lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4194F07A.7050706@emmanuelcomputerconsulting.com>
From: hescominsoon at emmanuelcomputerconsulting.com (William Warren)
Subject: IE is just as safe as FireFox

not to mention the hundreds or thousands of pairs of eyes both 
helpful and harmful that look at the mozilla project's codebase.

Todd Towles wrote:

> He can buy a product..or do a super fast rollout of SP2..but why should
> he? Microsoft should write better products...period. Everytime a Firefox
> exploit comes out..there is already a fix...is that magic? No..it is
> good coding... 
> 
> 
>>-----Original Message-----
>>From: full-disclosure-admin@...ts.netsys.com 
>>[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
>>Rafel Ivgi, The-Insider
>>Sent: Friday, November 12, 2004 8:09 AM
>>To: full-disclosure@...ts.netsys.com; Colin.Scott@...lc.com
>>Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
>>
>>If you do have 14000 machines why don't you buy "Finjan's 
>>Vital Security For Web"?
>>It will filter all malicious I.E exploits for all its 
>>surfers(its a proxy, quite fast...)
>>
>>Or just use SUS(system update server (microsoft)) just like 
>>any other administrator... to install sp2 or to just replace 
>>the c:\windows\system32\shdocvw.dll with the patched one or 
>>with sp2 one...
>>
>>Rafel Ivgi, The-Insider
>>Security Consultant
>>Malicious Code Research Center (MCRC)
>>Finjan Software LTD
>>E-mail: rivgi@...jan.com
>>---------------------------------
>>Prevention is the best cure!
>>----- Original Message -----
>>From: <Colin.Scott@...lc.com>
>>To: <full-disclosure@...ts.netsys.com>
>>Sent: Friday, November 12, 2004 12:46 PM
>>Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
>>
>>
>>Oh yeah, I've got 14,000 Windows 2000 machines to update to 
>>windows XP SP2,
>>hang on wheres that CD?
>>
>>So thanks for your infinate wisdom there Rafel.
>>
>>Colin.
>>
>>
>>
>>
>>
>>
>>
>>
>>                                                              
>>               
>>            "Rafel Ivgi, 
>>The-Insider" 
>><theinsider@....n                                          To 
>>et.il>                    <full-disclosure@...ts.netsys.com> 
>>Sent by:                                                   cc 
>>full-disclosure-a 
>>dmin@...ts.netsys                                     Subject 
>>.com                      Re: [Full-Disclosure] IE is just as 
>>safe as FireFox 
>>12/11/2004 06:44
>>
>>
>>
>>That is incorrect, there is a fix --> SP2.
>>Users  should use the latest updated system, meaning if there 
>>is an SP2,
>>they
>>should install it.
>>
>>
>>Rafel Ivgi, The-Insider
>>Security  Consultant
>>Malicious Code Research Center (MCRC)
>>Finjan Software  LTD
>>E-mail: rivgi@...jan.com
>>---------------------------------
>>Prevention  is the best cure!
>>----- Original Message -----
>>From: "Martin Mkrtchian"  <dotsecure@...il.com>
>>To: "Todd Towles" <toddtowles@...okshires.com>
>>Cc: "Mailing List -  Full-Disclosure" 
>><full-disclosure@...ts.netsys.com>;
>><ring-of-fire@...oogroups.com>
>>Sent: Friday,  November 12, 2004 3:03 AM
>>Subject: Re: [Full-Disclosure] IE is just as safe  as FireFox
>>
>>
>>
>>>They should've at least released that statement after  they 
>>
>>fixed the
>>
>>>IE FRAME vulnerability. 0 day exploit is in the wild and  no fix for
>>>it, yet they claim its secure enough.
>>>
>>>If the  programmers are as smart as the company press 
>>
>>releasers, I can
>>
>>>see   why I.E. still sux.
>>>
>>>
>>>Martin
>>>
>>>
>>>On  Thu, 11 Nov 2004 15:59:20 -0600, Todd Towles
>>><toddtowles@...okshires.com> wrote:
>>>
>>>>Microsoft's  security and mangement product manager (Ben English)
>>
>>says...
>>
>>>>At a security roundtable discussion in Sydney on  
>>
>>Thursday, Ben English,
>>
>>>>Microsoft's security and management product  manager, told 
>>
>>attendees
>>that
>>
>>>>IE undergoes "rigorous code reviews"  and is no less 
>>
>>secure than any
>>
>>>>other  browser.
>>>>
>>>>"Because IE is ubiquitous, you hear a lot more  about it, 
>>
>>but I don't
>>
>>>>think that Internet Explorer is any less  secure than any 
>>
>>other browser
>>
>>>>out there," English  said.
>>>>
>>>>
>>
>>http://news.com.com/Microsoft+says+Firefox+not+a+threat+to+IE/
>>2100-1032_
>>
>>>> 3-5448719.html?part=dht&tag=ntop&tag=nl.e433
>>>>
>>>>Can  anyone say IFRAME? Lol
>>>>
>>>>-Todd
>>>>
>>>> _______________________________________________
>>>>Full-Disclosure - We  believe in it.
>>>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>>>>
>>>
>>> _______________________________________________
>>>Full-Disclosure - We  believe in it.
>>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>>
>>
>>
>>
>>
>>**************************************************************
>>************************
>>
>>This e-mail is confidential and may contain privileged 
>>information.  If you 
>>are not the addressee or if you have received the e-mail in 
>>error, it may
>>be unlawful for you to read, copy, distribute, disclose or 
>>otherwise use the
>>information which it contains.  Under these circumstances, 
>>please notify
>>us immediately by returning this mail to 
>>'mailerror@...lc.com' and deleting
>>this e-mail from your system.
>>
>>Any views expressed by an individual within this e-mail do 
>>not necessarily
>>reflect the views of Cadbury Schweppes Plc or its 
>>subsidiaries.  Cadbury
>>Schweppes Plc will not be bound by any agreement entered into 
>>as a result
>>of this email, unless its intention is clearly evidenced in 
>>the body of the 
>>email.
>>Whilst we have taken reasonable steps to ensure that this e-mail and
>>attachments are free from viruses, recipients are advised to 
>>subject this 
>>mail
>>to their own virus checking, in keeping with good computing 
>>practice. Please
>>note that email received by Cadbury Schweppes Plc or its 
>>subsidiaries may be
>>monitored in accordance with the prevailing law in the United Kingdom.
>>
>>**************************************************************
>>************************
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

-- 
My "Foundation" verse:
Isa 54:17  No weapon that is formed against thee shall prosper; 
and every tongue that shall rise against thee in judgment thou 
shalt condemn. This is the heritage of the servants of the LORD, 
and their righteousness is of me, saith the LORD.

-- carpe ductum -- "Grab the tape"

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ