Full Disclosure mailing list archives
Re: [in] Re: IE is just as safe as FireFox
From: devis <devis () easynix net>
Date: Mon, 22 Nov 2004 21:53:24 +0100
True goal is making as much money and influence as possible.
Please read my previous posts on this list regarding that matter.
Should we compare the new version/updates delivery frequency of the Mozilla Project with others ?This is why, Firefox being independant from this OS that carries 60 of its code base as being legacy code for older system hardware andThe Mozilla Suite (and Firefox) already existed for some years.
I used nt4 ws and server, i still noted at the time the default behavior of making the first user an administrator, and not inviting to create an unpriviledged user. All of the migrations NT4 -> BSD i did were in that case. The point is that relying on the solidity of ur network application / daemon / server and not restricting / reducing the impact of a crash / vulnerability / intrusion is just completely irresponsible. Jails are not "all" but they help as a preventive measure, and they instantly upgrades the knowledge level needed by the attack. They make sure for example, that the latest worms exploiting the latest vulnerability that remains unpatched by your vendor, are not taking over the box completely. Geez sounds familiar ?Lets not hide from ourselves whats needed from MS to reach modern world security: a complete rewrite, and a ditch of old Dos base and the 20 years old legacy code.Microsoft Windows NT is a complete rewrite from scratch. MSDOS is being emulated in a virtual machine called NTVDM. Microsoft Windows XP is not the first NT version, mind you.
Until MS manages to run a webserver / authserver / mailserver (fill in the list ... ) with the same functionnality and as non priviledged user, it will be much more unsecure out there.
And btw the "Virtual" Dos seems particulary present:Try this on any NT OSes: new folder -> aux, lpt1, con, nul ...Should i carry on ? (Hint: MSDos Reserved devices).
As i say previously non case sensitive OSes belong to the museum.
I will only if you learn to NOT reply to all [emails] of the thread but just to the list.Rafel Ivgi, The-Insider wrote:>[ fullquote from grandparent snipped, please learn some quoting style ]
Stefan Schatzl.
d. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: [in] Re: IE is just as safe as FireFox, (continued)
- Re: [in] Re: IE is just as safe as FireFox Valdis . Kletnieks (Nov 19)
- Re: [in] Re: IE is just as safe as FireFox Vincent Archer (Nov 22)
- Re: [in] Re: IE is just as safe as FireFox Xavier Beaudouin (Nov 19)
- Re: [in] Re: IE is just as safe as FireFox Andrew Farmer (Nov 19)
- Re: [in] Re: IE is just as safe as FireFox bkfsec (Nov 19)
- Re: [in] Re: IE is just as safe as FireFox devis (Nov 19)
- RE: [in] Re: IE is just as safe as FireFox joe (Nov 20)
- Re: [in] Re: IE is just as safe as FireFox Shoshannah Forbes (Nov 21)
- RE: [in] Re: IE is just as safe as FireFox joe (Nov 21)
- Re: [in] Re: IE is just as safe as FireFox Stefan Schatzl (Nov 22)
- Re: [in] Re: IE is just as safe as FireFox devis (Nov 22)
- Re: IE is just as safe as FireFox Colin . Scott (Nov 12)
- Re: IE is just as safe as FireFox Rafel Ivgi, The-Insider (Nov 12)
- Re: IE is just as safe as FireFox Colin . Scott (Nov 12)
- RE: IE is just as safe as FireFox Michael Evanchik (Nov 12)
- RE: IE is just as safe as FireFox Colin . Scott (Nov 15)
- Re: IE is just as safe as FireFox Raoul Nakhmanson-Kulish (Nov 15)