... and Vista, with all the "security" pop-ups is training people to just click "ok."

I share your disdain for vista - I can't get it to start boinc without it being blocked at startup. Cookiewall however solves the pop-up problem for me - I determine which get always deleted, which get temporarily accepted, and which are always accepted. I also keep and occationally use Firefox as a backup in case someone clobbers my IE. AS WHEN MS TRIED TO FOIST IE8 on me through automatic updates.

Internet Explorer (and Outlook/Outlook Express) have serious security flaws.

If you have Firefox as a backup, it means you aren't using it as your primary browser, and you're hoping that other software on your system adequately blocks threats through Internet Explorer.

---

A heads up on ZoneAlarm. I used it exclusively for a few years, on many computers. After experiencing multiple, strange problems with hard drives, system stability, disk corruption, etc., I tried removing ZoneAlarm. The problems went away. SATA hard drives that failed in the past suddenly worked correctly.

ZoneAlarm seems to be fine for very standard PC installations, such as a non-modified laptop. In more advanced installations, I suffered with numerous compatibility issues. This might just be an isolated experience, but it cost me countless hours of troubleshooting.

I like middle of the road stuff, stable and having a large installed base. So I switched to Norton 360. All the hardware issues went away, plus Norton has a 64-bit version. It has worked well so far.

Bob

My experience with Zone Alarm is very similar to this. I was a "pro" user for several years, but after about 10 months of grief that finally all went away when Zone Alarm was removed, I'm now an AVG user... [edit - with windows firewall, defender, and a NAT router...]

-Dave

---

My experience with Zone Alarm is very similar to this. I was a "pro" user for several years, but ...

Similarly so for myself.

In the past, I spent quite a few hours tweaking up and fine tuning the various firewall settings and various other 'security' enhancements on Windows. Black Viper was and is a good help.

And it is all such a horrible utter waste of time.

I've since learnt that such nonsense is completely unnecessary. There's far better things to do with your time and life.


Happy crunchin',
Martin

---

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)

last year firefox had three times the number of security flaws than ie, so it is not safer by any means.

and i haven´t spent ages twisting and tuning anything else than guitar, and i haven´t learn automatically click ok in vista and i haven´t have single virus on my computer, and just yesterday read major hole in pidgin for all of you linux users, don´t be put on false security.

Linux, Firefox and its addons like NoScript do not cost anything, so I am taking all risks with them. But, if a product is sold, it MUST be safe.
Tullio

---

last year firefox had three times the number of security flaws than ie, so it is not safer by any means...

Openly published security/bug fixes that is.

Now... How many in the Microsoft stuff that are not published? Microsoft is known to be very secretive and very fond of obfuscation...

How many zero day or days-old exploits live and 'out in the wild'?


Microsoft Marketing is Very Good at playing the obfuscation and numbers game.


Now for much more useful numbers:

How many zombied Linux systems are polluting the internet compared to Microsoft systems? How does that compare in proportion to their utilisation?


You should find that the current Open Source code gets fixed quickly and usually preemptively before you could even get any possibility of world-wide virus silliness as has happened a few times now with Windows systems.

Agreed, there's no room for complacency. Hence why there is the continuous bug fixes and updates for all current Open Source code. There are no viruses 'out in the wild'... yet. I'm sure that you can bet that each and every one example will cause a frenzied world-wide stir. Seen any such examples? (It is likely to happen sometime, be very public, and the stir will lead to an immediate fix in just hours.)


Happy (virus-free) crunchin',
Martin

---

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)

In this big browser debate, I think we must mention Opera. Safe, fast, small, free. For lots of OS and systems (desktop, palm, mobile...) And very good in the web standards.

---

last year firefox had three times the number of security flaws than ie, so it is not safer by any means.

Internet Explorer has something called Active-X.

Active-X is a native windows DLL. Browsing a web site with an Active-X control in IE installs that Active-X control on your machine, just like any other piece of software can be installed.

There was an Active-X "security" demo a few years back that sent the "windows shutdown" message to the system. Browse a web page and watch your computer power off.

For "safety" Microsoft came up with signed controls. All you need to do to be able to sign a control is have a credit card that takes a charge. The control stays signed even if the charge is reversed -- and even if the card you use is stolen.

This is a little bit like comparing "shoplifting" to "murder" -- yeah, security issues, but Active-X is pretty easy to exploit.

---

A heads up on ZoneAlarm. I used it exclusively for a few years, on many computers. After experiencing multiple, strange problems with hard drives, system stability, disk corruption, etc., I tried removing ZoneAlarm. The problems went away. SATA hard drives that failed in the past suddenly worked correctly.

ZoneAlarm seems to be fine for very standard PC installations, such as a non-modified laptop. In more advanced installations, I suffered with numerous compatibility issues. This might just be an isolated experience, but it cost me countless hours of troubleshooting.

I like middle of the road stuff, stable and having a large installed base. So I switched to Norton 360. All the hardware issues went away, plus Norton has a 64-bit version. It has worked well so far.

Bob

My experience with Zone Alarm is very similar to this. I was a "pro" user for several years, but after about 10 months of grief that finally all went away when Zone Alarm was removed, I'm now an AVG user... [edit - with windows firewall, defender, and a NAT router...]

-Dave

And to think there are Nats and Flying Nats, I get too many bugs, But that's why I have a pest control guy come here every month(Dewey) and so I have only one or two small ones which are easy to dispatch, I hear the sink monster loves them too. ;)

Seriously, Yeah, I hear Ya, I'm going to get out the old 4 port router and replace the 8 port as every once in a while I lose My IP address and as soon as I un plug the thing and let It sit for 10 seconds I get My IP address back, crazy. And no I can't update Its 2002 firmware, I've tried a few times only for the router to not want to accept the file.

---

The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's

For Microsoft OS's, I have been using Viper from www.sunbeltsoftware.com along with the Sunbelt Personal Firewall. They have reasonable licensing for updates/upgrades and deals for multiple computers if you have a farm of crunchers. I used their Counterspy app for a few years before they came out with Viper. They have versions for XP and Vista, 32 or 64 bit. They claim that it's not a resource hog.

---

Linux, Firefox and its addons like NoScript do not cost anything, so I am taking all risks with them. But, if a product is sold, it MUST be safe.
Tullio

nothing is never safe

last year firefox had three times the number of security flaws than ie, so it is not safer by any means.

Internet Explorer has something called Active-X.

Active-X is a native windows DLL. Browsing a web site with an Active-X control in IE installs that Active-X control on your machine, just like any other piece of software can be installed.

There was an Active-X "security" demo a few years back that sent the "windows shutdown" message to the system. Browse a web page and watch your computer power off.

For "safety" Microsoft came up with signed controls. All you need to do to be able to sign a control is have a credit card that takes a charge. The control stays signed even if the charge is reversed -- and even if the card you use is stolen.

This is a little bit like comparing "shoplifting" to "murder" -- yeah, security issues, but Active-X is pretty easy to exploit.

and it is even easier to stop ie to use active-x, wait, oh it was alrady set like that, no active-x will do nothing in this ie.

Today I just upgraded the firmware on My Linksys BEFSR81 8 port v2 Router from 2.44.2(2002) to 2.45.10(2004) and the 2.45.10 is the latest and since It's a v2 Router and is out of production I doubt there will be any newer firmware coming along anymore. I would be nice If My Router didn't need to be rebooted every month, But I'll find out If that will happen or not then.

Linksys wrote:

Firmware Date	 : June 3, 2004
Current Firmware : Version 2.45.10
Product PartNo	 : BEFSR81 v2

Note: This code will not work with version 3.

Ver #.		Date		Description
--------------------------------------------------------------------------------
2.45.10		Jun 3,04	1. Added Multicast IGMP Proxy function
				2. Added Filter Internet NAT Redirection option 
				   to disable local LAN users from accessing port 
                                   forwarded services in the router
				3. Added CGI string attacks prevention
				4. Fixed UPnP issue with Windows XP SP2
				5. Fixed BOOTP response to DHCP server
				6. Modified DHCP server to fill the siaddr to the
				   server address.
				7. NAT-T issue. Linux will reply the long packet 
				   echo reply out of order.
				8. Modified MTU/MRU response.
				9. Modified Support PPPoE/L2TP/PPTP fragmentation
				10. Modified RFC 3360. TCP RST handling
				11. Fixed buffer leakage bug.
				12. Added the DHCP option 55 support.
				13. Added Filter IDENT(Port 113) to block that port
				    from port scan.
				14. Fixed DHCP lease time being too large will cause the router 
				    to request IP every 1 min
				15. Fixed port forwarding disabled will still allow access through
                                    the WAN
				16. Fixed fast web upgrade displaying correctly in web browsers
				17. Modified PPTP max MTU size from 1400 to 1460  When enable 
				    PPTP or PPPoE WAN connection type that MTU won't be enable 
				    automatically.
				18. Fixed remote port number not working correctly
				19. Fixed multicast UDP fragment packets (Media server
				 in WAN) from the WAN will cause the router to reboot 
				20. Fixed Cisco response VPN pass-through (UDP+ESP) 
				    packets connection to disconnect 
				21. Fixed DNS will not query if DMZ is enabled 
				22. Added support system information page 
				23. Modified MSN L2L for proper support for 4.7 and 5.0 connect.


2.44.2		Dec. 13,02	1. Fixed UPnP functions
<SNIP>
v1.34		Aug 17,00

---

The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's

Firefox in its downloadable state needs add-ons to become usable, the first installed add-on makes any security of firefox - if it exists - useless, as there's no control over the security of add-ons namely not even signing

I have installed in Firefox ForecastFox, NoScript and Moonlight. No problem.
Tullio

---

I have installed in Firefox ForecastFox, NoScript and Moonlight. No problem.
Tullio

don't forget to put adblock plus on firefox

---

In a rich man's house there is no place to spit but his face.
Diogenes Of Sinope

Firefox in its downloadable state needs add-ons to become usable, the first installed add-on makes any security of firefox - if it exists - useless, as there's no control over the security of add-ons namely not even signing

"Signing" only helps if you can trust the signers -- and their procedures.

---

... and it is even easier to stop ie to use active-x, wait, oh it was alrady set like that, no active-x will do nothing in this ie.

Ahhhh... But what about that darn all powerful DirectShow dll thingie?

Get Must-Have Fix for New Microsoft DirectShow Flaw

A critical new zero-day flaw involving Microsoft DirectShow's processing of QuickTime content is under attack, Microsoft reported today ... affects Windows XP, 2000, and Server 2003. Windows Vista, Server 2008, and Windows 7 are not affected.

[...]

"a browser-based vector is potentially accessible through any browser..."

Fresh in the news 28th May.

Good luck,
Martin

---

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)

i run vista, and why i would use quicktime, this is not mac.

i run vista, and why i would use quicktime, this is not mac.

Why would Microsoft support Quicktime in DirectShow if Quicktime was not important?

---