Thoughts On Browser Rootkits

Discussion in 'other security issues & news' started by Rasheed187, Oct 20, 2007.

Thread Status:
Not open for further replies.
  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
  2. Dogbiscuit

    Dogbiscuit Guest

    It's interesting what software well-respected authorities, such as Joanna Rutkowska, use themselves, given what they know:
     
  3. Doc Serenity

    Doc Serenity Registered Member

    Joined:
    Apr 4, 2007
    Posts:
    105
    What about IE7 Pro.
    Doesn't that make IE7 much safer?
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,

    It's interesting but hardly indicative.

    Tesla used to boast he invented a "death ray" that can down 10,000 planes from the sky ... and he was a genius. Besides, with all due respect, people like publicity, especially when it's provocative and polarized. That way, you increase your traffic and the fan (hate) base. The average fan listen 2.5 hours a day to Howard Stern, but the average hater listens to him 4.5 hours a day.

    The only reality check is yourself. Do what you do, see for yourself. It doesn't really matter what anyone else does, because it comes down to your browser and your needs.

    As to which one is safer - some people will never get infected, no matter what, some people will get infected, no matter what. The choice of the browser is a tricky business.

    Ask me why I use Firefox? Because it's safer than IE? Well, mainly because IE is suicidally boring and ugly and does not support W3 standards. Firefox is far more customizable, friendly etc ... only after all these does security come to mind. So I agree with Joanna on that regard, Noscript thingie, because it makes the annoying pages static and quiet, makes the browsing faster and cleaner ... and eventually safer. Because it's the logical thing to do.

    Cheers,
    Mrk
     
  5. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Maybe a bit, but its main advantage is adding features. Using security zones is similar to NoScript extension, but the problem is, that disabling javascripts in Internet zone will also partially disable them in the Trusted zone and that is quite stupid, I guess, that it is because of removed local zone, which was in IE6.
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Personally I think that Joanna Rutkowska is way too paranoid. I didn´t really expected this from a security expert, I mean, of course there are serious threats out there, but with a little bit of knowledge (which tools to use, how to harden your system, which things to avoid) you won´t have any problems. As for browser rootkits, I guess it´s best to not download extensions/plugins from untrusted sites and to use as less plugins as possible.
     
    Last edited: Oct 27, 2007
  7. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Simply use no script w/Firefox, and voila! Problem solved... (an ugly solution if you ask me but an effective one).

    Even if it exists you need some type of script or activeX, as a delivery system, and even an IFrame is blocked by it...

    However 99 % of users who come to us for help and support have no browser protection whatsoever... No link scanner and no site assessment tools and they mostly all use IE... No wonder hackers love using server cross scripting to screw everyone!
     
    Last edited: Nov 9, 2007
Loading...
Thread Status:
Not open for further replies.