Best free newsreader for windows?

Discussion in 'Computer Security' started by jaygreg, Aug 19, 2006.

  1. jaygreg

    jaygreg Guest

    I understand Outlook Express is very vulnerable to attack. I use it only to
    read newsgroup. Would appreciate hearing opinions on its alternative.
     
    jaygreg, Aug 19, 2006
    #1
    1. Advertisements

  2. jaygreg

    Truncat Guest

    I use Opera9.01 to read newsgroups and works fine for me, but if you want
    advanced features look for it somewhere else.
     
    Truncat, Aug 19, 2006
    #2
    1. Advertisements

  3. I have been using Thunderbird for the past year and like it a lot. I
    use one of the icons labeled "Junk" quite a bit to eliminate junk mail.
    Works well.
     
    Henry Sniadoch, Aug 19, 2006
    #3
  4. jaygreg

    jaygreg Guest

    I use FireFox for my browser, have tried using Thunderbird for forums and
    even mail but miss the integration of my calendar, detailed contacts module,
    and email in Outlook 2003 so I just fell back. The only reason I use Outlook
    Express is to read newsgroups like this one... looking for help. I found
    Thunderbird to have too much overhead considering the scope of the task. But
    then... OE fits into that same category, apparently with added risk of
    attack I believe.
     
    jaygreg, Aug 20, 2006
    #4
  5. jaygreg

    greg Guest

    Not sure if any mail or newsreader program would be invulnerable to attack. OE
    is probably on the top of the list because of the number of Windows systems in
    use on the net, and has a bigger chance. I've tried a couple of not so popular
    (e.g. not Agent or OE) and have liked Xnews and Dialog.


    Greg
     
    greg, Aug 21, 2006
    #5
  6. Apache vs. IIS?
    Dailog is by far the best one out there.
    BTW, ever tried Mozilla Mail/Thunderbird? A bit buggy, but works quite
    well, and the data format is the well-documented MBox - for all those
    who ever lost their Dialog message database by some strange errors.
     
    Sebastian Gottschalk, Aug 21, 2006
    #6
  7. jaygreg

    Vanguard Guest

    Have they yet improved the rules for Thunderbird so it doesn't suck
    worse than OE? When I last trialed Thunderbird, its rules were less
    potent than OE's so it didn't last long on my hard drive.
     
    Vanguard, Aug 21, 2006
    #7
  8. I have used a little program called X-news for some time and find it
    very easy to use.

    http://xnews.newsguy.com/

    Adrian
     
    Adrian Earnshaw, Aug 21, 2006
    #8
  9. jaygreg

    greg Guest

    Apache vs. IIS?
    Dailog is by far the best one out there.
    BTW, ever tried Mozilla Mail/Thunderbird? A bit buggy, but works quite
    well, and the data format is the well-documented MBox - for all those
    who ever lost their Dialog message database by some strange errors.[/QUOTE]


    Dialog's been nice and have been trying out MesNews as well. I try to avoid
    getting too comfortable with any of teh free programs. : )

    I'm also trying to avoid the newsreader/mailreader combo programs since I like
    to keep those services separate. At times it can be handy, like on the road with
    a laptop, but usually prefer to keep them in different programs. I do like the
    progress with Thunderbird compared to teh development of OE (e.g. yEnc support).


    greg
     
    greg, Aug 21, 2006
    #9
  10. jaygreg

    greg Guest

    I have used a little program called X-news for some time and find it
    very easy to use.

    http://xnews.newsguy.com/

    Adrian[/QUOTE]


    Nice program program and a nice change from Agent style newsreaders. It does
    sort of remind me of NewsXpress back in the day. Good program with handy short
    cuts : )

    greg
     
    greg, Aug 21, 2006
    #10
  11. jaygreg

    Anonyma Guest

    40tude Dialog's Pascal scripting implementation is a gaping security
    hole. In many circles it's considered a joke, even though the news
    reader itself is top of the line in my opinion. The only reason it
    hasn't made headlines is it's not a popular target.

    Sebaceous Gobbleslop is out in left field as usual. The issue here
    was security of news readers and his advice is to use one that has a
    potentially bigger hole in it than Outbreak Excess.

    He's an idiot.
     
    Anonyma, Aug 21, 2006
    #11
  12. jaygreg

    greg Guest

    40tude Dialog's Pascal scripting implementation is a gaping security
    hole. In many circles it's considered a joke, even though the news
    reader itself is top of the line in my opinion. The only reason it
    hasn't made headlines is it's not a popular target.

    Sebaceous Gobbleslop is out in left field as usual. The issue here
    was security of news readers and his advice is to use one that has a
    potentially bigger hole in it than Outbreak Excess.

    He's an idiot.
    [/QUOTE]

    Outside of reading through text messages and using the default Dialog
    configuration, are there any obvious gaping security holes that can be
    addressed? I'd be cautious with opening any files retrieve from Usenet, but was
    curious if there was a way Dialog could be exploited. Not looking for
    directions, but concerned if I need to uninstall. : )

    greg
     
    greg, Aug 22, 2006
    #12
  13. [/QUOTE]

    Eh, why? You don't have to use it, you can't trigger it, it has nothing
    to do with messages at all.
    ^^^^^^^^^^^^^^^^^^^^

    Too stupid to write a name, and posting under the name "Anonyma"...

    "as usual" as in "as never"? Well, your trolling is no argument here.

    OE is trivially broken. 40tude Dialog doesn't even have any problem,
    beside your funny imaginations.

    That's why you're filtered.


    No, as there are none
    I'm too. Not that there would be anything for real...
     
    Sebastian Gottschalk, Aug 22, 2006
    #13
  14. jaygreg

    TwistyCreek Guest

    Huh? Dialog's scripting exists for the sole purpose of "doing something
    with messages". You're making no sense at all.

    And there's already been two big flaws found in Dialog's scripting
    engine that could be used to execute unwanted code. Plus several more
    that just crash Dialog and might be used for the same purpose.

    Actually, Dialog scripting is a drop in implementation of a Pascal
    interpreter that's got quite a long history of bugs, just like every
    other embedded scripting implementation.

    [...]
    You do realize that you've used this "filtered" line on about a dozen
    people now, and ended up proving yourself to be a liar on almost every
    occasion by replying anyway.

    Would you care to take a stab at describing how infantile you look when
    you not only publicly announce a *plonk*, but end up not doing it?

    News flash for ya' kiddo..... the threat of you ignoring people isn't
    exactly making anyone lose any sleep. You're not nearly important
    enough for anyone to need to be noticed by you, in fact most people
    wish you WOULD kill file everyone who pointed out your stupidity.
    There would be nothing left for you to read, and consequently nobody
    would have to suffer through the ASCII masturbation you mistakenly
    believe constitutes wit and wisdom.
     
    TwistyCreek, Aug 22, 2006
    #14
  15. Yeah, the script is supposed to process the message. You cannot make a
    message starting are script that isn't supposed to process the message,
    and especially a message containing a script won't get it executed.
    Right, you shouldn't use it. Who uses it anyway? I really had to search
    to actually find what was meant, and I never found any need or good use
    for it. And the standard filtering mechanisms, as commonly utilized,
    aren't related to the script engine.

    OK, what's next? Saying that Firefox is insecure because the Firefox
    extension GreaseMonkey had a vulnerability?

    One might give it as a security hint, but calling a gaping security
    holes, implying that it would be unusable thereof (reads: worse the
    MSOE), is utter nonsense.

    Eh... no? As you could clearly see, I responded only to the answer on
    the filtered message. And it's the first, and supposedly last answer to
    this troll.
    News flash for ya' oldie..... a plain side comment isn't any threat, and
    isn't addressed at the general public either.

    If you write it "I don't have any argument, thus I'm just flaming."
    would be much shorter, wouldn't it?

    Whether important or not, do you think that 'greg' would get any good
    advice from some troll telling him that a well-thought and
    best-knowledge answer would be utter trolling as well? Admitted, I guess
    he's intelligent enough to notice it for himself.
     
    Sebastian Gottschalk, Aug 23, 2006
    #15
  16. jaygreg

    Inquirer Guest

    Is there _any_ safe way to open files posted to Usenet?

    Seems to me like binary newsgroups are inherently unsafe.
     
    Inquirer, Aug 27, 2006
    #16
  17. Double-click on the attachment, Save As... ?
    Well, data files shouldn't be any problem. If you think that bad
    interpretation by the data viewer could be a problem, you should normalize
    it.

    Then there's also data containing script code, or scripts themselves. Those
    can normally be viewed and understood without executing them.

    And there's also purely binary code. Most likely not that you'll be able to
    reverse-engineer it.

    The only real problem are surprises in data format. One well-known example
    are MS Office files containing macros, whereas the real code executed is
    some bytecode derived from the macros. A clever attacker writes an evil
    macro, compiles it, then changes the macro to something harmless. The
    solution is to not allow macros, review them *and recompile them before
    execution*.
     
    Sebastian Gottschalk, Aug 27, 2006
    #17
  18. jaygreg

    Al Smith Guest

    I'd be cautious with opening any files retrieve from Usenet,
    A lot of binary downloading is common sense. I won't download
    executable files, for example, as tempting as they can be. Media
    files are pretty safe, especially if they are being downloaded
    from a popular group, and nobody has flagged them as infected.
    Keep your eyes open for posts identifying infected files. Always
    scan what you download before you open it.
     
    Al Smith, Aug 29, 2006
    #18
  19. jaygreg

    george45 Guest

    Definitely. Always want to check anything you download from the Internet. Even
    if it's posted from someone you know, their files may be infected with something
    without them knowing.


    George
     
    george45, Aug 30, 2006
    #19
  20. jaygreg

    Todd H. Guest

    And also keep in mind just because your virus checker says it doesn't
    match any of its know malware signatures does not mean the file is
    clean by any stretch!
     
    Todd H., Aug 30, 2006
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.