Good reason to upgrade Firefox 1.0.4
- Thread starter NJC
- Start date
- Status
Congrats to Aviv Raff! He made exploit code for a browser that's been patched twice since then. And had a version upgrade as well! This guy is seriously late to the party.
I wonder if Mr Raff can look at some Netscape 3.x code and find some holes that he can exploit?!?!?
I wonder if Mr Raff can look at some Netscape 3.x code and find some holes that he can exploit?!?!?
The article was correct in saying some folks belief Firefox is bulletproof. It is a lot better than IE but as more folks target it they'll find these security flaws/bugs.
I didn't really realize Netscape and TB shared the same code ... is this to do with gecko (I know nil about it).
I'm happy to see Netscape live on since it was mostly squashed in the mid-nineties browser battle with M$.
I didn't really realize Netscape and TB shared the same code ... is this to do with gecko (I know nil about it).
I'm happy to see Netscape live on since it was mostly squashed in the mid-nineties browser battle with M$.
You can get that add-on that controls java scripting for FF to make it even more safe. Think I'll do that now.
NoScript is great indeed for controlling JavaScript behaviors. Just my two cents' worth.
One of the interesting side benefits of Open Source Software is that holes are patched VERY quickly. Conversely, many large companines including and mainly Microsoft, will sit on a "flaw" for several months if they deem it as "not critical". Then someone usually gets ticked off that it hasn't been patched, writes some light-duty malicious code, and suddenly Microsoft will finally patch that flaw.
Microsoft's mentality of computing doesn't exist in the OSS world. Funny thing is, all MS has to do is FIX it quickly. But they play politics with their own products rather than providing fixes do their products.
Microsoft's mentality of computing doesn't exist in the OSS world. Funny thing is, all MS has to do is FIX it quickly. But they play politics with their own products rather than providing fixes do their products.
Is javascripting really as security threat? Is NoScript really needed?
Yep. I STRONGLY advise a tool such as NoScript. In fact, it may have been a malicious JS program that has caused a DoS to linux.org- one of my favorite sites to check out. Funny, though- I can get there through Win XP on the same machine! (WHAT'S WRONG WITH THIS PICTURE?????)
Again, you can't be too secure on the 'Net.
- Status
Similar threads
