Free Republic
Browse · Search
Smoky Backroom
Topics · Post Article

Skip to comments.

Firefox site hacked again
TechWorld ^ | 05 October 2005 | Robert McMillan

Posted on 10/05/2005 5:32:56 AM PDT by Golden Eagle

For the second time in three months, a security breach has shut down the marketing website used to promote the Firefox browser. Late Monday, members of the Spread Firefox community were notified that their Spread Firefox site had been hit by attackers looking to exploit a bug in the TWiki collaboration software, which had been running on the server.

The Mozilla Foundation does not believe that any sensitive information was compromised in the attack, but it is encouraging the approximately 100,000 Spread Firefox members to reset their passwords. "With these things it's hard to determine the exact nature of what happened," said Mike Schroepfer, director of engineering with the Foundation's Mozilla subsidiary.

(Excerpt) Read more at techworld.com ...


TOPICS:
KEYWORDS: brassbuzzard; firefox; microsoftshills; mozilla; opensource; redmondwhores; security; tinturkey
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 121-136 next last
To: zeugma
"...we still see regular hacks of IE, which is, in todays terms pretty old and (allegedly) mature code.

To be fair it must also be mentioned that IE's functionality has grown exponentially as well over this same timeframe making the places for flaws to exists grow at the same time.

It is well known that for many years Microsoft played a game of 'keeping up with the Jones's' with both their browser adding functionality at a breakneck pace while modifying the underlying OS's at the same time. Security was not as big an issue for anyone during those early days. After achieving near market saturation, Microsoft has now slowed down the pace of change and focused much more attention on security issues.

To put it plainly, this is not exactly comparing apples to apples. A better analogy might be to compare security in a small brick building recently constructed in a high crime area with a single front door and a back door with bars on them to a multi-story apartment complex with windows and entrances and exits built for comfort and ease of use which was constructed during the days when it was safe to leave your front door unlocked while you went out for groceries.
21 posted on 10/05/2005 10:06:10 AM PDT by contemplator (Capitalism gets no Rock Concerts)
[ Post Reply | Private Reply | To 12 | View Replies]

To: zeugma
Can you show me anything in the article that anything about Firefox being hacked?

The Firefox site, n00b.

A pretty bold claim based on a perl-based wiki module being hacked.

The source code is open and widely available -- and yet it's loaded with vulnerabilities. So here's the deal. Projects that are higher profile (Linux kernel, Apache, etc) are more likely to have more eyes looking at them. Low-profile projects don't. And, if you're running a site, you damn well better be careful about what you're deploying. This wiki code is spaghetti.
22 posted on 10/05/2005 12:16:56 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Bush2000
As usual, you lack the ability to admit misstatements on your part.

You said:
Um, yes, it does have something to do with Firefox being hacked.

So I replied:
Can you show me anything in the article that anything about Firefox being hacked?

Then you, being unable to maintain civil conversation reply:
The Firefox site, n00b.

So, if you meant the site initially, why didn't you just say so instead of trying to make it seem that the referenced article had something to do with a vulnerability in Firefox?

As far as it being your comment about FF being "open and widely available -- and yet it's loaded with vulnerabilities"... at least, when we find vulnerabilities, they are fixed in a timely manner because the entire process is so open. With proprietary products like IE, even though we can't look at the code, we find as many, if not more defects and are then forced to wait until Microsoft feels like releasing a patch. Btw: they missed this month's patch release didn't they? They can't even stay on time with their patches for their shoddy products. Must be the backlog of critical defects snowing them under. It's amazing that even with billions of dollars at their disposal, they still can't outperform the Mozilla team in their timely release of fixes.

23 posted on 10/05/2005 12:49:02 PM PDT by zeugma (Warning: Self-referential object does not reference itself.)
[ Post Reply | Private Reply | To 22 | View Replies]

To: Prime Choice; softwarecreator

I remember that non-event.

http://www.newsfactor.com/perl/story/18242.html

The Redmond, Washington-based software giant on Friday acknowledged shipping the malicious code and blamed an unnamed third party that translated the Korean version of the software.

"It looks like the company doing the translation was infected and they passed it on to the product," McAfee.com virus research manager April Goostree told NewsFactor.

Visual Studio has no idea the extra file is there," Flores said. "There's no situation where Visual Studio developers will be able to infect themselves."


24 posted on 10/05/2005 1:50:16 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 14 | View Replies]

To: zeugma

That's hysterical, coming from someone who doesn't even know the difference between a "workaround" and an actual "patch":

http://www.freerepublic.com/focus/f-chat/1482107/posts


25 posted on 10/05/2005 1:55:34 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 23 | View Replies]

To: zeugma
So, if you meant the site initially, why didn't you just say so instead of trying to make it seem that the referenced article had something to do with a vulnerability in Firefox?

Look at the title of this article, for chrissakes. It's about the Firefox site. I thought you had the minimal IQ necessary to understand the correlation. Apparently, I was wrong.

at least, when we find vulnerabilities, they are fixed in a timely manner because the entire process is so open. With proprietary products like IE, even though we can't look at the code, we find as many, if not more defects and are then forced to wait until Microsoft feels like releasing a patch.

And, in their haste to release patches, many open source projects release crappy patches. Witness recent Firefox patches. They were utter crap. Frankly, I'd rather wait for a fully-tested patch than depend upon wishful thinking. Because the fact of the matter is that there are practictally no zero-day exploits.
26 posted on 10/05/2005 1:57:07 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 23 | View Replies]

To: Prime Choice
So the hack was on the Twiki software...not Firefox.

This article is about the Firefox site. Buy, rent, borrow, or steal an IQ.
27 posted on 10/05/2005 1:58:46 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Bush2000
I'm just a bystander here. From what I can discern, you seem to imply that, since Firefox's SITE got hacked, Firefox has as many vulnerabilites as IE. But, from where I sit, that's like saying that a truckload of shiny new Merceds Benz cars are no good because the car carrier they are being transported on broke down.
Let me know if I am missing something......
28 posted on 10/05/2005 2:11:07 PM PDT by KeepUSfree (WOSD = fascism pure and simple.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: KeepUSfree
Let me know if I am missing something......

Yes, a clue. This article is about the Firefox site. I would have thought my reference to Firefox would have been obvious to most people.
29 posted on 10/05/2005 3:31:30 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 28 | View Replies]

To: Golden Eagle
Screw off troll. I'm not going to split hairs with you.
30 posted on 10/05/2005 3:53:21 PM PDT by zeugma (Warning: Self-referential object does not reference itself.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: Bush2000
This article is about the Firefox site.

So glad you noticed. Now if you'll just keep making that distinction when you're running around like an ignorant e-tard saying "Firefox got hacked," then we won't have these sorts of conversations, sport.

31 posted on 10/05/2005 3:59:35 PM PDT by Prime Choice (E=mc^3. Don't drink and derive.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: zeugma
Screw off troll. I'm not going to split hairs with you.

You are a quick & accurate judge of character, zeugma.   ;o)

As another Freeper pointed out, Brass Buzzard is a strange denizen. He doesn't speak to any conservative issues and is always whoring for Redmond. Hell, about the closest he even gets to a political statement is his calling Linux supporters "communists" when they peg him on the facts.

32 posted on 10/05/2005 4:01:06 PM PDT by Prime Choice (E=mc^3. Don't drink and derive.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Golden Eagle
I remember that non-event.

Obviously you don't. It was far from a "non-event." And please...Microsoft's buck-passing on that issue was absurd. Anyone who's familiar with the Redmond totalitarians knows that their distributors don't even sneeze without Microsoft's approval in triplicate.

And Microsoft.com's getting spanked by Nimda was certainly not a "non-event" either. Thought you might like to know...

33 posted on 10/05/2005 4:06:40 PM PDT by Prime Choice (E=mc^3. Don't drink and derive.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: zeugma
Screw off troll. I'm not going to split hairs with you.

Of course not. You lack the intellectual capacity to split hairs.
34 posted on 10/05/2005 4:26:24 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Prime Choice

Apparently, you drooling maroons need a roadmap to rational thought when people use terms such as "Google" or "Amazon" or "Yahoo" or "Firefox" ... You're either a moron or deliberately obtuse. Either way, it's sad, truly sad.


35 posted on 10/05/2005 4:31:47 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 31 | View Replies]

To: zeugma

LOL, you think the actual difference between a "workaround" and a "patch" is "splitting hairs"!

Freaking amazing. You probably thought it was a "patch" every time you downloaded a whole new install of Firefox too, ROFL.


36 posted on 10/05/2005 4:45:39 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 30 | View Replies]

To: Prime Choice

Peg me on the facts? LMAO, you idiots don't even know the difference between a workaround and a patch! Now you'll go crying to maaaamaaa that I called you a name. Biggest bunch of idiots and crybabies I've ever seen!


37 posted on 10/05/2005 4:48:21 PM PDT by Golden Eagle
[ Post Reply | Private Reply | To 32 | View Replies]

To: Golden Eagle; N3WBI3; MikeinIraq
Peg me on the facts?

Yup. Pegged ya good, too. Like when you ignorantly claimed that all open source cryptographic systems had been cracked. (That was a doozy.) And when you claimed that Microsoft.com had never been hacked. (That was a great one.) And how you insisted that closed source was secure because nobody could see the source code. (That one was the most hilarious of all knee-slappers.)

But the one I'll always cherish was the latest hissy fit of yours that had to be removed from the discussion board because it was so utterly childish.

Yessir...that's how you've been pegged...again and again.

Mercy...that's gonna leave a mark.

38 posted on 10/05/2005 7:53:51 PM PDT by Prime Choice (E=mc^3. Don't drink and derive.)
[ Post Reply | Private Reply | To 37 | View Replies]

To: Bush2000
Oh please...now you're just being pathetic and petulant.

Let me know when you write something worth reading, sport.

39 posted on 10/05/2005 7:54:33 PM PDT by Prime Choice (E=mc^3. Don't drink and derive.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: Bush2000
Piss off wanker. You and GE can't argue facts so you decend into name-calling, hair plitting and outright lies when it suits your fancy.

Perhaps people would take you more seriously if you could actually contribute something to a thread other than mindless cheerleading for microsoft.

40 posted on 10/05/2005 8:00:55 PM PDT by zeugma (Warning: Self-referential object does not reference itself.)
[ Post Reply | Private Reply | To 34 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 121-136 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Smoky Backroom
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson