if IE7 is a stand-a-lone application now

[Fuzzy Logic]

"Beauregard T. Shagnasty" <a.nony.mous@example.invalid> wrote in
news:Nb90h.124061$QZ1.118754@bgtnsc04-news.ops.worldnet.att.net:

> In alt.privacy.spyware, Fuzzy Logic wrote:
>
>> Bug discoveries seem to be the new thing to do and on the same date of
>> the above post there were two bugs discovered in FF2.0:
>>
>> http://www.networkworld.com/news/200...downplays-firs
>> t-firefox.html
>
> "Of the two vulnerabilities reported since the browser's release on
> Tuesday, the first was patched in a previous version and the second
> alleged problem couldn't be replicated during testing, said Mike
> Schroepfer, vice president of engineering."
>
> I interpret this as saying the two bugs aren't really bugs, but then I
> could be wrong. Did you read the cited article?

One can crash the browser (DoS) the other they have not been able to reproduce and are waiting for more
information.

[*Prot3anThr3ad*]

If those DLL's are shared between IE and OS wouldn't that mean that it
is integrated ?

-Woodzy



Fuzzy Logic wrote:
>
> Totally wrong. IE is not integrated into the OS any more than MS Word is. There are many DLL's that are shared
> by IE and other parts of the OS. More here:
>
> http://blogs.msdn.com/dmassy/archive...22/400689.aspx

[Ze Muffinman]

Of course, you won't have to worry about /any/ of that crap if you just
install Firefox.

[Fuzzy Logic]

"Ze Muffinman" <truemuffinman@poetictimes.com> wrote in news:1161999411.033622.104260
@h48g2000cwc.googlegroups.com:

> Of course, you won't have to worry about /any/ of that crap if you just
> install Firefox.

Regardless of the browser you use you have to worry about crap. Here is the history of security flaws in FF:

http://www.mozilla.org/projects/secu...abilities.html

No browser is secure and it's relative security varies from day to day, patch to patch. Even the head security
person at Mozilla will not state the FF is more secure than IE:

http://news.com.com/2102-7355_3-6117...=st.util.print

I would argue that the biggest security risk with a properly maintained system is not the software you use but
the person at the keyboard. To illustrate this point:

http://outside.arc.ab.ca/staff/erkamp/security.jpg

Social engineering will defeat most 'secure' systems, just ask Kevin Mitnick.

[Andy Walker]

Fuzzy Logic wrote:

>Social engineering will defeat most 'secure' systems

For a good read on that subject try Ira Winkler's book "Spies Among
Us"[1]. Social engineering is the scariest thing imaginable to
security professionals because people are far too trusting/curious by
their nature.

Andy

[1] http://www.irawinkler.com/

[Joe Black]

*Prot3anThr3ad* wrote:

> then does that mean that the bugs and security holes from IE 6 are
> still in my machine ?



--

Read the neon sign greg, MOZILLA FIREFOX