lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 11 Jul 2008 12:16:13 -0700 (PDT)
From: Jeff Martin <jbmartin6@...oo.com>
To: bugtraq@...urityfocus.com
Subject: RE: New Paper: More than 600 million users surf at high risk

My theory - there are gazillion corporate and business apps that don't run on IE7 thus users do not update even their personal PCs (for VPN access to those apps.). I work for a hospital and we have apps that only recently with IE6. When we ask about plans for IE8 support, we get the blank stare. Who doesn't love ActiveX?

-------------------------------------------------

This message is provided "AS IS" without warranty of any kind, either expressed or implied, including, but not limited to, the implied warranties of accuracy, correct grammar and spelling, lack of vulgarity or adult themes, correct references, absence of viruses and/or viral memes, originality, or fitness for any particular purpose.

-------------------------------------------------


--- On Tue, 7/1/08, Nick FitzGerald <nick@...us-l.demon.co.uk> wrote:

> From: Nick FitzGerald <nick@...us-l.demon.co.uk>
> Subject: RE: New Paper: More than 600 million users surf at high risk
> To: bugtraq@...urityfocus.com
> Date: Tuesday, July 1, 2008, 8:27 PM
> Paul Schmehl to Larry Seltzer:
> 
> > My completely non-scientific,
> unsupported-by-empirical-evidence answer is 
> > no.  It's because people who use Firefox tend to
> be more aware of security 
> > threats and the need to keep software up to date.  It
> could also be (at 
> > least in part) because Firefox has a built-in,
> enabled-by-default, update 
> > available warning system.
> 
> I would agree with both those reasons and add that FF
> updates are not 
> hampered by the disabling of the inbuilt (and often
> seriously mistrusted) 
> OS auto-update mechanisms.
> 
> I also _suspect_ that a lot of pirated copies of Windows
> probably have 
> system updates disabled.
> 
> 
> Regards,
> 
> Nick FitzGerald

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ