Coffeehouse Thread

32 posts

Funny campaign from web standards project

Back to Forum: Coffeehouse
  • User profile image
    Keskos
  • User profile image
    Manip

    Keskos wrote:
    say use Firefox which recently had a huge security problem and was neglected for 2 years.

     
    'huge security problem'? It allowed local program execution with no args.. you couldn't even use the exploit to run format (or at least to get it to do anything meaningful). You also seem to have forgotten that IE was hit by the EXACT same bug with Shell. So what is your point, that IE + FireFox can both get hit by bugs on XP?


    Keskos wrote:
    Also there is nothing in the browser that tells about updates.


    WRONG. It does .. and it is switched on by default. Might want to check your facts.



  • User profile image
    JParrish

    What trust problem are you reffering to? I think that firefox is still catching up on some of the features they plan to achieve. I use firefox for one reason alone, it beats IE hands down on the user experience aspect. MS already knows this, SP2 added the popup blocker, and longhorn IE will include tabbed browsing.

    As far as the group that created happybrowsing, they are about at zealous as they come, they always have been. You can keep your chin up and defend IE on its merits but don't ignore its shortcommings.

  • User profile image
    Lumpy

    "For average user, IE is more secure than Firefox with SP2."
    You are totally wrong!!! Firefox and Mozilla is much more secure than IE. Read carefully http://www.mozilla.org/security/security-announcement.html

    Remember also, much people still use older Windows (2000, 98, NT) and there isn't improved IE for them (only for WinXP SP 2).

  • User profile image
    Shining Arcanine

    Keskos wrote:
    No you are WRONG. Firefox still doesn't offer patches, you are supposed to download the whole browser for every single problem.


    When they released 0.9.2 they also released a patch in the form of an extension.

    Anyway what they're doing is silly. Firefox is just as insecure as IE.

  • User profile image
    Manip

    Keskos wrote:
    If you consider that not a huge security problem, than you don't mind people giving control of their computers to malicious web sites. Using this hole you can take over a computer easily.


    Show me how it is exploitable to 'take over my computer'?

    Keskos wrote:
    It is not true that IE was hit by the exact same bug with shell. There is no such thing.



    http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx




    Keskos wrote:
    No you are WRONG. Firefox still doesn't offer patches, you are supposed to download the whole browser for every single problem.


    But you didn't say patches.. in fact you didn't use the word patches in your entire first post this is what you said..

    "Also there is nothing in the browser that tells about updates."

    tells [you] about updates? Like a box that appears telling you that a new version is released? Don't try and back-peddle. THERE *is* something to *tell* you about new versions, it has nothing to do with patches.

    An Update can be a patch OR new release. So by definition a new release is an update.

  • User profile image
    Maurits

    Keskos wrote:
    fanatics... online scam to cheat online users... their silly campaign:


    (spinal-tap)
    My troll-meter goes up to 11!
    (/spinal-tap)

  • User profile image
    Blue​Firehawk02

    Just use MyIE. Has all the user experience you need and uses the IE engine. fin.

    edit:
    Did anybody read these testimonials? Bwhahahahahaha.

    Alan: http://browsehappy.com/people/alan/
    His Problem: Resource Usage too great with IE
    Opinion: Typical user that has clicked Yes one too many times on those spyware install popups. He was probably choked with Two search bars, multiple spy programs, etc... Prove that wrong, where are the details of other programs he was running... Here's a fun fact for you:

    Two browser windows open browsing that URL above on my XP box right now:

    iexplore.exe  8,480k
    firefox.exe  18,936k

    WTF mate? One could argue that's the nature of how firefox manages memory suck up a bunch on startup so pages load faster. I'm going to do the 20 web pages open test in a bit.

    Chris: http://browsehappy.com/people/chris/
    His Problem: Web page loading speed
    Opinion: How much faster was Firefox? Did he time them? Perceived speed? .05 seconds faster? Or is it that the engine loaded the text, then images to give the perception of faster loading? I want statistics, not some guys perception as proof of speed.

    I have to go to a meeting right now so someone else who's keen on debunking this bunk continue my analysis.

    Thanks.   



  • User profile image
    sbc

    What people often forget is that Firefox is only a technology preview (i.e. still in beta). Considering that a lot of people use it instead of IE shows the developers have done good work.

    Was IE as stable as FireFox before it reached v1? Of course things have changed a lot since then - technology better, computers faster, more people using the internet.

    For me, it was not until v5.5 that IE was consistently stable - I remember all those General Protects Faults and Kernel errors that kept appearing - but that may have been the OS (Win98).

    Memory usage could be better - but before judging it, wait until 1.0 comes out. There probably is some memory leaks - but it is only a matter of time before the number of leaks are reduced.

    One thing I find is that minimizing Firefox then maximizing it again frees memory (with two tabs open - 24mb, minimize/maximize 8mb). I do find it increases sometimes as well.

    I also have two IE windows open - both of them take 13mb RAM - and thats just with Google. You could also argue IE takes more - as it relies on other Windows services.

  • User profile image
    lars

    sbc wrote:
    What people often forget is that Firefox is only a technology preview [...] but before judging it, wait until 1.0 comes out.


    So you're saying that it shouldn't be used until they slap a v1.0 on it? I'm only interested in what it can do for me today. Not what they promise to do in a future version.


  • User profile image
    Manip

    Keskos wrote:
    Google it to find out how it can be used to exploit your computer.

    Everytime you see shell word, doesn't mean they are the same problems. In this case, they are certainly not the same.


    Yes! They ARE! They both pass Shell: to the Windows handler and allow program execution. How are they different? YOU explain?

    Keskos wrote:
    A whole new release is not an update, we don't update our windows by reinstalling a whole new os. We use patches.


    Just because you say it doesn't make it true. Windows is a very poor example (as you know full well) and there are several pieces of software that ONLY update by having you download the entire package again.

    By definition if a new release is made that is an 'updated' version because the DATE is UP on the previous. If you recompile SP2 without any changes that would also be an 'update'.

  • User profile image
    sbc

    Firefox is only beta so I am sure updates isn't implemented yet (although updates for extensions work). I think once 1.0 is out you can update to 1.1 without downloading the whole package.

    Updating Firefox does not take that long as it is a small download - a lot smaller than IE updates (as in service packs, not hotfixes).

    Perhaps they may add 'Firefox Update' to the tools menu (like the way IE has 'Windows Update').

  • User profile image
    Manip

    Keskos wrote:
    IE doesn't pass shell: to the windows handler unless you say ok. In mozilla it is automatically passed.


    So what was that Microsoft security page about?



    Keskos wrote:
    Updates mean you don't install the whole package.


    ..in your OPINION


    Keskos wrote:
    That's what users want. Nobody wants to install a program every time the program is fixed. I think it is not even worth to argue about what is updated or not, you can't convince people to re-install a browser everytime firefox fixes a security problem. People want updates like IE's patches.


    You said the FF doesn't tell users updates are online which it simply DOES. You are wrong. End of story.

  • User profile image
    Maurits

    Keskos wrote:
    One interesting thing is that they are recommending safari to Internet Explorer users. Isn't it interesting that a so called independent organization which works independently promotes MacOS X and its browsers to windows users?


    I don't understand.  Are you equating Internet Explorer users with Windows users?  Are you assuming everyone who uses Internet Explorer is running Windows?

    When OS X first came out, every new Mac shipped with Internet Explorer 5 as its default browser.  Safari came later.  There's still a fair number of Macs out there with IE as their default browser.  I think the mention of Safari is for their benefit.

    Or are you suggesting that Apple is giving kickbacks to this organization for every Windows user that clicks on the Safari link?  I suppose that's possible.

  • User profile image
    jamie

    as their marketshare is under 5% ( all the browser competitors together)

    IE is 95% ( ok maybe less now .. give it a month or 2 to get it back - or for sure when longhorn comes out and there will be no such thing as a browser - it will solidify its reason to remain #1 WITH 8 years of security testing AT +90% marketshare

    you want to complain about ie - fine - but dont complain about security

    fanatics and lunatics will always target the most popular ESPECIALLY if its made by a huge corp

    tiny little Fire Fox, whats left of Netscape, Mozilla in Space , KKKknocKKwerror and Safari and god forbid OPERA the wild card - can all eat their own dog food - who cares?

    MS reacts to worlds evilest most malicious and vindictive.. everyday.. day in ..day out

    anyone who cant see that is just plain blind

    ie rules - if only by being the worlds most heavily tested and secured browser

    sooner or later - things will level out and MS will get on top of the security thing.. what then?

    Tabs? png?  who the heck cares..

    WEB STANDARD = THE WINNER - not a comittee

    ( i just moved 12 wheel barrows of brocken up concrete to the end of the backyard - forgive the attitude haha)

  • User profile image
    Flatliner

    Manip wrote:

     
    'huge security problem'? It allowed local program execution with no args.. you couldn't even use the exploit to run format (or at least to get it to do anything meaningful).


    What about "shutdown.exe" in the Windows XP System32 folder.. shuts down the machine with no args (And no prompts!)

    (Personally I'd consider that a meaningful exploit)

  • User profile image
    Manip

    Have you got a custom Shutdown(.exe)? Because if I go Start > Run > C:\Windows\System32\Shutdown.exe, it will display the /? information and close (As I would expect). The correct command to shutdown is, 'shutdown now'.

  • User profile image
    Manip

    Keskos wrote:
    My argument is that people who defend Firefox all the time do not tell the whole truth and when confronted with facts, they will end up saying things like you say. Who are you going to convince with those arguments? Do you expect them to believe you because you said so? Where is the proof?


    How many times on this page have you proved me wrong? I mean using evidence and not conjecture.

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.