firefox insecurity?
Josh Coffman
josh_coffman at yahoo.com
Tue Sep 20 14:47:14 MST 2005
--- Craig White <craigwhite at azapple.com> wrote:
> On Tue, 2005-09-20 at 14:10 -0700, der.hans wrote:
> > A quick question for those who use m$ desktops but
> don't use eXploder
> > and
> > LookOut: do you still have to run anti-spyware and
> anti-virus stuff
> > all
> > the time? If you do run them, do you constantly
> find stuff that needs
> > to
> > be removed?
> >
> > Outlook and IE are so insecure that even my
> grandma knows how to run
> > anti-spyware and anti-virus programs!
> ----
> you can't connect to the Internet and run Windows
> without them...that's
> a fact.
>
> Open source bugs get documented and fixed.
> Proprietary source software
> doesn't necessarily admit or fix anything except
> what they have
> acknowledged and fixed or not fixed as it were (but
> they wouldn't likely
> acknowledge stuff that they don't fix).
>
> Try installing the latest service packs on Win2K
> server or Win2K3 server
> and see if you can actually use IE without
> compromising security...it's
> not possible. It's one of the funniest things I have
> seen in a while.
> This is Microsoft's way of telling you that you
> can't run IE without
> compromising security.
>
> Of course there is little reason to logon to Win2K
> or Win2K3 server as
> something other than superuser (not including
> terminal services) whereas
> you should NEVER log in to GUI as root on Linux.
>
> For that matter, I don't run as superuser on my own
> WinXP system but
> that is something I have learned over time...most
> Windows users never
> get this concept.
>
> the dark dirty secret, Microsoft understands this
> little detail...
>
<http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/windows_security_whynot_admin.mspx>
> but of course, default setup would ignore this and
> in fact, you have to
> do a bunch of extra work to achieve this.
>
> Craig
>
>
Ok. First, I always thought eXploder was a Ford
product. aka. Ford eXploder.
If you use Windows, you need anti-virus regardless of
what browser or email client. I personally wasn't
infected with this alone, but chose to run
anti-spyware also.
And no I didn't continually find stuff to clean up.
Like der.hans said, good web habits...
Now, to say you can't connect to the internet on
windows without IE and/or outlook is just plain
ignorant. Sorry, but it is. I ran firefox and
thunderbird after i gave up IE and outlook. I then
switched to all webmail, so I had no email client.
Also, I work in the arena of proprietary software.
Yes, we have bugs. And sometimes we find them before
the public does. It's just better that way. Call it
managing customer relations or managing expectation,
but there are certain things you have to do to keep
customer confidence. Some places I've worked may
release bug & fix information to its users, typically
when it's packaged software. Generally, web-based apps
don't disclose that sort of info.
Open Source has different customer expectations to
manage. Generally OSS has more tech-savy users.
BTW, MS does preview software to users before official
release. These customers understand the pre-release
nature of the software and are also listened to for
input about the software. I've personally met with MS
developers for info exchange about a certain product.
Oh, the MS root user thing is well known and they've
already said they are changing that model in future
windows versions.
And the win3k/2k3 thing.... ah nevermind, I'm probably
just a little irratable. Sorry if I come off as a
jack- at ss blowhard. That's someone else's job, I'm just
filling in today.
My basic philosphy is everybody's shi at t stinks, it's
just which way the wind is blowing.
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
More information about the PLUG-discuss
mailing list