JPEG virus

Discussion in 'NZ Computing' started by will, Sep 30, 2004.

  1. will

    will Guest

    hi,

    how do you check if your browser is still vulnerable? is there a test
    JPEG to try?

    thanks

    will.
     
    will, Sep 30, 2004
    #1
    1. Advertising

  2. will

    Harry Guest

    will wrote:

    > hi,
    >
    > how do you check if your browser is still vulnerable? is there a test
    > JPEG to try?
    >


    Which browser on which OS?
     
    Harry, Sep 30, 2004
    #2
    1. Advertising

  3. will

    will Guest

    > Which browser on which OS?

    #### IE6 and Firefox 0.9.2 on W2K.

    thanks

    will.
     
    will, Sep 30, 2004
    #3
  4. will

    Gordon Guest

    On Thu, 30 Sep 2004 17:08:33 +1200, will wrote:

    >> Which browser on which OS?

    >
    > #### IE6 and Firefox 0.9.2 on W2K.
    >

    Not exactly on the topic

    In the Oct 04 edition of PC User Rose Vines launches one scathing attack
    on MSIE. Okay so poster here have done better in the past, but here is
    a mainstream publication almost ordering one to ditch MSIE.

    For it is

    Quote

    1. It's a security nightmare
    2. It's a target
    3. It's a dead-end
    4. It's broken
    5. It's a has-been.

    Unquote.

    BTW Firefox is now at 1.0PR1. http://www.mozilla.org Grap a copy. It free.
    Use and see if you can find a bug. Unlike MSIE Firefox is being developed.

    Also folks, remember Firefox has extensions, those small programmes/add
    ons which allow Firefox to do something extra.They are under the Tools =>
    Extensions menu.
     
    Gordon, Sep 30, 2004
    #4
  5. will

    Max Burke Guest

    > Gordon scribbled:


    > 1. It's a security nightmare
    > 2. It's a target
    > 3. It's a dead-end
    > 4. It's broken
    > 5. It's a has-been.
    >
    > Unquote.
    >
    > BTW Firefox is now at 1.0PR1. http://www.mozilla.org Grap a copy. It
    > free. Use and see if you can find a bug. Unlike MSIE Firefox is being
    > developed.



    FYI:
    Security Alert, September 28, 2004
    Multiple Vulnerabilities in Mozilla-based Web Browsers

    Multiple vulnerabilities have been discovered in Mozilla, Mozilla Firefox,
    and Mozilla Thunderbird, the most severe of which could compromise a system.
    The vulnerabilities (discovered by Georgi Guninski, Wladimir Palant, Gael
    Delalleau, Mats Palmgren, Jesse Ruderman, Daniel Koukola, Andrew Schultz,
    and Harald Milz) include a
    long list of problems--too many to list in this security alert! The Mozilla
    organization recommends that affected users immediately upgrade to the
    latest release of software. For complete details about each of the
    vulnerabilities, be sure to read the article on our Web site.
    http://www.windowsitpro.com/article/articleid/43991/43991.html


    --

    Replace the obvious with paradise.net to email me
    Found Images
    http://homepages.paradise.net.nz/~mlvburke
     
    Max Burke, Sep 30, 2004
    #5
  6. will

    Bret Guest

    On Thu, 30 Sep 2004 17:44:30 +1200, Max Burke wrote:

    >> Gordon scribbled:

    >
    >
    >> 1. It's a security nightmare
    >> 2. It's a target
    >> 3. It's a dead-end
    >> 4. It's broken
    >> 5. It's a has-been.
    >>
    >> Unquote.
    >>
    >> BTW Firefox is now at 1.0PR1. http://www.mozilla.org Grap a copy. It
    >> free. Use and see if you can find a bug. Unlike MSIE Firefox is being
    >> developed.

    >
    >
    > FYI:
    > Security Alert, September 28, 2004
    > Multiple Vulnerabilities in Mozilla-based Web Browsers
    >
    > Multiple vulnerabilities have been discovered in Mozilla, Mozilla Firefox,
    > and Mozilla Thunderbird, the most severe of which could compromise a system.
    > The vulnerabilities (discovered by Georgi Guninski, Wladimir Palant, Gael
    > Delalleau, Mats Palmgren, Jesse Ruderman, Daniel Koukola, Andrew Schultz,
    > and Harald Milz) include a
    > long list of problems--too many to list in this security alert! The Mozilla
    > organization recommends that affected users immediately upgrade to the
    > latest release of software. For complete details about each of the
    > vulnerabilities, be sure to read the article on our Web site.
    > http://www.windowsitpro.com/article/articleid/43991/43991.html


    Wow Max, impressive!
    Those open source guys are really on to it, it´s a pity MS rely on
    security by obscurity.
     
    Bret, Sep 30, 2004
    #6
  7. will

    Ryan Jacobs Guest

    "Max Burke" <> wrote in message
    news:r3N6d.5960$...
    >> Gordon scribbled:

    >
    >
    >> 1. It's a security nightmare
    >> 2. It's a target
    >> 3. It's a dead-end
    >> 4. It's broken
    >> 5. It's a has-been.
    >>
    >> Unquote.
    >>
    >> BTW Firefox is now at 1.0PR1. http://www.mozilla.org Grap a copy. It
    >> free. Use and see if you can find a bug. Unlike MSIE Firefox is being
    >> developed.

    >
    >
    > FYI:
    > Security Alert, September 28, 2004
    > Multiple Vulnerabilities in Mozilla-based Web Browsers
    >
    > Multiple vulnerabilities have been discovered in Mozilla, Mozilla Firefox,
    > and Mozilla Thunderbird, the most severe of which could compromise a
    > system. The vulnerabilities (discovered by Georgi Guninski, Wladimir
    > Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman, Daniel Koukola,
    > Andrew Schultz, and Harald Milz) include a
    > long list of problems--too many to list in this security alert! The
    > Mozilla organization recommends that affected users immediately upgrade to
    > the latest release of software. For complete details about each of the
    > vulnerabilities, be sure to read the article on our Web site.
    > http://www.windowsitpro.com/article/articleid/43991/43991.html
    >
    >


    Keep it quiet :)

    The anti MS/IE/OE crowd are delirious in their ignorance of the
    vulnerabilities of their preferred apps.

    At least we get to laugh at them.
     
    Ryan Jacobs, Sep 30, 2004
    #7
  8. will

    AD. Guest

    On Thu, 30 Sep 2004 18:01:28 +1200, Ryan Jacobs wrote:

    > Keep it quiet :)
    >
    > The anti MS/IE/OE crowd are delirious in their ignorance of the
    > vulnerabilities of their preferred apps.
    >
    > At least we get to laugh at them.


    Why would an IE/OE user laugh at others?

    It's like someone who is standing up to their neck in a pool of shit
    laughing at a passerby for stepping in a dog turd.

    Seems a little stupid to me.

    Cheers
    Anton
     
    AD., Sep 30, 2004
    #8
  9. will

    steve Guest

    steve, Sep 30, 2004
    #9
  10. will

    steve Guest

    Max Burke wrote:

    > FYI:
    > Security Alert, September 28, 2004
    > Multiple Vulnerabilities in Mozilla-based Web Browsers
    >
    > Multiple vulnerabilities have been discovered in Mozilla, Mozilla Firefox,
    > and Mozilla Thunderbird, the most severe of which could compromise a
    > system. The vulnerabilities (discovered by Georgi Guninski, Wladimir
    > Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman, Daniel Koukola,
    > Andrew Schultz, and Harald Milz) include a
    > long list of problems--too many to list in this security alert! The
    > Mozilla organization recommends that affected users immediately upgrade to
    > the latest release of software. For complete details about each of the
    > vulnerabilities, be sure to read the article on our Web site.
    > http://www.windowsitpro.com/article/articleid/43991/43991.html


    No version information.....looks like the typical FUD post from Max Burke.

    One thing to remember: the viruses are written for MS IE....."It's a
    target".

    --
    Distributed Computing Projects:
    SETI at Home
    http://boinc.mundayweb.com/seti2/stats.php?userID=1248
    ClimatePrediction.net
    http://boinc.mundayweb.com/cpdn/stats.php?userID=334
     
    steve, Sep 30, 2004
    #10
  11. will

    Ryan Jacobs Guest

    "AD." <> wrote in message
    news:p...
    > On Thu, 30 Sep 2004 18:01:28 +1200, Ryan Jacobs wrote:
    >
    >> Keep it quiet :)
    >>
    >> The anti MS/IE/OE crowd are delirious in their ignorance of the
    >> vulnerabilities of their preferred apps.
    >>
    >> At least we get to laugh at them.

    >
    > Why would an IE/OE user laugh at others?


    Well, some of us who use MS/IE/OE have never been affected by all the
    vunerabilities that currently exist.

    Why?

    Well, I'm glad you asked :)

    The BS promoted by the igorant is........ well....... just
    that.......ignorant BS!

    MS/IE/OE is not perfect. Hell, I'll be the first to admit that. But, the
    truely ignorant seem to believe that the alternatives ARE perfect. This is
    what gets under my skin! "Some" people claim that MS uses the "security by
    obscurity" model. The irony is that the opponents of MS use the "security by
    ignorance" model.


    >
    > It's like someone who is standing up to their neck in a pool of shit
    > laughing at a passerby for stepping in a dog turd.
    >


    As I said to the most vocal ignorant idiot recently (Devine) - "secured" and
    "securable" are two different things. Does MS produce "secured" products -
    of course not (although, they are improving). Do the MS alternatives produce
    "secured" products - again, NO! The big difference is that one (MS) is
    addressing the issues - while the other has its/their head firmly stuck in
    the sand.
     
    Ryan Jacobs, Sep 30, 2004
    #11
  12. Gordon wrote:
    > BTW Firefox is now at 1.0PR1. http://www.mozilla.org Grap a copy. It
    > free. Use and see if you can find a bug. Unlike MSIE Firefox is being
    > developed.


    It's generally not a bad browser. Little buggy though. At least my IE
    doesn't crash.

    Cheers,
    Nicholas Sherlock
     
    Nicholas Sherlock, Sep 30, 2004
    #12
  13. will

    Italian Jobs Guest

    On Thu, 30 Sep 2004 19:03:35 +1200, "Nicholas Sherlock"
    <> wrote:

    >Gordon wrote:
    >> BTW Firefox is now at 1.0PR1. http://www.mozilla.org Grap a copy. It
    >> free. Use and see if you can find a bug. Unlike MSIE Firefox is being
    >> developed.

    >
    >It's generally not a bad browser. Little buggy though. At least my IE
    >doesn't crash.
    >
    >Cheers,
    >Nicholas Sherlock
    >


    Firefox is still under development, responsive to the users and
    configurable. Is IE?

    I had no end of trouble attempting to install extensions in 0.9.
    Uninstalled, and dloaded Pr1.0. No problems so far, installed tabbed
    browser and googlebar extensions. It's fast and easy to use. main
    thing is that it's user friendly and feels like the user is more in
    control.
     
    Italian Jobs, Sep 30, 2004
    #13
  14. will

    AD. Guest

    On Thu, 30 Sep 2004 18:56:05 +1200, Ryan Jacobs wrote:

    > MS/IE/OE is not perfect. Hell, I'll be the first to admit that.


    That must be the mother of all understatements. Especially if you look at
    standards support etc.

    > But, the
    > truely ignorant seem to believe that the alternatives ARE perfect.


    I've never heard anyone claim that - yes even the extra idiotic ones. You
    seem to be putting words in other peoples mouths.

    All I've heard has been along the lines or better vs worse. And I can't
    can't see anyone but the most defensive reactionary claiming that IE
    belongs at the 'better' end of that scale.

    Looking back over all the patching of Windows machines I've done in the
    last few years, it seems as though IE has accounted for a huge portion of
    all the vulnerabilities.

    You can't look at that record and not wonder if there is something
    fundamentally wrong with that codebase.

    > "Some" people claim that MS uses the "security by obscurity" model. The
    > irony is that the opponents of MS use the "security by ignorance" model.


    <snipped>

    > The big difference is that one (MS) is addressing the issues - while the
    > other has its/their head firmly stuck in the sand.


    You seem to be confusing developers with some users. I haven't seen
    much to indicate the Mozilla developers have 'their head firmly stuck
    in the sand'.

    Cheers
    Anton
     
    AD., Sep 30, 2004
    #14
  15. will

    Ryan Jacobs Guest

    <Italian Jobs> wrote in message
    news:...
    >
    > Firefox is still under development


    So, its still in BETA?

    , responsive to the users and
    > configurable. Is IE?


    Yes!
     
    Ryan Jacobs, Sep 30, 2004
    #15
  16. will

    AD. Guest

    On Thu, 30 Sep 2004 19:35:38 +1200, Ryan Jacobs wrote:

    >
    > <Italian Jobs> wrote in message
    > news:...
    >>
    >> Firefox is still under development

    >
    > So, its still in BETA?


    Well the latest version is a pre-release of 1.0, so yes.

    I suppose it's an indictment of IE to be compared unfavourably to beta
    software.

    >
    > , responsive to the users and
    >> configurable. Is IE?

    >
    > Yes!


    How is IE responsive to the users?

    The first new IE features in years have been released and are only
    available to XP users. MS has announced no more IE upgrades without
    Windows upgrades (despite it looking like they might reconsider that for a
    while).

    So between IE 6 back in 2001 and Longhorn in 2006 maybe, IE users get a
    spiffy new pop up blocker but with no fixing of bugs in the rendering
    engine etc.

    Web designers have been crying out for things like PNG transparency and
    fixes to CSS bugs for years now - let alone adding some better CSS
    support. Chances are they won't get them.

    How is that responsive again?

    Cheers
    Anton
     
    AD., Sep 30, 2004
    #16
  17. will

    Ryan Jacobs Guest

    "AD." <> wrote in message
    news:p...
    > On Thu, 30 Sep 2004 18:56:05 +1200, Ryan Jacobs wrote:
    >
    >> MS/IE/OE is not perfect. Hell, I'll be the first to admit that.

    >
    > That must be the mother of all understatements. Especially if you look at
    > standards support etc.
    >


    Well, ya know, sometimes the smart people look at their weaknesses in order
    to repair thier weaknesses. After-all, admitting a problem exists....... is
    half the problem solved.

    >> But, the
    >> truely ignorant seem to believe that the alternatives ARE perfect.

    >
    > I've never heard anyone claim that - yes even the extra idiotic ones. You
    > seem to be putting words in other peoples mouths.
    >


    Ok, speaking of "extra idiotic" - have you not been reading Devine's
    ignorant fanatical rantings?

    > All I've heard has been along the lines or better vs worse.


    OK, (if I interpret your comments correctly) I agree totally. The reality is
    that there is NO perfect solution.


    >And I can't
    > can't see anyone but the most defensive reactionary claiming that IE
    > belongs at the 'better' end of that scale.


    Again, (if I interpret your comments correctly) , I concur. I've already
    stated that IE IS NOT "better". But, I also stress that it is not
    necessarily worse either (given proper attention).

    >
    > Looking back over all the patching of Windows machines I've done in the
    > last few years, it seems as though IE has accounted for a huge portion of
    > all the vulnerabilities.


    Granted. No arguement from me on that one. My only caveat to that is that
    maybe the "evil SOBs" (I'm sure that no sane person would defend these
    pricks?!) pick on an "easy" target? Lets turns the tables for a
    moment.....lets say that IE was a minor player... and, lets say Netscape (or
    <insert any other IE competitor here>) had market dominance - which browser
    do you think would be the target?

    >
    > You can't look at that record and not wonder if there is something
    > fundamentally wrong with that codebase.
    >
    >> "Some" people claim that MS uses the "security by obscurity" model. The
    >> irony is that the opponents of MS use the "security by ignorance" model.

    >
    > <snipped>
    >
    >> The big difference is that one (MS) is addressing the issues - while the
    >> other has its/their head firmly stuck in the sand.

    >
    > You seem to be confusing developers with some users. I haven't seen
    > much to indicate the Mozilla developers have 'their head firmly stuck
    > in the sand'.
    >



    Again, I must concede your point. I'm not slagging the developers. In fact,
    I'm not slagging the users either. What I am slagging - is the fanatics who
    (through ignorance and very little real world experience) who spew forth
    total BS based upon their <insert whatever drugs they're on today> ideology.
     
    Ryan Jacobs, Sep 30, 2004
    #17
  18. will

    AD. Guest

    On Thu, 30 Sep 2004 19:55:20 +1200, Ryan Jacobs wrote:

    > Again, I must concede your point. I'm not slagging the developers. In
    > fact, I'm not slagging the users either. What I am slagging - is the
    > fanatics who (through ignorance and very little real world experience) who
    > spew forth total BS based upon their <insert whatever drugs they're on
    > today> ideology.


    OK we all agree then :)

    I am an open source fan, but I still get pissed at the loud ignorant
    zealots who end up damaging the reputation of projects I want to see
    succeed and polarising the opinions of others. They seem to have bred a
    brand of pro-MS trolls with nearly the same ignorance.

    Calling them on it doesn't seem to work, they have much more stamina for
    tedious disagreements.

    Cheers
    Anton
     
    AD., Sep 30, 2004
    #18
  19. will

    thing Guest

    steve wrote:
    > Max Burke wrote:
    >
    >
    >>FYI:
    >>Security Alert, September 28, 2004
    >>Multiple Vulnerabilities in Mozilla-based Web Browsers
    >>
    >>Multiple vulnerabilities have been discovered in Mozilla, Mozilla Firefox,
    >>and Mozilla Thunderbird, the most severe of which could compromise a
    >>system. The vulnerabilities (discovered by Georgi Guninski, Wladimir
    >>Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman, Daniel Koukola,
    >>Andrew Schultz, and Harald Milz) include a
    >>long list of problems--too many to list in this security alert! The
    >>Mozilla organization recommends that affected users immediately upgrade to
    >>the latest release of software. For complete details about each of the
    >>vulnerabilities, be sure to read the article on our Web site.
    >>http://www.windowsitpro.com/article/articleid/43991/43991.html

    >
    >
    > No version information.....looks like the typical FUD post from Max Burke.


    FUD at its finest, multiple vunerabilities spread over 2 years.

    You can always go read....interesting that MB picks this up from what
    looks like a pro-MS publication, guess for once they have something to
    crow about.....except of course its a list going back 2 years, I wonder
    if we took ie 5, 5.5 and 6 just how many vunerabilites would be listed?
    a few more than 70 me thinks.

    >
    > One thing to remember: the viruses are written for MS IE....."It's a
    > target".
    >


    Part of MS's excuse / reasoning is everybody targets MS, if Linux had
    share Linux would also be a target. Lots of security guys believe this
    is just not true, that even with a 50/50 split IE amd MS would hold the
    majority of bad exploits, so we really want to get away from your statement.

    regards

    Thing
     
    thing, Sep 30, 2004
    #19
  20. will

    Ryan Jacobs Guest

    "AD." <> wrote in message
    news:p...
    > On Thu, 30 Sep 2004 19:35:38 +1200, Ryan Jacobs wrote:
    >
    >>
    >> <Italian Jobs> wrote in message
    >> news:...
    >>>
    >>> Firefox is still under development

    >>
    >> So, its still in BETA?

    >
    > Well the latest version is a pre-release of 1.0, so yes.
    >
    > I suppose it's an indictment of IE to be compared unfavourably to beta
    > software.
    >


    Well, in the interest of maintaining a civil conversation.......I wont
    address that :)

    >>
    >> , responsive to the users and
    >>> configurable. Is IE?

    >>
    >> Yes!

    >
    > How is IE responsive to the users?


    Well, this is probably one of MS's biggest failures. IE is very
    configurable, but for some reason MS decides the default install settings
    are adequate. REality is that the default install requires significant
    modification to produce a secure system. And yes- I'm not a fanatic - I am
    aware of MS's failings :)

    >
    > The first new IE features in years have been released and are only
    > available to XP users.


    Well, (/me puts my capilist hat on) that is a commercial reality - they are
    solely intersted in revenue. Again - you may have noticed that while I
    defend MS - I still detest certain aspects of their behaviour.


    >MS has announced no more IE upgrades without
    > Windows upgrades (despite it looking like they might reconsider that for a
    > while).
    >
    > So between IE 6 back in 2001 and Longhorn in 2006 maybe, IE users get a
    > spiffy new pop up blocker but with no fixing of bugs in the rendering
    > engine etc.
    >


    Well, thats open to dispute. They have made progress. Not perfect, but
    progress has been made. Again are the MS competitors perfect?

    > Web designers have been crying out for things like PNG transparency and
    > fixes to CSS bugs for years now - let alone adding some better CSS
    > support. Chances are they won't get them.
    >
    > How is that responsive again?



    Well, again, in the interests of maintaining a civil conversation - I wont
    address that now :)
     
    Ryan Jacobs, Sep 30, 2004
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. kl
    Replies:
    6
    Views:
    965
    Martin Brown
    Nov 12, 2003
  2. certsnsearches

    Exiff-jpeg and jpeg

    certsnsearches, Jan 7, 2004, in forum: Digital Photography
    Replies:
    2
    Views:
    3,331
    Jim Townsend
    Jan 7, 2004
  3. Amit
    Replies:
    3
    Views:
    1,311
    Ed Ruf (REPLY to E-MAIL IN SIG!)
    Mar 17, 2006
  4. Conrad

    jpeg and jpeg 2000

    Conrad, Jan 25, 2007, in forum: Digital Photography
    Replies:
    72
    Views:
    1,752
    Barry Pearson
    Feb 3, 2007
  5. Paul D. Sullivan

    Better JPEG program - minimized JPEG degredation

    Paul D. Sullivan, Jan 26, 2007, in forum: Digital Photography
    Replies:
    14
    Views:
    836
Loading...

Share This Page