• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

is firefox doomed to failure?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Originally posted by: SagaLore
Originally posted by: KeyserSoze
Originally posted by: SagaLore
Originally posted by: Phoenix86
Also, java will replace activeX as the avenue of attack. Why code to activeX when everyone has Java?
http://secunia.com/advisories/15292/
Solution:
1) Disable JavaScript.

2) Disable software installation: Options --> Web Features --> "Allow web sites to install software"
Click to expand...

Java has nothing to do with javascript.

Java is inherently more secure than activex because it is sandboxed.
Click to expand...


What does sandboxed mean? (An inquiring mind would like to know. Thanks.)



KeyserSoze
Click to expand...

It puts the code within an environment separate from the rest of the system. Whereas ActiveX has full control.

webopedia: sandbox
Click to expand...

LOL @ the "more secure" comment. Something is either secure or not. I'd argue no functional browser is "secure", but that's probably splitting hairs.

Anyways, I should have said javascript/java. My point is, why code to ActiveX when that only affects IE. Why not code to a scripting language they share? So the obvious answer is... They (malware makers) are.

Java virus jumps out of sandbox.
 
Originally posted by: SagaLore
Originally posted by: KeyserSoze
Originally posted by: SagaLore
Originally posted by: Phoenix86
Also, java will replace activeX as the avenue of attack. Why code to activeX when everyone has Java?
http://secunia.com/advisories/15292/
Solution:
1) Disable JavaScript.

2) Disable software installation: Options --> Web Features --> "Allow web sites to install software"
Click to expand...

Java has nothing to do with javascript.

Java is inherently more secure than activex because it is sandboxed.
Click to expand...

What does sandboxed mean? (An inquiring mind would like to know. Thanks.)

KeyserSoze
Click to expand...

It puts the code within an environment separate from the rest of the system. Whereas ActiveX has full control.

webopedia: sandbox
Click to expand...


Ahhh...thank you. Make sense. Cuz ActiveX has access to the Windows API's, therefore access to the rest of the system?!?!

KeyserSoze
 
Originally posted by: Reck
It would seem that way to me...the pop up problem is not getting better but worse. It seems like 30% of sites now have the capability for getting around the pop up blocker. 😕
Click to expand...

Really? I don't get popups at all. Then again, I don't search for beastiality porn... 😉
 
Originally posted by: Fritzo
Originally posted by: xirtam
Ever since I've quit using the Internet, I've gotten little to no popups. Highly recommended.
Click to expand...

You're not missing much, it was just a fad anyway.


Wait....HOW DID YOU POST THAT??? :Q
Click to expand...

I clicked on a popup and typed it in the little box.
 
Originally posted by: notfred
Originally posted by: Feneant2
I Wonder what would happen if Google bought them out... not very likely, but it sure would piss off M$
Click to expand...

How does one purchase an open-source software project, exactly?
Click to expand...

Good question. That's like asking:

What would happen if this watermelon ate oranges.
 
Originally posted by: Jeff7181
Originally posted by: Reck
It would seem that way to me...the pop up problem is not getting better but worse. It seems like 30% of sites now have the capability for getting around the pop up blocker. 😕
Click to expand...

Really? I don't get popups at all. Then again, I don't search for beastiality porn... 😉
Click to expand...


shoot i haven't been to a porn site for ages. it's just random sites that have pop ups for me.
 
Every browser is going to have flaws. I like the fact that the firefox developers quickly recognize and release patches for the holes. I would still take firefox over IE any day
 
Originally posted by: Reck
Originally posted by: Jeff7181
Originally posted by: Reck
It would seem that way to me...the pop up problem is not getting better but worse. It seems like 30% of sites now have the capability for getting around the pop up blocker. 😕
Click to expand...

Really? I don't get popups at all. Then again, I don't search for beastiality porn... 😉
Click to expand...


shoot i haven't been to a porn site for ages. it's just random sites that have pop ups for me.
Click to expand...

I guess my browsing is rather limited. I only go to 8 or 10 sites on a regular basis... every now and then I follow links that people send me, but not often.
 
firefox rocks.. i dont have any issues with spyware or popups at all... and yes if I had IE it would be a mess
 
Originally posted by: Phoenix86
LOL @ the "more secure" comment. Something is either secure or not. I'd argue no functional browser is "secure", but that's probably splitting hairs.

Anyways, I should have said javascript/java. My point is, why code to ActiveX when that only affects IE. Why not code to a scripting language they share? So the obvious answer is... They (malware makers) are.

Java virus jumps out of sandbox.
Click to expand...

The virus, and some spyware I've ran across, will use an exploit in the java engine. It's not exploiting a feature, it's exploiting a bug. The ability to access the system outside of it's environment is a feature of ActiveX.

Security is very analog, there is no absolute. I can tell you that my network is more secure than most other networks, but I can't tell you it's absolutely secure. If it were, even the employees wouldn't be able to use it.

I can factually say an 8 character password is more secure than a 4 character password. Security is a measure of how much time and money someone can throw at a defense before they break into it. Everything is breakable given enough resources.
 
No, I don't get any more popups; also, I disabled "allow sites to install software".....I'm doing great with FF
 
Nah, but then everything's bound to fail one day -- that's probably why you can "update" most softwares,

install extensions, etc, etc.
 
Originally posted by: Reck
It would seem that way to me...the pop up problem is not getting better but worse. It seems like 30% of sites now have the capability for getting around the pop up blocker. 😕
Click to expand...

If that was the case, IE would have been doomed years ago.
 
Doubt it, I use it and IE and don't have issues with either in terms of pop-up. In my case it works well.

-spike
 
Originally posted by: Phoenix86
Also, java will replace activeX as the avenue of attack. Why code to activeX when everyone has Java?
http://secunia.com/advisories/15292/
Solution:
1) Disable JavaScript.

2) Disable software installation: Options --> Web Features --> "Allow web sites to install software"
Click to expand...

Because NOT everyone has Java. It's actually fvcking rare on XP systems. I'm a Java developer. I know this. It's a total pain in the butt (along with Sun's insistence that everyone relearn the language every few years because they release a new version. 1.4.2 fo lyfe)
 
Originally posted by: EyeMWing
Originally posted by: Phoenix86
Also, java will replace activeX as the avenue of attack. Why code to activeX when everyone has Java?
http://secunia.com/advisories/15292/
Solution:
1) Disable JavaScript.

2) Disable software installation: Options --> Web Features --> "Allow web sites to install software"
Click to expand...

Because NOT everyone has Java. It's actually fvcking rare on XP systems. I'm a Java developer. I know this. It's a total pain in the butt (along with Sun's insistence that everyone relearn the language every few years because they release a new version. 1.4.2 fo lyfe)
Click to expand...


Quoted For Truth. I can't abbreviate it anymore or somebody'll post a new thread asking wtf I mean. But I think it's annoying that at least the JRE isn't included with XP. Sun's JDK is in the top 5 things I install on every system I'm going to be using.
 
Originally posted by: jfall
Every browser is going to have flaws. I like the fact that the firefox developers quickly recognize and release patches for the holes. I would still take firefox over IE any day
Click to expand...
STILL WAITING

I don't know why this isn't more of a big deal to people... and no JS is a big problem.
 
Originally posted by: SagaLore
Originally posted by: Phoenix86
LOL @ the "more secure" comment. Something is either secure or not. I'd argue no functional browser is "secure", but that's probably splitting hairs.

Anyways, I should have said javascript/java. My point is, why code to ActiveX when that only affects IE. Why not code to a scripting language they share? So the obvious answer is... They (malware makers) are.

Java virus jumps out of sandbox.
Click to expand...

The virus, and some spyware I've ran across, will use an exploit in the java engine. It's not exploiting a feature, it's exploiting a bug. The ability to access the system outside of it's environment is a feature of ActiveX.

Security is very analog, there is no absolute. I can tell you that my network is more secure than most other networks, but I can't tell you it's absolutely secure. If it were, even the employees wouldn't be able to use it.

I can factually say an 8 character password is more secure than a 4 character password. Security is a measure of how much time and money someone can throw at a defense before they break into it. Everything is breakable given enough resources.
Click to expand...

Bug, feature, doesn't matter to the malware coders. It's an avenue. I wouldn't touch the ActiveX vs. Java argument, I'm not saying anything of the sorts, just that Java is a viable avenue to exploit Firefox. The pop-ups are another exploit of Firefox.

I'm reading between the lines a bit and taking the implication that FF > IE because Java > ActiveX, and I think that's a narrow minded as both are insecure. You didn't quite go there, but that's the implication...

Originally posted by: EyeMWing
Because NOT everyone has Java. It's actually fvcking rare on XP systems. I'm a Java developer. I know this.
Click to expand...
I beleive it, but it's an exploit that affects everyone's beloved "secure" firefox.

BTW, this post was generated in FF. I still like it just fine, I'm just pointing out the limitations.

Originally posted by: rh71
Originally posted by: jfall
Every browser is going to have flaws. I like the fact that the firefox developers quickly recognize and release patches for the holes. I would still take firefox over IE any day
Click to expand...
STILL WAITING

I don't know why this isn't more of a big deal to people... and no JS is a big problem.
Click to expand...

That, and the fact that with every security update, you must re-install the whole app. :roll:
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top