«

On Sat, 31 Mar 2007 03:23:52 GMT, Zaghadka <>
wrote:

>On Sat, 31 Mar 2007 02:05:29 GMT, in alt.fan.mozilla, Leonidas Jones wrote:
>
>> wrote:
>>> On Fri, 30 Mar 2007 16:56:49 -0500, John Thompson
>>> <> wrote:
>>>
>>>> On 2007-03-30, <> wrote:
>>>>
>>>>> I hate to break this to everyone, but according to
>>>>> http://msmvps.com/blogs/spywaresucks...22/701346.aspx
>>>>>
>>>>> IE7 is now the safest browser.
>>>> The common denominator on these seens to be Windows. Get rid of Windows
>>>> and your spyware issue vanishes.
>>>
>>> It's easy to talk, isn't it !!!!
>>> I'd love to get rid of Windows, but these days one cant do much with
>>> DOS, and OS2 is dead. Of course there's always the Macintosh if one
>>> can afford them.
>>
>>You never heard of Linux? Free distro's, if you've never tried it
>>Ubuntu is very user friendly:
>>
>>http://www.ubuntu.com/
>>
>I second that, get Ubuntu. I dual-boot into it right now and it runs like a
>dream, after you work out the kinks. It's very different from a Windows
>environment, but you can find all the support you need on the web. The folder
>structure is the most difficult thing to get used to, especially if you're used
>to the level of direct control and user-centricity of the Windows/DOS model.
>Things are not stored by app and vendor, but instead by function to the
>computer system, divided by user.
>
>And if you haven't drunk the "free software" Kool-aid, and want to get things
>like restricted software and proprietary drivers, you will also want to look
>into a script called "Automatix" that takes care of things like the Totem media
>player, so you can play your DVDs.
>
>Both ATi and Nvidia have good Linux video drivers, though I hear Nvidia's
>better at it. I have an ATi card. They're a bear to install, and the module
>needs to be rebuilt anytime you upgrade your kernel. But it's do-able, and
>there are good step-by-step guides for everything.
>
>Good luck.

Interesting. You come out in support of "easy" Ubuntu then relapse
into geekspeak describing the difficulties.

The live distro list:
http://www.livecdlist.com/?pick=Linu...ort=Votes&sm=1

I vote for Knopix. No problem - plug and play on two computers.
--

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

On Sat, 31 Mar 2007 11:14:30 -0500, in alt.fan.mozilla, default wrote:

>On Sat, 31 Mar 2007 03:23:52 GMT, Zaghadka <>
>wrote:
>
>>On Sat, 31 Mar 2007 02:05:29 GMT, in alt.fan.mozilla, Leonidas Jones wrote:
>>
>>> wrote:
>>>> On Fri, 30 Mar 2007 16:56:49 -0500, John Thompson
>>>> <> wrote:
>>>>
>>>>> On 2007-03-30, <> wrote:
>>>>>
>>>>>> I hate to break this to everyone, but according to
>>>>>> http://msmvps.com/blogs/spywaresucks...22/701346.aspx
>>>>>>
>>>>>> IE7 is now the safest browser.
>>>>> The common denominator on these seens to be Windows. Get rid of Windows
>>>>> and your spyware issue vanishes.
>>>>
>>>> It's easy to talk, isn't it !!!!
>>>> I'd love to get rid of Windows, but these days one cant do much with
>>>> DOS, and OS2 is dead. Of course there's always the Macintosh if one
>>>> can afford them.
>>>
>>>You never heard of Linux? Free distro's, if you've never tried it
>>>Ubuntu is very user friendly:
>>>
>>>http://www.ubuntu.com/
>>>
>>I second that, get Ubuntu. I dual-boot into it right now and it runs like a
>>dream, after you work out the kinks. It's very different from a Windows
>>environment, but you can find all the support you need on the web. The folder
>>structure is the most difficult thing to get used to, especially if you're used
>>to the level of direct control and user-centricity of the Windows/DOS model.
>>Things are not stored by app and vendor, but instead by function to the
>>computer system, divided by user.
>>
>>And if you haven't drunk the "free software" Kool-aid, and want to get things
>>like restricted software and proprietary drivers, you will also want to look
>>into a script called "Automatix" that takes care of things like the Totem media
>>player, so you can play your DVDs.
>>
>>Both ATi and Nvidia have good Linux video drivers, though I hear Nvidia's
>>better at it. I have an ATi card. They're a bear to install, and the module
>>needs to be rebuilt anytime you upgrade your kernel. But it's do-able, and
>>there are good step-by-step guides for everything.
>>
>>Good luck.
>
>Interesting. You come out in support of "easy" Ubuntu then relapse
>into geekspeak describing the difficulties.
>
>The live distro list:
>http://www.livecdlist.com/?pick=Linu...ort=Votes&sm=1
>
>I vote for Knopix. No problem - plug and play on two computers.

I never once said Ubuntu is "easy." Nothing worthwhile ever is. I merely relate
the easiest way to get it running, and when you work out the kinks (and there
are DEFINITELY kinks), it'll be more stable than anything similar I've seen
produced in the past 20 years, including other distros.

Have a nice day.

--
Zag


"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550

"The Means Justify The Means" ~George W. Bush, c. 2000

On Sat, 31 Mar 2007 03:17:09 GMT, Zaghadka <>
wrote:

>On Fri, 30 Mar 2007 20:32:19 -0500, in alt.fan.mozilla,
>wrote:
>
>>On Fri, 30 Mar 2007 19:09:00 +0000 (UTC), john sumner
>><> wrote:
>>
>>>SteveG <_@_._> wrote in
>>>news:IOcPh.2813$ o.uk:
>>>> John may (or may not) lack comprehension skills but I have to tell you
>>>> that "validify" is NOT an English word. I'm guessing your American and
>>>> exercising your "right" to make up words just because you don't know the
>>>> correct one to use. Try "validate" instead
>>>>
>>>> <flame proof jacket now donned in anticipation of impending tirade> <BCG>
>>>
>>>I do have comprehension skills i just think this guy who started this is a
>>>troll who is in love with microsoft
>>
>>I am the guy that started this thread, and I amd not a troll, because
>>I DID NOT make the website that listed these facts and figures.
>>Why dont you go to the site yourself. Look at the bar on the left.
>>Each of these 3 browsers are listed with several versions. I am
>>trying to get opinions. I find it hard to believe that FF 1.x was
>>less secure than IE6. I will not say what I believe about IE7 since I
>>have not used it. I would hope that MS fixed the security issues, but
>>they dont always keep up with things.
>>
>>GO HERE:
>>http://msmvps.com/blogs/spywaresucks...22/701346.aspx
>
>If you were seriously pooling opinions, your post would have been well served
>by a simple question mark in the header.
>
>i.e.: "The safest Browser is IE7?"
>
>MSMVP stands for professionals who make the best money when everyone uses
>nothing but Microsoft products. Any article on that site isn't even a biased
>opinion. Their opinions are literally *twisted*.
>
No, I didn't know what MSMVP stood for.

Aside from all of this, I have still not found anyone on here that
actually has any factual information about browser security. Does
such data exist? I use both the latest Firefox and IE6. I never feel
very safe with IE, but there are times I need it. Either way, I'd
like to see some non-biased FACTS about security in all 3 of these
browsers, or at least Firefox and IE, (and several versions). I dont
really care much about Opera or want to use it, but it would be
interesting to see all of them compared.

>I'd disregard the article and start over with some reasonable biased sources, a
>few from each side of the software divide (proprietary vs. free).
>
OK, lets see some non-biased sources. Since this is a Firefox group,
I'd think that someone would at lest have some facts about FF, (but
not from Mozilla). And yes, I am well aware that browsers can be set
more or less securely. For example, I just read an article about AOL
having an flash ad on their site that was installing spyware called
WINFIXER that would pop up on a screen every few minutes. Flash
Player is something I avoid at all costs. It means I can not view the
videos on sites like YouTube, but who cares. Flash Player is a big
danger these days. I'd suspect ANY browser that runs Flash Player
would get this thing, so it comes down to security settings. But
there are also built in things (like activex) that affect the levels
and that is what I want to know about.

>The facts being based on "insecure installations" is the dead giveaway. If you
>run on an MS system, especially pre-P2, it's an insecure installation because
>of the platform. And I doubt the MSMVP's know a darned thing about what a
>"secure" Linux installation looks like. They probably thought not having a
>software Firewall installed makes the installation insecure, because you need
>to have that with MS products, because the security model is so screwed up and
>most folks run MS products as ROOT.
>
>Start over if you're serious about opinions.

On Sat, 31 Mar 2007 03:23:52 GMT, Zaghadka <>
wrote:

>On Sat, 31 Mar 2007 02:05:29 GMT, in alt.fan.mozilla, Leonidas Jones wrote:
>
>> wrote:
>>> On Fri, 30 Mar 2007 16:56:49 -0500, John Thompson
>>> <> wrote:
>>>
>>>> On 2007-03-30, <> wrote:
>>>>
>>>>> I hate to break this to everyone, but according to
>>>>> http://msmvps.com/blogs/spywaresucks...22/701346.aspx
>>>>>
>>>>> IE7 is now the safest browser.
>>>> The common denominator on these seens to be Windows. Get rid of Windows
>>>> and your spyware issue vanishes.
>>>
>>> It's easy to talk, isn't it !!!!
>>> I'd love to get rid of Windows, but these days one cant do much with
>>> DOS, and OS2 is dead. Of course there's always the Macintosh if one
>>> can afford them.
>>
>>You never heard of Linux? Free distro's, if you've never tried it
>>Ubuntu is very user friendly:
>>
>>http://www.ubuntu.com/
>>
>I second that, get Ubuntu. I dual-boot into it right now and it runs like a
>dream, after you work out the kinks. It's very different from a Windows
>environment, but you can find all the support you need on the web. The folder
>structure is the most difficult thing to get used to, especially if you're used
>to the level of direct control and user-centricity of the Windows/DOS model.
>Things are not stored by app and vendor, but instead by function to the
>computer system, divided by user.
>
>And if you haven't drunk the "free software" Kool-aid, and want to get things
>like restricted software and proprietary drivers, you will also want to look
>into a script called "Automatix" that takes care of things like the Totem media
>player, so you can play your DVDs.
>
>Both ATi and Nvidia have good Linux video drivers, though I hear Nvidia's
>better at it. I have an ATi card. They're a bear to install, and the module
>needs to be rebuilt anytime you upgrade your kernel. But it's do-able, and
>there are good step-by-step guides for everything.
>
>Good luck.

Yes, i have heard of Linux and yes, I even tried it once. That was
about 10 years ago. I had run dos, win3.x, win95, and OS2. I was
able to use all of them. Then I tried Linux. My instant reaction was
"what a POS". I want to USE my computer. I want to use standard
software that I can buy or download and is compatible with the rest of
the world, and I DO NOT want to spend my whole life in front of my
computer trying to tinker with the OS. I'll leave Linux for some kid
who has no life outside of their computer. It reminds me of some kid
who builds their own car in their garage, but has to spend more than
half their life keeping it running. I buy commercial cars, and I will
stick to commercial software (at least the operating system, since I
do use some freeware and shareware). Windows has it's flaws, but it
works and dont need constant attention. Dos also works, and I still
use it too. OS2 was a challenge, but it worked quite well despite the
lack of software for it. If anything should have been further
developed, it should have been OS2, not Linux.

Half of what you said in your post I did not even understand. I
congratulate you for successfully using Linux, but it's not for me. I
have a life outside of my computer. Linux might be great for the geek
types whose entire lives are their computer, but it's not for me. If
windows ever becomes too much trouble, I'd turn my pc into a dos only
machine and get a Macintosh. However, I dont forsee that happening
since even if MS is a company I dont care to like, I know they do at
least attempt to keep up with things. At the same time, if they
abandon all OSs except Vista, I may change my mind. I have no
interest in Vista whatsoever. To be quite honest, I'm tired of having
to change and relearn software every few years. To me, a computer is
a tool. Yet it seems everytime I get real good at using a tool, I am
supposed to get a new tool and start all over. I cont like that at
all, and THAT is my biggest complaint about MS.

On Sun, 01 Apr 2007 07:09:53 GMT, Zaghadka <>
wrote:

>On Fri, 30 Mar 2007 19:54:36 -0500, in alt.fan.mozilla,
>wrote:
>
>>On Sat, 31 Mar 2007 20:44:31 GMT, Zaghadka <>
>>wrote:
>>
>>>On Sat, 31 Mar 2007 14:13:00 -0500, in alt.fan.mozilla,
>>>wrote:
>>>
>>>[snip]
>>>
>>>>I
>>>>have a life outside of my computer.
>>>
>>>As do I. ;^)
>>>
>>>Your reply has little to do with browser security, however. If you came here to
>>>bash Linux, you came to the wrong group. Go to a Linux group, pick a distro,
>>>and talk about it, and they will be able to tell you about what is wrong with
>>>their implementation of Linux, and Linux in general, because there is plenty.
>>>
>>>I will say that the underlying security model in Linux is better than that of
>>>Windows, and that's why Windows has all those Admin context exploits on it.
>>>When a software developer doesn't have the sense to keep the cursor rendering,
>>>or the JPEG rendering, or Windows Metafile *rendering* out of the ROOT/Admin
>>>context, anything can happen. ;^)
>>>
>>>Windows has had exploits, both in GUI Plus (JPEG exploit), WMFs (backdoor), and
>>>cursor rendering (arbitrary code launch) that will allow an attacker to take
>>>control of your system. In other words, in Windows, you can get rooted just by
>>>viewing a picture.
>>>
>>>And don't get me started about the OS contexts in Windows that even *allow*
>>>something like a "rootkit" to exist in the first place.
>>>
>>>So are you sure about your choice of OS and how "easy" it is to operate, or are
>>>you simply ignorant and lulled into a *false* sense of security?
>>>
>>>Good, I'm glad you think you've made the right choice. But don't click on any
>>>phishing links in your emails, if you can tell the difference, because your
>>>choice is going to get your box zombied if you're not careful, and it may have
>>>nothing to do with your choice of *browser*.
>>>
>>>Sony would've rootkitted your machine just for autorunning a CD.
>>>
>>>I run Windows XP as my primary OS as well, and it takes a *lot* of time and
>>>work to secure it properly. It is, to my mind, no "easier" than Linux, and
>>>certainly more dangerous.
>>
>>You are right. I did not come here to bash Linux. I did not bring it
>>up either. I dont think I was bashing it when I said I want nothing
>>to do with it. I'll leave it for the high school crowd, which seems to
>>be where it gets used the most.
>>
>>And for the record I dont click on ANY links in my email, in fact I
>>use a text only Win3.x email software and that is all I will ever use.
>>Outlook Express is pure garbage. In fact of all the Microsoft
>>software, I consider OE to be the worst of the worst. I completely
>>deleted it from my drive. I use email to communicate, not to look at
>>stupid and irritating smiley faces that dance around my screen. HTML
>>email is purely assenine.
>>
>>Now back to determining which browser is the most secure !!!!
>
>The bare minimum feature set that meets your needs is the most secure browser.
>Period.
>
>If you can get by browsing the web in console, Lynx is the most secure browser.
>
>http://lynx.isc.org/lynx2.8.5/index.html
>
>But if you need more, the only "secure" browser is a browser with a
>knowledgeable administrator. The best security administrators choose browsers
>like Firefox or Seamonkey for their needs, because they afford you more control
>of the browsing environment, and don't load up with everything running. You add
>what you need. Galleon is also very popular.
>
>The more paranoid operators also run *any* browser with JavaScript turned OFF,
>and no JRE runtime present. Some even blacklist problem domains to 127.0.0.1 in
>their HOSTS file (Spybot S&D http://www.safer-networking.org/ will do this
>automatically for you).
>
>So *you* take whatever steps you feel are necessary to ensure your security.
>
>If you're serious about IE security, then Microsoft is currently recommending
>that you set the "Internet Zone" to "high" security level (no ActiveX, JS, or
>JVM allowed) and white list domains you trust to the "low" level by adding them
>to the "Trusted Sites Zone." You can thus protect yourself from yet
>undiscovered exploits.
>
>http://www.microsoft.com/athome/secu...ng_safety.mspx
>
>If you do that, even IE is *reasonably* safe. But if you really want to be
>safe, you need to lose any browser which uses ActiveX. Microsoft has made a
>mess of things, they know it, and when they recommend such a pain-in-the-arse
>procedure at their own website, you know they expect future problems.
>
>Guess which browser doesn't allow ActiveX by default? Guess which one has it?
>
>Do you know what a BHO is? For one thing, it's a great malware vector.
>
>http://support.microsoft.com/kb/298931/en-us
>
>Do you really want to go to all this trouble? I don't. I got sick of it once I
>learned about all the dodgy crud IE passes off as "secure."
>
>Guess which browser will not allow arbitrary .dll's to run at start up?
>
>You get my drift? IE isn't as "easy" as you think. I chose Firefox because it
>gives me a stripped down functional browser that I can run as lean as I like,
>and limits my exposure much more easily with a high default level of
>functionality.
>
>If you choose Firefox, you will still have to add your *own* plugins and
>extensions, which is largely a one-time "set it and forget it" process, rather
>than an ongoing saga like IE is.
>
>With IE, you had better make sure you're patched, and you had better keep up
>with the unpatched security advisories and pay attention to the workarounds.
>
>That's why Firefox is a good choice, flexibility and choice, not because it's
>more "secure." Security largely depends on HOW you use and configure your
>browser, and WHERE you connect to, and little else.


I wish I could keep java script and activex turned off, and I often
do. But having them turned off means that many websites do not work.
For example, if java script is off, I can not access most or all of
the discussion groups (not newsgroups) that I subscribe to. And if I
go to a site that provides a shematic or parts blowup for something, I
cant get those pictures. Some people say to just avoid sites that
dont work without java script. There is some truth to that, but it's
not juat the malware and porn sites that require java script and
sometimes activex. Just to read most of the news sites like CNN, FOX,
CBS, etc all require all this junk loaded. Add to that, these days
you have to have flash player to access some sites. A local tv
station recently said they upgraded their website. Formerly it was a
pretty simple html main page which worked fine, but did require java
script to open many of the articles. I could live with that. Then
they did their so called upgrade. The entire homepage was a flash
screen and without it, all I got was a blank page telling me to
download flash player. I do not and will not allow flash on my
computer. I contacted the station, told them that I used their webite
often and was extremely displeased with their new site, and why.
I was surprised when they actually fixed it. They put back a basic
html homepage. It contains a lot of flash screens, but the basic menu
is a html page once again, and was better than before. I felt obliged
to thank them, and when I did, they replied back saying that I was not
the only person to complain. Flash content is fine if people want
that stuff, but when the entire site is flash, those of us who refuse
to use it, can not access their sites at all. When I contacted them,
I explained that I went to their site to get news and weather and
reminded them that "this is the purpose of your site, not to make a
site that might be flashy, but is inaccessible to many users".

The bottom line is this: Too many sites use all their junk, and that
forces us end users to have to take the risks, or else abandon their
sites. I have designed several basic html sites that looked real
nice. They contain nothing but basic html code, but use text effects
and nice photos and a few animated gifs. Most if not all of this
activex, java script, and flash content are not needed. When I go to
a website, I go there to access their information whether it be the
news, a weather report, some educational material, some photos, or
whatever else. All of this stuff can be created without the use of
all these scripts etc. Yet web designers keep making bloated and
complex sites which are dangerous and often take too long to load.
This makes no sense to me. Sometimes I think they are seeking an
award for creating the most complex web sites. Personally, I'll
reward those that create the most USEFUL sites that load quickly
without all the bloat. Eye appeal is a plus, but it can be achieved
with simple photos and creative use of text and color.

On Sat, 31 Mar 2007 13:37:44 -0500, in alt.fan.mozilla,
wrote:

>On Sat, 31 Mar 2007 03:17:09 GMT, Zaghadka <>
>wrote:
>
>>On Fri, 30 Mar 2007 20:32:19 -0500, in alt.fan.mozilla,
>>wrote:
>>
>>>On Fri, 30 Mar 2007 19:09:00 +0000 (UTC), john sumner
>>><> wrote:
>>>
>>>>SteveG <_@_._> wrote in
>>>>news:IOcPh.2813$. co.uk:
>>>>> John may (or may not) lack comprehension skills but I have to tell you
>>>>> that "validify" is NOT an English word. I'm guessing your American and
>>>>> exercising your "right" to make up words just because you don't know the
>>>>> correct one to use. Try "validate" instead
>>>>>
>>>>> <flame proof jacket now donned in anticipation of impending tirade> <BCG>
>>>>
>>>>I do have comprehension skills i just think this guy who started this is a
>>>>troll who is in love with microsoft
>>>
>>>I am the guy that started this thread, and I amd not a troll, because
>>>I DID NOT make the website that listed these facts and figures.
>>>Why dont you go to the site yourself. Look at the bar on the left.
>>>Each of these 3 browsers are listed with several versions. I am
>>>trying to get opinions. I find it hard to believe that FF 1.x was
>>>less secure than IE6. I will not say what I believe about IE7 since I
>>>have not used it. I would hope that MS fixed the security issues, but
>>>they dont always keep up with things.
>>>
>>>GO HERE:
>>>http://msmvps.com/blogs/spywaresucks...22/701346.aspx
>>
>>If you were seriously pooling opinions, your post would have been well served
>>by a simple question mark in the header.
>>
>>i.e.: "The safest Browser is IE7?"
>>
>>MSMVP stands for professionals who make the best money when everyone uses
>>nothing but Microsoft products. Any article on that site isn't even a biased
>>opinion. Their opinions are literally *twisted*.
>>
>No, I didn't know what MSMVP stood for.
>
>Aside from all of this, I have still not found anyone on here that
>actually has any factual information about browser security. Does
>such data exist?
[snip]

No. It doesn't. You're dealing with an unknown, used in an unknown capacity, by
unknown people. i.e.: Exploits. You think the crooks are reporting their bread
and butter to CERN and Secunia?

What is known is that there are a slew of them for IE 6, few yet for IE 7, but
only because it is brand new. The latest exploit involves animated cursors and
affects both IE 6 and 7. God knows how long that one has been around for in the
wild, unreported, and possibly in use, because it's *old*. Check out secunia
for news on the latest exploits. http://secunia.com/

But you're asking for proof of a negative, which is a logical fallacy. No one
can prove that their browser *can't* be attacked. They can only state which
browsers have been attacked, with what, and how often. They can also state why
they think their security model is good, and which ones are bad.

ActiveX, the model at the core of IE, is known a disaster for security, and
..NET contines this fine tradition, by automatically accepting applications not
signed with authenticode in default security settings for the "internet zone."

In addition, the security of the browser is only as good as the underlying
security of the operating system, and the administrator who maintains that
system. There are things about the default Windows XP install (running as ROOT
for instance) that are inherently bad, and avoided like the plague in other
OS's.

If you really want a "secure browser," there is no substitute for learning a
bit about security yourself, and not counting on any single piece of software
to "protect" you. It can't.

Try this: http://security.web.cern.ch/security/recommendations/

Only you, by administering your system in a sane way, can protect *you*, and
even that comes down to what you are comfortable with.

Most people I know who have knowledge of computer security won't touch IE with
a 10-foot-pole, and a quick browse of "secunia" will tell you why.

That said, IE is perfectly safe for the average user, when used *only* to go to
known trusted sites. It always was and unless those sites get hacked, always
will be. It's proprietary features can be pretty cool within that context.
Netscape 8 was an attempt to recognize this.

>
>>I'd disregard the article and start over with some reasonable biased sources, a
>>few from each side of the software divide (proprietary vs. free).
>>
>OK, lets see some non-biased sources.

There are none. :^(

I gave you a few places to start, but the real source of your own computer
security is YOU, not a browser choice.

--
Zag


"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550

"The Means Justify The Means" ~George W. Bush, c. 2000

On Sat, 31 Mar 2007 14:13:00 -0500, in alt.fan.mozilla,
wrote:

[snip]

>I
>have a life outside of my computer.

As do I. ;^)

Your reply has little to do with browser security, however. If you came here to
bash Linux, you came to the wrong group. Go to a Linux group, pick a distro,
and talk about it, and they will be able to tell you about what is wrong with
their implementation of Linux, and Linux in general, because there is plenty.

I will say that the underlying security model in Linux is better than that of
Windows, and that's why Windows has all those Admin context exploits on it.
When a software developer doesn't have the sense to keep the cursor rendering,
or the JPEG rendering, or Windows Metafile *rendering* out of the ROOT/Admin
context, anything can happen. ;^)

Windows has had exploits, both in GUI Plus (JPEG exploit), WMFs (backdoor), and
cursor rendering (arbitrary code launch) that will allow an attacker to take
control of your system. In other words, in Windows, you can get rooted just by
viewing a picture.

And don't get me started about the OS contexts in Windows that even *allow*
something like a "rootkit" to exist in the first place.

So are you sure about your choice of OS and how "easy" it is to operate, or are
you simply ignorant and lulled into a *false* sense of security?

Good, I'm glad you think you've made the right choice. But don't click on any
phishing links in your emails, if you can tell the difference, because your
choice is going to get your box zombied if you're not careful, and it may have
nothing to do with your choice of *browser*.

Sony would've rootkitted your machine just for autorunning a CD.

I run Windows XP as my primary OS as well, and it takes a *lot* of time and
work to secure it properly. It is, to my mind, no "easier" than Linux, and
certainly more dangerous.

--
Zag


"The Ends Justify The Means" ~Niccolo Machiavelli, c. 1550

"The Means Justify The Means" ~George W. Bush, c. 2000

On 2007-03-31, <> wrote:

>>The common denominator on these seens to be Windows. Get rid of Windows
>>and your spyware issue vanishes.

> It's easy to talk, isn't it !!!!
> I'd love to get rid of Windows, but these days one cant do much with
> DOS, and OS2 is dead. Of course there's always the Macintosh if one
> can afford them.

Linux, *BSD, and Solaris all are free and quite capable operating
systems.

--

John ()

On 2007-03-31, <> wrote:

> Yes, i have heard of Linux and yes, I even tried it once. That was
> about 10 years ago.

Linux has changed considerably in the last 10 years. There are even many
"live CDs" that allow you to boot and use linux without installing
anything on your HD.


> I had run dos, win3.x, win95, and OS2. I was
> able to use all of them. Then I tried Linux. My instant reaction was
> "what a POS". I want to USE my computer. I want to use standard
> software that I can buy or download and is compatible with the rest of
> the world, and I DO NOT want to spend my whole life in front of my
> computer trying to tinker with the OS.

What type of compatibility do you need? Firefox/Thunderbird give you
state of the art web browsing and email, OpenOffice.org gives you a
full-featured MS-Office compatible office software suite, gimp provides
versatile image editing capabilities, &etc.

> Windows has it's flaws, but it works and dont need constant
> attention.

Really? What about the continuous need to update malware protection,
"Patch Tuesday" and so on?

You really ought to try one of the live CDs other people here have
recommended, anyway.

--

John ()

On 2007-03-31, <> wrote:

> Aside from all of this, I have still not found anyone on here that
> actually has any factual information about browser security. Does
> such data exist?

Secunia is as impartial a site for this information as I've found:

http://secunia.com/

They cover much more than just browser vulnerabilities, though.

The SANS Internet Storm Center diary is also good:
http://isc.sans.org/diary.html

--

John ()