Full Disclosure mailing list archives

Re: IE is just as safe as FireFox

From: William Warren <hescominsoon () emmanuelcomputerconsulting com>
Date: Fri, 12 Nov 2004 12:18:50 -0500

not to mention the hundreds or thousands of pairs of eyes bothhelpful and harmful that look at the mozilla project's codebase.


Todd Towles wrote:

He can buy a product..or do a super fast rollout of SP2..but why should
he? Microsoft should write better products...period. Everytime a Firefox
exploit comes out..there is already a fix...is that magic? No..it is
good coding...
-----Original Message-----
From: full-disclosure-admin () lists netsys com[mailto:full-disclosure-admin () lists netsys com] On Behalf OfRafel Ivgi, The-Insider
Sent: Friday, November 12, 2004 8:09 AM
To: full-disclosure () lists netsys com; Colin.Scott () csplc com
Subject: Re: [Full-disclosure] IE is just as safe as FireFox
If you do have 14000 machines why don't you buy "Finjan'sVital Security For Web"?It will filter all malicious I.E exploits for all itssurfers(its a proxy, quite fast...)
Or just use SUS(system update server (microsoft)) just likeany other administrator... to install sp2 or to just replacethe c:\windows\system32\shdocvw.dll with the patched one orwith sp2 one...
Rafel Ivgi, The-Insider
Security Consultant
Malicious Code Research Center (MCRC)
Finjan Software LTD
E-mail: rivgi () Finjan com
---------------------------------
Prevention is the best cure!
----- Original Message -----
From: <Colin.Scott () csplc com>
To: <full-disclosure () lists netsys com>
Sent: Friday, November 12, 2004 12:46 PM
Subject: Re: [Full-disclosure] IE is just as safe as FireFox
Oh yeah, I've got 14,000 Windows 2000 machines to update towindows XP SP2,
hang on wheres that CD?

So thanks for your infinate wisdom there Rafel.

Colin.
"Rafel Ivgi,The-Insider"<theinsider@012.n Toet.il> <full-disclosure () lists netsys com>Sent by: ccfull-disclosure-admin@lists.netsys Subject.com Re: [Full-Disclosure] IE is just assafe as FireFox12/11/2004 06:44
That is incorrect, there is a fix --> SP2.
Users should use the latest updated system, meaning if thereis an SP2,
they
should install it.


Rafel Ivgi, The-Insider
Security  Consultant
Malicious Code Research Center (MCRC)
Finjan Software  LTD
E-mail: rivgi () Finjan com
---------------------------------
Prevention  is the best cure!
----- Original Message -----
From: "Martin Mkrtchian"  <dotsecure () gmail com>
To: "Todd Towles" <toddtowles () brookshires com>
Cc: "Mailing List - Full-Disclosure"<full-disclosure () lists netsys com>;
<ring-of-fire () yahoogroups com>
Sent: Friday,  November 12, 2004 3:03 AM
Subject: Re: [Full-disclosure] IE is just as safe  as FireFox
They should've at least released that statement after they
fixed the
IE FRAME vulnerability. 0 day exploit is in the wild and  no fix for
it, yet they claim its secure enough.
If the programmers are as smart as the company press
releasers, I can
see   why I.E. still sux.


Martin


On  Thu, 11 Nov 2004 15:59:20 -0600, Todd Towles
<toddtowles () brookshires com> wrote:
Microsoft's  security and mangement product manager (Ben English)
says...
At a security roundtable discussion in Sydney on
Thursday, Ben English,
Microsoft's security and management product manager, told
attendees
that
IE undergoes "rigorous code reviews" and is no less
secure than any
other  browser.
"Because IE is ubiquitous, you hear a lot more about it,
but I don't
think that Internet Explorer is any less secure than any
other browser
out there," English  said.
http://news.com.com/Microsoft+says+Firefox+not+a+threat+to+IE/
2100-1032_
3-5448719.html?part=dht&tag=ntop&tag=nl.e433

Can  anyone say IFRAME? Lol

-Todd

_______________________________________________
Full-Disclosure - We  believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We  believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
**************************************************************
************************
This e-mail is confidential and may contain privilegedinformation. If youare not the addressee or if you have received the e-mail inerror, it maybe unlawful for you to read, copy, distribute, disclose orotherwise use theinformation which it contains. Under these circumstances,please notifyus immediately by returning this mail to'mailerror () csplc com' and deleting
this e-mail from your system.
Any views expressed by an individual within this e-mail donot necessarilyreflect the views of Cadbury Schweppes Plc or itssubsidiaries. CadburySchweppes Plc will not be bound by any agreement entered intoas a resultof this email, unless its intention is clearly evidenced inthe body of theemail.
Whilst we have taken reasonable steps to ensure that this e-mail and
attachments are free from viruses, recipients are advised tosubject thismailto their own virus checking, in keeping with good computingpractice. Pleasenote that email received by Cadbury Schweppes Plc or itssubsidiaries may be
monitored in accordance with the prevailing law in the United Kingdom.

**************************************************************
************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


--
My "Foundation" verse:

Isa 54:17 No weapon that is formed against thee shall prosper;and every tongue that shall rise against thee in judgment thoushalt condemn. This is the heritage of the servants of the LORD,and their righteousness is of me, saith the LORD.


-- carpe ductum -- "Grab the tape"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: [in] Re: IE is just as safe as FireFox, (continued)
- - - Re: [in] Re: IE is just as safe as FireFox jbernts (Nov 15)
    - Re: [in] Re: IE is just as safe as FireFox Gregh (Nov 15)
  - Re: IE is just as safe as FireFox Florian Streck (Nov 12)
- Re: IE is just as safe as FireFox Des Ward (Nov 12)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
  - Message not available
    - Re: IE is just as safe as FireFox n3td3v (Nov 12)
    - Re: IE is just as safe as FireFox Valdis . Kletnieks (Nov 12)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
  - Re: IE is just as safe as FireFox William Warren (Nov 12)
  - RE: IE is just as safe as FireFox joe (Nov 15)
    - RE: IE is just as safe as FireFox Eric Paynter (Nov 16)
    - RE: IE is just as safe as FireFox joe (Nov 17)
- Re: IE is just as safe as FireFox WB (Nov 12)
  - Re: IE is just as safe as FireFox Curt Purdy (Nov 14)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
- RE: IE is just as safe as FireFox Rafel Ivgi, The-Insider (Nov 13)
- RE: IE is just as safe as FireFox Stuart Fox (DSL AK) (Nov 15)
  - Re: IE is just as safe as FireFox stephane nasdrovisky (Nov 16)
    - RE: IE is just as safe as FireFox joe (Nov 17)

(Thread continues...)