24 posts • joined Sunday 1st August 2010 11:45 GMT
I wouldn't have noticed that it had been blocked if I hadn't read the comments first.
Ghostery plugin is a Firefox necessity (Yes you can get it on Chrome too but it's missing some blockers).
You don't seem to see, or understand, the problems
"Most of you want to stay with the same old failed systems: Windows! Look at what a success that has been. Cheap? Have you ever worked in a shop that uses mainly Dell? I have, several times. The cost of the native hardware, with Windows or Suse or Redhat (or self installed Slackware or Suse) was not much lower, especially with the Gold support needed. Then, the failure rate was "awesome". I recall getting a batch of six higher spec. laptops. All were under repair within six months, two of them twice and not for user damage, just straight, hardware failure. The desk tops were scarcely better, though the servers, once one called in the engineer to fit the ordered parts rather than what arrived, were not so bad."
Just because you have had a piss poor experience with PC hardware and open source don't tar the rest of the industry with the same brush. The problem is with the planning and execution.
Obviously very badly uninformed!
"We are aware that some customers using the latest version of the browser Firefox, version 4, may currently be experiencing difficulties accessing their account details online. We are in the process of rectifying this and would advise customers in the meantime to use a previous version of Firefox or Internet Explorer.
"This will not impact customers' online security..."
No one should be using IE at the moment due to the MHTML bug that allows drive by attacks that can compromise the system. Stupid, stupid people. Just because they have particularly stupid management when it comes to deploying a web service, and/or particularly stupid web developers doesn't mean that they should be giving poor advice that can lead to their customers having their bank accounts hijacked.
Walk away from Santander, and any other monkeys, that want your cash and can't write a proper website that works across browsers.
Downloaded it three times here
Laptop, main PC and the work PC. I need to build an IE8 VM now though; to go with my IE 6 and 7 VMs.
FF 4 will get 10 downloads from me (work PC, main PC, Laptopx2 (Windows and Ubuntu), Netbookx2 (Windows and Ubuntu), Windows VM, Ubuntu VMx2, work Mac Mini).
Guess FF4 wins this round again.
Depends on your audiance.
If your visitor statistics back up use of CSS3 and HTML 5 in your websites then I would say go for it. CSS 3 is especially easy to implement into sites in a progressively enhanced way, so we have started using it even though most users won't see the enhancements.
The company I work for shows a massive bias on our clients' sites to IE 6-8 users, and that won't change anytime soon, so even PNGs are a pain to work with.
Use IE9 at your own peril
MHTML bug owns all versions of IE and such attacks will be commonplace for the foreseeable future because of the tight integration with the OS.
Most Linux distros come with Firefox by default, so this is interesting for them.
Firefox didn't get hacked this year at PWN2OWN, along with long standing Chrome (not hacked as of yet).
Firefox 4 is a stepping stone for Firefox 5/6/7 this year which should bring tab isolation/sandboxing, 64bit version, more HTML 5 and CSS 3 features.
No takers for Firefox so it stands alongside Chrome this year as not having been hacked.
So, you now have access to the system through an account; next hack run is privilege escalation exploit.
Once you're in the system remotely you're in the system, regardless of the account you happen to have wheedled your way into.
Doesn't matter what system you're attacking, the exploit methodology is the same; get into the system, escalate privileges, control system.
What's with all the bad memory management reports from FF users?
I really don't understand this. I have never seen large amounts of memory used by Firefox, I only see a huge amount of memory usage with flash apps running (800MB for the plugin container.)
Do you all have so little memory that 100MBs make a difference between browsers?
@AC "And it's utter pants"
There is malware out there that causes FF4 to crash but not FF3.6. You need to reformat your PC with a clean OS DVD and check performance again without installing anything other than FF4 and windows patches. Use an antivirus package, like a free one such as Avast 6, or a paid for one from a reputable vendor. Then install your programs one by one.
No Firefox results because it was delayed until day 2
So anyone saying that it has been hacked already is wrong.
FF + Hotmail user here
I use Hotmail via the Webmail notifier plugin, alongside a couple of yahoo accounts and a gmail account.
I get lots of newsletters sent to the hotmail account. I use a yahoo account for sites like this one.
It's out now!
I just manually checked for updates and sure enough there it was ready for download. ~80MB-900MB I think it said, but most machines should be up to date.
I don't fancy the job of updating the four Win 7 office pcs tomorrow. I guess I should be glad that there are only four of them. We have three sat in storage, but hopefully I may get WSUS before I need to update them.
Online DDoS laws outlaw similar, offline, legal forms of protest
If I, and two thousand of my friends, turn up at some store or other and pack it out, and pack out the street outside trying to get in, just browsing so that no one who might wish to actually give that store their business can get in that would be a denial of service attack.
This is different to just barring the entrance and preventing access as there would be no room for the actual customers to get into the store.
If you were to go into a bank with lots of your friends throughout the UK and remove all the brochures from those branches. That is a DDoS attack, but offline, and it would be seen as a legitimate form of protest.
Thus, I would argue that doing so online, through the LOIC or holding your ctrl+F5 buttons for a few hours, is a legitimate form of protest, as far as I'm concerned, and would cause less of a financial impact than other forms of offline protest. (Think of the amount of cost there is in printing and stocking leaflets and brochures and denial of service on a store or bank, by filling it out with non-customers, would have on the bottom line.)
Which is funny, as IE 6 doesn't have ASLR or DEP support and I doubt that the EMET workaround will work for it either.
I hope that all those corporate security types that love XP/IE6, like HMG, are paying attention to this.
If he's a spy...
for whom does he spy?
Simple enough question.
Is a dual processor workstation in 2015. So, it's got four years of life in it. Six before it will only work in high end single processor machines.
Those four thousand cores will be utilised by a single processor machine in 2027, assuming two years for each process transition and a linear doubling of cores per process transition.
It all sounds very familiar.
I wonder if they tested the missiles against the Mirach 100/5 towed targets at 792
The Mirachs aren't supersonic so can't use them for testing that aspect of the system.
The MoD procurement sounds like my current job's management team's approach to building new software; which is funny as I came from the MoD into my current job.
At my current job, we have managed to get the directors to go to an outside firm to get the specification written. However, knowing the directors, they will constantly be changing things
until they are happy, and so it will be exactly like a military/government project, with massive overruns in terms of costs and time.
No hierarchical folder structure?
Surely you would do this in parts using something like the native zip functionality or a third party program like WinRAR to turn a large number of these files into a single archive.
The thought of transferring 60m files across a network connection makes quail. Even the web servers that I look after top out at 7.5m files.
If we returned to the 'trees', you'd be at the mercies of the person or group of persons that held the biggest stick(s).
If they didn't like what you were saying they'd quite happily be rid of you. If you wandered into someone else's area, they might tortuture you and or kill you for doing so.
All these basic 'Human Rights' are utter b.s.
There're a number of things to consider...
What most people fail to understand that HMG is probably using and controlling their systems with AD, and as other browsers don't tie themselves into AD, the admins would not have control, unless the browser update is to a more recent version of IE.
Also, what do you think they would do when they realised that all these 'In porn' modes made logging what people were doing impossible to follow?
My impression is that HMG is using IE6 specific ActiveX controls, like a lot of big corporations of the early XP generation and that they would have to rewrite those or all those applications that they use that use them to be able to move away from IE6. Personally, I think that they should never have been allowed to go the OS specific integrated route as it's a lock in to a specific platform. All their apps, both front end and backend, should be fully portable to other OS and browser platforms.
It is a good argument for public oversight of governmental IT projects, so that we the tax payers don't get screwed over, and over, and over.
I also think it's outrageous that the government would publish a statement that insinuates a lie, that they don't need to do anything because there's no evidence that that the latest fully patched browser from MS is any less secure than alternative browsers. All well and good, if they were using IE8, but they aren't using the LATEST fully patched browser from MS, they're using IE6. And probably systems that are not fully patched either, so two lies?
Also CanSecWest has had IE8 crumble during its competitions every year that it has been out. Only one desktop browser remains uncompromised at that event, and that's Google's Chrome browser. So there is the evidence that there are alternative browsers that are less insecure than IE8.
- IT bloke publishes comprehensive maps of CALL CENTRE menu HELL
- Analysis Who is the mystery sixth member of LulzSec?
- Nine-year-old Opportunity Mars rover sets NASA distance record
- Prankster 'Superhero' takes on robot traffic warden AND WINS
- Comment Congress: It's not the Glass that's scary - It's the GOOGLE