Microsoftzilla

Yes, quite worrying for sure. My advice to those wanting a decent browser is: dump IE and Firefox and use Opera. Don't tend to hear much talk about security holes in that do you?

they may have had the reputation but that reputation was never backed up by facts.

As to Opera, as with Mozilla in the past you hear little about it because so few people use it.
As a result few exploits are ever attempted against it and thus it doesn't make headlines.
They don't AFAIK publish any data on holes they discover themselves, so that can't be used as a criterion either.

I never saw Firefox as 'secure', Just different. The more popular something is the less secure it is, and if it can be made, it can be compromised.

If you want extreme security, disable all cookies, disable all Javascript, stay out of forums and places where 'members' can post images and links, set a spam filter to redirect ALL mail to trash, and then tie both your arms behind your back.

nope. Turn off your computer, unplug all cables, and weld the case shut.

Don't forget to bolt the front door and brick up the windows :)

hmm, could be overkill. Easier to encase the thing in a block of steel reinforced concrete with a meter's worth of concrete on all sides, lock that in a watertight steel chamber with walls 20cm thick, and sink the thing into an ocean trench.

is that the house or the computer? O_O

but seriously... the only time my computer's ever been 'compromised' is where i've been in unsanitary places : the only viriiI i've ever got have been from P2Ps and crack downloads. I dunno whos watching me, and I'm not really that bothered. I'm poor and generally law-abiding.

I think alot of the security hype is to sell third party firewalls and scanners and detectors..

The problem with anything third party is just that. It's effectively acting on the same level as a virus would; I would welcome Microsoft integrating fast good security at a very low level in Windows (even a 'real' administrator/user priviledge setup would be nice). Any "secure" browser or protective measure on Windows is like putting a deadlocked steel door on a cardboard box...

Not really. Any OS has holes which can be exploited if you know how and care to.
Singling out Windows is not only unfair, it's dangerous as people start to think that the very act of installing something else will suddenly give them a completely secure system.

Any security though starts at the front door. If you install a decent firewall you keep most of the crap out the door (attacks trying to find open ports for example) and prevent most of the rest from dialing out if it does get in.

Instead of your analogy of a deadlocked foor on a cardboard box a better analogy would be that NOT having your system secured by firewalls and AV software is like having a jewelry store and leaving the doors and windows wide open when you leave at night and refusing to invest in alarm systems and guards because you believe in the general goodness of people and don't think anyone will ever steal from you.

hmm... well my pc is definately more reminiscent of a cardboard box than a jewelry store.

if I worked on top secret technology, if i was a hacker myself, or if I'm talking about corporate computer systems, my views wouldn't be the same.

but, as I use my personal computers for developing open-source software, listening to music, and chatting on forums, and I DO believe in the general goodness of people... I'm not all that concerned.

the average home user has security software shoved down their throat when buying a new PC... it has its place, for sure; but bullet-proof software is less important than making the right decisions in how you use it.

Windows home versions are pretty terrible in that any user has pretty much got permission to access and modify everything on the system. It doesn't matter if a browser object escapes its confines if it can't do anything.

No browser can protect against certain cross-site attacks.. and it's not the responsibility of browser vendors.

I think in general, Firefox is more secure than most. I feel 'safer' using Firefox than IE for sure. But then, I feel safer using Linux than Windows, and even safer just using a Gameboy instead.

You FEEL safer using Linux than Windows, but you're not and that's the problem.

The incidence (as percentage of installed base) of successful intrusion attempts against Linux boxes is far higher than that of successful intrusion attempts against Windows boxes.
That's because most Linux boxes are installed wide open by default, and are running a lot of unneeded and potentially dangerous applications like SendMail and Apache without their owners even knowing it.
They think there's nothing to fear because they're not using Windows (they're believing the hype/hoax/lies), and often don't keep up with security and other updates (which is why Windows now comes with automatic updates turned on by default).
As Sendmail especially (but Apache in many versions as well, and X too) is as leaky as a sieve, these systems are easy prey for crackers.
The reasons you don't hear a lot of outcry is because many of the low overall volume, and because a lot of those machines are run by companies who don't want the negative publicity.

I do agree that MS make a good effort with patches, and I don't really understand the problem people have, along lines of "Microsoft just released a new patch, that means their software sucks", or even "Microsoft have stopped support for Windows 3, what swines" it's natural development to keep 'adding' to a system when things don't go quite as planned, and re-releases are better than endless patches in the long run.

With regard to feeling safe. My computer doesn't function as a webserver, (but I use Apache locally and bring it up and down when I need it), and my computer gets its Internet connection through a (firewalled) Windows laptop connected peer-to-peer with this one, which makes it somewhat difficult to address this one directly. I feel safe because I know how difficult it would be for anyone to A. attack this PC, or B. get anything useful from it.

On Windows using IE 6 though, it doesn't matter what firewall you have if you hit a browser-object-gone-mad. I got a virus delivered by a script executed in a WMF file in Internet Explorer, and that was with AV and a firewall active.

I'm usually more worried about virus damage than cracker damage to be honest. There's always a question about the goodness of human nature in their immediate present, there's no question with a bit of mad script they wrote while in a in a bad mood and left all over the web.

but, as I use my personal computers for developing open-source software, listening to music, and chatting on forums, and I DO believe in the general goodness of people... I'm not all that concerned.

Worms don't care what they have. They just want another member for their zombie horde.

Leave everything and live in a cave. Much safer except if it's a bear dwelling. :eek: