Jump to content

Recommended Posts

  • Replies 50
  • Created
  • Last Reply

Top Posters In This Topic

Posted

I always use Opera. I have real problems with Firefox, the web pages judder up and down and dont open properley. Un-installed and re-installed half a dozen times and still no joy. Re-downloaded the installer and run a million virus and spyware scans and checked all the settings and the pages still shake up and down. God knows what causes it, but I cant cure it. I suspect there must be some sort of clash with something but I have no idea what it is. Uninstalled it and stuck with opera. I use Slimbrowser as a surrogate for I.E. when needed as well.

Posted

http://software.silicon.com/security/0,390...39154942,00.htm

 

DoS attack risk for Firefox 1.5 users

 

Exploit goes public...

 

 

By Dawn Kawamoto

 

Published: Friday 9 December 2005

 

Exploit code for the latest version of open-source browser Firefox was published on Wednesday, potentially putting users at risk of a denial of service (DoS) attack.

 

The exploit code takes advantage of a bug in the recently released Firefox 1.5, running on Windows XP with Service Pack 2. Firefox, which initially debuted more than a year ago, has moved swiftly to capture eight per cent of the browser market.

 

The latest Firefox flaw exists in the history.dat file, which stores information from websites users have visited with the Firefox 1.5 browser, according to a posting on the Internet Storm Center, which monitors online threats.

 

According to the posting: "If the topic of a page is crafted to be long enough, it will crash the browser each time it is started after going to such a page. Once this happens, Firefox will be unable to be started until you erase the history.dat file manually."

 

In testing Firefox 1.5 without a system running McAfee security software, the Firefox 1.5 browser would stall and not respond to a user's mouse, said Johannes Ullrich, chief research officer for the Sans Institute, which runs the Internet Storm Center.

 

Ullrich said: "Users have to kill out of the browser and start over again. This stalled browser creates a DoS condition."

 

Packet Storm, the security group that initially published the proof-of-concept exploit code, noted that in addition to the potential DoS attack that could follow a buffer overflow, systems may also be subject to a malicious execution of code.

 

Ullrich, however, said while the potential may exist, it has not been proven either way that malicious code could be executed.

 

The Mozilla Foundation, which released Firefox, said it was not able to confirm the browser would crash or be at risk of a DoS attack, after visiting certain websites. And Mozilla has not received any reports from users of such a problem, said Mike Schroepfer, vice president of engineering for Mozilla Corp.

 

He added that Firefox 1.5 can be sluggish on its next start-up, due to a bug in the history.dat but that this is not a security problem.

 

Schroepfer said: "We have gotten no independent verification that it crashes [Firefox] but there have been a lot of attempts to try."

 

Dawn Kawamoto writes for CNET News.com

Posted

One thing... if the browser crashes due to this error... how can it be used for a DOS attack? It should just be a chunk of inaccesible memory sitting out there, doing there but wasting resources. :)

Posted

How did you know about my secret experimental race of atomic super insects?! It's too soon! They're not stable enough yet to go into the world, spread a mighty army, and destroy the so called human civilization which has driven me into exile! :unsure:

Posted
db, I wonder if your Opera problem is similar to this...

 

http://my.opera.com/community/forums/topic.dml?id=95593

 

According to Opera's windows test manager's blog:

 

User: "Would that include the GDI leak?"

 

Opera windows test manager: "Yeah that's a bad bug and will be looked into."

 

 

EXACTLY! The overlays turn black exactly as depicted in that second picture. I had attributed it to a memory leak, but, a GDI leak makes perfect sense given the cause. (Well, it's STILL a memory leak because it's eating up memory it doesn't have to. ;)) When this happens, closing Opera and refreshing the Window with black clears it up. Refreshing with Opera opened does not refresh the black areas.

Posted
=)) You know I would be really scared if you were even 10% serious db !! :P

 

 

Yeah... you just keep believing that... and we'll all be happy... all it takes is for good men to do nothing, and I've WON...! :shifty:

Posted (edited)

I was under the impression that firefox browser was more secure than ie. I was listening to something my mate was on about tonight on phone, whereby he was telling me that from the very start firefox is in no way more secure than ie, due to some exploit that has still not been fixed.

 

I have always seen whilst browsing diff forums, that everyone raves on about how secure firefox is in comparison to ie. So im off to read about firefox again to see what these exploits are, i did run firefox for a short while, but i can remeber reading something similar to what my mate was on about , about the security holes in it and stopped using it thereafter, especially as firefox users always seem to be rubbing ie users noses in it, about swiss cheese.

 

 

[Edit] http://news.com.com/Symantec+Mozilla+brows..._3-5873273.html

 

http://www.mozillazine.org/talkback.html?article=7059

 

http://blogs.zdnet.com/Ou/index.php?p=103

 

along with what shamus posted about version 1.5

Edited by dontasciime
Posted

you cannot compare them so easily ie has more years that has been developed.

and plus i get no spyware with firefox

in ie you are bound to get some no matter what.

Posted

Yes, but IE's years don't mean anything when, for many of those years, it sat around with no updates. 3 browsers leaped ahead of it in terms of providing users what they wanted. People use IE only because they have to to access some sites, like Windows Update, because Microsoft imbedded it so deeply in Windows it cannot be removed, despite what they say, or people are weened on it like a baby bottle because that's what was given to them for free. :)

 

 

As for Firefox being more secure, inherently, it suffers from the same chance of security holes as anyone else. What Firefox has done differently over the competition, mostly IE, is that they actually address (most) reported security issues right away. As opposed to labeling them "unimportant" as Microsoft does until someone threatens a lawsuit. :lol:

Posted (edited)

fair enough

 

and you are right about using ie only for windows update,

that's all i use it for, because most of the time it is not allowed to go online (blocked by the firewall) ;)

 

I for one see no point in using ie it is slow and with the new updates it keeps on asking you that this site has axctive compontes do you what to allow them.

this is a pain to me. :)

Edited by dirio49
Posted (edited)

I have always just used internet explorer, and its not slow on my machines, i have never had a security issue with it on any of my computers, and you can set it to install all activex components if thats what you want, (though this is to prevent you from installing dodgy activex objects, so this is a good thing that it is asking you.)

 

I know a lot of people dislike it, though a lot of people dislike it ony because someone else does.

Each to their own

Edited by dontasciime
Posted

I only stopped using IE6 cos it took to crashing and closing down the explorer windows !

 

I tried various fixes and re-installs but to no avail, Microshaft wanted to charge for me for the pleasure of fixing it but then lmao2k recommended Firefox, which is a great replacement. Wouldn't go back to IE at present but only cos this really works for me !

Posted

I always found IE faster on my systems than any alternate browser, although firefox 1.5 after the initial startup is pretty good.

 

Anyone spouting that firefox is secure is severely deluding themselves. Rather, in most usual configurations it's just more secure than IE. Of course that's not to say it wouldn't be possible to set up each of them such that IE was more secure - but I don't believe you would then have equal functionality.

Posted

I use 3 browsers. Mozilla just for this forum. IE for reading news (because it's the only fukcing browser that works with AdShield). Opera for everything else because of it's superfast navigation. *shrug*

Posted (edited)

i use opera here and there

but for ads i used adblock plus in firefox works great you get no ads and plus there is an option to that the browser download the ad and it does not show it,

this way the site you want to support,

i think this is the best way,

you get no ads and the site gets its money. :thumbup:

because the server thinks that you have seen the banner or link

peace

Edited by dirio49
Posted

I have been using Firefox for 6 months. Funny thing, every since I started using it I do not

have to put up with pop ups and the like. I use the Adblock Plus extension and it eliminates about 98% of the crap I used to have to put up with in IE.

 

For sites that need IE, I installed IE view. You can add IE sites that refuse to render in Firefox and it automatically makes the switch seamless. In addition, there is IE tab that allows IE to open in a tab.

 

I am not going back to the clunky IE and have become a Firefox fan. I have 42 extensions installed and it works great.

Posted

I love Firefox, unfortunately, none of my programs that update specifically through java using IE do not work. For instance, my McAfee, it requires a couple of controls to be downloaded to be able to do the initial update after installation, and th get subsequent updates.

 

Have they fixed that problem?

 

Normally I like to use Firefox, but I found a simpler problem to the inherent fact that if you use IE you will get flooded with popups and other invasions: The Google Toolbar. It actually allows you to control IE when you virtually need to let it run an applet or a downloaded control. I tested it by going to websites that I know to instantly install new.net or something on your pc, and I was unaffected.

 

Last year I installed Firefox for a bunch of my clients when they complained of popups. When I went back a month later and saw that they weer not using it anymore, and had gotten re-infected, their excuse was always that "Firefox takes too long to load"

 

I never noticed that on my machine, but I guess on an Emachines Celeron, it is slow. Is there any way around that, ot is it just all the protection built in to FF kicking in?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.