Amazon.com Widgets

About

“Jack Lewis”




What's My Google PageRank?

Links

DannyCarlton.net
The Red Primer
America Needs Your Prayers
Web Design
Congenital Adrenal Hyperplasia
Homeschooling Help
Investing Help
Time Management Advice
Motivational Help
Working From Home
URL Shortener
Online Library
Tulsa Parks
Article Directory
Teak Furniture
Online Magazine
Homeschool Auction
The Merry CHRISTmas Button


Syndication




Powered by
Movable Type 3.31
Design by
Danny Carlton





Made with NoteTab
« Reid dislikes Bush's AG pick | Main | Memorite Rogue, Chapter 1, Scene 5 »


September 13, 2007

Firefox safe?

From ZDnet...

One-year-old QuickTime bug comes back to bite FirefoxA year ago this month, security researcher Petko D. Petkov (left) released details on vulnerabilities in Apple’s QuickTime media player to show how movie and MP3 files can be backdoored to hack into Firefox.

Apple fixed one of the bugs but the second issue, which allows malicious manipulation of QuickTime Media Link (.qtl) files, remains unpatched and presents a serious danger to Firefox users.

Apple? Why isn't Mozilla worried about it? The author, Ryan Naraine, continues...

Mozilla security chief Window Snyder has confirmed this is a “very serious issue” for Firefox users. “[We are] working with Apple to keep our users safe and we are also investigating ways to mitigate this more broadly in Firefox.

If Firefox is the default browser when a user plays a malicious media file handled by Quicktime, an attacker can use a vulnerability in Quicktime to compromise Firefox or the local machine. This can happen while browsing or by opening a malicious media file directly in Quicktime. So far this is only reproducible on Windows.

Firefox security response team is working on a fix but there’s no explanation as to why it took the two companies a full year to pay attention to Petkov’s warnings.

That confirmation is dated 9/12/07. Still a year after the exploit was discovered and announced.

There are no secure browsers. Too may people use peripheral reasons to favor one browser of the others, and it gets a bit silly when they then try to rationalize it by ignoring the obvious.

Personally I don't like Microsoft's approach to the importance of competition in a capitalist economy. I also don't like the habit of funding socialist causes. But be that as it may, they still have the most functional browser by my standards, so I use it. Others choose other browsers for different, or maybe even the same reason (based on their personal standards). That's fine. But I get really tired of the nonsense that treats browsers like sports teams. Enjoy what you got and let other enjoy what they got and quit trying to pretend one's better than the other simply because you prefer it.

Posted by Danny Carlton at September 13, 2007 9:10 AM

Comments

There are examples of obscure warnings of possible risks to IE that went unaddressed for even longer. But at least firefox only supports Java and not the much riskier Active X.

Posted by: Don Singleton [TypeKey Profile Page] at September 14, 2007 7:14 AM

Agreed that no browser is completely safe. I would disagree though about IE. Functionality from the standpoint of poor coding, meaning some websites only render correctly with IE isn't functionality. Case in point, your own blog renders poorly in Safari. I had to use (gasp) Firefox to make sure of what I was reading.

Posted by: Brian at September 14, 2007 8:17 PM

I find that any browser I use (firefox mainly) on linux is very safe.

Posted by: Jason Rock at September 16, 2007 8:08 PM

Your blog cannot be displayed in Firefox (because of your personal prejudice), but in Opera its layout looks so awful. So, I blocked all adverisements and now this site looks much better. And yes, Firefox is safe if compared to IE6 or 7.
Better, faster & safer! Opera FTW!

Posted by: Moshe Bergman at September 17, 2007 7:58 AM

So one thing that only Firefox users on Windows using the Quicktime plugin may get affected is enough news for you to try (in futile) to get people to move to another bowser?

..like moving to say the much more potentially vulnerable IE browsers, especially if they do not bother to keep up to date of Windows updates and secure the IE.

Why do you even bother as both Firefox and non-firefox users are on to you in that you.. well hate Firefox whether you want to admit it or not.

Only some Firefox users are really fanboys as I think most are using Firefox because they went looking for a much better and more secure alternative browser to the poor IE.

Oh by the way Firefox 2.0.0.7 is technically out (to fix just this one thing mainly) though not officially just yet, so now Firefox is secure again. A bit of a waste to have a 2.0.0.7 release for the Linux and Mac users if 2.0.0.7 was to fix a problem on Windows.

Oh the irony that this site looks better in Firefox (a browser you hate) versus Safari or Opera.

Posted by: Steve at September 17, 2007 10:20 PM

So one thing that only Firefox users on Windows using the Quicktime plugin may get affected is enough news for you to try (in futile) to get people to move to another bowser?

It never ceases to amaze me the level of illiteracy that exists on the internet. So few people have the ability to comprehend something as simple as the post above. So please show me where in that post I urged anyone to switch browsers.

Posted by: Danny Carlton at September 18, 2007 8:23 AM

Rare Disease Search Engine, Tulsa Parks, Teak Furniture, The Merry CHRISTmas Button, URL Shortener, Homeschool Auction