Worried about security, look beyond your browser

[Layzie Bone]

It always kills me the people who say firefox is more secure than IE. The truth is it doesn't matter, rather than try to find the perfect browser I'd first reduce the stage that hackers use to get into your *****.

Here's what ZDnet's Adrian Kingsley-Hughes had to say:

[quote="ZDnet"]My blogging colleague George Ou raised some interesting points in a post yesterday looking at security flaws in Firefox and Internet Explorer. Over the years I’ve come to the conclusion that counting bugs is a pointless exercise and that it’s far better to limit the attack surface you present to hackers.

After years of tracking bugs in different browsers I’ve come to one conclusion - browsers are buggy. No matter whether you carry the flag for IE or Firefox, it doesn’t really matter because it’s clear to me that after more than ten years of trying to come up with the perfect browser, no one has yet managed that, and my guess is that given the pace at which web technology is moving on and the pressure to make the web more interactive, the perfect browser is just as far away from us now as it was ten years ago. George is spot on when he says that neither Microsoft or Firefox should be proud of their track record when it comes to security. True, the fact that Internet Explorer 7 on Vista runs in Protected Mode gives me a little bit of a warm fuzzy, but I’m not kidding myself for one second that this is invulnerable. I always look at the Internet with the same suspicion that I’d have for a cleared minefield - in other words, I tread carefully.

But there’s more to keeping the bad guys out of your digital kingdom that counting browser bugs and fixes. A real-world analogy would be putting all your resources into having excellent door locks but neglecting to even close the windows. Rather than worry about which browser is the safest, I much prefer to limit the attack surface I offer to hackers and keep as much unnecessary software off my system as possible.

At the top of the list of software that I like to keep off my system is QuickTime. In fact, I hate QuickTime with a passion, so much so that I only have it installed on one on my PCs (the one that has iTunes installed on it). Another is RealPlayer. Not only are these serious bug magnets but they are largely unnecessary. I also keep browser add-on, toolbars and even security software to a minimum. With large suites such as Microsoft Office, I now only install the components that I’ll need - gone are the days when I select “Full Install.â€

[battye]

That sounds about right to me. My main concern with Firefox is that it fails to run various multimedia tasks - such as Sopcast. If I want to run a Sopcast show, I'm forced to use IE, which I don't want to do.

Firefox is also too slow for my liking, and that is with zero addons installed.

Hi Layzie, good to see you

[Layzie Bone]

and those who do have firefox, probably also have IE stuck on there, and because IE is a windows componet uninstalling it is an unwise idea as other OS componets use it as well. After all, IE isnt all that bad, no matter where you look to there's always going to be some sort of bug.

I remember a few years ago, when i was still on dial-up i had downloaded Mandrake Linux 9.1 (took me like 2 months lol), and i forget where exactly where the bug was, but it was the dumbest bug i've ever seen, when you moved a slider all the way up the program would crash because the slider had exceeded the maximum value. Days when running the calculator program uses over 1 MB of memory, there's bugs bound to be found. I mean figure this no one person can look over thousands (or millions) lines of code and be able to determine whether or not there are security vulnerablilites or not, instead you have a team of people looking over the code, and what I know and what you know are two different things. Thats one reason alone why everyone beta tests things, then they find some of the problems in thier program.


nice to you you too....

[moongirl]

Hello Wanabe, welcome back.

Running as an Administrator...or Limited User to increase your security.
http://www.microsoft.com/protect/comput ... count.mspx

[Layzie Bone]

thats a god article.

I remeber reading another article on zdnet a while ago the UK's intelligence agecny i forget what it's called was showing how easy and how quicky they could gain access through an unsecured wireless network on a computer running Windows XP SP1 without any kind of firewall or anti-virus. In 15 minutes they were browsing through the computer's My Documents folder.

I can happen to the likelyhood is not very likely. The biggest thing about having an unsecured wireless network is people trying to steal your internet, rather than trying to steal your information.

Nevertheless keep your digital doors locked, you never know what kind of coo coo heads are out there, even in your back yard.

[tunebud]

HEY!!
I am not your neighbor am I?

Good to see you around

[Layzie Bone]

HEY!!
I am not your neighbor am I?

Good to see you around

Depends on how you look at, by IP address, street address, but I guess in the manner of cricketmx, I guess you would be, either way I'm just yanking your chain

[tunebud]

I l

ook at it as I am wireless it's free and I am one of those

coo coo heads are out there, even in your back yard.

stealing your internet

I thought it was so funny the gal at Best Buy trying to sell my friend on security. I was laughing so hard I had to walk away.

[Layzie Bone]

It's funny the whole computer industry is driven making money on telling people that other people can hack into thier system. Not really telling them what they really need to have, why not sell them a rediculous all-in-one security package that blows everything out of proportion?

Seriously. When you install NIS for the first time it pops up and says:

An Unknown Program "Internet Explorer" C:\WINDOWS\system32\iexplore.exe" is trying to access the internet. Always Allow, Allow Once, Block Once, Block Always?

Most people would get the hint that IE should get on the internet, but I have seen several people bring thier systems in because Norton is blocking thier internet. The truth is if a program hassles you that much, it is not needed. People tend to forget that Windows has a built-in firewall and 99% of all cases is sufficient enough for the everyday person. If communication is so critical that you need to be secure, use a VPN and shut the hell up about getting hacked.

[battye]

Seriously. When you install NIS for the first time it pops up and says:

An Unknown Program "Internet Explorer" C:\WINDOWS\system32\iexplore.exe" is trying to access the internet. Always Allow, Allow Once, Block Once, Block Always?

I know a lot of people that would intentionally click Block Always

[Layzie Bone]

Seriously. When you install NIS for the first time it pops up and says:

An Unknown Program "Internet Explorer" C:\WINDOWS\system32\iexplore.exe" is trying to access the internet. Always Allow, Allow Once, Block Once, Block Always?

I know a lot of people that would intentionally click Block Always

or

An Unknown Program "Mozilla Firefox" C:\Program Files\Mozilla Firefox\firefox.exe" is trying to access the internet.