[atomizer]

Alanoll, on May 18 2005, 12:59 AM, said:

...Have a small percentage of the market share isn't neccesarily a definitiion of "used so much". The fact that is isn't attacked nearly as much is simply because it is such a small population...

this may be true to an extent, but it is also true because FF, as well as (any?) other non-IE browsers, are inherently more secure. FF, Opera, etc., do not support ActiveX and have tighter restrictions on JS (and probably other potentially damaging technologies).

Quote

As previously stated, end-users are left on their own for security (at least up until SP2 of XP and SP1 for 2003).

yes, but... this doesn't change the fact that some products are inherently more secure then others. i don't use Linux, but i'd be an ignorant fool to state that the only reason Linux is more secure is because it's less of a target (and that's arguable because, as far as i know, *nix powers the majority of the Internet). Linux is inherently more secure. period. i don't use IE either, but i have used it for the vast majority of the time that i've been 'computing'. i'm also a sort of security/privacy nut and there's no comparison between security/privacy when it comes to IE and non-IE browsers. none. the base IE code, to my knowledge, hasn't changed much in many years -- patch-patch-patch and still more patches (practically every month). it lacks all sorts of functionality and most people don't know how to configure it. if you want to talk about 'joe user', then there is no argument that poor joe is left standing in the rain with his pants down when he decides (or simply doesn't know any better) to use IE.

Quote

I will give this to Firefox, they are faster with their patches. But they're still patches, and so the argument that Microsoft should provide a fully working and safe product is mute as both have the problem.

sure. agreed. but who releases NEW versions and patches more frequently? and what is the severity of the problems?

Quote

If it's one thing I don't like about Firefox is simply the fanboys, wait that goes for ALL browsers. They simply come out say one is better then the other, flame it for all it's worth, but never actually provide any substantial proof that one is better then the other.

the same can be said for the 'IE fanboys'. where is your (and i'm asking anyone at all) proof that IE is better/more secure/more privacy oriented/etc.?

my knowledge is limited, but the 'proof' i can offer, as far as FF goes anyway, is that it doesn't use ActiveX - a security nightmare. i don't have to leave the main browser window to enable/disable Java, JS, Flash, cookies, redirects, etc., on a global or per-site basis. i don't have to d/l and run 2 or 3 other programs and proxies to control ads, spyware, etc., and 'scan' my system every other day. i don't have to run a new instance of the browser for every window -- and on and on. but none of this is new and has been mentioned over and over on the forums here, so to say that the 'FF fanboys' haven't offered any substantial proof that one is better than the other suggests you either haven't been reading relevant posts on the subject, or you simply prefer IE and choose to defend it regardless of its merits (or lack thereof).

if you want to look at 'joe user', who doesn't know how configure security policies, what the 'zones' are, what websites to avoid, what spyware is, ActiveX, what the computer management console is, etc., what browser would you recommend they use?

Quote

The statement that Microsoft shouldn't provide a browser with their product says that you think Microsoft should have an OS that is bare of any additional applications and the User is left to decide.

as mentioned earlier, i don't use Linux, but i have tried it several times (Suse, Mandrake, Ubuntu, Redhat). Linux, as you may know, doesn't integrate a browser and DOES offer choices. i don't know about you, but i enjoy the freedom of choices rather then having crap shoved down my throat at the expense of security, functionality and the all-mighty dollar. i was also very impressed with with the huge volume of s/w that was distributed with every Linux OS i've tried, many offering more than one word, mail, chat, FTP, browser, UI, etc., etc., etc.. your statement "The statement Microsoft shouldn't provide a browser with their product says that you think Microsoft should have an OS that is bare of any additional applications..." is plain silly. MS, as with many other OS's, could offer any choices it wants, they just decide not to. as a matter of fact, MS bundles the least amount of s/w with its OS's.

Quote

I should also note, most sites that have ActiveX controls that install with damaging effects are sites that probably should be avoided. Reputable sites shouldn't be distributing ActiveX controls or any other software to damage you system knowingly.

and how do you (or the average joe) know which sites are reputable? which ones to avoid? and what happens when you stumble upon a malicious site by accident?

Quote

Anyone have an example of a site that installs Adware/Spyware without your knowledge?

yeah, look in the blocked sites lists for many of the cleaners that cater to IE, like Spybot S&D for instance. you'll find hundreds/thousands.

This post has been edited by atomizer: 09 December 2005 - 06:59 AM

[BoardBabe]

Took the liberty to update this script a bit to my likings. Feel free to use it...
-Put the script below and blocklist.reg in same directory. For completly silent mode set $debug to 0. This script will of security reason compare a given line of the old and the downloaded file as a little extra security feature. Give it a test and see, it works nicely

Script will check for new version (where online) and implement the most recent blocklist possible to registry.
-When used in UA installations set debug to 0 (zero) and compile script to .exe.

*.au3

; Silentmode = 0.
$debug = 1

; Hide TrayIcon.
If $debug = 1 Then 
 AutoItSetOption("TrayIconHide", 0)
Else
 AutoItSetOption("TrayIconHide", 1)
EndIf

; Filechecker variables.
$name = 'blocklist.reg'
$site = 'http://www.spywareguide.com/' & $name
$dir = @ScriptDir & '\' & $name
$oldline = FileReadLine($dir,5)
$tempfile = $dir & '.tmp'
$linetocheck = 5
$sizeweb = InetGetSize($site)
$sizehome = FileGetSize($dir)

; Initiate online update.
Updater()
Func Updater()

	If $sizeweb = 0 Then
	 If $debug = 1 Then 
		  TrayTip("ActiveX spyware definitions", "The application could not access the internet.", 3, 3)
	  Sleep(3000)
	 EndIf
	Else
	  If $sizeweb <> $sizehome Then	
	   InetGet($site,$dir & '.tmp',1,1)
		While @InetGetActive
		 If $debug = 1 Then
		 TrayTip("ActiveX spyware definitions", "Update available, downloading file " & $name & " (" & @InetGetBytesRead & " of " & $sizeweb & " bytes completed).", 1, 1)
		 EndIf
		WEnd
		$newline = FileReadLine($tempfile, $linetocheck)
		If $newline = $oldline Then
		FileMove($tempfile,$dir,1)
		 If $debug = 1 Then 
		 TrayTip("ActiveX spyware definitions", "Spyware definitions updated...", 3, 1)
		 Sleep(3000)
		 EndIf
		Else
		FileDelete($tempfile)
		If $debug = 1 Then
		 TrayTip("ActiveX spyware definitions", "Authetification error at line " & $linetocheck & ". Update aborted.", 10, 2)
		 Sleep(6000)
		 EndIf
		EndIf
	 Else 
	  If $debug = 1 Then 
		   TrayTip("ActiveX spyware definitions", "No new updates available...", 3, 1)
	   Sleep(3000)
	  EndIf
	 EndIf
	EndIf

EndFunc

; Timestamp blocklist file mm/dd/yy hh:mm.
$t = FileGetTime($dir)
$timestamp = $t[1] & "/" & $t[2] & "/" & $t[0] & " " & $t[3] & ":" & $t[4]

If $debug = 1 Then 
 TrayTip("ActiveX spyware definitions", "Installing blocklist from " & $timestamp & ".", 10, 1)
 Sleep(3000)
EndIf

; Implement blocklist to registry.
If $debug = 1 Then
Run('regedit "' & $dir & '"')
Else
Run('regedit /s "' & $dir & '"')
EndIf

Exit

Lazy? Download finished SFX ActiveXblocker.exe / ActiveXblocker-s.exe (silent switchless version for UA installations)
-Included blocklist.reg downloaded 10. dec.

This post has been edited by BoardBabe: 09 December 2005 - 05:33 PM