39 total posts
(Page 1 of 2)
different browser test.....
On the first test my browser failed so I am supposed to do this:
Update to version 1.0.5.
I am using Firefox/22.214.171.124.
Maybe it's time to send those guys back to the drawing board?
My IE6 SP2 failed too, so I guess IE7 will remedy that.
The browsers did pretty well with Jason's toolbox, though. I don't mind living on the edge with a few safe cookie crumbs.
It looks as if I'd better keep my supplemental protection.
NO problems at all with FF 126.96.36.199
in both tests on WinMe plus XP.
(NT) NO problems at all with SeaMonkey 1.0.5
I'm using only XP for this.
I get the box with the Google.secunia URL at the top. If THAT particular URL is what I'm supposed to be seeing, in that case, both browsers passed.B-)
(NT) I do NOT get a box at all.
Ambiguous as usual, unfortunately. Are you referring to NT 4.0? If so, how many here do you suppose are still using that old Microsoft OS version?
For your information, the sequence is NT4.0, NT5.0 (W2k) and NT5.1 (XP). Vista will be NT6.0.
Never heard of NT as NO TEXT ???
In all the years I have been accessing computer-related sites, no I have not. Why on earth would you use an abbreviation for so short a phrase?
To most of us, NT means only one thing, a Microsoft OS. If you are not aware of that, where have you been all these years? Or maybe you are a Mac or Linux user?
...if dialog box appears without...
I find the ''if...without...'' statement to be ambiguous; I got the same result as bugbatter: dialog box does appear, and does have Google.secunia URL. Marianna's reply ''I do NOT get a box at all'' doesn't address 'batter's (or my) question...what if you get a dialog box WITH origin information? BTW, I am also on Firefox 1.5.07.
If Dialog Box . . .
Don?t worry about it. Taking the test is a waste of time in that all the browser makers eliminated that problem at least a year ago. Secunia?s warning itself is dated back in the summer of 2005.
The originator of this thread has done a good job of scaring everyone needlessly. If you are up to date with Microsoft?s patches, which update IE, and have the latest Firefox version, you can safely ignore anyone posted security warnings here. At that, CNET itself is always late in informing its readers when Firefox has issued an updated version. If you depend on CNET for that kind of information, you will always be among the last to know.
I have seen some real junk in these forums, but this one takes the cake.
Strange, I Just Installed Sea Monkey 1.05 & Got Pop-Up Box!
I have Java enabled for Navigator. I have SM/Moz Pop-up Blocker enabled. Same result I got w/ Mozilla 1.7.13. I suppose I could turn off Java except for pages where I know I have to enter script to post & turn on once I get there. I'm going to try "other" test on new Sea Monkey tonight.
(NT) Same Here With FF 1.5.07.. Source URL Was Displayed
Same here with FF 188.8.131.52 on XP Home SP2. Java build 1.5.0_08-b03 Hmmm...
I Really Liked This One, Marianna! Thanks, Unfortunately....
in my opinion
Update to version 1.0.5.
Provided and/or discovered by:
Jakob Balle, Secunia Research
2005-07-13: Updated "Solution" section and added original advisory.
2005-07-20: Added CVE reference.
2005-07-22: Updated "Solution" section.
that site is wayyyyyyyyy out of date, and as some else mentioned if you have FF184.108.40.206 then you "should" be OK?
First of all, it is a demonstration !
You are not vulnerable, if you do not experience the above behaviour.
Maybe something is NOT correct with your settings???
Better hint: enable a good pop-up blocker
Disabling Java doesn't necessarily stop the pop-up from google.com.secunia.com from appearing. Disabling pop-ups stops it regardless of which browser you have and if Java is enabled or not.
Wrong..Personal Choice Depending on Habits..
In my case, on Internet Explorer, I set ActiveX and Scripting options to "Prompt". I use a different browser to surf the internet.
Hope this helps.
Your Habits Not Necessarily Everyone's
Those ?malicious sites are sites deliberately set up by hackers to which the user must be lured usually by a link in a email message, file sharing sites and blogs that have been hacked.
If you are going to disable an accepted feature of many internet sites, then you might as well stay off the internet altogether.
Exactly Correct! Your Habits Aren't Everyone's..
There's also a problem with your defining of "malicious" sites. Those sites can change quickly and who knows when it's going to happen.. A number of well known "good" sites have been hacked and turned into "malicious" sites.. Although generally corrected quickly, the first to notice the vulnerability are those with the least hardened browser.
Unfortunately, sometimes those "workarounds" can become "solutions" because the browser maker refuses to patch various vulnerabilities. (Note Microsoft in particular.)
"If you are going to disable an accepted feature of many internet sites, then you might as well stay off the internet altogether." We hear this particular statement a lot from those that don't want to take the appropriate security steps. I repair their computers as a side business and I make pretty good money at it too.
And yet for example, a number of browsers don't use ActiveX, or allow pops ups..etc. There must be a reason why the browser creators have chosen to disable such..all of which block "accepted" features from many internet sites. Surfing habits will cause one user to accept a security setup that another user won't.
Please remember that there are a number of different types of users that visit these forums, from newbies to advanced, and each one has a different perception of how much "risk" to take while surfing.
Hope this helps.
?There's also a problem with your defining of "malicious" sites. Those sites can change quickly and who knows when it's going to happen.?
There is no problem with my definition of malicious sites. They are exactly what I have mentioned. Nor is it true that a number of good sites have been hacked. Of course that depends on what you consider good sites. You probably consider ?social? sites to be good sites for example if only based on their popularity. Yet those sites along with file sharing sites, despite their popularity, are exactly the sites notorious for being hacked. Kazaa was a very popular site and yet one of the greatest offenders. The really good sites, those that are hosted by well known large corporations have never been hacked despite all the scare rumors to the contrary.
?Unfortunately, sometimes those "workarounds" can become "solutions" because the browser maker refuses to patch various vulnerabilities. (Note Microsoft in particular.)?
You are a victim of nonsense rumors. The only alleged vulnerabilities Microsoft has not offered a patch for are those that require active intervention by the user before they can even be exposed to the exploit and that active intervention does not include simply accessing a site. Again, those are facts. Only the tiresome anti-Microsoft types believe otherwise.
?And yet for example, a number of browsers don't use ActiveX, or allow pops ups..etc. There must be a reason why the browser creators have chosen to disable such..all of which block "accepted" features from many internet sites.?
?We hear this particular statement a lot from those that don't want to take the appropriate security steps. I repair their computers as a side business and I make pretty good money at it too.?
We will have to agree to disagree on this issue. Frankly, on the basis of your posts on this issue, if you were to come to my place and made such a recommendation, it would be your last visit. But then I have never employed anyone to service my computers. There is nothing they can do that I am not already aware of. At that, when encountering such people on certain web sites, I some times disagree with their advice. And to good effect. I have been using computers since DOS days and have never, ever, experienced malware of any kind on any of the computers I have used. The worst I have ever had were ad tracking cookies and about those I couldn?t care less.
Re: Wrong..Personal Choice Depending on Habits..
in your answer you said
Just how do you set it to prompt you?
Setting To Prompt...
In Internet Explorer, click on "Tools", choose "Internet Options", then click on the "Security" tab. When that loads, click on the "Internet" icon (the world globe), then click on the "Custom Level" button. When that loads, scroll to the "Scripting" section and select "Prompt" in the "Active Scripting" option. (Just to be sure, select "Prompt" in the "Scripting of Java applets" section as well.) Click on OK, then choose "Yes/OK" when it asks: "Are you sure?". Then click on Apply, then OK, etc.
This same procedure can be used for other controls in Internet Explorer such as ActiveX, etc.
Hope this helps.
Re setting to prompt
Grif Thanks for the life of me i couldn't remember how to set it up so it would prompt me i know sometimes i'm going to regret setting it this way but it may be for the better.
Believe it or not i switched from netscape to explorer a long time ago when netscape was so hard to manage and i'm not that savy on firefox so i'm waiting till explorer gos the way netscape did back in the 90's and it will one day it will get so top heavy i'll have to switch to something easier and smarter its the way of the web but not just yet but thanks for your reply