Post #86,236
3/6/03 6:52:06 PM
3/6/03 6:53:04 PM
|
Take the Browser Secuity test
[link|http://212.100.234.54/content/4/29621.html|The Reg] has an interesting article on an outfit that will scan your favorite Browser for known vulnerabilities, and provide you with a report on what it finds. The outfit is called ScanIt, and the intro page to it's test is located [link|http://webtest.scanit.be/bcheck/index.php|here]
The Reg article has some interesting feedback on what it found with some of the browsers it had on hand. Of course, IE sucked (but you already knew that...). Me? I came up clean...but then, I'm using Mozilla...
(The only downside of the tests is that you have to allow pop-up or pop-under windows for the test to work, so you'll have to disable that feature in Moz for the test to work.)
[Edit: fixed more typos...]
jb4 "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." Rich Cook
Edited by jb4
March 6, 2003, 06:53:04 PM EST
|
Post #86,241
3/6/03 7:04:37 PM
|
Found 2 with fully patched w2k/IE6.0
The same 2 medium risk vulnerabilities they found with Win98/IE6.0
-- Chris Altmann
|
Post #86,258
3/6/03 8:02:03 PM
|
And WinXP and IE6.0 Fully Patched.
b4k4^2
[link|mailto:curley95@attbi.com|greg] - Grand-Master Artist in IT | [link|http://www.iwethey.org/ed_curry/|REMEMBER ED CURRY!] [link|http://pascal.rockford.com:8888/SSK@kQMsmc74S0Tw3KHQiRQmDem0gAIPAgM/edcurry/1//|ED'S GHOST SPEAKS!] | [link|http://www.eweek.com/article2/0,3959,857673,00.asp|Writing on wall, Microsoft to develop apps for Linux by 2004] | Heimatland Geheime Staatspolizei reminds: These [link|http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf|Civilian General Orders], please memorize them. "Questions" will be asked at safety checkpoints. |
|
Post #86,282
3/6/03 9:00:36 PM
|
Confirmed
I think this must be related to Media Player. I had an attempted QuickTime subwindow but never directly saw Media Player - I can't believe it didn't try *something* with Media Player.
One funny thing - a lot of windows popped up pointing to things that got short-circuited by my hosts file - that was fun :)
-drl
|
Post #86,509
3/7/03 1:48:09 PM
|
**chuckle**
jb4 "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." Rich Cook
|
Post #86,257
3/6/03 8:01:25 PM
|
0 vulnerabilities: RH 7.2 all patches Moz 1.0.1 :)
bcnu, Mikem
Osama bin Laden's brother could fly in US airspace 9/15/01, but I had to wait for FBI and CIA background checks, 'nuff said?
|
Post #86,259
3/6/03 8:03:25 PM
|
0 Vulnerabilities with Moz 1.2.1b and WinXP... SOOOO
...it Really IS the Problem with Browser Integration with the OS... like a Wart...
b4k4^2
[link|mailto:curley95@attbi.com|greg] - Grand-Master Artist in IT | [link|http://www.iwethey.org/ed_curry/|REMEMBER ED CURRY!] [link|http://pascal.rockford.com:8888/SSK@kQMsmc74S0Tw3KHQiRQmDem0gAIPAgM/edcurry/1//|ED'S GHOST SPEAKS!] | [link|http://www.eweek.com/article2/0,3959,857673,00.asp|Writing on wall, Microsoft to develop apps for Linux by 2004] | Heimatland Geheime Staatspolizei reminds: These [link|http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf|Civilian General Orders], please memorize them. "Questions" will be asked at safety checkpoints. |
|
Post #86,266
3/6/03 8:21:20 PM
|
Safari Beta v60 on OS X, no vulns found
Tom Sinclair
"Man, I love it when the complete absence of a plan comes together." - [link|http://radio.weblogs.com/0104634/|Ernie the Attorney]
|
Post #86,272
3/6/03 8:31:10 PM
|
Big Fat Goose Egg. OS/2 & Mozilla 1.0.1. Thanks for playing!
|
Post #86,281
3/6/03 8:57:35 PM
|
2 javascript "minor" issues, none major
I have a adspam-blocking hosts file and deliberately loosened the script security slightly because I'm making an Intranet. I always leave Javascript enabled.
Neither problem could lead to compromise of my system.
IOW I'm totally safe.
I'm on Windows 98SE, IE6.0-128 SP 1.
I have a custom set of security patches. I use Windows Update, tailored to my requirements.
-drl
|