Yeah, I actually found a CSS file that zeros everything out a while back, and I include that in pretty much everything, and then build the formatting how I want it. The defaults are often sensible enough if you don't want to deal with formatting at all, but if you're trying to format something, I'd rather not fight with them.
Yeah, so its the kindda thing I was refering to... its easier to deal with standard browsers, since its one less thing to worrie about... but without things like that CSS you have, the browsers tend to behave in their own little world, and you can get quite different results. The main issue (and part of why IE had such issues with standards, since it predates them), is that the W3C absolutely doesn't know how to write specs. XHTML/CSS, SOAP, XQuery, XSD...its all ambiguous garbage. So really, when browsers like FF or Opera implement their standards, what they do is implement a commonly accepted standard, based on the W3C spec...so they tend to be in sync.
With IE8 for example, Microsoft went and followed the standard on the dot on some stuff, such as making sure anything from an incomplete spec (CSS3) used a vendor specific prefix (like -ie-blahblah). Thats what the standard dictates, and for some things that are commonly accepted, FF doesn't do it, but implements the CSS3 rules like if the spec was finalized (which is AGAINST the standard). People flipped over Microsoft over it, and the blogs were full of curse words and people bitching...
So its pretty tough... the standard people want isn't even the W3C spec, its some kind of unwritten "standard" that is mainly based on FF, Opera and Webkit.... gets very, very awkward when you don't have pre-made "plumbing files" like the zero-out CSS...
Thats how I understood you originally, yes. And yes, they are separate now. There are reasons you cannot remove it though: if you remove all browsers from your system, it becomes very, very tricky to get them back, for one. Second, the rendering engine is required by a lot of applications, and since it used to be part of Windows, installers do not usually add it as a dependency, so a lot of things would break: not the OS, not Microsoft softwares, but a lot of other things would.
For now, you can easily toggle which browser is used system-wide via the Default Programs config, and you could use third party tools to remove it and things will still work out, just some 3rd party apps won't like it:)
You can't nimbly fix bugs or create features if what you do on that level ends up crashing your OS on another level.
I assume they were talking about tying the browser to the OS at the technological level, and posted using that definition. Their reference to the antitrust case was to explain WHY it was tied that way, not because they were using the antitrust law definition.
Amusingly enough, since FF, Opera, Safari and Konqueror have different defaults. Remember, the standard often (usually!) doesn't define defaults. Its just that many developers are used to that fact and know instinctively to zero out certain CSS attributes. If you don't, it gets...entertaining.
-And- these browsers aren't perfect. I remember before FF3 came out (sure, its a while ago, but people were spouting the same thing at the time), I had a web site which worked in all browsers, -except- firefox, without hacks or anything (sure, it was simple, but come on...AND it worked in FF3 beta at the time). Turns out FF2 doesn't support display:inline-block (while IE supports it for inline elements...which still sucks).
Display:inline-block is a fairly basic thing...but nope, no go in FF2. While IE really, really, really sucks, and is the bane of my existance as a web dev too, its not like the others are magical. Especially if you add Javascript in the equation, and older versions. Cross-browser web development is just a pain in general. Its better thanks to the lowest common denominator bar being raised all the time, but if it wasn't for us being almost conditionned to hack around limitations (even in the "standard" browsers, often without realizing we are), it is a disaster, IE or not. IE just makes the "disaster" into an armageddon:)
Dude, this is Slashdot, and i wasn't particularly nice. You were supposed to say I'm a M$ zealot who takes Balmer in his mouth or something. Now I feel bad!
The issue is that the union represent the majority. It is a direct mirror image of the majority's mentality in a given field. If the majority really care about excellence, the union promotes excellence.
IT is plagued with a vast majority being lazy idiot bozos who get off at the idea of screwing over their boss, even in the best of companies. So an IT union would probably be the worse amongst the worses.
Its even worse when you consider the high failure rate of IT projects, and how project management methodologies that address it (let say, Agile/Scrum/XP, whatever) tend to advocate that you're not supposed to ever say "This isn't my job!".
IT would quickly become a consultant oriented (more than it already is), pain in the ass, and many would do things manually instead of getting IT involved just to save millions.
Is the Vulnerability == Microsoft reflex drilled in your head that deep? As was said, XSS has little to do with the browser. If you don't escape stuff when you display it, and it came originally from a user, you've got an XSS that works across browsers.
1) Defaults (which is what most of the world uses) are insecure.
Defaults are secure. This exploit by default cannot do any damage. It can RUN, but it cannot do anything outside of the sandbox. The default in 64 bit, and the ONE option you have to flick to secure it "properly" in 32 bit (thats your point #2) make the exploit impossible to run at all. The "old" stuff is stilla ctively distributed but it cannot do damage anymore. So yes, the defaults ARE secure. More secure than Firefox even (if there's an exploit in FF, it can own my computer, no matter how rarely it happens, and it HAS happened before). Its just not pretty, and thus why it needs to get enhanced still.
I don't disagree with you that IE sucks. My whole argument is that the 10 years old article is vastly irrelevent, since the very core of the security strategy (including the priorities at Microsoft, which was your original point that you seem to have forgotten) really changed now. Sure, they can't replace everything overnight, but the screensaver doesn't have priority over the security patch anymore. Heck, Vista as a whole is an example of this: they pissed off their entire user base to avoid letting them run as admin.
So, WHY THE FUCK DOES IT SUPPORT INSECURE WIN32 CRAP?
This one is just ignorance..NET supports the "insecure Win32 crap" only in a specific environment (when the app runs as full trust, which is only true for an application running locally as a user with permissions to execute full trust code, or in server environments if it is specifically selected, or finally, if a.NET DLL is explicity given full trust either via configuration in the control panel or by being registered as such in the GAC).
If you're running.NET, let say in a browser (XBAP), it doesn't support anything that could even remotely touch something outside of the context, and.NET works with explicit permissions... so if I tell my app (when I code it): "You can only access the network via port 8888, to the IP 123.123.123.123", and somehow someone finds an exploit in it and tries to send himself data remotely, it won't work. (because its not 123.123.123.123:8888).
AND, if thats not enough, an administrator can tighten the security on it (for example, by default, anything that isn't on the local harddrive, let say, over the LAN, is locked down even more), either for a computer, or even across the domain.
Heck, by default,.NET scripts (PowerShell) need to be signed (with a certificate!) to execute if you didn't write it yourself... What more do you want exactly? Trusted Computing?
IE7 isn't tied to the OS anymore. Heck, in Vista its not even used for updates or anything of the sort anymore. The catch is the rendering engine IS used by a lot of third parties. A lot of things that "render" something, let say reports, even if they don't look like HTML, often use the IE rendering engine. They're still breaking compatibility with IE8 and redoing it from scratch... its just not something that happens overnight.
As an individual, you are irrelevant and easily replaced
That goes both ways. The easier an individual is replaced, the easier someone who's more skilled can replace him. Ever worked for an IT shop that sold an enterprise product? Whats hard when you make your pitch, isn't to show your product is superior to what the client already has: its to show its worth the trouble of replacing the existing one. So many companies deal with inferior software (this is Slashdot...you've heard it...) because they simply can't replace it.
Same deal with a union. It is far easier for me to sell myself based on my real value, and find a job that will compensate me accordingly, in an environment where I can replace someone of lesser value. The easier it is for me to get a job, the more money I can ask for: if someone won't pay, someone else will.
In many companies with unions, their work force is saturated. Even if employees are rewarded based on skill, you can't (easily) get IN the industry without connections. The industries you are using as example are some of the worse offender. No connection, don't even bother applying unless you're a fluke.
Finally, this is IT we're talking about here: the realm of people who DREAM they could be lazy... if IT unions form, the people with gray hair maintaining cobol apps will quickly make sure people with talent are NOT the ones rewarded.
It often is mandatory. When its not, it still is: if there's a budget cut, people outside of the union, regardless of performance, will get tanked before people inside of it. So no, you don't HAVE to, but...
What im saying is that the underlying security model of the OS (and IE in particular) changed.
The ActiveX is still a swiss cheeze. Its just a swiss cheeze that will not run unless I explicitely tell it to, and even -IF- I tell it to, it cannot do any damage outside of the browser. Also known as a sandbox, security model that is also used in the Unix world and other environments more and more. The only way to owned a properly configured IE in a Windows operating system thats not freagin 6 years old+, is to own one of its plugin (and only one that doesn't take advantage of the new security models, which unfortunately is most for now), something that can also be done in Firefox.
Now, don't get me wrong. This crap is still unacceptable: some of the settings are not the default in some versions of Windows, and Windows XP (and even 2k) are still fully supported, so the fact that they can still get owned is, again, unacceptable. What I'm saying is the security model when that article was written has nothing to do with the one of today, again proven by the fact that this exploit in the article cannot even run Calc.exe on a properly setup IE (which is the default on Vista 64 bit, for example).
They still have ways to go, but a screensaver doesn't have priority over something like this anymore (also why this hole gets plugged in a couple of hours).
Yes, it matters, because this exploit doesn't work RIGHT NOW on my CURRENT WINDOWS COMPUTER because the IE security model was redesigned since then. The exploit this article is bitching about can't even run Calc.exe unless you're using a version of Windows that dates of the days that fucking article was written, or that you're settings aren't secure. And Firefox's development roots are in Netscape/Mozilla, which were swiss cheeze back then. Firefox is only secure because all that shit was redone almost from scratch.
If there's a mistake in Firefox and it gets owned, regardless of how uncommon it is, it gets owned. All of the billion of flaws in IE that keep making front page on slashdot can't even run Calc.exe if set right (and I know thats a big if... if I don't set a Linux box right it will get owned too).
When you stupid article was written, I was playing around using script kiddie exploits to root random (up to date!!) Linux and Unix servers on the net. I wouldn't be able to do this today. So yes, it fucking matters.
but her 'expert friends' insisted she put XP on it and she even went as far to buy a retail copy of XP Professional.
That bothers me so much. Last place I worked for, people came to see our main sysadmin for advices on stuff like this. The guy has been sysadmin for longer than many people on Slashdot have been born, and he manages douzens of thousands of Windows PCs, so people assume he knows his stuff. He kept telling people, not just to "upgrade to XP from Vista", but that anyone using Vista was a flipping moron. Obviously all these people did much like the story you tell, go out and buy XP Pro, reformat the machine, etc.
Turns out the guy never tried Vista. Never installed it, never looked into it. He has never even seen what a UAC popup looks like. He kept bragging about the superiority of MacOSX, yet when that happened, he had never TOUCHED MaxOSX before (regardless of how great or not OSX is, you can't really recommend something you've never TRIED). But hey, he's a senior sysadmin and network architect, why shouldn't people listen to him!
Thats why Windows 32 bit needs to die. In 64 bit Vista, all that is on by default. I have the proof of concept of the exploit here, here's what happens:
Let say I run the exploit and make it execute Notepad.exe. Without Protected Mode, and without memory protection, Notepad will execute, and I can have it create, open, save files. Free for all.
If Protected Mode is on, Notepad.exe will run, but it has no access to anything outside the IE context...so i cant use it to overwrite a file to disk.
If memory protection is on, then Notepad.exe doesn't run at all.
So its fairly effective (all exploits found so far have had behavior like described above). The big gain here, is that even IF there is an exploit, it will not work. Firefox gets patched in a matter of hours, and doesn't have THAt many exploits...but they're still there when they happen. With the above setup, you can try and exploit IE all you want, you won't get far.
I'll agree with your last statement: If Firefox had that option, then it would basically be perfect in this regard. For now though, it ends up being a matter of preference.
Its the first feature people who insist on putting files on C:\ instead of in the document folder disable. I see one popup a week or so, hardly reason to disable it. (You see more during initial setup, but....)
Memory protection is definately not available in XP Sp2/SP3 32 bit (i just checked after reading your post on my lap-tops). If its there for you, then its a 64 bit feature (which would make sense, since 64 bit CPUs now support that natively, but only when used as 64 bit...)
Protected mode is on by default, and you have to know what you're doing to -disable- it. Protected mode, you're entirely right about...and same for 64 bit (OEMs really should have 64 bit installed by default by now...ugh).
Windows 7 was schedule for 2010, and now they say 2009, so its safe to say it will be near the end of 2009, which is almost 3 years, and basically in line with how MS did things until the XP fluke (which pissed off a lot of people, especially since Software Insurance licensing is only really cost effective if there's a new version every 2-3 years). It was also out in 2006, just not in retail boxes. XP is an obsolete OS that needs to be replace. I mean come on: When XP came out, I was going around rooting up to date Linux servers using script kiddie hacks. Thats how old XP is.
Inhouse apps also have to constantly be fixed and updated... so updating it slightly so it works in Vista, or updating it when daylight saving time dates change (because it hardcoded it for whatever reason), same deal...if you have inhouse apps, you're already doing this on a daily basis anyway =P
Pushing Vista? What? I was saying how this was STILL a problem since you can't expect everyone to be running Vista. Does it hurt so much to realize that Vista actually has redeeming features that now you're afraid that even people on your side of the fence will turn on you, or something?
No sitation, I was only going by the historical background of both browsers. Firefox has its roots in Mozilla, which was...less than stellar back in the days. Of course, everything changed and that background is fairly irrelevent now.
And the vulnerability is an issue because not everyone is on Vista, not everyone has UAC on, and most people (including me until 2 days ago!) know about the memory protection feature (plus, while I didn't hit any, it supposingly can have some incompatibility issues with some IE plugins in 32 bit... Silverlight, Flash and Java work fine though).
Plus well, its still bad if someone can crash your browser with javascript. But it still IS a valid workaround that issue (and most future IE exploits) that makes something that would be totally horrible into a mere pain in the butt.
(only really works for Vista, and I -think- is the default in 64 bit...isn't in 32 bit for compatibility reason, but works fine on my side...)
Step 1: Make sure IE is running in protected mode
Step 2: In internet option, in advanced, in Security, make sure "Enable Memory protection..." is enabled (need to run IE as admin to toggle that)
There, exploit doesn't work anymore. It Crash IE, yes, but it can't do much anymore. Thats not so bad, knowing that even a buffer overflow that should be able to totally own your system can, at best, crash your browser...
The only issue here is that in 32 bit Vista, memory protection is done in software and can cause issues, so its not the default... If it was, this would be an annoyance at best.
First, thats really old. Second, if you go by the root of the browsers, Firefox has its root in development that was even less secure than IE. Third, if you have IE in protected mode with memory protection enabled, even if it has all the buffer overflows you can imagine, the worse an attacker can do is look at your temp files. I'd hardly say this isn't made with security in mind...
Slashdot Mirror
Yeah, so its the kindda thing I was refering to... its easier to deal with standard browsers, since its one less thing to worrie about... but without things like that CSS you have, the browsers tend to behave in their own little world, and you can get quite different results. The main issue (and part of why IE had such issues with standards, since it predates them), is that the W3C absolutely doesn't know how to write specs. XHTML/CSS, SOAP, XQuery, XSD...its all ambiguous garbage. So really, when browsers like FF or Opera implement their standards, what they do is implement a commonly accepted standard, based on the W3C spec...so they tend to be in sync.
With IE8 for example, Microsoft went and followed the standard on the dot on some stuff, such as making sure anything from an incomplete spec (CSS3) used a vendor specific prefix (like -ie-blahblah). Thats what the standard dictates, and for some things that are commonly accepted, FF doesn't do it, but implements the CSS3 rules like if the spec was finalized (which is AGAINST the standard). People flipped over Microsoft over it, and the blogs were full of curse words and people bitching...
So its pretty tough... the standard people want isn't even the W3C spec, its some kind of unwritten "standard" that is mainly based on FF, Opera and Webkit.... gets very, very awkward when you don't have pre-made "plumbing files" like the zero-out CSS...
Thats how I understood you originally, yes. And yes, they are separate now. There are reasons you cannot remove it though: if you remove all browsers from your system, it becomes very, very tricky to get them back, for one. Second, the rendering engine is required by a lot of applications, and since it used to be part of Windows, installers do not usually add it as a dependency, so a lot of things would break: not the OS, not Microsoft softwares, but a lot of other things would.
For now, you can easily toggle which browser is used system-wide via the Default Programs config, and you could use third party tools to remove it and things will still work out, just some 3rd party apps won't like it :)
Considering the GP stated, and I quote:
I assume they were talking about tying the browser to the OS at the technological level, and posted using that definition. Their reference to the antitrust case was to explain WHY it was tied that way, not because they were using the antitrust law definition.
Amusingly enough, since FF, Opera, Safari and Konqueror have different defaults. Remember, the standard often (usually!) doesn't define defaults. Its just that many developers are used to that fact and know instinctively to zero out certain CSS attributes. If you don't, it gets...entertaining.
-And- these browsers aren't perfect. I remember before FF3 came out (sure, its a while ago, but people were spouting the same thing at the time), I had a web site which worked in all browsers, -except- firefox, without hacks or anything (sure, it was simple, but come on...AND it worked in FF3 beta at the time). Turns out FF2 doesn't support display:inline-block (while IE supports it for inline elements...which still sucks).
Display:inline-block is a fairly basic thing...but nope, no go in FF2. While IE really, really, really sucks, and is the bane of my existance as a web dev too, its not like the others are magical. Especially if you add Javascript in the equation, and older versions. Cross-browser web development is just a pain in general. Its better thanks to the lowest common denominator bar being raised all the time, but if it wasn't for us being almost conditionned to hack around limitations (even in the "standard" browsers, often without realizing we are), it is a disaster, IE or not. IE just makes the "disaster" into an armageddon :)
Dude, this is Slashdot, and i wasn't particularly nice. You were supposed to say I'm a M$ zealot who takes Balmer in his mouth or something. Now I feel bad!
The issue is that the union represent the majority. It is a direct mirror image of the majority's mentality in a given field. If the majority really care about excellence, the union promotes excellence.
IT is plagued with a vast majority being lazy idiot bozos who get off at the idea of screwing over their boss, even in the best of companies. So an IT union would probably be the worse amongst the worses.
Its even worse when you consider the high failure rate of IT projects, and how project management methodologies that address it (let say, Agile/Scrum/XP, whatever) tend to advocate that you're not supposed to ever say "This isn't my job!".
IT would quickly become a consultant oriented (more than it already is), pain in the ass, and many would do things manually instead of getting IT involved just to save millions.
Is the Vulnerability == Microsoft reflex drilled in your head that deep? As was said, XSS has little to do with the browser. If you don't escape stuff when you display it, and it came originally from a user, you've got an XSS that works across browsers.
Defaults are secure. This exploit by default cannot do any damage. It can RUN, but it cannot do anything outside of the sandbox. The default in 64 bit, and the ONE option you have to flick to secure it "properly" in 32 bit (thats your point #2) make the exploit impossible to run at all. The "old" stuff is stilla ctively distributed but it cannot do damage anymore. So yes, the defaults ARE secure. More secure than Firefox even (if there's an exploit in FF, it can own my computer, no matter how rarely it happens, and it HAS happened before). Its just not pretty, and thus why it needs to get enhanced still.
I don't disagree with you that IE sucks. My whole argument is that the 10 years old article is vastly irrelevent, since the very core of the security strategy (including the priorities at Microsoft, which was your original point that you seem to have forgotten) really changed now. Sure, they can't replace everything overnight, but the screensaver doesn't have priority over the security patch anymore. Heck, Vista as a whole is an example of this: they pissed off their entire user base to avoid letting them run as admin.
This one is just ignorance. .NET supports the "insecure Win32 crap" only in a specific environment (when the app runs as full trust, which is only true for an application running locally as a user with permissions to execute full trust code, or in server environments if it is specifically selected, or finally, if a .NET DLL is explicity given full trust either via configuration in the control panel or by being registered as such in the GAC).
If you're running .NET, let say in a browser (XBAP), it doesn't support anything that could even remotely touch something outside of the context, and .NET works with explicit permissions... so if I tell my app (when I code it): "You can only access the network via port 8888, to the IP 123.123.123.123", and somehow someone finds an exploit in it and tries to send himself data remotely, it won't work. (because its not 123.123.123.123:8888).
AND, if thats not enough, an administrator can tighten the security on it (for example, by default, anything that isn't on the local harddrive, let say, over the LAN, is locked down even more), either for a computer, or even across the domain.
Heck, by default, .NET scripts (PowerShell) need to be signed (with a certificate!) to execute if you didn't write it yourself... What more do you want exactly? Trusted Computing?
IE7 isn't tied to the OS anymore. Heck, in Vista its not even used for updates or anything of the sort anymore. The catch is the rendering engine IS used by a lot of third parties. A lot of things that "render" something, let say reports, even if they don't look like HTML, often use the IE rendering engine. They're still breaking compatibility with IE8 and redoing it from scratch... its just not something that happens overnight.
That goes both ways. The easier an individual is replaced, the easier someone who's more skilled can replace him. Ever worked for an IT shop that sold an enterprise product? Whats hard when you make your pitch, isn't to show your product is superior to what the client already has: its to show its worth the trouble of replacing the existing one. So many companies deal with inferior software (this is Slashdot...you've heard it...) because they simply can't replace it.
Same deal with a union. It is far easier for me to sell myself based on my real value, and find a job that will compensate me accordingly, in an environment where I can replace someone of lesser value. The easier it is for me to get a job, the more money I can ask for: if someone won't pay, someone else will.
In many companies with unions, their work force is saturated. Even if employees are rewarded based on skill, you can't (easily) get IN the industry without connections. The industries you are using as example are some of the worse offender. No connection, don't even bother applying unless you're a fluke.
Finally, this is IT we're talking about here: the realm of people who DREAM they could be lazy... if IT unions form, the people with gray hair maintaining cobol apps will quickly make sure people with talent are NOT the ones rewarded.
It often is mandatory. When its not, it still is: if there's a budget cut, people outside of the union, regardless of performance, will get tanked before people inside of it. So no, you don't HAVE to, but...
What im saying is that the underlying security model of the OS (and IE in particular) changed.
The ActiveX is still a swiss cheeze. Its just a swiss cheeze that will not run unless I explicitely tell it to, and even -IF- I tell it to, it cannot do any damage outside of the browser. Also known as a sandbox, security model that is also used in the Unix world and other environments more and more. The only way to owned a properly configured IE in a Windows operating system thats not freagin 6 years old+, is to own one of its plugin (and only one that doesn't take advantage of the new security models, which unfortunately is most for now), something that can also be done in Firefox.
Now, don't get me wrong. This crap is still unacceptable: some of the settings are not the default in some versions of Windows, and Windows XP (and even 2k) are still fully supported, so the fact that they can still get owned is, again, unacceptable. What I'm saying is the security model when that article was written has nothing to do with the one of today, again proven by the fact that this exploit in the article cannot even run Calc.exe on a properly setup IE (which is the default on Vista 64 bit, for example).
They still have ways to go, but a screensaver doesn't have priority over something like this anymore (also why this hole gets plugged in a couple of hours).
Yes, it matters, because this exploit doesn't work RIGHT NOW on my CURRENT WINDOWS COMPUTER because the IE security model was redesigned since then. The exploit this article is bitching about can't even run Calc.exe unless you're using a version of Windows that dates of the days that fucking article was written, or that you're settings aren't secure. And Firefox's development roots are in Netscape/Mozilla, which were swiss cheeze back then. Firefox is only secure because all that shit was redone almost from scratch.
If there's a mistake in Firefox and it gets owned, regardless of how uncommon it is, it gets owned. All of the billion of flaws in IE that keep making front page on slashdot can't even run Calc.exe if set right (and I know thats a big if... if I don't set a Linux box right it will get owned too).
When you stupid article was written, I was playing around using script kiddie exploits to root random (up to date!!) Linux and Unix servers on the net. I wouldn't be able to do this today. So yes, it fucking matters.
Yeah, you just need to update the OS first.
That bothers me so much. Last place I worked for, people came to see our main sysadmin for advices on stuff like this. The guy has been sysadmin for longer than many people on Slashdot have been born, and he manages douzens of thousands of Windows PCs, so people assume he knows his stuff. He kept telling people, not just to "upgrade to XP from Vista", but that anyone using Vista was a flipping moron. Obviously all these people did much like the story you tell, go out and buy XP Pro, reformat the machine, etc.
Turns out the guy never tried Vista. Never installed it, never looked into it. He has never even seen what a UAC popup looks like. He kept bragging about the superiority of MacOSX, yet when that happened, he had never TOUCHED MaxOSX before (regardless of how great or not OSX is, you can't really recommend something you've never TRIED). But hey, he's a senior sysadmin and network architect, why shouldn't people listen to him!
Awkward...
I just looked at a 64 bit machine and the option isn't there either... Is it really there in XP at all, or does it work differently?
Thats why Windows 32 bit needs to die. In 64 bit Vista, all that is on by default. I have the proof of concept of the exploit here, here's what happens:
Let say I run the exploit and make it execute Notepad.exe. Without Protected Mode, and without memory protection, Notepad will execute, and I can have it create, open, save files. Free for all.
If Protected Mode is on, Notepad.exe will run, but it has no access to anything outside the IE context...so i cant use it to overwrite a file to disk.
If memory protection is on, then Notepad.exe doesn't run at all.
So its fairly effective (all exploits found so far have had behavior like described above). The big gain here, is that even IF there is an exploit, it will not work. Firefox gets patched in a matter of hours, and doesn't have THAt many exploits...but they're still there when they happen. With the above setup, you can try and exploit IE all you want, you won't get far.
I'll agree with your last statement: If Firefox had that option, then it would basically be perfect in this regard. For now though, it ends up being a matter of preference.
Its the first feature people who insist on putting files on C:\ instead of in the document folder disable. I see one popup a week or so, hardly reason to disable it. (You see more during initial setup, but....)
Memory protection is definately not available in XP Sp2/SP3 32 bit (i just checked after reading your post on my lap-tops). If its there for you, then its a 64 bit feature (which would make sense, since 64 bit CPUs now support that natively, but only when used as 64 bit...)
Protected mode is on by default, and you have to know what you're doing to -disable- it. Protected mode, you're entirely right about...and same for 64 bit (OEMs really should have 64 bit installed by default by now...ugh).
Windows 7 was schedule for 2010, and now they say 2009, so its safe to say it will be near the end of 2009, which is almost 3 years, and basically in line with how MS did things until the XP fluke (which pissed off a lot of people, especially since Software Insurance licensing is only really cost effective if there's a new version every 2-3 years). It was also out in 2006, just not in retail boxes. XP is an obsolete OS that needs to be replace. I mean come on: When XP came out, I was going around rooting up to date Linux servers using script kiddie hacks. Thats how old XP is.
Inhouse apps also have to constantly be fixed and updated... so updating it slightly so it works in Vista, or updating it when daylight saving time dates change (because it hardcoded it for whatever reason), same deal...if you have inhouse apps, you're already doing this on a daily basis anyway =P
Pushing Vista? What? I was saying how this was STILL a problem since you can't expect everyone to be running Vista. Does it hurt so much to realize that Vista actually has redeeming features that now you're afraid that even people on your side of the fence will turn on you, or something?
No sitation, I was only going by the historical background of both browsers. Firefox has its roots in Mozilla, which was...less than stellar back in the days. Of course, everything changed and that background is fairly irrelevent now.
And the vulnerability is an issue because not everyone is on Vista, not everyone has UAC on, and most people (including me until 2 days ago!) know about the memory protection feature (plus, while I didn't hit any, it supposingly can have some incompatibility issues with some IE plugins in 32 bit... Silverlight, Flash and Java work fine though).
Plus well, its still bad if someone can crash your browser with javascript. But it still IS a valid workaround that issue (and most future IE exploits) that makes something that would be totally horrible into a mere pain in the butt.
(only really works for Vista, and I -think- is the default in 64 bit...isn't in 32 bit for compatibility reason, but works fine on my side...)
Step 1: Make sure IE is running in protected mode
Step 2: In internet option, in advanced, in Security, make sure "Enable Memory protection..." is enabled (need to run IE as admin to toggle that)
There, exploit doesn't work anymore. It Crash IE, yes, but it can't do much anymore. Thats not so bad, knowing that even a buffer overflow that should be able to totally own your system can, at best, crash your browser...
The only issue here is that in 32 bit Vista, memory protection is done in software and can cause issues, so its not the default... If it was, this would be an annoyance at best.
First, thats really old. Second, if you go by the root of the browsers, Firefox has its root in development that was even less secure than IE. Third, if you have IE in protected mode with memory protection enabled, even if it has all the buffer overflows you can imagine, the worse an attacker can do is look at your temp files. I'd hardly say this isn't made with security in mind...