Check out some similar questions!

Nez · Jan 10, 2005, 12:44 PM

For years I have been advised not to use IE because of browser bloat,security issues,and general boring look of its interface.So after trying Netscape,Opera,and a few odd browsers,which I will not mention,I've finally settled on Firefox.Reliable,open source,quick loading,and apparently,now that the dust has settled over it's huge rise in popularity,hacked!
A quick visit to http://www.securityfocus.com/news/10248 revealed that Firefox,Mozilla,and Thunderbird,the e-mail client,all suffer from buffer overflow,and spoofing.No doubt patches and fixes will quickly be issued,yet my question is,how safe is the net?
With anti-virus software,spyware,adware,and all other anti-whatever you can think of,why is'nt there a foolproof system of surfing the net without worrying about unknowns trying to hack into the PC.Or am I being naïve?
Incidentally,Microsoft are issuing three 'major' security fixes this week.Says it all really.

psi42 · Jan 10, 2005, 03:58 PM

Originally Posted by Nez

apparently,now that the dust has settled over it's huge rise in popularity,hacked!
A quick visit to http://www.securityfocus.com/news/10248 revealed that Firefox,Mozilla,and Thunderbird,the e-mail client,all suffer from buffer overflow,and spoofing.No doubt patches and fixes will quickly be issued,yet my question is,how safe is the net?

The NNTP URL handling vulnerability was fixed before Firefox 1.0 was released. This is just the public disclosure, which usually doesn't happen until some time after the problem is fixed so that people can get their software updated beforehand.

http://www.mozilla.org/projects/secu...abilities.html

I can't seem to get the download spoofing demonstration to work on my Firefox... I just get a really long URL, but no apparent spoofing.

With anti-virus software,spyware,adware,and all other anti-whatever you can think of,why is'nt there a foolproof system of surfing the net without worrying about unknowns trying to hack into the PC.Or am I being naïve?

Because it is impossible to write "perfect" code. There are plenty of people looking for possible exploits, and eventually some will always be found.
This is similar to asking why no one can make the perfect safe, with a lock that can never be picked. Everything can be broken.

The idea is to have a sound policy for dealing with security problems: make security the #1 priority in every case, and deal with and fix each problem...

Nez · Jan 10, 2005, 05:36 PM

Thanks for your reply.I know that it is impossible to write perfect code,as someone will always exploit it.The same as it is to get an operating system to 'gel' perfectly is non existent.Yet we always here of Windows vunerabilities.Now before you can say Linux,and yes I have tried it,the folks at Redmond hold all the cards as far as the 'market' is concerned.Obviously they are the number one target for hackers,crackers,and general oppertunists-come-hero to show how good they are.Yet with Longhorn(codename),the next version of Windows due out I think between summer/winter 2006,can we expect more of the same?
I know there is no such thing as the perfect safe,or operating system for that matter,but I'd just love the day when code-holes,backdoors,server glitches,and the like were no more.Wont see it in my time I suppose.If I did,I'd give Bill a ring.

psi42 · Jan 11, 2005, 03:02 AM

Originally Posted by Nez

Yet we always here of Windows vunerabilities.Now before you can say Linux,and yes I have tried it,the folks at Redmond hold all the cards as far as the 'market' is concerned.

Heh... not for long :D :)

Obviously they are the number one target for hackers,crackers,and general oppertunists-come-hero to show how good they are.

True, for sure at least as far as the desktop PC is concerned...

Yet with Longhorn(codename),the next version of Windows due out I think between summer/winter 2006,can we expect more of the same?

Yes. Unless Microsoft makes some serious changes, which is highly unlikely. Longhorn is probably going to add more "multimedia features" and quadruple the system requirements, but I don't think we'll see a massive security cure. That was what SP2 was supposed to be, remember?

I know there is no such thing as the perfect safe,or operating system for that matter,but I'd just love the day when code-holes,backdoors,server glitches,and the like were no more.Wont see it in my time I suppose.If I did,I'd give Bill a ring.

Don't we all... I don't see that happening, ever. But hey, I could be wrong...

~psi42

Nez · Jan 11, 2005, 07:50 AM

Well I just had to go and have a look at work in progress on Longhorn.One of the sites I went to,Microsofts is over my head,is www.winsupersite.com/reviews/longhorn_alpha.asp and had a look around.Interesting,but beta versions as we all know,are not the final product,and before 2006 arrives,the coders at Redmond will all have probably fallen out over some issue,and it'l be back to the drawingboard,see you all in 2008!
Not on that site,but Microsofts,they rambled on about new code language 'XAML' used to create UI elements.It will be the first OS built within managed code.First to host a new storage system (code named "WINFS") that revolutionizes the concept of a file system.Wow.
No wonder we have backdoors open,and I thought it was all so easy.No doubt the new OS will be huge on hard drive space,and media player 345 will be able to play AAC codecs.Not!
Just surfice to say that sp1(Lh) will no doubt be out within weeks,and my patience will be spent on buffer underrun.

Nez · Jan 11, 2005, 08:43 AM

Longhorn is now being used within Microsoft.3000 client machines are test running the OS (source:news.znet.com).
Courtesy of ( CNET News.com), Microsoft and Sun Micro systems plan to give a report on 12th Jan,05,concerning their six month alliance.Apparently Microsoft have paid Sun $1.95 billion to settle legal disputes and share technology.What do others make of this? Competition gone out of the window,a stitch-up,everyone conceeding defeat. Or am I overreacting?
Now where is that Linux disk... :confused: