lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: bkfsec at sdf.lonestar.org (Barry Fitzgerald)
Subject: IE Web Browser: "Sitting Duck"

joe wrote:

>Couple of things.
>
>1. The conversation you are referring to was a conversation about issues
>with core base components that necessitated a complete redesign. You kept
>bringing up items that were NOT core base components - they were UI
>components. IE being one of them. The very fact that you have a choice to
>use a different browser should help you understand that. Try to use a
>different ACL system on Windows NT based systems and tell me how that goes. 
>
>  
>
The choice to use a different browser doesn't imply that IE isn't a core 
base component at all.

Is it a part of the kernel?  No...

Is it completely unremovable?  Of course not...

Is it a part of the standard Windows UI?  Yes...

Is it impossible to remove easily and difficult to remove cleanly?  Yes...

Will removing it make many programs operate incorrectly?  Yes...

I think you see where I'm going with this.  It's a core component in MS 
Windows, though it may not be a part of the OS kernel, it is, 
nonetheless, undebatably, a core component of MS Windows as a software.  
Keep in mind, IE is more than just a simple executable.  The DLLs that 
it uses are built to be used  by other portions of the system and are 
extensively used.  Of course, this is the nature of DLLs.

                               -Barry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ