Warning: Constant ABSPATH already defined in /home/public/wp-config.php on line 27
No Surprise — Why Now?
On-line Opinion Magazine…OK, it's a blog
Random header image... Refresh for more!

No Surprise

by Bryan

The BBC is reporting a Serious security flaw found in IE

Users of Microsoft’s Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.

The flaw in Microsoft’s Internet Explorer could allow criminals to take control of people’s computers and steal their passwords, internet experts say.

Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it.

The flaw is being exploited on gaming sites.  This isn’t a potential problem, it is a current problem and people are having their password stolen via this weakness.  If it’s happening on games sites, it will be happening on banking sites shortly.

Most problems are identified as “potential”, i.e. the weakness is identified before anything is done with it, but this problem is already “in the wild”.  With the current economic slump and the cash rich standing of Microsoft, they should just hire a group of experienced programmers and fix the damn thing, instead of constantly patching it.  After they think it is fixed, they should sponsor a competition to hack it. Produce a decent product, that’s how you maintain market dominance

13 comments

1 Badtux { 12.16.08 at 2:19 pm }

Aieee!

To be fair, IE allows me to do one important thing that I cannot do with either Firefox or Chrome: Relocate where the cache files are kept. That’s important on my little EEE because the on-board flash drive is slow, slow, slow. So I relocate the cache somewhere else. Firefox and Chrome won’t do that, thus run like stuffed pigs on the eee.

Luckily I don’t go to gaming or gambling sites with my eee. Just hotmail.com and a few blogs, none of which, hopefully, have exploit code on them. Besides, it’s overdue for me to re-image the eee anyhow…

2 Bryan { 12.16.08 at 5:49 pm }

All of the update programs I have use IE, so I can’t get rid of it, but I certainly don’t use it to do anything other than test programs.

I hear you on the caching. I the old days, ram disks were vital to get some software usable, and if you have to wait for every page to reload all its graphics every time you visit, that really drags things down.

I assume that if you avoid sites that require password accounts you should be fine. It sounds like it infests sites more than users. Even Microsoft will have to get busy on a critical problem like this, especially with people saying you have to dump IE to be safe.

3 Stop Smoking { 12.16.08 at 8:07 pm }

…and that is only on top of all the endless troubles upgrading to IE7 has given a lot of people. On to Firefox!

4 Kryten42 { 12.16.08 at 9:57 pm }

Ohh… what a big surprise. *yawn* LOL

I only ever use IE for testing, and only when absolutely necesary. I have not needed it to brows any sites for a couple years now. My main browsers are Firefox (actually, the much faster optimized Minefield – which curiously, is the actual name of the main mozilla browser development line. Firefox is just a dev branch name.) 🙂 And Opera 9.61.

If you really want to have a laugh about M$ security (that is truly an oxymoron), Try an IE 8 alpha! LOL

5 Kryten42 { 12.16.08 at 10:06 pm }

Oops! meant to mention…

Badtux & Bryan, you can change where the ff cache is located and change several cache setting. Mozilla even state that a RAM disk is good for a cache if to want security and performance. 🙂 This can be done by using: about:config

Cache settings that can be changed include:

Accessibility.disablecache
Browser.cache.check doc frequency
Browser.cache.disk cache ssl
Browser.cache.disk.capacity
Browser.cache.disk.enable
Browser.cache.disk.parent directory
Browser.cache.memory.capacity
Browser.cache.memory.enable
Browser.cache.offline.capacity
Browser.cache.offline.enable

Browser.cache.disk.parent directory

Category:Preferences

About:config entries

Cheers! 🙂

6 Bryan { 12.17.08 at 12:35 am }

They do seem to be getting worse and not better. If they would disentangle the damn thing from the rest of the world and make it a truly stand-alone application their market share would drop like a rock.

7 Kryten42 { 12.17.08 at 6:16 am }

Ha! Right… 😉

PS: For anyone who wants to have a bit of fun in Firefox… Type (or copy/paste) the following into the address bar:
about:robots

(Appropriate now that the remake of the great classic “The Day The Earth Stood Still” is out. anyone seen it BTW? Any good? 🙂

Ahem… And:
about:mozilla

There used to be another fun one called about:kitchensink, but the Mozilla people seem to lose their sense of humor and made it so it only works with an extension installed, which no longer works anyway with vers > 3.0a1 *sigh* You can see a pic here though:

The Kitchen Sink Even though it was an ASCII art image, you could play with the taps and things would happen. 😉 LOL

This will show you how the various ff caches are configured, with links to view the contents if you want to:
about:cache

This will give you the full build identifier and other info about your ff build (useful mainly for developers obviously)
about:

And you can use this for even more detailed build info:
about:buildconfig

If you ever wondered how many people worked on ff… (if you haven’t seen this… you might be amazed!)
about:credits

There are some others, and others that once worked no longer do. 🙂 I’m sure some of you already know these, but for the others… have fun! 😀

8 Kryten42 { 12.17.08 at 7:36 am }

Your blog hates me. *sigh* I don’t care. 😉 LOL

It Seems Firefox v3.0.5 has just been released.

Firefox 3.0.5 fixes several issues found in Firefox 3.0.4

* Fixed several security issues.
* Fixed several stability issues.
* Official releases for the Bengali, Esperanto, Galician, Hindi, and Latvian languages are now available.
* Replaced the End-User License Agreement with a new “Know Your Rights” info bar on initial install.
* When installing multiple signed XPIs simultaneously, previous versions of Firefox would fail.
* Fixed several issues found in the accessibility implementation.
* Added the ability to send OS-specific system notes in the crash reporter.

And the performance optimized SSE & SSE2 builds should be available here *any day now* 😉

Binary Turf: Blazing Fast – Firefox Optimized Distributions

OK. Let’s see if this post ends up in moderation too! :p

9 Bryan { 12.17.08 at 12:55 pm }

First off, the comments moderation is picking on you, and you alone. It almost seems to be every second post. I’m investigating the problem and believe it may have something to do with the number of tags you use in comment formatting, which shouldn’t make any difference, but might if the code is sloppy when checking for links.

I notice that 3.0.5 is downloading this morning, but I don’t have it yet. I also need to hack a file from the current blogging upgrade, as it overwrote a previous hack about tags allowed in comments, so that may be source of your problem, too.

Every time a bug is squashed it seems like two more emerge.

10 hipparchia { 12.17.08 at 8:30 pm }

oh now there’s a happy thought — computers no longer have bugs, they have cockroaches.

11 Bryan { 12.17.08 at 8:50 pm }

I blame it on all the rain around Bellevue.

12 Kryten42 { 12.17.08 at 9:41 pm }

I’m not surprised that your blog is picking on me. If you’ve ever watched ‘Red Dwarf’, you’d know that my namesake was much put upon! We are used to it and just go on. It’s the price we pay. *sigh*

😉 LOL

13 Bryan { 12.17.08 at 10:27 pm }

I can find nothing in your posts that would kick them into moderation. Normally it is a problem with the e-mail address, but if there were, your Gravatar wouldn’t appear, and it does.

You successfully posted two in a row without getting kicked into moderation, so maybe the problem was somehow fixed by the change I made so Hipparchia could post ICHC pictures in comments.