Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

New Explorer hole could be devastating
Infoworld ^ | 01/28/04 | Kieren McCarthy

Posted on 01/28/2004 1:10:12 PM PST by Salo

click here to read article


Navigation: use the links below to view more comments.
first previous 1-20 ... 61-8081-100101-120 ... 241-250 next last
To: Salo
Much speculation that this was done by spammers to have a drone army to spam with.

Salo, I see now why you're confusing me. This is the IE hole thread, not the DOS of SCO one. ;-)

81 posted on 01/28/2004 8:01:02 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 79 | View Replies]

To: Golden Eagle
To make a better case for you, some would argue giant corporations wouldn't fix the holes reported to them, but would rather "sit" on them.

suppose I am a ceo. I can spend money to fix a hole or I can delay it until after the annual report so the stock goes up and I can execute my options and dump my stock for a huge profit. Hmmm.

But seriously, I think the bigger problem is the incentive to release beta code as product if you can fix holes later would be the bigger threat. There is a lot of pressure to release software before it is ready and your proposal would only encourage this practice.

82 posted on 01/28/2004 8:04:21 PM PST by staytrue
[ Post Reply | Private Reply | To 77 | View Replies]

To: Golden Eagle
I was using the DoS of SCO (not actually happening, btw) as an example of an attack that could be initiated with this IE hole. Get the ball rolling with a few well-placed emails and watch chaos ensue.

BTW, good article link.

83 posted on 01/28/2004 8:04:38 PM PST by Salo (You have the right to free speech - as long as you are not dumb enough to actually try it.)
[ Post Reply | Private Reply | To 81 | View Replies]

To: spodefly
"unknown = 0.3%"

Now I know what Mac users must feel like! Opera is on the fringe, has an "elegant" interface, and doesn't get all those viruses. (Except one thing. It's free.)
84 posted on 01/28/2004 8:09:47 PM PST by avenir (No regrets, Coyote...we just come from such different sets of circumstance)
[ Post Reply | Private Reply | To 44 | View Replies]

To: mhking
Okay, on your recommendation I just did the download and ran the program for the first time. I've got about 150 bookmarks in my IE that I was worried about. I see now that Firebird transferred them all automatically and is quite frankly impressing the crap outta me.

So, thanks!
85 posted on 01/28/2004 8:22:02 PM PST by Colonel_Flagg ("Forever is as far as I'll go.")
[ Post Reply | Private Reply | To 4 | View Replies]

To: Salo
I was using the DoS of SCO (not actually happening, btw) as an example of an attack that could be initiated with this IE hole.

Which I never understood. If it gets to your inbox you don't necessarily need IE to inflict damage. Nor do mail-provided links guarantee remote hosts are available. For this thing to be the primary exploit method, users would be surfing infested websites. Which does occastionally happen like Code Red, but typically require "worm" like propogation, not "virus" like the current SCO attack.

86 posted on 01/28/2004 8:27:47 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 83 | View Replies]

To: staytrue
suppose I am a ceo. I can spend money to fix a hole or I can delay it until after the annual report so the stock goes up and I can execute my options and dump my stock for a huge profit. Hmmm.

But seriously, I think the bigger problem is the incentive to release beta code as product if you can fix holes later would be the bigger threat. There is a lot of pressure to release software before it is ready and your proposal would only encourage this practice.

Your comments seem anti-Capitalistic in nature. But companies like Microsoft would have to weigh the importance of risking it, and face the free enterprise music if they push the envelope. The face that same music by selling beta code. Those things will easily take care of themselves. The more important issue is to distinctly draw the lines between the good guys and the bad guys, which is very blurred right now.

87 posted on 01/28/2004 8:42:41 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 82 | View Replies]

To: Golden Eagle
For this thing to be the primary exploit method, users would be surfing infested websites.

Not necessarily. This exploit might be useful in HTML formatted email. And, once compromised, it would be relatively easy to install a daemon/server that would provide the download link for all email sent by that particular system.

Which does occastionally happen like Code Red, but typically require "worm" like propogation, not "virus" like the current SCO attack.

No, Novarg/MyDoom is a worm that uses email and p2p to propagate. It exploits breaches in security and user psychology, rather than piggy-backing on other programs.

Viruses insert themselves into legitimate programs, just like biological viruses insert their DNA into a cellular organism. Before the 'Net, viruses were spread in boot sectors of floppies or shareware being passed from person to person. They are relatively rare, these days.

88 posted on 01/28/2004 8:46:50 PM PST by justlurking
[ Post Reply | Private Reply | To 86 | View Replies]

To: justlurking
Not necessarily. This exploit might be useful in HTML formatted email.

It might, but what's the point, if you're in their inbox you're in their inbox.

And, once compromised, it would be relatively easy to install a daemon/server that would provide the download link for all email sent by that particular system.

There's a lot of holes in that theory. From dial in clients? Behind firewalls? Forget those working in your scheme right off the bat.

Novarg/MyDoom is a worm that uses email and p2p to propagate. It exploits breaches in security and user psychology, rather than piggy-backing on other programs.

It may be technically classified by some as a worm because of it's complexity, but it's still at it's heart an e-mail virus that requires user interaction to propogate. If you're running illegal software like Kazaa that's their problem. A more traditional "worm" is one that propogates competely by itself, exploiting something like a buffer overflow on an always on host.

89 posted on 01/28/2004 9:04:19 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 88 | View Replies]

To: Bush2000
Bush, don't forget to factor this in your TCO argument. Microsoft forgot to factor in the devastating cost of the viruses it always get hit with. $250 million so far, shared among Windows users.

"The largest cost will come from medium-to-small sized companies with 400 employees or less, said Andy Cummins, CEO of technology services firm U.S. Networks. "We think MyDoom will cost these companies $48,000 to $58,000 (each) to secure themselves from MyDoom,"

That, plus the fact that you usually need fewer admins for a Linux system and the actually non-existant sysadmin pay gap (source: Foote Partners, an independent IT salary research firm that doesn't do commissioned surveys), throws the TCO way towards Linux.

90 posted on 01/29/2004 6:49:09 AM PST by antiRepublicrat
[ Post Reply | Private Reply | To 17 | View Replies]

To: Golden Eagle
It might, but what's the point, if you're in their inbox you're in their inbox.

You originally wrote:

For this thing to be the primary exploit method, users would be surfing infested websites.

I was simply pointing out that surfing a website isn't necessary. The link can be delivered in email.

You should at least read your own posting that I responded to, so that you'll understand the point I was trying to make.

There's a lot of holes in that theory. From dial in clients? Behind firewalls? Forget those working in your scheme right off the bat.

The current Novarg/Mydoom worm is affected in a similar way: the backdoor installed on port 3127 also isn't accessible under the circumstances that you describe. But you're right, it would limit the propagation.

It would be interesting to know the percentage of broadband clients that have an effective firewall. Since Microsoft is finally enabling their firewall by default (in the next service pack of XP), that percentage will hopefully start to increase.

It may be technically classified by some as a worm because of it's complexity, but it's still at it's heart an e-mail virus that requires user interaction to propogate.

It's classified as a worm by:

It's classified as a virus by:

Symantec provides the most concise explanation of the difference:

Virus: A program or code that replicates; that is, infects another program, boot sector, partition sector, or document that supports macros, by inserting itself or attaching itself to that medium. Most viruses only replicate, though, many do a large amount of damage as well.

Worm: A program that makes copies of itself; for example, from one disk drive to another, or by copying itself using email or another transport mechanism. The worm may do damage and compromise the security of the computer. It may arrive in the form of a joke program or software of some sort.

91 posted on 01/29/2004 8:02:56 AM PST by justlurking
[ Post Reply | Private Reply | To 89 | View Replies]

To: antiRepublicrat
Bush, don't forget to factor this in your TCO argument. Microsoft forgot to factor in the devastating cost of the viruses it always get hit with. $250 million so far, shared among Windows users.

It's BS figure. Anybody who knows anything about network security will tell you the same thing. Companies have already figured out that you need to quarantine executable/script/binary email attachments at the mail server -- because many users are dumber than a box of rocks and won't listen to you, no matter how many times you tell them "please don't run attachments". Costs about $500 to buy a package to do it. Their are also open source versions, if you're a cheapskate.
92 posted on 01/29/2004 9:03:17 AM PST by Bush2000
[ Post Reply | Private Reply | To 90 | View Replies]

To: defenderSD; zeugma
So I'll ask you since you already know, what's a better alternative to IE?

I'll jump in here with a recommendation--and I think zeugma would recommend the same thing if I remember correctly.

Firebird

93 posted on 01/29/2004 9:15:23 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 78 | View Replies]

To: Bush2000
It's BS figure. Anybody who knows anything about network security will tell you the same thing.

I think I'll trust the Gartner figure over your generalizations. And I know first hand that Gartner is not anti-Microsoft.

Companies have already figured out that you need to quarantine executable/script/binary email attachments at the mail server

Thereby reducing the functionality of the whole system.

Their are also open source versions, if you're a cheapskate.

...if you have any appreciation for the value of money and want to increase profit for your company.

94 posted on 01/29/2004 9:22:01 AM PST by antiRepublicrat
[ Post Reply | Private Reply | To 92 | View Replies]

To: mhking
Just get the whole Mozilla and replace Outlook with Mail to save some headaches.
95 posted on 01/29/2004 9:23:03 AM PST by antiRepublicrat
[ Post Reply | Private Reply | To 61 | View Replies]

To: antiRepublicrat
Just get the whole Mozilla and replace Outlook with Mail to save some headaches.

I've been using Thunderbird for email, which is the next generation mail client destined for Mozilla.

96 posted on 01/29/2004 9:33:30 AM PST by justlurking
[ Post Reply | Private Reply | To 95 | View Replies]

To: ShadowAce; defenderSD
Yup. I'll second that. If you need to use client certificates, (as I do from time to time), you'll want to get the whole shebang at mozilla.org. I was just talking to a friend who converted to mozilla, and he says it's like a whole new experience... browsing without popups and all that garbage.

I also recommend that you install a flash extension killer. The one I'm currently using puts a big button in place of flash ads and apps. If you click the button, the flash plays, otherwise it doesn't. Cool.

97 posted on 01/29/2004 10:13:20 AM PST by zeugma (The Great Experiment is over.)
[ Post Reply | Private Reply | To 93 | View Replies]

To: zeugma
That does sound cool--which extension is that? I've already got several for extending tab options and stuff, but I haven't seen that one.
98 posted on 01/29/2004 10:17:59 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 97 | View Replies]

To: Golden Eagle
Microsoft is legally in the clear, and they must face their consumers (who I still don't remember them blaming for hacker attacks) in the free enterprise market, something they seem to be dominating with reports of record profits this week.

Oh, I don't know. I hear constant refrains from the 'it's never microsoft's fault crowd that it's the consumer's fault for not patching their computer every day.

And now for our regularly scheduled anti-astroturfer post...


FreeRepublic is a conservative news and commentary forum that covers many topics every single hour of the day. If it's topical, and in the news, you'll find it here. One of the things I've noticed is, that if you look at the posting history of individual users, you'll notice that many tend to congregate around several different subjects. Sure there are always a few Johnny-one-notes, but even the ones who seem to post mostly about abortion because the subject is of intense importance to them, will occasionally find topics that diverge from this interest to comment upon.

Below, you will find the posting history of one FreeRepublic user distilled into an easily readable bulleted list. It begins at 11/18/2003, and ends today (1/26/2004). If you look closely, you will see a common thread that suffuses every single post - the position of the professional microsoft astroturfer. Never deviating from this theme, I give you golden Eagle

There you have it, 34 threads, and about 250 separate post, never deviating from the official microsoft propaganda sheets in even a single post for over 2 months.Also note: that there was not a single post on any other topic in those 250 posts. Astroturfing at it's finest.

99 posted on 01/29/2004 10:29:27 AM PST by zeugma (The Great Experiment is over.)
[ Post Reply | Private Reply | To 54 | View Replies]

To: mhking
Hear, hear. Truly a great piece of software.

IE users who haven't tried it simply don't understand. I sure didn't, and to think I suffered with IE for years. It is way ahead of IE in configrability, security and ease of use.




100 posted on 01/29/2004 10:30:25 AM PST by FLAMING DEATH (Why do I carry a .45? Because they don't make a .46!)
[ Post Reply | Private Reply | To 4 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 61-8081-100101-120 ... 241-250 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson