnerability, wouldn't you pick the most-used browser? It's a better return on investment.
Because only Sith speak in absolutes!
but some are safer than others.
A dog is a great deterrent for this 5 minute rule.
peace
michel
just like there's no safe condom....even the best will break some times....it's just a matter of using one that doesn't already have a gaping hole in it.
And your practice was sooooo easy. We all know that everyone wants to know what an ACL is, what the difference between a privileged user vs. a nonprivileged user is and why they should get into the (additional) practice of using RUNAS, or hell, what mutexes and semaphores are, much less what the registry entails. You know what? I understand all of this, but I do NOT expect everyone else to. Thus, you, my friend, are a certified computer weenie. 99% of the rest of the population (aka "the ones that this shit is supposed to be set up like this out-of-the-box for") do not give an effing shit. They just want it to "work". They have jobs, that entail them to know and understand other realms of knowledge and experience. You shouldn't need a CCNA or an MCSE or 10 years of computing experience to f*ucking just run a program securely that happens to need privilege for some stupid reason.
I prefer the OS X approach (and hey... weenie to weenie, I recommend you check it out if you haven't... hey, 10.4 aka "Tiger" has ACL's now!). When a process tries to access a directory it isn't permissioned to (and it's not permissioned to out-of-the-box!), the OS itself throws up a privileged user auth window. What a novel f*cking idea. This, coupled with Little Snitch (a VERY nice third-party util that allows you to control ALL outbound internet traffic from your machine... only processes you allow out are let out, and you can allow by port, by protocol, by destination, temporarily, etc. etc.), means that I always know I have ultimate control over ANYTHING an app can do to my data (or my privacy).
Is anyone aware of any Safari (OS X web browser) vulnerabilities, especially exploited ones?
I think the fact that OS X throws up an auth login whenever any app tries to access a directory that the current user doesn't own, pretty much makes casual takeover difficult, even by an insecure web browser...
Focus stealing, mega-annoying friggin useless requesters - the Windows way! I was happily typing the last page of this 20page document when the fucker decided it's a good time to pop up stupid shit asking whether I'd like to reboot now
And of course, you saved at least 19 times along the way. Saving changes regularly is a good idea no matter how reliable your operating system and application software are, as at some point, the power company's uptime becomes a limiting factor.
If there was an easily exploitable flaw in FireFox that allowed crackers to capture people's bank account info or credit card info, the crackers would be all over it.
25 million accounts, even at $100 each is still over 2 billion dollars (25,000,000x$100 = 2,500,000,000).
And $2.5Billion is enough to interest any cracker/criminal.
While I agree completely with the "nothing is 100% secure" paradigma, I still see a big difference between IE and FF. AFAIK, IE security paradigma is based on relying in the user to choose it's own "level" of protection (ie. Discretional Access). Sure, you can use "group policies" or even the IEAK to minimize the risk of the user screwing it self by placing a malicious web site in the wrong IE security zone ... but this implies the use of whatever resources are necessary.
OTH, FF has a "build in" security design that offers a much robust approach to protect the user from Internet's risks.
Is not this somewhat (very loosely, though) equivalent to the "Orange Book" classification for Computer systems???
Just my two cents ...
...roll over and play dead then whine about nothing being safe, do nothing about it and rock yourself to sleep at night while whispering "the boogey man's out to get me" in your nice padded cell while waiting for the nice man with the big needle.
These posts express my own personal views, not those of my employer
This has been pointed out before regarding Windows: a homogenous environment can be dangerous.
As browsers come closer to matching each other's features, the more homogenous the environment is. If all browsers supported JavaScript exactly the same (and I realize that's highly unlikely), flaws that affect one would affect them all.
The various specifications are still evolving. It seems naive to believe that there won't be flaws in the specification which, even if implemented correctly, wouldn't be noticed and exploited until someone looks at it slightly differently. Consider pop-ups, for example. Firefox, et. al., defeat them by deliberately breaking the specification (and thank you Mozilla Foundation so much for doing that).
Thanks for the explanation.
I have seen it suggested to see if a mail server is running and used to use it to connect to a university server until we were told that it was insecure, telnet was being shut down, and if we wanted to connect we needed to use SSH.
+ Downloads from download.com and possibly other download sites + Downloads directly from FTP mirrors + Linux distributions that provide Firefox + Distribution via CD or SD card or USB stick, ...
+ Countless other possibilites, such as downlads from localization homepages
+ Slashdot's I'm-not-a-script-confirmer is annoying as hell
It's all about minimizing risk. Choose the one that is less likely to slide off your dick, have a hole torn in it, or least likely to be a party to your own anal rape. Choose carefully, choose wisely, and remember past experience counts.
Join the Slashcott! Feb 10 thru Feb 17!
There is such a thing as safe programming.
There are safe languages.
There exists formal methods.
There are best practices in programming.
There exists tools for source code verification.
If you program and don't care about any of these things, hey, guess what - you're 20 years behind in your programming practices and your reading list. Even if you program in C, you can adopt better practices (*).
90% or more of the problems related to software security spring from C/C++ hacking without any method of program verification for correctness. Just read a security site vulnerabilities list.
If only people were to program: medical; military; aerospace software like Firefox or IE programmers, the we'd all be dead one way or another by now.
(*) see OpenBSD for instance and compare their security advisories with Linux or Microsoft.
PS: Just one such example of a little used tool: CIL - Infrastructure for C Program Analysis and Transformation
Main difference between the BSD license and the GPL license: one is from California and the other is from Massachusetts
The feature article is from the mainstream press. The author has basically come to the realisation that there is no such thing as 100% secure/safe web browsing. This is something all competent IT professionals know--in fact the only "safe" computer in terms of security is one that is never connected to a network and is not physically accessible to anyone but yourself (pretty much impossible to do of course). Any IT professional who believes otherwise is not competent in computer security.
There are degrees of "safeness" however. Rationally explaining this does not pull in readers of the mainstream press of course--the local news knows being a bit more alarmist than required will boost ratings. The fact is that IE and Microsoft Windows are architecturally flawed. ActiveX object, BHOs and the like in IE grew out of ancestors like COM, OLE etc, which have roots in the Windows 3.x era when the Internet was not even on MS' radar (remember as late as the end of 1995 BillG thought an MSN based on its own proprietary infrastructure could compete with the open standards of the Internet). As a result, the components that make IE powerful are wholly unsuited for a networked environment. Windows XP/Server 2003 have stable VMS-inspired underpinnings that make them acceptably stable, however for compatibility reasons and due to MS culture it retained higher-level interfaces and deplorable security model of DOS/Win3.x/9x/Me.
By contrast, the Mozilla team threw out the unmanageable legacy Netscape spaghetti-code and re-architected from the ground up at a time when ther was already a good deal of awareness of internet security. Linux and MacOS X are rooted in UNIX heritage. Although it has a longer history than MSDOS, UNIX was designed form the start for a networked environment. The combination of these browsers and OSes are thus inherently superior regardless of their marketshare because their very foundations are better.
Microsoft can build the biggest, deepest moat around its house, put bars on the windows and doors, and add a layer of brick to the walls, but the creaky foundation will still crack, shift and leak and allow toxic mold to creep in. The F/OSS house may need repair from time to time, but it is much less likely to be condemned for sitting on crumbling footings.
We have SELinux. But we don't use it where it is of most use: securing web browsers and, in general, all network clients (ICQ, IRC, ...). Look at firewalls available on Windows PCs: they let the user choose if he wants an application to be allowed to connect to specific sites. Why don't we use SELinux to do that under Linux?
And when it comes to browser security: why don't we integrate Firefox with SELinux? Each time Firefox connects to a site, its security domain gets switched! Browser bugs could not do any harm any more...
Now lets take a peep at Linux. There are 200+ distros. The majority of distros apply custom patch-sets to their kernels. Heck, people are always whining about the fact that software packaged for one distro won't work on the others! And then there are the dozens of Desktop Enviroments and common library versions that people will have. In short, Linux installs tend to be greatly more heterogenous than the bland armies of XP clones
there may be 200+ distros, but they all use the same kernal. Most also use the same guis (gnome/kde), and since most OSS is freely available, many different distros have the same software installed by default.
different distros of linux are basically the same OS with a different name attached.
im not saying microsoft isn't a monoculture, just that linux is.
In short - I doubt Linux will ever be the "monoculture" than Windows is
if the people behind the linux movement ever want it to be as popular as windows, it will have to be.
Its always a cat & mouse game. Secure thing, exploit found for thing, secure thing etc.
If it were not, security would have been solved and the entire concept wouldn't exist anymore. Or...maybe we're about to achieve it? Wait...I've got the fix! I'm rich....I'm rich!
Security gets good, exploits are found...rinse wash repeat. All we can do is get better and rinsing and washing.
What we measure is not is one secure and the other not, but is one setup to less easily exploited, more easily fixed and then fuzzies like is the organization commmitted to security, able to respond well etc. etc. etc.
Um... Click the little "popup" icon in your firefox status bar that appears when a popup has been blocked. It will let you add that site to your popup whitelist.
This one is valid as-is in 8 languages.
...when you're writing a game...tweak the difficulty of "Easy" to something [your mother] can cope with. -- onion2k
I have a feeling that the "3-digit IQ" guy probably thinks it's beneath him to properly configure, update, use, or otherwise do anything with his computer. He should be able to click whatever the hell he wants without any repurcussions to his computer. Click "yes" to run an ActiveX control? Sure! After all, Microsoft should do everything for him. He just wants to play games.
Has anyone else noticed the frequency of these articles? Now that there is a serious contender to IE, suddenly I see all these articles how "no browser" could be secure. Just this month there was a pretty big column in PC Magazine about how using Firefox "just isn't enough" for your web browsing security. My problem with most of these articles is they seem to ignore what a leap forward Firefox is and was. As in, "eh, why bother changing from IE, Firefox isn't fully secure" instead of "use Firefox because it really is more secure, but also do this and this." I don't know that Firefox is going to gain much more marketshare with these silly (and really, very odd) trains of thought. If it's better, it's better. And then there is the openness, which if you listened to some writers (eh, PC Mag) doesn't add any value what-so-ever.
Posted by yintercept - "...science...[is] the study of the 'divine creation.' "
In a dangerous environment, the safest and most survivable are those who are most flexible and adaptable.
:)]
Right now Firefox rules this...
open source, extension capable, highly customizable, bleeding-edge development... Microsoft Internet Explorer can't even hold a candle in the dark to this. [what a cool analogy hm?
Another aspect of keeping something secure is keeping it simple. The more unneccesary features and bloat that comes with the browser, the more angles the hacker has to exploit you. So use something that will let you turn the bad stuff off. Easy peasy.
Firefox is grand. I can strip it down, streamline it, and if I want... configure it to the point that only HTML displays (no Java/Javascript, ActiveX, or other controls), and keep it fully up to date. Features and functionality is fully under my control. The extensions are excellent at getting rid of ads (adblock), even formatting the raw HTML to my liking. You can hack it, squeeze it, do whatever you want with it and no EULA, or closed source BS is going to keep you from doing what you personally want to do with it. Firefox for the win.
We have developed a small program that works within both IE and FireFox that protects you completely. It's not a browser - but we are currently working on a FireFox based Browser version of the same software (using the Gecko engine). So you would be protected at all times. You can see it here... http://www.download.com/ViewSmart-by-ViewFour-com/ 3000-8022-10391975.html?part=dl-ViewSmart&subj=dl& tag=button
The reason we can make it safe is because it's the first ever VISUAL search engine. Rather than seeing the results in a list you see then in windows. Since we can scan the pages as people use them we can stop everything. If a page would download something to your computer we stop it and post a stop sign and a warning.
You get NO popups, adware, malware, spyware etc.
After developing the application we decided it would be better suited to build it directly into an existing platform and we chose the Gecko engine. It's currently being programmed. But there is no question it will work since it will use the same programming we use for the plugin you get from ViewFour.com.
I think to say there is no way to safely browse is just wrong. You just have to know how to protect people from the ways hackers get into your computer.
It's not that IE is that insecure.
Run the browser as another user separate from your main user account. You can do that whilst still using your main account in Windows NT/2000/XP and most linux distros.
This way when your browser is exploited, you only risk all that your browser account can access[1].
There are some issues e.g. Mozilla on SuSE 9.1 refuses to save files with permissions allowing my main account easy access to the files (saves as 600). Yes I tried the umask thing. No it doesn't work.
Windows+IE does that file permissions thing better. I should upgrade Mozilla to one which isn't broken, but then it won't be part of the SuSE distro anymore and I've got better things to do than to regularly manage updates etc of Mozilla myself.
[1] Sure there could be exploitable security problems in graphics drivers and the windowing/desktop software, or some dumb kernel bug, but these are usually much harder to exploit than exploiting the typical _mind_ of the average joe - who'd open encrypted attachments, enter the password, and run them.
Shouldn't hackers be targeting Mozaic more than any other browser. I don't know, I'm not up to date on Moazaic security patches, maybe it was too simple to need one, but it would seem to be easier to simply hack mozaic than IE.
telnet was being shut down
I suppose the telnet port (23) was filtered by firewall, but the telnet binary should still be there.
and if we wanted to connect we needed to use SSH.
You can't connect to a SMTP port (for example) with ssh. ssh binary is only useful in conjunction with the ssh protocol (usually on port 22).
I would add that telnet protocol is insecure as SMTP or HTTP are : they're plain text protocols, including login and password (that's why you should check for https when sending sensitive informations).
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
Just what is a "Web Browser"? It is a program that retrieves information from multiple untrusted servers, and executes it. Sure, HTML is seemingly innocuous, but that is what it does.
Then we add in randoms writing extensions that add capabilities to be offered to these untrusted servers, including fully-featured programming languages like javascript.
My point is that, as a class, a Browser is an insecure application. _Exactly_ the reason why it must be used as the core of an OS.
My next aim: to run my browser with no write permissions to anything but it's internal cache.
Actually, I would object to running standard commands from a window manager (that's what xterms are for). Also, can't you tell by the address bar whether the URL is local or from a network?
Safe surfing is easy.
All you need is MS-VirtualPC or VMware-Workstation. These emulate a full computer in software.
Setup the virtual computer with the virtual NIC in NAT mode. Install your favourite OS. Setup the browsers, bookmarks, etc. Lock the virtual computers' harddrive with the "SNAPSHOT" function.
Everytime you start the virtual computer, it will come up at this point - fresh and clean. Then you can surf and have the virtual computer infected with spyware and viruses.
The only danger to your real (physical) computer is the fact, that there is an infected machine in your LAN (although separated through NAT).
Once you turn off the virtual machine and revert back to the snapshot, all changes are lost. The cookies, the history, all installed plugins and viruses - they are all gone!
Of course you need to off-load downloaded files before turning off, otherwise they would be lost, too.
This setup is a great tool as well for testing software before installing them on the "real" machine, by the way.
Marc