Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Netscape Internet Explorer Mozilla The Internet IT

There Is No Safe Web Browser 444

Posted by Zonk from the internet-is-a-scary-place dept.
Michael writes "David Sheets has up an interesting article on browser security, and I have to agree with his conclusion: no web browser is safe. The article details the recent Netscape fiasco, and touches on the whole Firefox/Internet Explorer debate. From the article: 'So if it sounds as if we're all at the mercy of hackers just looking for some new challenge, that's partially true. As law enforcement officers will tell you, crime finds you if it wants you bad enough, no matter what preventative measures you take. But the vast majority of criminals have an Achilles' heel: They prefer convenience to challenge. For now, it's more convenient for them to pick on Internet Explorer.'"
This discussion has been archived. No new comments can be posted.

There Is No Safe Web Browser More

There Is No Safe Web Browser

Comments Filter:

  • Lynx is safe (Score:4, Funny)

    by Bodysurf ( 645983 ) on Friday May 27, 2005 @03:50PM (#12658565)
    As is telnetting to port 80 and interpreting the HTML in your head.

  • Dictionary Security Definition (Score:5, Interesting)

    by Crimson Dragon ( 809806 ) * on Friday May 27, 2005 @03:50PM (#12658571) Homepage
    While I understand the point that Mr. Sheets is making, however, I disagree with his definition of safe.

    The implication of this article stems in the absolutes of security: can it ward off intruders or not. This is a flawed approach, and while seemingly a logical one, denounces another reality of this level of breach: the lion's share of these breaches are not of the most malicious sort (read: that stupid data miner which causes popups, search bars from hell, etc). These kind of easily hackable sections of Internet Explorer are less prevalent in Firefox. Market forces of the sheer user base would dictate that if this were not so, more spyware would have been ported to Firefox by now. 25 million downloads, right? That's a sizable chunk for any malware vendor, or aspiring intruder, to infiltrate.

    One must acknowledge the reality of security by statistics alongside security by absolutes.
    • 59 million downloads actually :-)
    • True. However, I would contend that the majority of the -interesting- breaches (as opposed to relatively harmless things like site tracking software that does targetted pop-ups) are not technological at all, but sociological.

      IMHO, the biggest security threat on the web today is the prevalence of phishing expeditions, intentional spyware downloads, and the general naiveté of the users. When is the last time somebody's SSN was stolen through cross-site scripting or other browser holes? Probably just

    • Re:Dictionary Security Definition (Score:5, Insightful)

      by Tenebrious1 ( 530949 ) on Friday May 27, 2005 @04:11PM (#12658862) Homepage
      While I understand the point that Mr. Sheets is making, however, I disagree with his definition of safe.

      I have Firefox on a computer, and it's 100% safe. I have IE loaded on that machine, heck it's unpatched Win2K, and even that's 100% safe. The reason it's "safe" is because the power supply died a few months ago and I haven't been able to turn it on.

      So in this case, 100% safe = 0% usability. Which doesn't help me much, there has to be some acceptable level of "safe" that corresponds to a high level of usability, and that's where Firefox wins over IE.

    • Parent makes a good point.

      Absolute security is impossible. Not even NASA of the 60s and 70s has been able to write large pieces of bug-free software, and they had one of the best QA systems ever. Moreover, the costs were incredible (you wouldn't really want to pay for the development costs of bug-free Windows, would you?). However, the kind of absolute reliability NASA was aiming for is only relevant for software that will be used for a limited time, in a controlled environment. For modern-day web

    • I don't think you understand economics (Score:5, Insightful)

      by geekee ( 591277 ) on Friday May 27, 2005 @04:24PM (#12658998)
      "Market forces of the sheer user base would dictate that if this were not so, more spyware would have been ported to Firefox by now. 25 million downloads, right? That's a sizable chunk for any malware vendor, or aspiring intruder, to infiltrate."

      If 1 hack hits 90% of the market, spending more money to get a hack for the rest may not be worth the effort even if Firefox has as many holes as IE. Simple economics.

    • I'll go even further. (Score:4, Insightful)

      by khasim ( 1285 ) <brandioch.conner@gmail.com> on Friday May 27, 2005 @04:53PM (#12659282)

      The implication of this article stems in the absolutes of security: can it ward off intruders or not. This is a flawed approach, and while seemingly a logical one, denounces another reality of this level of breach: the lion's share of these breaches are not of the most malicious sort (read: that stupid data miner which causes popups, search bars from hell, etc).

      The FIRST aspect of "security" is limiting the avenues of attack. You sort of touched on that, but I'll say it explicitly.

      If FireFox doesn't run ActiveX, then that is one avenue that is NOT available for an attack.

      As others have pointed out, lynx is very secure and that is because it completely blocks so many avenues of attack.

      One must acknowledge the reality of security by statistics alongside security by absolutes.

      Exactly. Now, from TFA:

      As law enforcement officers will tell you, crime finds you if it wants you bad enough, no matter what preventative measures you take.

      If they say that, then they are wrong.

      Look at the typical junkie on the street. He's be happy to rob a bank. But the bank's security system is beyond his capabilities to SUCCESSFULLY attack.

      So he picks easier targets with LOWER payoffs (mugging pedestrians).

      Which brings me to the SECOND aspect of security: Build the defenses on the available avenues to defeat the attacks.

      Sure, there are criminals out there who can pick any lock and defeat any alarm system. But they are very few and very far between. The odds that you, specifically, will be targetted by one of them is less than the odds of you winning the lottery.

      So, contrary to what TFA says, crime will NOT find you if it wants you bad enough. It has to want you bad enough AND be intelligent enough AND be skilled enough.

      But the vast majority of criminals have an Achilles' heel: They prefer convenience to challenge.

      Sort of. More accurately, they're lazy. The "vast majority" will NOT spend time and effort to learn how to bypass alarm systems. If there's an easier target, they'll go for it.

      If your (and your neighbor's) defenses are more than they can bypass, they'll leave the area.

      For now, it's more convenient for them to pick on Internet Explorer.

      No. While it is more "convenient", that is NOT the reason that IE is subject to all the attacks.

      The reason is that the level of skill/intelligence required to successfully attack IE is SO VERY LOW. ANYONE with a bit of programming skill can write an exploit for IE.

      Sure, any junkie can get a knife, and a knife is good enough for a mugging. But that knife isn't going to get you very far in a bank robbery.

      Clearly, hackers wouldn't be so successful if they didn't have so many potential targets.

      Again, it isn't about the POTENTIAL targets.

      It's all about the AVAILABLE targets in your SKILL RANGE.

      Of course, it's up to software makers to hold up their end, too. But they're no less susceptible to market forces, deadlines and bureaucracy than anyone else.

      Which is why Open Source has such a great security rep. There aren't any market forces or deadlines to deal with. It's ready when it is ready.

      Mistakes happen. Hacking happens. To assume you won't fall prey to either fairly begs for trouble.

      This gets back to your statement on statistics and "the absolutes of security".

      Sure, my system is vulnerable.
      An attacker has to get to Seattle.
      And into the office building.
      And disable the cameras.
      And disable the alarm system.
      And break into the office.
      And blow the server room door.
      And then steal the server.

      I'm not losing any sleep.

      Of the thousands of computer viruses now available, most ar

  • No browser is safe? (Score:4, Funny)

    by Rosco P. Coltrane ( 209368 ) on Friday May 27, 2005 @03:50PM (#12658573)
    I'd say this one [browser.org] is fairly safe...

    • Re:No browser is safe? (Score:3, Informative)

      by ashayh ( 636057 )
      For TOTAL protection go here [sourceforge.net]

      • Re:No browser is safe? (Score:5, Interesting)

        by dougmc ( 70836 ) <dougmc+slashdot@frenzied.us> on Friday May 27, 2005 @04:08PM (#12658813) Homepage
        For TOTAL protection go [check out netcat]
        Even netcat isn't perfectly safe. It just dumps network traffic directly to the terminal, and with the right characters in this code, it could very well remap the keyboard or cause your terminal emulator to execute certain commands.

        This sort of thing may have already happened to you. Have you ever accidently just catted a binary file, and then discovered that your command history had all sorts of garbage commands in it? Same thing.

        This sort of vulnerability has been around for decades. People used to trigger it via `talk' requests or by using the `write' command, and while talk eventually learned to filter things better, as for write eventually everybody just did a `mesg n', because all write does is write text to your tty, so changing write won't help. Of course, fixing xterm and other terminal emulators is another fix, but these features can be useful too. Still, I'm surprised that they haven't been disabled by default, but even today, xterm seems to have this `problem'.

        Many vulnerabilities are caused by this sort of mixmash of different utilities -- in this case, netcat doesn't really have the vulnerability, but it would allow text to come in that could affect your terminal emulator.

        Yes, with the right filtering of the output this could be safe, but not with netcat by itself. Still wouldn't make it a non-crappy browser though.

    • Re:No browser is safe? (Score:5, Informative)

      by slavemowgli ( 585321 ) on Friday May 27, 2005 @03:55PM (#12658656) Homepage
      Lynx has had vulnerabilities in the past, too - this one [mitre.org], for example. The only *really* safe way to browse is probably to use telnet, but I'm not sure you can even call that "browsing" anymore.
      • My brain is an HTML layout engine, you insensitive clod.

      • If I'm reading it right, the vulnerability you linked to is one where the command that runs lynx causes it to send false information to the web server. I don't think that "user can trick browser into sending false data to server" belongs in the same category as "server can own machine running browser."

        Of course nothing is perfectly safe, but that's why being safer is a big deal. (But I don't use lynx.)

    • I dunno about you guys, but I like to just stick one finger in an electrical socket and bite down on my 10bT.

      Anyone willing to browse like a real man is completely secure from hackers.

  • Doesn't go far enough. (Score:5, Insightful)

    by El Cubano ( 631386 ) on Friday May 27, 2005 @03:51PM (#12658586)

    David Sheets has up an interesting article on browser security, and I have to agree with his conclusion: no web browser is safe

    No program that accepts input is safe. Even some programs that don't accept input aren't safe either. It is the nature of how complex software really is and how little of it we understand.

  • Nor is there a "safe" OS.... (Score:5, Insightful)

    by Total_Wimp ( 564548 ) on Friday May 27, 2005 @03:51PM (#12658594)
    ...at least not one you'd want to use. Sorry people, Linux is not "safe." Mac OS/anything is not "safe." There are a very few OSs that are pretty safe, but the only reason Mac and Linux fans can brag right now is that they're ignoring all the patches, hacks, etc that already exist for their OS of choice.

    TW
    • OpenBSD [openbsd.org]'s pretty safe, as well as usable despite conventional wisdom to the contrary---I'm running it as a desktop right now with very few problems.

    • Re:Nor is there a "safe" OS.... (Score:5, Funny)

      by RatBastard ( 949 ) on Friday May 27, 2005 @04:04PM (#12658780) Homepage
      There is not "absolutely, 100% safe from everyone" not safe and then there is "dropped the soap in the prison shower" not safe. While even Linux and Mac OS X fall into the first, Windows falls into the second. Windows is unsafe due to the lack of planning or safety concerns of the programmers. Programmers told by the marketting department to spend their time on features above all other things.

      I can't speak for Linux users as I am not one, but I can speak for some Mac users. We don't ignore the bugs, hacks and patches out there. I keep my system fully patched at all times, just as I dio my Windows boxes. The difference here is that my Mac has never had a spyware infestation, nor a virus, nor any of the other intrusive attacks that my Windows machine has suffered through. And I'm careful with my Windows machine.

      Windows has gotten safer as MS has finally deigned to pay attention to safety concerns. But a fresh Windows install is as unsafe as a child molester in a maximum security prison. A significant number of patches and extra utilities need to be installed, many of them only practically available from the Internet, before it is reasonably safe to connect that computer to the Internet. This is not true for Linux and OS X bioxes.

    • Re:Nor is there a "safe" OS.... (Score:5, Insightful)

      by NickFortune ( 613926 ) on Friday May 27, 2005 @04:29PM (#12659039) Homepage Journal
      The flaw here lies in considering safe as an absolute. There is no safe method of travelling, but there are substanially more risks associated with skydiving than there are with walking.

      Even apologists for MS poor security record acknowledge that firefox is more secure, if only with the argument "when more malware starts targetting it, then it will be just as bad"

      And the same applies to OS security as well. Safe is a relative concept, and to try and confuse the issue by casting it as an absolute does no one any favours.

    • For that matter... (Score:3, Insightful)

      by artemis67 ( 93453 )
      just plugging a network cable into your computer suddenly makes it "unsafe". But Mac and Linux are significantly safer, which is an important distinction.

      I've been managing Macs on the network for almost a decade, and have yet to deal with spyware. Viruses, I think I've had 5 or 6 incidents, and most of those were Word macro viruses, which are relatively benign on the Mac because of the different file system structure.
  • I think you could easily transfer these findings into the OS world. Mac's and Linux are generally safe because they are a much smaller target. It wouldn't make the news as quickly, or as widespread as it does when they hammer Windows with viruses. It is not only more convenient, but more damaging to flood Windows with viruses.

    I would be willing to wager a very large bet that if Mac OS X was the industry leader there would be the same difficulties with viruses, and other criminal activities that are curr

    • Re:OS's in the same boat? (Score:4, Insightful)

      by Durandal64 ( 658649 ) on Friday May 27, 2005 @04:47PM (#12659232)
      I would be willing to wager a very large bet that if Mac OS X was the industry leader there would be the same difficulties with viruses, and other criminal activities that are currently associated with Microsoft's products.
      I'd take that bet, and I'd win. Here's why. Windows happens to be in the precarious condition of being both the most popular operating system and being poorly-designed. Samba services are on by default, meaning that the user is automatically vulnerable to worms that propagate through the Samba service. This is why a machine with a fresh Windows install can be infected with a worm within minutes of connecting to the Internet. This was a huge problem on my campus a couple years back at the beginning of the semester. Blaster was hammering away at everything, and even the machines that were wiped got infected with it as soon as they were connected back to the Internet.

      Why would this not happen (or at least happen far less frequently) on OS X? Because none of the services are enabled by default. Samba, AFP, SSH, Apache, everything is off. In order to infect a Mac OS X machine, it would take more social engineering than to infect a Windows machine. A Mac OS X user, to really, really do harm to the entire system, has to be tricked into entering his administrator password, even if he is logged in as an administrator.

      Microsoft has acknowledged this flaw. They want to transition users to a model of the lowest possible privilege assignment. If a user doesn't need to be an administrator, he shouldn't be. Unfortunately, as Microsoft has also acknowledged, there is too much poorly-designed Windows software that won't run unless the user is an administrator (even though the software does nothing that requires administrative privileges ... it may just be storing its preferences in a weird way) to make such a transition in the short-term possible. This is a direct consequence of the design choices Microsoft made with Windows and their encouragement of developers to write easy software first, secure software second.

      In Mac OS X, software installers must acquire administrative rights by getting the user to authenticate as an admin if they want to write to anything that isn't in the current user's space. Apple encourages developers to avoid having the user authenticate authenticate at all costs and to only attempt to gain admin privileges if absolutely necessary. That is smart design, and since it's been that way since 10.0, there aren't very many applications that absolutely require an administrator for no reason.

  • Hit the Nail on the Head (Score:5, Insightful)

    by Anonymous Coward on Friday May 27, 2005 @03:52PM (#12658606)
    I think that this author has finally gotten it right. Note the increasing instances of popup ads that are tailored for firefox users etc.

    As firefox gains in popularity, expect that the number of exploits aimed towards it will continue to rise.

    That being said, the nice thing about firefox (and OSS), is that lots of eyeballs can look at, and fix, the code in a timely manner.

    • Re:Hit the Nail on the Head (Score:5, Insightful)

      by jedidiah ( 1196 ) on Friday May 27, 2005 @04:06PM (#12658801) Homepage
      No, the greatest thing about Firefox is that it exists for the benefit of it's end users. This means that it is far more likely that Firefox will be changed (and changed quickly) to suit end user requirements than IE.

      If it turns out that there is some feature or technique that really should never be in a browser, we have some hope that Firefox would expunge it and do so quickly.
    • you mean frequency of vulnerability exploitation is relative to market share?! NO FUCKING WAY!! Oh man, i'm glad someone pointed this out for me. Very insightful, indeed. I mean, it's only been pointed out a few thousand times before on slashdot.

  • Obvious -1 (Score:5, Insightful)

    by Nom du Keyboard ( 633989 ) on Friday May 27, 2005 @03:52PM (#12658609)
    I'd give this article an Obvious -1 simply because it is axiomatic, and everybody should have realized by now that There is no 'safe' web browser. Especially how after it was demonstrated that a Firefox exploit allowed infection of IE when IE itself would have blocked the malware site. Cute!

  • Perhaps it needed to be said (Score:3, Funny)

    by IntricateEnigma ( 148093 ) on Friday May 27, 2005 @03:53PM (#12658618)
    Perhaps it needed to be said, but it seems to me like this post is a statement of the obvious.

    I'm sure I'll be modded down for just posting my blunt thoughts in responst to the post.

  • This just in! (Score:5, Interesting)

    by Enigma_Man ( 756516 ) on Friday May 27, 2005 @03:53PM (#12658625) Homepage
    Newsflash! There's no such thing as perfect security, who would have thought it? Whether it be through a flaw in the code (which we all try to fix, when they are found), or stupid users running crap they oughtn't.

    I for one use Firefox, because it is MUCH more secure than IE. It may not be perfect, but it's by far good enough for regular use.

    That's like saying that houses aren't secure, even the new model homes with electronic alarm systems. No crap, but that doesn't mean sell the alarm systems and leave your front door unlocked (like IE).

    -Jesse, disliking alarmist poop articles.
    • Exactly. This article has all the logic of, "Well, you saw Ocean's Eleven. No point wasting your money on an expensive safe when it's just going to get stolen anyway. Just stuff it in your couch."

      Of course nothing is safe. Even if your computer is completely invulnerable to outside exploits, if someone is *really* determined they can break into your house, wait for you to log in as root, and then garotte you to have full access to your computer. Does this somehow justify running IE/Windows? No.
    • They did a study and concluded that having the little sign in front of your home is roughly as safe as installing an electronic alarm setup.

      So.... I guess i should just change my browser identification string to say FireFox 1.04

  • Integration with the OS is B-A-D.. BAD (Score:5, Insightful)

    by TheCeltic ( 102319 ) on Friday May 27, 2005 @03:53PM (#12658630) Homepage
    When a webbrowser is integrated with the OS, this greatly increases the ways a hacker can damage the system. Hence, while no browser is secure, one can is MORE secure simply because it is NOT woven into the OS. Of course, having updates frequently and being in more active development are good things as well.

  • What?? (Score:2)

    by aled ( 228417 )
    Oh my God, what have we done? Why Lord?

    Seriously, is this supposed to be news?

  • Always protect yourself... (Score:4, Funny)

    by logik3x ( 872368 ) on Friday May 27, 2005 @03:54PM (#12658644)
    Don't forget to wear a condom for safe browsing...
  • Like Netscape's stupidity at basing Netscape 8 on Firefox 1.0.0 when current was 1.0.4 shouldn't be used to disparage Firefox.

  • what? (Score:2, Funny)

    by jorgen ( 36633 )
    There Is No Safe Web Browser

    Only a sith lord deals in absolutes. I will do what I must.

  • Just write a browser to send all data to a cache location before it is displayed, like most browsers do. I suggest /dev/null for linux.

  • Come on (Score:5, Insightful)

    by a_greer2005 ( 863926 ) on Friday May 27, 2005 @03:57PM (#12658689)
    The problem is ignorant users, the headline is like saying "THERE IS NO SAFE CAR" of cource no car is safe when you dont buckle up, drive 120MPH and swirve, but when proper precautions are taken, I dare say a Lexus is safer than a Pinto.
    Browsers can be totaly safe, as much as I hate to say it, IE can be pretty safe too. just follow these rules:
    1:USE A FIREWALL
    2: update your browser
    3:disable ActiveX, any site that uses it is a site you should learn to live without.
    4: (the one most often broken) DONT CLICK YES ALL THE TIME, warnings are there for a reason.
    5: Dont DL and run STUPID executables

    Most Browsers do a decent job of protecting you fron the bad stuff, but NOTHING can protect you from yourself, short of cutting the cable, and if you do that, dont run with scisors

  • How many people out there who run web browsers have added their user to the local Administrator group or just log in as administrator? Heck, you have to run IE as an admin just to apply updates. IMHO I think running Firefox as a non-root user on unix is more secure than firefox/IE on windows.

  • This guy seems to think there are no browsers othr than IE, Netscape, or Firefox. I use konqueror almost exclusively, because it has many advantages, the biggest being an excellent integration between the local file system and the web. My case may be anecdotal, but I have never had any problem regarding security.
    • I'd use Konq if I could get rocker navigation for it. Does anybody know a way?

      FYI, rocker navigation is a gesture you perform with your mouse buttons. By 'rocking' your fingers over the right, then left button you execute the 'back' history action. Going forward in history is the opposite rocker gesture.
  • Comment removed based on user account deletion
  • Firefox can be the mostest secure webbrowser evar tomorrow if it wants. Just include the "su"/"runas" functionality to drop down to a non-privileged user on startup. With, say, read/write permissions to only its own directory. Done. Anyone want to add this feature request to bugzilla, or is it already in there?

    This is much harder to achieve with respect to internet explorer, because it's more deeply entrenched in the operating system. Its HTML control (the actual renderer) is used in zillions of places whe
  • Lynx [slashdot.org] or links! [sourceforge.net]

    -carl

  • wow (Score:3, Insightful)

    by diegocgteleline.es ( 653730 ) on Friday May 27, 2005 @04:00PM (#12658740)
    There's no safe browser? Wow, the next thing this guy will discover is that secure software doesn't exists and that all software has bugs. Welcome to the world of software development, dude.

    AFAIK, Firefox has quite good security track and fixes things fast. That's what matters. Firefox is a "secure" browser by any measurements, and unlike other browsers, they deserve the reputation they have.

    And one of the reasons why Firefox has security bugs is because it's a evolving product. Internet explorer however is a 3-years-old code base which has not changed almost nothing. Mozilla and firefox have been being updated for years to support modern standards etc, Internet explorer has done nothing.

    (Actually, it's suprising that after so many time people still finds bugs in internet explorer. It shouldn't have so many bugs left - look at sendmail, bind etc, they're crappy software from a security POV, but their code base is _so_ old that it's very hard to find more security problems. Internet explorer must be really buggy to keep such bad security track)

  • Only the Sith... (Score:3, Insightful)

    by fm6 ( 162816 ) on Friday May 27, 2005 @04:02PM (#12658752) Homepage Journal
    Another bozo who sees security only in absolutes. Saying that there is no "safe web browser" is like saying there's pick-proof lock. Technically true, but should you secure your valuable with a $2 lock? Security is not about absolute guarantees, it's about making life as hard for the bad guys as you can manage. Mozilla-based browser have security holes, but at least their designers attempt to design them with security in mind. Internet Explorer, by contrast, does not have security designed in, and has cruddy QA to boot. Which is reflected in the dozen or so reported security problems in Mozilla, and the hundreds of reported security problems in IE.

  • patch turnaround time (Score:2, Interesting)

    by dyscant ( 787737 )
    It strikes me that the turnaround time for patches to Firefox is significantly quicker than many other options. After these little bugs [slashdot.org] were found, they had patches out in short order. While it may not be impregnable, at least they are plugging the holes faster.

  • Define ``safe'' (Score:3, Informative)

    by RealAlaskan ( 576404 ) on Friday May 27, 2005 @04:03PM (#12658772) Homepage Journal
    If you mean: ``you never have to worry about anything'', then no browser is safe. Not even lynx.

    If you mean: ``not the easiest target for the bad guys'', then most browsers are safe, most of the time.

    I'd say that any browser which consistantly avoids being the lowest-hanging fruit is as close to safe as most of us need. To achieve that, all you need is a development team that emphasises security, even at the expense of convenience, and gets useful patches out, fast.

    I can think of one browser with a large market share which fails both those tests, and I suspect there are several with smaller market shares which do fairly well on both those criteria.

  • There Is No Safe Web Browser

    Your web browser is absolutely safe as long as your computer doesn't have a network connection and you don't load any unsafe software (i.e., Windows). That reminds of the good old days of the Altair [apple2history.org]. :P
  • without loosing functions. Who cares totally safe, ourselves are the most unsafe factors.
  • I tell my students that the purpose of security is not absolute proteciton -- for that, you can encase your box in cement and drop it in a deep lake. The point of security is to make it so hard for an attacker that (s)he goes hunting for a better target (easier and/or juicer). Currently (as he points out), Firefox makes it harder on most attackers, so it's the better bet for most users.
  • I love all the arguments about it being the number of systems. It is rarely about that. It is normally about what is the easiest target. The same applies to Linux vs. Windows. If Longhorn should become more secured than apple and Linux, then as the old Windows disappears, the crackers/viruswritters will aim at a new target; say Linux or Apple.

  • This is a tired subject (please read on) (Score:4, Interesting)

    by betelgeuse68 ( 230611 ) on Friday May 27, 2005 @04:13PM (#12658878)
    All these "IE vs. Mozilla" or "IE vs. FireFox" or "Netscape vs. IE" or "Opera vs. IE" discussions (pick your poison) are irrelevant.

    First off, it amazes me that I have run across paranoid *NIX sys admin friends who are very mindful of what runs as "root" on servers they control but then turn around and operate day to day on Windows desktops as an administrator.

    Well, gee dip sh*ts, no wonder you're screwed if rogue code enters your system.

    If people used limited accounts and then used impersonation (ever hear of "runas") under Windows, all of these discussions would go the way of the dodo bird.

    More to the point they would be TRULY irrelevant. Sure send me to some baddie site, won't do much on my system. Whatever malware sent down the pipe to me can't do anything to change my system (C:\WINDOWS).

    This is how I operate, i.e. a limited account desktop. The admin account is just that, for ADMINISTRATION, e.g., setting up new apps.

    Amazingly, this approach is "novel" among even tech types since I keep hearig these discussions even on Slashdot.

    The principle of least privilege is ANCIENT. Impersonation is part of Windows. Just as it is with other OSes.

    The Windows NT kernel has had security since its inception. On the file system, registry as well as synchronization mechanisms such as mutexes, semaphores, etc.

    Do you want to know why MS doesn't leverage it? Cost. Plain and simple. If WinAmp (which doesn't work under a limited account) stops working for someone on account of MS automatically setting up limited accounts for people, guess who is likely to start receiving support calls? "But it always worked on Windows 9x!!!"

    Yes, it boils down to money. This is NOT a technical problem. MS alongside companies peddling its wares (Dell, Gateway et al) simply do not want to deal with the potential legacy costs of supporting misbehaved apps and/or apps whose designers were myopic and assumed the ability to write to any part of the file system and/or registry.

    The great thing is, even with a limited account desktop you can still readily run WinAmp. You just have to know how.

    All of this seems like "rocket science" to everyone. And I guess it is, since this discussion keeps rearing its head, namely browser security. The point is, a browser is another app that inherits default credentials from your login. Don't operate as administrator geniuses (sarcasm in case you didn't figure that out).

    In the case of WinAmp. I simply defined an admin account that I leverage to run that application on my limited desktop (use the command line "runas" facility or change the properties on the shortcut through the "Advanced" button). I might mention that Shoutcast servers are capable of sending URLs (think JavaScript) that WinAmp will readily execute via IE totally disrespecting your browser choice. So taking another page from what Windows has offered from the start, I changed the ACLs for the IE executable such that my "WinAmp User" has absolutely no rights to the IE executable. Not even the ability to read that file. In this manner I short circuit this potential threat vector. In addition I changed the ACLs on C:\WINDOWS and some other directories so that this "WinAmp User" could only read from these directories.

    Here's the moral of the story folks, use a limited account. Plain and simple. End of story. End of this not very worthwhile discussion (among tech people).

    Yes I use LINUX, I use Cygwin's X server and readily use LINUX Mozilla complements of the latter. Not just a little, a lot. This IN ADDITION to the fact that I use a limited account for day to day activities.

    I have never had spyware or a virus on my system. EVER.

    -M
  • If everybody uses the same browser, then everybody is vulnerable to the same exploit.

    So how about not everybody using the same browser? How about having a very diverse browser population? Ignoring design flaws (such as the one in IDN earlier), if all browsers were used in relatively equal proportions, it would make it at least marginally less effective to attack any one single browser.

  • Lynx (Score:2, Insightful)

    by internetdarwin ( 669976 )
    Sure lynx is safe, but let get serious for a moment. Does anyone think that your average user is going to switch to an all text browser that is no where near user friendly, loose their ability to view pictures, flash, and all the webs multimedia goodness for the sake of being safe? Don't get me wrong I have used lynx quite a bit but you won't find me on lynx when I just want to mindlessly surf and entertain myself. I want graphics, DHTML, JavaScript, CSS, and pretty layouts just as much as the next person.
  • 0.5 percent of all web browser market share agree!

    Plus, by turning off all those nasty things and having a non-standard browser, it's a lot harder to become infected - unless you actually click that link and save the file ...

  • Doesn't make sense (Score:3, Interesting)

    by Colin Smith ( 2679 ) on Friday May 27, 2005 @04:34PM (#12659090)
    The source code for Firefox and Netscape are available. How much more convenient could it get for the hackers?

  • How to make a safe web browser... (Score:4, Informative)

    by Temporal ( 96070 ) on Friday May 27, 2005 @04:35PM (#12659111) Journal

    It's really rather sad that we've given in to the idea that writing secure large-scale software is essentially impossible. It's not. It's only impossible in the paradigm we use.

    Here is how security works on every major OS and in every major programming language today:

    1. Tell the program about all of the features of the OS by exposing them all through an API.
    2. Let the program make any request it wants.
    3. When a request is made, check it against various lists to see if the program is allowed to do it.

    Here's how it should work:

    1. Tell the program only about the features it is allowed to use, by giving the program references to objects implementing these features (i.e. file descriptors, handles, implementations of abstract interfaces, or the like).
    2. Let the program to whatever it wants with them, because you have not even given it the ability to express a dangerous operation.

    This is called Capability-Based Security. Hopefully it is easy to see why the latter would make security much easier to manage. If not, you can read this discussion [skyhunter.com] of the concept.

    CBS allows you to execute code without trusting it. In Unix, you'd have to create a new user with no permissions to run your code, which is way too much work for most purposes. In CBS, you can set up every single program to have a different set of permissions based on that program's needs. Furthermore, the program can internally manage those capabilities to insure that only a small amount of the program's own code has access to them. Then, as long as that code is secure, the program is secure, but even if it isn't, the worst it can do is abuse the capabilities you explicitly gave it.

    How does this relate to web browsers? Well, a web browser really only needs the capability to render to its GUI window, read its install files, and read/write its config and cache. So don't give it any capabilities beyond that. Voila, now it does not matter what malicious program takes over your web browser, because it can't do a thing to your system.

  • I use (Score:3, Insightful)

    by Anonymous Coward on Friday May 27, 2005 @04:39PM (#12659155)
    Konqueror mostly, Mozilla on ocassion, Firefox on lesser occasions. I tend to like the swiss army knife abilities of konqueror (ftp, fish, far better tab control than Firefox without installing extensions, overall integration with kde, etc) over Mozilla and Firefox. I guess I pick Mozilla over Firefox because of composer and I'm just used to Mozilla a lot more than Firefox simply due to familiarity and length of use.

    What I can state is that since I've been using Konqueror (khtml, like Apple's browser) on Linux, I've never had an issue with spyware or adware. Never. I've never had a problem with security, even though there have been security alerts for konqueror as well as the other browsers. Konqueror makes it simple to surf without images turned on (one button click on top of window without going into drop down boxes to turn images on), makes it simple to surf without javascript turned on (simple and fast two step process to turn it on for a web site, can specify in settings which web sites to turn on javascript by default if needed regularly), and makes it a satisfying all-around experience in using the web.

    I help adjust/maintain/bugfix windows for another user and I just can't understand how windows users can possibly put up with the spyware/adware. Taking a look at server logs, I can't believe how many people's browsers are infected with FunWeb, something else "Fun", and other spyware.

    If you are a windows user, do yourself a favor and visit a friend's website (after alerting them) and ask them to send you a copy of the log entry from your visit. If your browser is infected with spyware, it just may show up as part of the browser identifier.

    The ability of spyware/adware to infect a windows computer is a serious security problem. If you've been infected, you are running a system that is insecure. Please re-read that last sentence. If you've been infected with spyware/adware, you are running a system that is insecure.

  • Mail (Score:3, Interesting)

    by gmuslera ( 3436 ) on Friday May 27, 2005 @04:59PM (#12659342) Homepage Journal
    The same could be said about mail clients... why? because for safe that is the reader software you have, most security concerns are related to the user that reads it (think in the most commons scams out there, from nigeria and earlier to this days).

    Now, if well we can say that no matter how unsafe is to climb the himalaya with beach clothes compared with staying in your house (a meteor could fell over you, after all) you are not complelely safe, these are very different kind of probabilities, and experience tolds us that in average you are i.e. far unsafe playing with MS IE/Outlook/Windows than with Firefox/Opera/Thunderbird/Linux.

  • Safe web browsers (Score:3, Insightful)

    by dtfinch ( 661405 ) * on Friday May 27, 2005 @05:13PM (#12659445) Journal
    The safest web browser is the one nobody else is using.

  • No safe browser? (Score:3, Interesting)

    by Junior J. Junior III ( 192702 ) on Friday May 27, 2005 @05:20PM (#12659515) Homepage
    What about lynx?

  • Safari? (Score:4, Interesting)

    by 5n3ak3rp1mp ( 305814 ) on Friday May 27, 2005 @05:57PM (#12659887) Homepage
    Is anyone aware of any Safari (OS X web browser) vulnerabilities, especially exploited ones?

    I think the fact that OS X throws up an auth login whenever any app tries to access a directory that the current user doesn't own, pretty much makes casual takeover difficult, even by an insecure web browser...

  • You are all wrong (Score:3, Insightful)

    by synthespian ( 563437 ) on Friday May 27, 2005 @07:08PM (#12660473)
    There is such a thing as safe programming.
    There are safe languages.
    There exists formal methods.
    There are best practices in programming.
    There exists tools for source code verification.

    If you program and don't care about any of these things, hey, guess what - you're 20 years behind in your programming practices and your reading list. Even if you program in C, you can adopt better practices (*).
    90% or more of the problems related to software security spring from C/C++ hacking without any method of program verification for correctness. Just read a security site vulnerabilities list.
    If only people were to program: medical; military; aerospace software like Firefox or IE programmers, the we'd all be dead one way or another by now.

    (*) see OpenBSD for instance and compare their security advisories with Linux or Microsoft.

    PS: Just one such example of a little used tool: CIL - Infrastructure for C Program Analysis and Transformation [berkeley.edu]

Slashdot Top Deals

"If it ain't broke, don't fix it." - Bert Lantz

Close