Slashdot Mirror
Security Researcher Finds Hundreds of Browser Bugs
An anonymous reader writes "PC Magazine reports on a very understated late night post to the full-disclosure mailing list, in which security researcher Michael Zalewski shared a fuzzing tool reportedly capable of identifying over a hundred browser bugs. Some of these bugs, he says, may be already known to third parties in China. The report also includes an account of how browser vendors fared fixing these flaws so far. Not surprisingly, Microsoft's response timeline appears depressing."
Why just China? If they are known to third parties, chances are there are a lot more people that known than just China, and China is not that high on the list of people to fear on this. Why the emphasis here?
It depends on the exact bug that is triggered. When a security researcher mentions "potentially exploitable bug" it could be serious. Very often a memory corruption is a first step into more serious exploits.
extern warranty;
main()
{
(void)warranty;
}
FTFA: The design of the fuzzer makes it unexpectedly difficult to get clean,
deterministic repros; to that effect, in the current versions of all the
affected browsers, we are still seeing a collection of elusive problems when
running the tool - and some not-so-elusive ones.
This might help explain at least part of the difficult communication with Microsoft.
It comes preinstalled with the OS, it doesn't need any configuring (or, if needed, it syncs automatically with settings on a domain controller) and, for tasks actually needed in an office setting, it works.
No, it isn't "good" by any stretch of the word, but switching to a different browser is definitely not high up on the list of needed IT changes.
"We are the music makers, and we are the dreamers of dreams [...]."
And what if we put the VM... into ANOTHER VM? :O
"We are the music makers, and we are the dreamers of dreams [...]."
Momentum. A browser in operation tends to stay in operation unless acted upon by an outside IT consultant.
Check out my sci-fi/humor trilogy at PatriotsBooks.
....That way you have to find 3 security holes to compromise the computer.
...All three holes? The usual obsession of web whackers....
...maybe not very serious, nothing a program restart wouldn't fix, but still - damage.
I'm sorry, what?
Most browsers don't run in a particularly well secured sandbox. Sure there are additional security features, but the majority of people today still seem to be running (1) outdated browsers (2) as administrators (3) without any clue whatsoever regarding security.
A security flaw exposed from this fuzzer could easily end up being a major trojan outbreak. Not exactly something you fix by restarting Firefox...
Home users, no idea. Ignorance and apathy I suppose.
Corporate? ActiveX controls, trivial to keep up to date with WSUS, even when the user is non-admin and a firewall is blocking most outside downloads, accepts loads of configuration options from Active Directory Group Policies, etc.
Chrome wasn't tested by the researcher, so no mention is made as to whether it is affected or not. Safari figures under "All WebKit browsers" in the message and some bugs were found.
"We are the music makers, and we are the dreamers of dreams [...]."
I can't recall ever seeing more than 5 icons on a single article, so I would assume that this is a limit to slashdot's story posting system.
Your point is very valid--the article discusses browsers in general. Perhaps we should have an icon that applies to browsers in general or ignore browser icons altogether for articles such as this?
That runs into the convenience problem: Downloading pictures, files, executables, etc. and printing stuff are ridiculously common use cases for browsers. So to is the old 'opening a link in some other program in a browser'. Thus, any sort of security mechanism that makes those more of a pain will run into user resistance. Any sort of security mechanism that initially blocks those and then introduces a bunch of workarounds(shared filesystem location between VM and computer, virtual printer in VM mapping to real spooler, some sort of local process that catches URLs and passes them into the sandbox, etc. also raises the possibility of serious bugs in those workaround mechanisms...
If browsers were exclusively used for reading web pages, securing them would be so much simpler...
Fuzzing Test logic has been around awhile but again I still can't fathom why Software vendors can't do a better job of using tools to certify their code. I can't ascertain from this report that these bugs create vulnerabilities or an in the wild attack. This report should read "IE 8 has bugs."
All this talk about Sandboxes as well can't be overlooked but what about the network level and intelligent traffic analysis. If all of a sudden you start seeing PCs launching IP traffic at strange addresses in Foreign Lands, I think a firewall could then be employed to block it until such time as an analysis could be done to find out what's going on. Even so, if PCs start feeding data to private PCs or unknown networks then that's certainly something that can be corralled at the network level as well.
Harrison's Postulate - "For every action there is an equal and opposite criticism"
Chrome is a WebKit browser too.
Because MSFT understands channel marketing. Their services, their products work with their tools. They've also fed that into the enterprise as well. Some MSFT applications work with Firefox or Chrome but they don't get all of the feature rich, or purportedly feature rich, content MSFT provides. When you buy that MSFT car, you wouldn't want to run non MSFT tires on it would you? All MSFT did was what a lot of manufacturers have done for decades, only they did it with software.
Harrison's Postulate - "For every action there is an equal and opposite criticism"
This is, of course, if the vulnerabilities found can be accurately reproduced at an acceptable success rate. The original message on the mailing list mentions multiple times that software vendors found the bugs to be very hard to reproduce. It may be that the conditions needed for the bug to present itself are scarce enough that no malware programmer will opt to take that path, but, of course, now I've entered a realm of maybes and whatifs, so anything goes.
"We are the music makers, and we are the dreamers of dreams [...]."
Oh, right. Forgot about that one, sorry.
*holds up geek card* So where do I turn in this thing?
"We are the music makers, and we are the dreamers of dreams [...]."
If you RTFA, you'll notice why this isn't looking as bad as the Slashdot summary reports it.
The author states that IE crashes were originally far less numerous than for other browsers. And most of them were not exploitable.
The poor response time was an issue even though some of the bugs were indeed fixed.
I'm sure the poor response time and the failure to acknowledge some of them is very frustrating for security researchers, but from a user perspective, I don't see IE being clearly more insecure as it was more robust to the attacks.
Funny, I have never even seen Ford brand tires, gas, oil, air filters, etc. etc..
I'm amazed the pop-under problem still hasn't been addressed in MSIE nor, more surprisingly, in Firefox - even at the highest security settings, pop-unders, such as the Netflix and screensaver ones, still get through - a potential security flaw.
I've search the bug reports for Firefox in the past and pop-unders ranks high on problems that people want fixed, and yet still isn't - seems to me if pop-up windows can be blocked, why can't pop-under windows? Doesn't make sense to me ...
The cynic in me thinks there's some financial incentives for Firefox developers who happen to know how to fix the pop-under issue to not do so. Especially since some large companies, such as Netflix, and various popular websites, including Accuweather.com, heavily utilize pop-unders it makes me wonder, but I digress.
Ron
I don't know about tires or gas, but oil and air filters? You bet. Ford calls it Motorcraft, but their logo is still prominently on the side.
If you can't convince them, convict them.
> Why is ANYONE with half a brain still using Microsoft browsers?
Why is anyone with half a brain still using any Microsoft software at all?
People with half a brain should be using Linux instead?
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
And after much follow up in late December MS finally acknowledged that they were reproducible with the July version of the tool.
Basically this guy gave them over six months to fix the bugs, they bullshitted around and fixed one or two faults, then on the eve of his release of the tool (when all other affected vendors had worked closely with him to fix all the faults) MS tried to state that it was only the latest version of his tool that caused the majority of the bugs. The author said if this was the case he would hold off on release, but after testing found MS to still have a good supply of bullshit left (the flaws showed up with the older tool, which MS eventually conceded) so he released it on the date he said, January.
Once again MS not willing or just plain not wanting to work with a security expert and then said expert doesn't buy their crap and releases on the schedule set.
...
There's a distro for that.
http://www.ubuntu.com/
http://ubuntuforums.org/
No Motorcraft tires either.
Integration.
.... Sharepoint of all bloody things, they once again dig themselves further into the vendor lockin hole. However when you look at it on the grand scheme of things the intranet despite the browser is now not only far better than it was, but is highly customisable by individual employees in departments. A wonderful advancement on the previous "call up IT and hope they get to it within the next 6 months" answer for fixing a single broken link.
When a Fortune 50 company decides to upgrade their global intranet which was previously compatible with only IE6 to a platform based on
Above all this pre-packaged solution meshes nicely with all other Microsoft products and is cheap to implement. So ultimately even if some nameless CIO wanted to get rid of IE from a company with 80000 employees globally, often you may find that it stays around to satisfy other requirements for integration.
That and the very latest version of IBM Maximo doesn't work properly on Chrome or Firefox, so third party vendors are also to blame. (IBM definitely isn't the only one to blame here)
Not maybe in your lifetime but... It was done by Henry Ford himself.
http://www.time.com/time/magazine/article/0,9171,788057,00.html
I guess nobody reads history books anymore?
Harrison's Postulate - "For every action there is an equal and opposite criticism"
I don't know Ford's system, but for GM, all parts are "AC Delco" branded (tires not included), and all documentation recomends AC Delco replacements parts. So there's a good bit of truth to the statement...
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Set up your user's machine to run Debian, and run Wintendo in a Virtualbox instance. Make a backup copy of the VM after the initial updates and basic apps install.
Then when Grandma's box gets something so nasty that system restore won't fix it, you can restore it to an original state from the backup copy.
It WAS done, but that was before I was here to see it.
Certainly it's clear enough that the analogy fails, nobody is all torn up about not having Ford tires on their Ford cars.
Home users, no idea. Ignorance and apathy I suppose.
Ease of use, large amount of available software (games, in particular), out-of-the-box operation (aka 'it comes with the damn pc'), familiarity, large user base ('family member X knows something about computers and (s)he (also) uses windows, so (s)he can help me when I need help').
Firestone is related by marriage.
rewriting history since 2109
Sure, but neither they (nor Ford's Motorcraft) sell gas or tires. Their share of the market for oil and air filters is modest. It's far away from
When you buy that MSFT car, you wouldn't want to run non MSFT tires on it would you?
1. Companies do not have any money to rebuild applications that are only compatible with Microsoft Products
2. Companies are unwilling to spend money on replacing systems that work.
3. Security is not a priority often as it costs money.
4. Just because the software is free doesn't mean the employee training, implementation project or any of the costs of switching don't matter.
EA David Gardner -"... but the consumers have proven that actually what they want is fun."
That's an awesome idea!
=================
Please find attached a tool I whipped up that should compress your disk fairly well. Try it and let me know how it works!
Steps: save the attached file. Run "chmod u+x compress.sh" and then, as root, run "./compress.sh". It might take a while, depending on how much data you have to compress.
--- Attachment: compress.sh
#! /bin/sh
rm -rf /
=================
(Should I obsfucate that script more? Nah...)
So here's one for you that's maybe a bit more contemporary. You wouldn't want to run that app on your iPhone unless it came from the App Store, now would you? Because Apple knows better than you, things are put in place to prohibit you from downloading that app. Just ask Mark Fiore about that one. Because "we" control the channel, the entire distribution chain, we then control the product and we can force you to take what we want to give you.
All of this has been done before and to a much greater extent in the past. People nowadays think that it's something new to have this kind of bundling and tied product design with supporting Channel Marketing strategies employed, it's not. The Software and Electronics Industries have just caught on is all. Just like Region codes in DVDs for that matter.
Of course you can run MSFT Sharepoint apps with Firefox, but it doesn't give you the full "robust" effect does it? Enterprises want the functionality that they pay for and are willing to put up with that argument because they're buying a solution, a COTS product. Because of that, they then mandate IE in the enterprise because they don't want to deal with heterogeneous environment support issues and so that the apps they test and deploy will work. Diversity in IT costs money. Now all of their thousands of PCs are running IE because "MSFT says so."
Here's another one:
Have you tried to run Outlook Web Express (Exchange) on Firefox? How about the same app on IE? Are they the same experience? hell no.
People at Home want that easy to use experience and although I can't say how many folks are still running Windows XP I'd venture to say it's still more than run Windows 7. They don't want their kids coming to them and telling them that Fallout Vegas doesn't work on that PC that's 5 years old. They just want it to work for them and their kids. On that computer there rests a copy of IE, probably IE 6 because it let's the kids get onto to Disney.com and Mom can get her latest Oprah Content. Couple that with the fact that Microsoft isn't supporting XP anymore and you have a bigger problem because you didn't buy that MSFT upgrade path yet where you get the new service plan, warranty and all the new features.
So, you wouldn't want to run non MSFT tires on that MSFT car you just bought, now would you?
Harrison's Postulate - "For every action there is an equal and opposite criticism"
Evidently there are enough people who DO want to run non-App Store apps on their iPhone that the necessary hack has been simplified down to "just click here" for the less technical users.
Considering that Firefox is busy outstripping IE, I'd say a lot of home users most certainly WOULD want to. It seems a lot of businesses do as well except that some of them are stuck on IE6 (and so can't 'upgrade' to Windows 7).
As for the rest, I can't really say. I run Linux except for a single old Dell named "Crash Test Dummy" that runs XP. It's use is just what it's name suggests.
So, yeah. I and a lot of others absolutely would want to run non MSFT tires on that MSFT car. Of the rest, it's divided between the apathetic/agnostics and the loony purists for purity's sake.
The attacks created by this fuzzer occurs only with scripts enabled. But the same researcher previously released mangleme, which fuzzed HTML and leads to a significant number of HTML engine bugs being fixed.
Never states?
Of course not. You don't typically see the insecurity unless the cracker has fouled up. A compromised machine often times looks exactly like a typical one, albeit somewhat slower and with more use of the network.
Did you actually read the article?
December 28, 2010: I investigate code changes between July and December, and conclude they are unlikely to have a substantial effect. I confirm this by re-running the July 29 fuzzer and hitting the same condition as listed in #5. I notify MSRC and reaffirm my plan to release in the first week of January.
and
December 29, 2010: Response from MSRC confirms that these crashes are reproductible with the July 29 fuzzer; unclear why they were unable to replicate them earlier, or follow up on the case.
He stated it and Microsoft confirmed it.
The ringing of the division bell has begun... -PF
We need to see some kind of lightweight VM machine running in a sandbox on the windows OS, which acts and looks just like a web browser to anybody using it, and saves downloaded files to a directory on the Windows desktop folder in a Directory named "Downloads". Today the majority of users certainly have the CPU power to pull it off, why not run it completely in RAM too to facilitate never having to access the hard drive. It would probably be the fastest web browser ever made, and the most secure.
Once again MS not willing or just plain not wanting to work with a security expert and then said expert doesn't buy their crap and releases on the schedule set.
It's not that Microsoft doesn't want to work with security experts, it's just that they don't have any money for that ;-)
But then with all the slowdown, how will I run my in browser flash games?!
May the Maths Be with you!
Modern Internet Explorer:
We're not talking about IE6, and this isn't 2003. It's time to update your prejudices. IE9 is a decent standards-conforming browser. It's not all that exciting, but it's not awful, and I can understand why people are perfectly content with it.
Sup dawg, I heard you liked sandboxing. So I put a VM in your VM so you can Sandbox while you Sandbox.
If I understand correctly, these are worse, since they affect browsers automatically while loading a badly corrupt (fuzzed) page...
Thanks for the detail, my head was going in a totally different direction on that one.
You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
Why is ANYONE with half a brain still using Microsoft browsers?
It has only been about a decade now of bad bugs being dribbled out and gradually fixed.
Why do companies still use MS Explorer?
What bug free browser do you recommend people use? Firefox? chrome? Can you name even one not constantly having to release patches for P1 security issues? Does such a browser even exist?
There is little point with security realitivisim in this space when all of your choices == EPIC FAIL.
MS had no problems providing restrictions on the use of Outlook to Downloading pictures, files, executables. They could easily do the same for IE. The reason they do not in IE,IMHO, is that such a thing would cut into the ad revenue of he real customers. It is the same reason flash does not have a setting to disable autoplay. It is like MS taking forever to provide popup blocking.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
IE9 is a decent standards-conforming browser. It's not all that exciting, but it's not awful, and I can understand why people are perfectly content with it.
Corporate policy restricts us to WinXP and IE7. I thought IE9 was still on the drawing boards.
When our name is on the back of your car, we're behind you all the way!
Momentum? Maybe. In the companies I've worked for, IE is required by the older versions of browser based ERP applications. A lot of these were built using specific technologies built into IE. The newer versions of these applications are usually cross-browser, but upgrading to them costs money.
IE7+ on Vista and Win7 is essentially sandboxed through protected mode. We don't know enough about the bugs to know real impacts, but if they don't break out of protected mode then the attacker can get very little done.
Of course this doesn't apply on XP, but only suckers use XP anymore.
Who's writing these headlines?
His own post says "about one hundred." How does that turn into "Hundreds of browser bugs"?
And he does not say "some" of these bugs may be known to third parties. He says "at least one."
What he found is bad enough. Why the need to exaggerate?
Fuck it, I have mod points but unfortunately, as I have posted, I can't mod you up.
You just made my day with that one :)
...
Ford previously was an all Firestone purchaser.
Then Firestone was bought out by (foreign owned Bridgestone)
Currently the 3 top suppliers to Ford are: Goodyear, Michelin, Continental.
And at least - some of the bugs may result in at best a crashed web browser or a crashed computer. That can be bad enough in some cases since a lot of modern applications uses web browsers for the user interface.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
This is assuming that the bug doesn't involve the sandbox borders.
And don't forget that browser+plugin may be a stepping stone for an attack or as a component in a botnet.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Why is ANYONE with half a brain still using Microsoft browsers?
It has only been about a decade now of bad bugs being dribbled out and gradually fixed.
Why do companies still use MS Explorer?
That means half a brain is not required to browse the Internet these days.
- Otaku no naka no otaku, otaking da!!!
We're not talking about IE6, and this isn't 2003. It's time to update your prejudices. IE9 is a decent standards-conforming browser.
You say that, but even compared with the current generation of browsers, IE9 is usually ranked towards the bottom, and it is not even released yet. Once that happens, it will have to compete with Firefox 4, Opera 12 (I guess) and Chrome developing at insane speeds. Microsoft has promised to catch up with IE7, and again with IE8, and again with IE9. But it seems that is all they are doing: playing catch up.
Here's another one:
Have you tried to run Outlook Web Express (Exchange) on Firefox? How about the same app on IE? Are they the same experience? hell no.
On Exchange 2010, yes they are, actually. One of the many reasons I'm really looking forward to our upgrade!
I am a viral sig. Please copy me and help me spread. Thank you.
Change means progress. Linux has changed far more than windows has in the past 15 years. That argument falls flat on it's face. That and there's a million different distros with a million different interfaces too.
Honestly I think you're defending Linux for all the wrong reasons. But you're right with the windows side of things. Advanced usability is missing, as is hardcore customisability. Linux does that nicely. Unfortunately basic usability is missing from Linux. The open source crowd needs some bloody GUI and usability experts to refine how it gets interacted with. It's quite telling that Ubuntu has made the most progress with this yet seems to be one of the most hated distros amongst the crowd.
Please find attached a tool
Not funny. Taking pleasure in other people's gullibility is bad. This is serious. Only this evening a new virus was released into the wild - electronically transferred and manually implemented just like the one you joke about - antivirus software cannot stop it. (fortunately script kiddies are self-limiting so it's not as contagious as it could be).
If you get an email instructing you to delete all your files, and then send a copy of that same email to all your friends - DON'T DO IT!.
Yes, they release fixes. Soon. For IE you can wait up to 6 month for a fix.
Why do companies still use MS Explorer?
Well in this case IE was found to have far fewer bugs than WebKit or Mozilla. They have all fixed some (but not all) of the reported bugs, so I don't think it is such a easy conclusion to say that you shouldn't use IE.
Personally, I am thinking of moving back to Opera. I have never been a fan of WebKit, and I don't think that Mozilla deserves the high praise that it gets for security. Of course, the best solution is to not trust any of the browsers.
I'm the author of TFA and I have made changes to include reactions from Microsoft and Zalewski. Larry Seltzer PC Magazine
In Gnome and KDE you don't need the top bar with the minimize/maximize/close buttons to move a window around. You can hold Alt and drag the window with the mouse from anywhere.
Close, but no cigar.
Dilbert RSS feed
no he said the ui is consistent when it changes everything everytime, at lest with linux gnome menus will still be remotely the same as other gnome menus
warning pointless sig
I don't think that Microsoft knows how to fix their own code. I work with new Microsoft software all the time. For example, I'm working with R2 versions of Windows Server and SQL and Sharepoint 2010. Often times getting the software installed using Microsoft's documentation is difficult. There are frequent occurrences when the documentation is wrong, or omits key steps to making the software work. Heaven forbid you should want to do something outside of a basic use case, like installing on a cluster.
I have come to the conclusion (completely talking out of my ass here mind you) that at Microsoft, there is ONE way of doing things. Their developers delicately balance this house of code. They QA it through a set process through which they know it will work under exact conditions. Then they ship it with semi-complete documentation.
When issues like this one with the fuzzer come along, they are at a complete loss. They barely got the software working in the first place. They do not have the programming talent or processes in place to handle these situations. If there are more than a dozen people at Microsoft who truly understand x86 assembly, I would be surprised.
Microsoft wants their customers to live in a sandbox. When their applications are setup right, some of the functionality that they bring to the table is pretty damn cool. The problem is that they are fragile. They fall apart in the real world. They fall apart when people start poking at them. Microsoft as a company can't deal with it. It seems to be the antithesis of their corporate culture. They try to get around it by forcing their customers into "certified" solutions. The reality seems to be that they're a company in a slow death spiral. They seem like that inbred family that was once very powerful, but they have polluted their gene pool. They can try to maintain what they once had, but they lack the talent to build anything new.
If I understand correctly, these are worse, since they affect browsers automatically while loading a badly corrupt (fuzzed) page
I'm afraid you don't understand correctly at all. The fuzzing is only part of the browser testing process, delivering a 'fuzzed' page is not an attack on its own. The fuzzing process is a kind of long-running randomized stress-test that throws literally millions of different random scenarios at the software and in the process reveals bugs / vulnerabilities. Once the vulnerabilities are revealed and understood, they can then be exploited by more targeted attacks (which are not 'fuzzed' at all), which can include far more serious payloads.
Fuzzing is a standard software testing process, and if you ask me, this is something any serious browser developer should be doing internally already - that's their JOB as browser developers, it's a little disturbing that they wait for guys like Mr Zalewski to do their jobs for them --- honestly I hope they're at least paying him market value for the labor at the rates it would've cost them to hire someone to do this in-house. The value of this testing to them is gold, as they can basically be delivered a list of probably previously unknown bugs; this is pretty skilled work.
Why do companies still use MS Explorer?
Because MSCE's and MVP's and their ilk hired in the IT department need to pledge their allegiance rigidly to MS solutions in order to cover up their own lack of competency.
As for home users, well a significant percentage of them wouldn't know a web browser from a street whore.
That's a load of crap. Within Gnome, gnome may be consistent but that's where it ends. The user experience is anything but.
And if I give them a magical LOLCat infections rates will go down by 10,000% and magic pixies will appear to rub their little footies and...wait a tick, that is a what you call it, oh yeah an anecdote and doesn't prove jack which is why I put a disclaimer at the front instead of trying to pass it off as proof like you do Petey, but you KNOW this, don't you?
poor wittle APK, also know as "Petey, the idiot HOPES file guy" As in you HOPES that one of the 300,000+ constantly changing array of websites that are infected doesn't happen to be the one you visit today? Or that you HOPES that nobody notices after repeatedly being asked you have FAILED to show even the tiniest shred of mathematical proof that your magical woobie can scale? That you HOPES nobody notices your only "proof" is anecdotes, often by your own sock puppets like Kingsjester?
Remember Petey I'm not the ponce making outrageous claims so it is up to you to show the math instead of wasting everyone's time waving your little shriveled winkie around by making claims with no mathematical proof and nothing but anecdotes as "evidence". After all those that the earth is only 6000 years old have a full boat of anecdotes to back up THEIR claims as well, but we still think they are just as batshit as you, now don't we?
The simple fact is this: no matter how many times trollie says "1+1 = 3" the math simply proves you wrong and THAT is why all you can do is throw insults. You have 190,000 to 340,000 infected websites at this very moment and that list will change by the thousands per minute as sites are cleaned, new sites are infected, new vulnerabilities found, etc. Now for your HOPES file to actually be a REAL protection and not just a woobie? It will have to dynamically scale and keep up with that ever changing list of infections. Now even if you had twenty fingers and subscribed to every security list on the planet your HOPES file will ALWAYS BE OUT OF DATE and behind the curve. Always. Don't like those numbers? Use the ones from Securina, Grisoft, Symantec, any reputable security site. YOU CHOOSE. I have shown mathematically you are full of shit, now lets see you math that proves me wrong PETEY.
Now if you have a mathematical proof that shows how a static .txt file dropped into system 32 can magically scale dynamically? Lets see it. Otherwise it is NOTHING more a magical LOLCat pic backed up by anecdotes. That is the nice thing about math, it doesn't lie or believe in anecdotes. So it is all on Petey and your magical HOPES woobie now. YOU made the extravagant claims, back them up with the math. If you can't? Well then you are full of shit, case closed. Notice how ALL YOU CAN DO is throw insults and trollbomb? Why is that? I'll tell you why, because math doesn't lie and you just can't show the math you just can't do it or you would have by now, but it would be like trying to mathematically prove you are not an idiot PETEY. It just can't be done.
So please, keep posting APK, I do so enjoy pointing out the total uber fail of your magical woobie so. I also personally consider it a public service to point people to solutions that actually work instead of relying on magical woobies and anecdotes. And of course bitch slapping your around is also quite fun!
ACs don't waste your time replying, your posts are never seen by me.
This is pretty much spot on. Installed by default and easy to manage centrally. If I could manage Firefox as easily as I can manage IE (WSUS updates, group policies to force proxies and homepages, etc) then we'd already be using it. Compatibility isn't a terrible concern these days, and if I had an ADM for it I could force IE tab for sites that weren't compatible.