Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 25 Jul 2014, 06:47
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Firefox, Adobe top buggiest software list
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
clarf


Joined: 13 Jun 2007
Posts: 612
Location: The old Lone Wolf

PostPosted: Fri 18 Dec 2009, 12:24    Post_subject:  Firefox, Adobe top buggiest software list
Sub_title: When enemy is inside the GPL
 

Something to think about GPL software

http://news.cnet.com/8301-27080_3-10417785-245.html
Back to top
View user's profile Send_private_message 
disciple

Joined: 20 May 2006
Posts: 6425
Location: Auckland, New Zealand

PostPosted: Fri 18 Dec 2009, 16:27    Post_subject:  

Not exactly high-quality journalism:
"vulnerabilities" ≠ "bugs"
"vulnerabilities" ≠ actual exploits
I guess at least they recognise that:
"reported vulnerabilities" ≠ "vulnerabilities"

_________________
DEATH TO SPREADSHEETS
- - -
Classic Puppy quotes
- - -
Beware the demented serfers!
Back to top
View user's profile Send_private_message 
disciple

Joined: 20 May 2006
Posts: 6425
Location: Auckland, New Zealand

PostPosted: Fri 18 Dec 2009, 16:31    Post_subject:  

Maybe I've been living in a Linux cave for too long:
Quote:
The numbers illustrate the trend of attackers turning their focus away from operating systems and toward applications, Kandek said.

They don't mention any evidence for this... is it true?

Code:
"Operating systems have become more stable and harder to attack and that's why attackers are migrating to applications, he said. "Adobe is a huge focus for attacks now, around 10 times more than Microsoft Office.

Microsoft Office isn't an operating system... and since when was it a huge focus for attacks? The focus used to be Windows via Internet Explorer.

_________________
DEATH TO SPREADSHEETS
- - -
Classic Puppy quotes
- - -
Beware the demented serfers!
Back to top
View user's profile Send_private_message 
disciple

Joined: 20 May 2006
Posts: 6425
Location: Auckland, New Zealand

PostPosted: Fri 18 Dec 2009, 16:33    Post_subject:  

Quote:
Something to think about GPL software.

Yes: "don't use GPL software, they'll actually confess to all the bugs when they fix them".
I want to hear from someone who's actually suffered from one of these vulnerabilities in Firefox being exploited...

_________________
DEATH TO SPREADSHEETS
- - -
Classic Puppy quotes
- - -
Beware the demented serfers!
Back to top
View user's profile Send_private_message 
clarf


Joined: 13 Jun 2007
Posts: 612
Location: The old Lone Wolf

PostPosted: Fri 18 Dec 2009, 18:35    Post_subject:  

disciple wrote:
Not exactly high-quality journalism:
"vulnerabilities" ≠ "bugs"
"vulnerabilities" ≠ actual exploits
I guess at least they recognise that:
"reported vulnerabilities" ≠ "vulnerabilities"


You are totally right disciple,

vulnerabilities = security risk.

A vulnerability with some instances of working and fully-implemented attacks is classified as an exploit.
Back to top
View user's profile Send_private_message 
clarf


Joined: 13 Jun 2007
Posts: 612
Location: The old Lone Wolf

PostPosted: Fri 18 Dec 2009, 18:44    Post_subject:  

disciple wrote:
Maybe I've been living in a Linux cave for too long:
Quote:
The numbers illustrate the trend of attackers turning their focus away from operating systems and toward applications, Kandek said.

They don't mention any evidence for this... is it true?

Code:
"Operating systems have become more stable and harder to attack and that's why attackers are migrating to applications, he said. "Adobe is a huge focus for attacks now, around 10 times more than Microsoft Office.

Microsoft Office isn't an operating system... and since when was it a huge focus for attacks? The focus used to be Windows via Internet Explorer.


Although they don´t mention any evidence, in Windows side is totally clear that focusing in Internet Explorer is a fast way to attack the Operating System (as you already pointed), IE is integrated in Windows kernel making it the big gate for any attack.

With that in mind Microsoft had doing many changes to IE security, many features are default disabled and many program Permissions blocked. I must add that with default settings I can´t use IE for many enterprise Web applications. The worst thing is I Usually have to force the lowest security setting to make things work, even setting a trusted site is not enough for single signon authentication or Scripts executions. I don´t have such problems with Firefox.
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0580s ][ Queries: 12 (0.0088s) ][ GZIP on ]