PDA

View Full Version : Exporer vs mozilla firefox



madman
09-12-2007, 09:14 PM
I just switched to int explorer. My system now is not really mnice from a operating point of view. It seems to suck so much bulk mail compared to explorer?? Have you gentlemen found the same??

BadDog
09-12-2007, 09:26 PM
I'm not sure what you're saying. The browser you choose makes no difference in the amount of bulk mail (SPAM) you receive.

Carld
09-12-2007, 09:41 PM
I was having a lot of problems with windows Internet Explorer and loaded firefox. that fixed IE and firefox works great. I have both of them and use them.

PTSideshow
09-12-2007, 10:40 PM
I have used mozilla since it came out and have been very happy with it.It is really great since it got a working spell checker:D
rarely if ever use IE anymore

BadDog
09-13-2007, 01:50 AM
IESpell works well in IE, and integrates into most forum software pages.

dp
09-13-2007, 03:54 AM
I avoid MSFT products at every opportunity. FireFox from Mozilla (nee Netscape) or Safari from Apple for browsing, and Thunderbird for email are excellent tools. I do email systems as part of my job so know the value of Thunderbird quite well. I couldn't even do my job if had to use Outlook and Exchange.

hdj80
09-13-2007, 07:25 AM
I find IE sludge software on the rare occasion I find some dumb ass web page that only operates under IE.
Firefox and Thunderbird for me.
BTW to whoever says your browser has no bearing on spam is wrong. It is the internal security provisions and handling of cookies that has a bearing on it.
Mickeysoft software is a major target for the hackers and hence why you get less spam and security issues with M$ products.

BadDog
09-13-2007, 02:32 PM
I find IE sludge software on the rare occasion I find some dumb ass web page that only operates under IE.
Firefox and Thunderbird for me.
BTW to whoever says your browser has no bearing on spam is wrong. It is the internal security provisions and handling of cookies that has a bearing on it.
Mickeysoft software is a major target for the hackers and hence why you get less spam and security issues with M$ products.

How do you figure cookies have a bearing on your email spam? Cookies can be "hacked" to find out that your cruising fishing sites and pop up an add for the latest crap gizmo, but explain to me how they add to spam? Even that, generally, requires that you already have a spyware "infection". The only way I can see that cookies could contribute to spam is if said spyware infection reads/hacks the cookies and sends that info to a spam monger. But that isn't just IE, the other browsers use cookies too, and are exploited the same way. It's a web site feature, not an IE exclusive feature. The fact that many spyware implementations are hard coded to look only for IE's cache isn't an IE problem, it's just economics. When they can get well over 90+% success rate just coding to exploit one browser, why bother with the others? Like the "no viruses on Macs" and similar empty arguments, it's really no harder to target their cookies, just not worth the effort for the bad guys. Hmmm, I can spend Nx100 hours to target Windows/IE and get 90+%, or I can spend the SAME effort and get less than 5%, let me think, which should I do??? :confused:

Or the IE "security provisions". What security provisions in IE have anything to do with SPAM? There is the zone based security, with nothing to do with SPAM. There is the popup blocker, which while not the best, works well enough for my needs, and has nothing to do with spam. There is the anti-spoofing stuff, again, nothing to do with spam.

So how exactly does IE contribute to spam?

And your last sentence makes no sense at all in the context of your position. Assuming you actually meant "without", how so?

I use the net very heavily in my daily job as well as (obviously) for my hobby interests. I use IE and Windows and I have a cable connection that is on 24/7. And I've not had so much as a single AntiVirus or AntiSpyware product running in almost 2 years. Not one single infection, not one single problem. So tell me again how it's MS? The problem is users who insist on being oblivious to security. THAT is why MS ships Windows with settings so that everything "just works out of the box" rather than requiring the user to actually deal with security.

Security and ease of use are ALWAYS directly opposed. With only a few simple configuration changes, my Windows OS is all but invulnerable to "infection". The only spam I get is due to sorry SOBs hacking web sites, or more often simply BUYING my address from sorry SOB companies who consider selling my info "free money". And even at that, I really get VERY little compared to what the polls indicate is the average. So, just like the Windows OS "vulnerability problem", I have to assume that the excessive spam contributing to that high average is largely due to user error. Things like posting it in clear text on some BBS, "registering" for every "free" service on the web, and so on.

So, tell me again how vulnerable MS software is and how IE contributes to spam?

deth502
09-13-2007, 05:03 PM
what a coinsidence, i just put firefox on the computer at work today to fix ongoing ie problems that keep getting worse.

love it so far. i still had the old ie on that work comp cuz the new one w/ tabs TOTALY SUCKS. i HATE tabs!!!!(yes, i know they can be turned off, they are now on my home comp im using now) but, somehow, firefox has made tabbed browsing completley tolerable, possibly even preferable,but the jury's out on that one yet.

as far as spam goes, i had to jump through hoops just to get my e-mail to OPEN on that comp before, now it works perfectly.

firefox even looks out for me. when another program crashed and i has to restart, firefox asked me if i wanted to resume from where i was.:) ie always had me going through istory for 5 min to try and find the page i was on.

fixerdave
09-13-2007, 10:33 PM
+1 for Firefox. I might actually look at IE again when they get an AdBlock equivalent... oh wait, a corporate monster like MS actually building a browser add-on that BLOCKS annoying advertising for the end-user. 'aint gonna happen. Oh well, Firefox it is.

And, if you think Firefox is good, you should try Ubuntu. You might as well go all the way and just ditch the whole MS thing entirely. Every day, there are less and less "have to use Windows" tasks out there. Most people really don't need Windows anymore. There are real, decent, free alternatives.

David...

bfburk
09-14-2007, 10:14 AM
I just switched from IE6 to Firefox and I love Firefox!

Firefox is so easy to load onto a PC because the setup is just an executable program. IE6 had to be downloaded to each PC individually and I had a lot of problems with IE6 that went away when I switched to Firefox!:)

hdj80
09-14-2007, 10:36 AM
How do you figure cookies have a bearing on your email spam? Cookies can be "hacked" to find out that your cruising fishing sites and pop up an add for the latest crap gizmo, but explain to me how they add to spam? Even that, generally, requires that you already have a spyware "infection". The only way I can see that cookies could contribute to spam is if said spyware infection reads/hacks the cookies and sends that info to a spam monger. But that isn't just IE, the other browsers use cookies too, and are exploited the same way. It's a web site feature, not an IE exclusive feature. The fact that many spyware implementations are hard coded to look only for IE's cache isn't an IE problem, it's just economics. When they can get well over 90+% success rate just coding to exploit one browser, why bother with the others? Like the "no viruses on Macs" and similar empty arguments, it's really no harder to target their cookies, just not worth the effort for the bad guys. Hmmm, I can spend Nx100 hours to target Windows/IE and get 90+%, or I can spend the SAME effort and get less than 5%, let me think, which should I do??? :confused:

Or the IE "security provisions". What security provisions in IE have anything to do with SPAM? There is the zone based security, with nothing to do with SPAM. There is the popup blocker, which while not the best, works well enough for my needs, and has nothing to do with spam. There is the anti-spoofing stuff, again, nothing to do with spam.

So how exactly does IE contribute to spam?

And your last sentence makes no sense at all in the context of your position. Assuming you actually meant "without", how so?

I use the net very heavily in my daily job as well as (obviously) for my hobby interests. I use IE and Windows and I have a cable connection that is on 24/7. And I've not had so much as a single AntiVirus or AntiSpyware product running in almost 2 years. Not one single infection, not one single problem. So tell me again how it's MS? The problem is users who insist on being oblivious to security. THAT is why MS ships Windows with settings so that everything "just works out of the box" rather than requiring the user to actually deal with security.

Security and ease of use are ALWAYS directly opposed. With only a few simple configuration changes, my Windows OS is all but invulnerable to "infection". The only spam I get is due to sorry SOBs hacking web sites, or more often simply BUYING my address from sorry SOB companies who consider selling my info "free money". And even at that, I really get VERY little compared to what the polls indicate is the average. So, just like the Windows OS "vulnerability problem", I have to assume that the excessive spam contributing to that high average is largely due to user error. Things like posting it in clear text on some BBS, "registering" for every "free" service on the web, and so on.

So, tell me again how vulnerable MS software is and how IE contributes to spam?

You better get on to M$ and give them some lessons, they have wasted billions in security updates to IE and the various iterations of Windows apparently.
Cookies can contain lots of machine specifics like your email address that is how it contributes to SPAM.
You are indeed a lucky person to have avoided any malicious attacks given your apparent lack of protection...no firewall either??? Seems like russian roultee to me:eek:

mochinist
09-14-2007, 12:40 PM
what a coinsidence, i just put firefox on the computer at work today to fix ongoing ie problems that keep getting worse.

love it so far. i still had the old ie on that work comp cuz the new one w/ tabs TOTALY SUCKS. i HATE tabs!!!!(yes, i know they can be turned off, they are now on my home comp im using now) but, somehow, firefox has made tabbed browsing completley tolerable, possibly even preferable,but the jury's out on that one yet.

as far as spam goes, i had to jump through hoops just to get my e-mail to OPEN on that comp before, now it works perfectly.

firefox even looks out for me. when another program crashed and i has to restart, firefox asked me if i wanted to resume from where i was.:) ie always had me going through istory for 5 min to try and find the page i was on.Download this add on, it lets you really customize the tabbed browsing to your liking https://addons.mozilla.org/en-US/firefox/addon/1122








And, if you think Firefox is good, you should try Ubuntu. You might as well go all the way and just ditch the whole MS thing entirely. Every day, there are less and less "have to use Windows" tasks out there. Most people really don't need Windows anymore. There are real, decent, free alternatives.

David...http://blog.wired.com/monkeybites/2007/09/linux-for-masse.html

BadDog
09-14-2007, 01:26 PM
You better get on to M$ and give them some lessons, they have wasted billions in security updates to IE and the various iterations of Windows apparently.
Cookies can contain lots of machine specifics like your email address that is how it contributes to SPAM.
You are indeed a lucky person to have avoided any malicious attacks given your apparent lack of protection...no firewall either??? Seems like russian roultee to me:eek:
Yes, the cookies often do contain sensitive info. But, in general, the only way to harvest them is to infect the computer. Once infected, your already screwed. And this applies to Firefox and IE *equally*. The *only* reason Firefox is safer in this respect (it uses the same cookies) is that IE is SO much more common that many exploits are hard coded to ONLY work with IE due to lazy/inept (actually, unmotivated; see previous post) hackers.

No need to give lessons. The majority (though not all) of security patches for IE have to do with running in the "default" configuration. That is, logged on as "admin", and having the whole internet running with "it just works" permissions. The short version (easy to explain) of what I've done is I *never* run IE with "admin" privileges, and I raised the default internet security level to a customized "high" with "Trusted Sites" set to customized "medium high". Then I add sites that I frequent, like this one, to "trusted". Net result is that even if I visit a "bad" site, it is unlikely to be able to do anything nasty since the VAST majority rely on scripting. Even if it is one of the exceedingly rare that exploit something like the (patched) image (codec) vulnerability, IE is not running as admin, so doesn't have the rights to change the system to any appreciable degree. There are still exploits that can succeed (priv elevation required first), but that is an infinitesimally small portion of the attacks out there, most of which are actually pretty pathetic and rely on ignorant (sometimes down right stupid) consumer mistakes.

And I do Security Consulting work, including with MS. Unfortunately, the "fixes" that would really work are never integrated because they impact usability and the typical consumer base would complain FAR more loudly about that than they do the security issues. Hence, the problem that is perceived to exist.

And BTW, I do run a router fire wall. But I stopped running AV crap nearly 2 years ago. Partly because most of it often seems WORSE than the infections (re Symantec, McAffee, etc.), making even fast systems slow and using terrorist tactics to force you to pay for updates and make continuing to use what you ALREADY PAID FOR impossible with the constant "your subscription has expired and your defs are out of date, so YOUR GONNA DIE IF YOU DON'T GIVE US MORE MONEY!!!" nag screens. On a bet (details elsewhere, search if you care) with a colleague (about whether Windows/IE was actually secure), I decided to apply what I *know*, and go AV free as a test. The test was a complete success and even when he goaded me into actually TRYING to get infected (visiting known bad sites, doing everything a user could do "wrong"), my system remained clean. So know, I'm not playing Russian Rullete...

mochinist
09-14-2007, 01:42 PM
Yes, the cookies often do contain sensitive info. But, in general, the only way to harvest them is to infect the computer. Once infected, your already screwed. And this applies to Firefox and IE *equally*. The *only* reason Firefox is safer in this respect (it uses the same cookies) is that IE is SO much more common that many exploits are hard coded to ONLY work with IE due to lazy/inept (actually, unmotivated; see previous post) hackers.

No need to give lessons. The majority (though not all) of security patches for IE have to do with running in the "default" configuration. That is, logged on as "admin", and having the whole internet running with "it just works" permissions. The short version (easy to explain) of what I've done is I *never* run IE with "admin" privileges, and I raised the default internet security level to a customized "high" with "Trusted Sites" set to customized "medium high". Then I add sites that I frequent, like this one, to "trusted". Net result is that even if I visit a "bad" site, it is unlikely to be able to do anything nasty since the VAST majority rely on scripting. Even if it is one of the exceedingly rare that exploit something like the (patched) image (codec) vulnerability, IE is not running as admin, so doesn't have the rights to change the system to any appreciable degree. There are still exploits that can succeed (priv elevation required first), but that is an infinitesimally small portion of the attacks out there, most of which are actually pretty pathetic and rely on ignorant (sometimes down right stupid) consumer mistakes.

And I do Security Consulting work, including with MS. Unfortunately, the "fixes" that would really work are never integrated because they impact usability and the typical consumer base would complain FAR more loudly about that than they do the security issues. Hence, the problem that is perceived to exist.

And BTW, I do run a router fire wall. But I stopped running AV crap nearly 2 years ago. Partly because most of it often seems WORSE than the infections (re Symantec, McAffee, etc.), making even fast systems slow and using terrorist tactics to force you to pay for updates and make continuing to use what you ALREADY PAID FOR impossible with the constant "your subscription has expired and your defs are out of date, so YOUR GONNA DIE IF YOU DON'T GIVE US MORE MONEY!!!" nag screens. On a bet (details elsewhere, search if you care) with a colleague (about whether Windows/IE was actually secure), I decided to apply what I *know*, and go AV free as a test. The test was a complete success and even when he goaded me into actually TRYING to get infected (visiting known bad sites, doing everything a user could do "wrong"), my system remained clean. So know, I'm not playing Russian Rullete...You're arguing with a "fanboy" and just wasting your time with all those words above.

BadDog
09-14-2007, 03:39 PM
That's ok, I've not set out to change the world. I only try to offer some balance when a lynch mob starts to form. :D I don't dislike FireFox or the other options, they are really quite good in various ways. But I also don't like to see folks put forth "facts" that result from drinking the slashdot (and others) coolaid. IE has it's faults, but they are completely blown out of proportion, and sometimes down right falsified. It should be considered (and is) a viable option. It gets very tiresome seeing SO many people who feel the need to talk down to anyone so "stupid" as to use IE (not quite that bad in this thread, but I see it get that bad quite often). It's like Ford vs Chevy and many other topics. There are pro/con to each, but you'll always have opinionated bigots who are absolutely sure their favorite flavor is the ONLY rational choice and they'll vigorously attack anyone who has come to a different conclusion by backing it up with whatever "facts" catch their eye, regardless of whether they understand or can support those facts. This is not specifically addressing anyone in this thread, I'll leave it up to readers to decide where they fit in...

It's human nature to gravitate toward "evil empire" and "conspiracy" theorys, nothing you or I can do about that. I'm not enough of an altruist to continually throw myself on that grenade, but once in a while these topics overcome my enlightened self interest ("why bother?" and "why should I waste my time") and I get drawn into these things in spite of myself... <sigh>

BadDog
09-14-2007, 03:47 PM
Oh, and the type of attacks that will get past my "user config only" AV approach, will aslo easily get by commercial packages. Commercial AV software is pretty much a joke in general, and really only a "good thing" for folks who prefer to use a computer without really knowing how things work. Nothing wrong with that. Sorta like the folks who prefer an automatic (for no good reason, like bad legs, i.e. me), need "idiot lights" for oil pressure, a voice synth to tell them it's time for gas, and take their cars to "Quicky Lube" and the like. I'm the guy that prefers a RT Stoich readout and EFI tunable on the fly (I use my laptop to tweak my custom chips on the fly ;) ). Everyone has their comfort and interest level, there is NO one size fits all...

Lew Hartswick
09-14-2007, 04:04 PM
Whats wrong with Netscape 7.2? If it "aint broke" dont fix it.
Or even play with it. :-)
...lew...

BadDog
09-14-2007, 04:35 PM
Nothing wrong with it, use whatever you prefer.

Just be aware that, like Macintosh OS (and some default Linux installs) it has some of the same problems (and some of it's very own) associated with Windows/IE and only avoids the bad press by virtue of Windows/IE dominance as a target for the hackers. Many of the same exploits/bugs associated with default setups of IE on Windows will also work with minor changes on other configs tauted by popular press/opinion as being superior simply by virtue of having less reported successful attacks. There is definitely something to be said for safety by (relative) obscurity in this case. At least it adds to the illusion of safety. :D

However, in security circles, "security by obscurity" is considered to be the very weakest of security; only marginally better than no security at all. Comparable to expecting that locking your front door will keep your house and family safe. It only protects what's not in some bad guy's sights, and keeps "honest" folks honest. ;)

Basically, the reason that Windows/IE is the target of most attacks is not what most folks seem to think (as promoted by slashdot and internet media). There are 2 main categories of reason.

First, it is by far the most bang for the buck. If you want the max return on your investment, you go after Windows/IE, period. For the same reason, information on Win/IE hacks is much more plentiful in hacker communities. So, it's simply the easiest AND the biggest return.

Second, the consumer base is largely uneducated and does not want to be bothered by actually understanding security. They want to install it and have everything "just work" and provide a rich experience. That means web scripting and loose security. They don't like even having to log in, much less differentiate between admin/user access. So they run as admin, and even the most casual of social engineering can succeed where it would fail if you simply do not run as admin. Strangely, these same "don't bother me" folks will gladly install FireFox/Netscape/etc. when someone tells them it will fix all their problems. And it more-or-less will, until it's worth some hacker's effort, or they run across one of the lesser number of exploits that work on that platform. But it DOES NOT MAKE IT SAFER, it just makes it less likely to cause problems for you in the near term. And maybe that's good enough. But don't berate MS for the problem. Is is Honda's fault that Accords are the most stolen cars? Or is it just a factor of easy to find, well known how to dissable OEM protections, and easy/fast return on effort?

Notice, "Win/IE security is weak" is not on the list? That's because it's not true, at least not in a global sense. They've actually done a really good job of closing holes, as shown on my own system. But the *consumer community" will not tolerate even the simplest of security improvements if it requires them to be even remotely aware of it. Look at the flack UAC in Vista has caused. And all they've done is enforce the admin/user split (basically automated what I did for my system). The ONLY problem with UAC (the nag boxes in Vista) is *3rd Party* (i.e. mostly non-MS) software that was poorly written and requires Admin when not really needed. THAT causes all the repetitive "Do you want this to run" access priv elevation nag screens. So instantly, you have mags and web sites telling everyone how to turn it off, and we're right back where we were with XP, except now everyone is harping on UAC **AND** how insecure Windows is...

Ok, I've flogged myself enough, done my "good deed" effort, and so on... Time to earn my pay and let this go... <Voice="William Shatner">Must... let... go... Can't... give... in... </Voice> ;)

Mike W
09-14-2007, 07:50 PM
I have had just one problem where Firefox would not work. Photobucket went to a new format recently. I wanted to upload a picture and could not find the old type upload process. I went to IE and there was a bar that didn't show in Firefox. I use IE just for uploading pictures and then turn it off again.