Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Fire(read 'fad')Fox has too many exploits.
Posted by: Kyran
Date: September 25, 2006 10:12AM

http://www.symantec.com/about/news/release/article.jsp?prid=20060925_01

I knew this was going to happen soon. It's NOT secure and now that more people are using FireFox, it's being targeted more.

On a side note, according to Secunia, Opera 9 has had 1 reported vulnerability in 2006. Opera 8.x has had 2 this year.

Compare that to the 40-something for Firefox.

- Kyran

Options: ReplyQuote
Re: Fire(read 'fad')Fox has too many exploits.
Posted by: rsnake
Date: September 25, 2006 12:08PM

Could that be a factor of it's popularity? I haven't done much work in Opera simply because a large part of XSS is percentages - so most of my work has been done against browsers with higher market penetration. I wonder how many other security experts take the same route.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fire(read 'fad')Fox has too many exploits.
Posted by: Kyran
Date: September 25, 2006 03:46PM

Yeah. I kept mentioning it to many of my friends that started using FadFox. It's actually not much, if any more secure than IE. It was just less popular at the time. Now people are targeting Mozilla users more.

- Kyran

Options: ReplyQuote
Re: Fire(read 'fad')Fox has too many exploits.
Posted by: rsnake
Date: September 25, 2006 03:55PM

That's my take. I'm really pretty browser agnostic. I think each one have different uses:

Internet Explorer: Best functionality (active X controls, more supported, blah blah)
Firefox: Easiest to configure
Netscape: Technically has all the same combined functionality of IE and Firefox and great for testing
Opera: Unique take on rendering - less supported, prefetches which is both good and bad depending on what you are looking for.
Links: Like Lynx's big brother. Like lynx only with frames - no active content which is useful for testing or when you need to turn off everything.

I also use really obscure additional tools and browsers during some tests, but those are the majority.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fire(read 'fad')Fox has too many exploits.
Posted by: Kyran
Date: September 25, 2006 04:10PM

Same. I currently have 4 browsers installed and a myriad of small tools for each one. They are all quite good and have strengths and weaknesses. Although I'm more of a browser athiest. I believe there is no amazing one. They all suck in some way. Ahaha.

- Kyran

Options: ReplyQuote
Re: Fire(read 'fad')Fox has too many exploits.
Posted by: kirke
Date: September 25, 2006 06:14PM

> They all suck in some way.
hmm, did someone test telnet?
:-D

Options: ReplyQuote
Re: Fire(read 'fad')Fox has too many exploits.
Posted by: rsnake
Date: September 25, 2006 06:15PM

Telnet is totally vulnerable to social engineering. ;) People will believe any HTML markup I send them. Sooooo gullible.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote


Sorry, only registered users may post in this forum.