Masterlie's frequently requests source URLs as "proof" of auto-installation of Spyware in IE (Refusing to believe the statements by Microsoft, SANs, CERT, Sophos...), well perhaps he'd care to check this out;

http://sunbeltblog.blogs...of-createtextrange.html

"The createTextRange() zero-day vulnerability has been patched in the latest round of security updates from Microsoft.

If you’re curious to see the exploit in action at one site, you can see this video here. In it, the AppWiz keylogger is installed.

Patrick Jordan
Senior Spyware Researcher"

Have fun.

how do I know what is safe anti-spy, adware, and virus protection to download for free?

Lavasoft Ad-aware
Spybot - Search & Destroy
Microsoft Windows Defender
AVG Free

Is it just me or did all of Mastertech's posts just get deleted....because now it looks like i'm talking to myself further down the thread, and although not far off the mark when I'm as tired as I was last night...it just seems...odd...

Oh yeah all my posts were censored but everyone elses remain. Looks like the fanboys got to this thread too. If that is not proof I do not know what is. Keep spreading the Propaganda anything else will be deleted!

Eh? Well I normally do talk to myself so for me I did not notice until you posted this. Shame that some of our entertainment was removed but I am sure we will have more from BrowserMaster or whatever his name is.

Rather than suspect some deliberate moderation on the part of betanews I think we just may be seeing some kind of hardcoded nutjob thresh-hold in the comment software here. Or possibly we have just witnessed a new metaphysical phenomena like a black hole of clue that sucks the stupidity from around us. Either way it is a bummer...twas most entertaining.

Yea you keep telling yourself that Mastertech...They're out to get you...nevermind your overly obnoxious attitude or continued spamming of your site (most likely reason). It must be the fanboys out to put you down right? Once again your ego gets in the way of you seeing straight.

I'm sorry MT, I've been away a few days, guess I missed all the fun here. Perhaps your posts due to your continued "I refuse to believe any sources which disprove my statements" & "You disagree with me therefore I'll blacklist you on my site &/or label you as a fanboy spammer".
Instead it's your posts that get deleted, hmm, sounds like you need to re-assess your current line of thinking.

No, Firefox isn't 100% secure. It is currently, however, safer than IE.

CVE total is currently running at 397 vulnerabilities for Internet Explorer.
http://www.cve.mitre.org...yword=internet+explorer

Masterboy I am not all that fond of spammers. I don't know anyone that is. Heck, I bet that even spammers don't like spammers. You are putting yourself in that category. I have to agree with a previous poster that the word Fact does not mean what you think it means. Even if it were so, facts require context in order to be relevant to an issue. You lack both. Any value your regurgitated minutia (and yes I looked it up because I can't spell worth a damn) may have is more than overshadowed by your fanaticism and refusal to rationally dicuss specific issues. When pressed you spew a torrent of insults, generalizations, links, and other garbage instead of reasoned thinking.

While entertaining on the whole, it does become tiresome after a while. Perhaps you should rest your fingers in order to be fresh for a renewed assualt on our patience over some other issue.

Oh and I don't mind that the links you are spamming are links to your site that has paid advertising on it. I just hate spamming/spammers. But it is also clear that you probably need all the help you can get if you are out of school and have not learned to think yet.

oh boy, these articles about OS and browser flaws are funny. Throw a juicy flaw out there and the vultures start circling. Here's an idea for all of you fanboys. Stop trying to convert everyone..let men/women use what browser or OS they will and get along.

I couldn't agree more !

How many times is Mastertech going to be allowed to spam his site? Not only full of anti-Firefox FUD, this is also a commercial site from which he makes money.

Oh so it was you? Nice you got all my threads deleted by spreading more lies. Like I said the only way you can win is by not letting anyone hear what I have to say.

paranoid much? ever stop to consider it was your spamming for personal gain that got your posts deleted? Now you'd rather attack the integrity of the entire Betanews staff instead of opening your eyes to your own arrogance.

Yeah, it was me. My Kung Fu is strong.

I admit that I am new here and my view is whatever browser or os makes your d*** hard or clit wet , go for it. I have to admit I always get a beer before coming to this site cause it can be so funny listening to some of the rants. Hell, it's cheaper than going to the piss poor movies that come out

You know, it is funny that you put it that way. When I think of Browsers I normally think of sexual arousal too...how strange. Must be those late nights looking at naughty pictures coming back to haunt me.

*grabs some popcorn*

This Mastertech guy is funny. Insane, but damn funny.

Amen to that.

awesome, funny and hilarious,and yeah warzone below :-

awesome, funny and hillarious,and yah warzone below :-

who really gives a s*** what browser another person uses? does it affect any of you in any realistic way?

didnt think so, shut up. everyone already knows that there isnt a single browser out there that lived up to the expectations that the design team had when they created it, otherwise there would never be new version, never need to have plugins and never need to be patched. i think we can all agree that we all have our choice of browser or browsers we like and just because someone else says so we arent going to change our minds.

Please allow me to paraphrase your point (I do so enjoy mangling others words)

who cares, blah, blah, blah, shut up, blah, blah, blah, I have nothing to learn here, blah, blah, blah, sheep are sexy, blah, blah, blah

Does that about say it then?

'bout right.

lmao...

Now *that's* reading between the lines.

Wow this is more fun then that time at band camp when they brought out the donkey in a girdle...

You all realize you're insane right?

((HUGS EVERYONE))

Fight amongst yourselves...

YAWN...

lmao...

It just gets better and better.

It's no longer about the article...it's about which fanboy can post more FUD about the other browsers.

Nice, guys.

"Just say No" ain't just about Drugs anymore.

Better watch your posts PC_Tool MasterTech has thousands of machines configured with his own special sauce. For all we know there is a botnet there waiting to DDOS Betanews if we plant a foot wrong.

Seriously though, I am not trying to be a jerk, but it would be easier to take MasterTech seriously if he did not post ridiculous things...repeatedly. Trying to plant subtle hint here. If you show your bias so transparently, no-body listens to a thing you have to say even if part of it is valid.

What?

Sorry...wasn't listening. ;P

*grin*

That was *too* easy.

Was there a post here? Its a blank spot, I think there is something wrong with the betanews site...

at any rate, Mastertech has commendable ideas, people dispute his evidence, why? Because its like the time when Columbus tried to tell the world it was NOT flat, that's how I relate this.

People will not listen, unless they have undisputable evidence, but by then its too late, the damage has been done.

Bias is the point to posting in the first place, if we didn't have an opinion, we wouldn't waste our time in posting any comments.

If you want to believe Firefox has ZERO problems, great! I hope you enjoy it. I know IE is not perfect, but to even IMPLY any product is bullet proof, now THAT's rediculous.

People aren't going to listen anyway, they believe what they want to believe, but when we post in a public forum, we have evidence that we TRIED to convince you otherwise. If you take the advice, wonderful.

Frankly, I could give a s*** less if you take the advice or not. Its not like its going to make 1 iota of difference to me. My machine is stable, I don't infiltrate it with stuff that I know cause problems. If my machine DOES have problems, I can fix it. I don't need anyone's help. The software that people use, is their own, and at their risk. If people can't read the disclaimers on the software BEFORE using them, well too bad. Maybe one day people will learn to read and figure out that software isn't 100% guaranteed, nothing in life is.

Take the advice or leave it. This is a free country. You don't like what PC_Tool, Mastertech, or myself have to say, well you can go fly a kite in Iraq.

Bang!

Zoom!

There goes rijp, flying off the handle like a cannonball out of a cannon again.

Did you read his comment? He was insulting me, and was *trying* to be civil about Mastertech's obnoxious postings.

Deep breath, man.

Pop another valium....and chill. :)

You surprise me. That post was actually not too bad. You started strong. A bit of humor a little olive branch but then you lost me. You still offend by the gratuitous use of capitalization but that can be overlooked seeing as how you are so passionate.

Even a little balanced point of view inserted even if it is quickly lost.

Let me see if I can paraphrase...correct me if I am wrong:
=====================================
MasterTech has commendable ideas (I actually agree here, he does have some good ideas, unfortunately these masterful musings are eclipsed by his abysmal delivery skills)

Columbus talked to Rocks (well to world at least - even if he was right...it is not flat, it is not considered productive to talk to the World - better to talk to people, although around here, it sometimes seems as rocks might be more inclined to listen to reason)

People don't listen (True)

Bias is the point of posting (umm...nope - Bias is actually a negative thing and does not equate to opinion. The differences is that a Bias can be said to negatively affect the powers of judgement or reason and prevent you from properly integrating new information into your opinion - so the folks in Columbus' time had a Flat World Bias - not a good thing by any means)

Somebody believes that Firefox has 0 problems (real fanboy material, but no-one here has posted that)

People won't listen (again, true, but getting repetitive)

You give a (something, not sure here) if folks take your advice, you have a stable machine, don't need help infiltrating it and nobody reads disclaimers. Nothing is guaranteed, or maybe it was that you have a Turd named Frank that has infiltrated your machine to give you advice and read the disclaimers for you (I am not sure just quite how to take that).

This is a free country (alas not any longer)

The weather is nice in Iraq this time of year (have to disagree here, it is Hot and dry...not kite flying weather thanks.)
=================================

not kite flying weather thanks.

Even if it was, good luck getting it up there with all those bullet holes in it...

what you look up all your words in a dictionary? trying to sound smart? it doesnt help you.

Un-called for.

Was there a point ot your post or are you here only to fling insults?

You must be new here, or at least new to my posts...they are all like that and I seldom need to try.

You have caught me out...I memorized a list of big words when I was younger in order to impress ignorant forum savages. I get so much of my self-esteem from what others think of my IQ that I simply must use the largest words possible at all times so they will think I am smart. I can't post without a dictionary because my ideas are so weak that they cannot stand on their own...I must inject large words to make up for my intellectual inadequacies (well that and my small p**** but lets not go there shall we).

I am detecting some commonality in posters that include the word Master in their nick. Maybe we should conclude that Master is in fact only part of a word...it is missing the final part...hmmm

I did in fact look up one word (mostly because I wanted to be sure I was correct in linking it to another) and that was Bias which is linked with Prejudice (not the same but but one implies the other in some cases). The others came flowing from my ever so humble mind.

Did you have a point turdbrain or is it just syllable envy?

Did you have a point turdbrain

Everyone say 'Hello' to Reap_r's inner 3-yr-old.

Hello!

You have been waiting for that haven't you?

words of wisdom, dunno about others but it was crystal clear to me.

We are fighting for browser, like we used to fight with our GI JOE , mine is stronger no no mine is stronger

Nah.

Call it a side-effect of having children. Makes it easy to recognize certain behaviours.

*shrug*

It's not meant as an offense. It's simply an observation. Hell, I've been letting mine run rampant today. ;)

I thought that's what convertables and boxters were for...

There's a big difference between his article (he has posted his link several times here; search for it) and my article: http://www.webdevout.net/firefox_myths.php

Is Firefox 100% standards compliant? No, no browser is. Is Firefox 100% secure? No, no browser is (dispite what Mastertech would have you believe, Opera isn't either). Did Firefox invent everything it offers? No. But Mastertech's article isn't just debunking these obvious myths. It's deliberately presenting a skewed picture that makes it looks like Firefox sucks in every area. His page also has a good share of errors in it, such as the claim that Secunia lists an extremely critical vulnerability for Firefox on Windows (it doesn't), the claim that Opera's rewind and fast-forward features are the same idea as Firefox's cached back and forward buttons (they aren't, nor does Opera claim they are), and those (mis)quotes under the Fanboy Quotes section, which were deliberately alterred to say the opposite of what they actually said in the original context.

His page does say a few truthful things, which I have incorporated into my own version of Firefox Myths, but the rest is just lies and misleading statements made to fit his own personal fanboy agenda. I've posted proofs of his lies multiple times before, complete with sources and everything, but he just ignores me claiming that I'm a Firefox fanboy (even though I regularly promote Opera as well) and calling my arguments "excuses, opinions, rhetoric and conjecture". Even quotes directly from Microsoft contradict some of his claims, but he pretends they're Firefox fanboys. He even referred to an Opera fan site as a bunch of Firefox fanboys without realizing it. Anyone who disagrees with him, regardless of what proof they have to back themselves up, is dismissed as a Firefox fanboy. It's absolutely bizarre how someone like him can still have any ego left to keep up this endless crusade.

Well since you asked. Your posts closely mirror what is found on the firefox myths site.

On this site rediculous statements are made and debunked. Here are just 2 examples
Myth - "Firefox is Bug Free"
Myth - "Firefox is completely compatible with every Web Site"

How can you even make this stuff up with a straight face. Anyone who has been on the internet more than 5 minutes will know that this is not true of Any browser let alone a fairly new one. My 7 year old can type up a rebuttal to those, or at least link to them.

You mistake quantity for quality and succumb to the disease that has plagued fanatics since they crawled out from under rocks. That mistake is to think that those who don't agree with you or share your fervor are less intelligent or merely ignorant and that if you rant at them enough they will "Get It". Your facts are dubious and your proofs lack context.

That is what is rediculous. Shall I go on or do you understand?

Do not be concerned with what they think. You just keep being your entertaining nutty lovable self and we will all be happy to read it. I think I speak for most in that.

Take this to heart though: It may be more difficult to easily rebut well reasoned statements than it is these "myths" you dig up, but it is far more satisfying. It is also more valuable to try to keep the topic closer to what actually concerns most web surfers. I don't really care which browser loads .02ms faster or has 5 fewer bugs in a given month. I don't know anyone who does. My drivers are far more mundane things like features, quality of add-ons, and security (real world in the trenches my pc is not infected security). In that I make my choice and direct my influence.

You are free to do the same but your influence is diluted if you piss it away making statments like you have in this discussion.

Well I have a 3 year old and I make her look downright mature sometimes with my antics.

"I don't cover up the truth."

You also don't state the truth either, you distort it. You take a side comment one idiot person on the web makes and provide it as latest "proof" or your newest "myth". You've done that repeatedly on your page you enjoy spamming so much that it's a wonder you don't label the page "fiction". Your fact page has about as much "fact" to it as a Dan Brown novel.

"Well reasoned statements are not Myths"

Now if only you would provide a well reasoned statement you might actually get somewhere. Alas, that isn't likely to happen given your prior posting history.

Opera is not currently perfectly secure. Just because Secunia isn't currently aware of any unfixed vulnerabilities in Opera older than the maximum response time they allow doesn't mean Opera doesn't have vulnerabilities. If you claim otherwise, you're simply misleading people.

And you want to talk about excuses? What business does that IE HTML support figure have in your section for a *Firefox* myth? Why don't you note IE's CSS support or Firefox's HTML support? The answer is pretty obvious: you're doing everything you can to leave the reader with your biased perspective.

What bull*** claims did I make about your site? I said you tried to make IE out to be somehow superior to Firefox. And in fact, up until I got you to stop lying about what my resource said (I'm the source for his standards support information, by the way), you were claiming that IE had better XHTML support than Firefox. That pretty well fits the definition of "somehow superior" and even you can't deny that.

Oh I get it, if you just smack the label "fanboy" on the so-called quotes, you're free to misquote people and conduct libel? I'm sure that would make an excellent defense in a court of law.

Here's some proof. Listen clearly...

Proof that Secunia does not list an extremely critical vulnerability for Firefox on Windows: Go to http://secunia.com/product/4227/ and look at the only advisory with an extremely critical rating (http://secunia.com/advisories/16869/). Now read: "This vulnerability can only be exploited on Unix / Linux based environments."

Proof that Opera's rewind/fast-forward buttons aren't the same things as Firefox's cached back/forward buttons: http://opera.com/features/ 'Fast Forward will detect the most likely "next page" link and greatly simplify navigation in multi-page documents.' That isn't close to Firefox's cached back/forward pages.

I'm not sure what kind of proof you want for ActiveX's insecurity, but I think this quote from Microsoft speaks for itself (http://msdn.microsoft.co...ts/activex/security.asp): "An ActiveX control can be an extremely insecure way to provide a feature. Because it is a Component Object Model (COM) object, it can do anything the user can do from that computer."

As for W3C being part of the definition for a webapge, Tim Berners-Lee (founder of the W3C) originally invented/defined the HTML language that your source says is part of the definition of a webpage. (http://en.wikipedia.org/wiki/Html or a quick Google search)

"Quickly" is a relative term (someone can be running quickly, but compared to a fired bullet he isn't so quick), so the claim that Firefox patches vulnerabilities "quickly" is obviously relative to other browsers. And if you look at Internet Explorer (http://secunia.com/product/11/) you'll see that Firefox does patch vulnerabilities much more quickly than IE. Looking at my patch delay summary (http://www.webdevout.net...urity_summary.php#delay) which comes directly from Secunia's data and the official release dates of each respective patch, although Firefox isn't the "quickest" in every type of average, overall it certainly patches vulnerabilities "quickly".

I could go on and on. On the other hand, what have I lied about? Please show me some proof about a lie I've made.

As for the Opera site in question, I was going to say Opera Watch, but it seems you have just added a note "(not Opera Watch)" even though they're the originator of the "myth" you're addressing. Interesting.. so Opera Watch now isn't a bunch of Firefox fanboys even though they originated the quote, but anyone who quotes it elsewhere is? Will you ever start making sense? It's like trying to argue with a crazy person.

I'm not an FF fanboy and I haven't seen a single one. Just FUD.

Yea, you really need to get back in class and pay attention during reading comprehension class. Are you truly this dimwitted or is this just a "special" day for you?

Riiight. Wait...were's your proof? Hey if you can ask so can I. :)

about as much as yours do

So you finally agree that your page is just FUD? Wonderful...it's about time.

Nah I want proof of your multiple instances of these misleading claims not just the quote from one misinformed or malnourished nutjob...all of them...for each of your myths.

What no proof then? Pffff...

to paraphrase Inigo Montoya: You keep using that word (facts)...I do not think it means what you think it means.

Blue!

IE Fanboi!

You're out of your mind if you think I try to make anything but Firefox look bad. As I have said before, I think Opera is a great browser. When my grandpa asked me to switch him away from IE because of all of the adware he frequently got, I picked Opera instead of Firefox because of the accessibility features. (And by the way, he hasn't had one new piece of adware since.)

I never promote Firefox without also promoting Opera. My personal preference is Firefox, but if it was Opera you would have as much reason to call me an Opera fanboy.

For the millionth time, written false claims about someone is called "libel", not "slander". And my statement wasn't in the least bit libel. Here is an example of a libelous claim: "The owner of this Source had tried to redirect visitors coming from this site to specially created warning pages." It's also libelous to claim that my standards support page has ever redirected anyone to the IE warning page (a different claim than the quote above), or that I have violated your copyrights in any way, or that I am somehow manipulating the data in my tables just to make IE look bad, when every change is recorded in my changelog and anyone can test the information (I even provide several different convenient ways for people to submit corrections, privately or publicly).

And no, my data never once said that IE had better XHTML support than Firefox. For a while, I gave IE credit for supporting some of the *changes* in XHTML over HTML, even though it didn't support those elements in an actual XHTML document, but its support for XHTML 1.1 in total (which generally is more or less the figure in the "Total" section by "HTML / XHTML", although Internet Explorer's value would technically be just about 0% because it doesn't display the document as a webpage when an XHTML document follows the standard strictly) was never shown to be higher than Firefox's. Your problem is that you failed to read my table correctly and you misrepresented what it said.

In what way do I pretend to be above the law? Parodies are perfectly legal, and quoting cited sources is perfectly legal. Some of the things you've done on your site aren't. I'm tired of your constant empty threats at lawsuits. You know very well that you're guilty of much worse than anything you could accuse me of, but unlike you I don't resort to empty threats in order to win an argument.

Your page clearly says "All Myths relate to running the default install of Firefox in Windows with no Extensions." Secunia clearly shows no extremely critical vulnerabilities in Firefox on Windows. Get a clue and stop lying to your readers.

And how is Firefox less secure in Linux than Windows? That flaw was fixed the *day after* it was discovered, and right now Secunia shows no difference between the security of Firefox on Linux and Windows. If you want to talk about past vulnerabilities, according to Secunia, Opera has accumulated 48 advisories in its product life compared to Firefox's 40. By your logic, I guess Opera is more insecure than Firefox! (And no, I'm not really claiming that, just that your logic here is flawed.)

"That Opera feature is very similar." Wow. You have a serious clue deficiency. I'll explain in detail what each of the features is:

Opera's rewind and fast-forward buttons are essentially links to pages that are automatically detected as the "previous" or "next" pages in a logical sequence. This can be detected by the "previous" and "next" link types in the document or links that actually say "Previous" or "Next". There is no caching system specific to these buttons; it merely goes to the respective page.

On the other hand, Firefox's cached history feature is a completely different idea. The last few pages the user has navigated to in that tab are cached in memory (as opposed to cached on the hard drive, which is somewhat slower), so when the user hits the back button, the page is loaded from the memory cache instead of requested from the server again or reconstructed from the cached source on the hard drive.

To review: If you go from a Google search results page to some page4.html in Opera, the rewind button goes to page3.html which the Opera has never downloaded and must fetch once you click the button. Meanwhile, going from the search result to page4.html in Firefox, the back button goes back to the search results page instantly. These are two completely different operations and aren't even comparable.

As for your magical eWeek source, why should I take some nobody programmer/writer's word when all of the major security researching companies and even Microsoft say otherwise? That eWeek guy is just spreading a myth, and it's pretty easy to debunk.

"Even the definition of a Web Page on Wikipedia does not include W3C standards in the definition"

Yes it does. It says webpages are typically written in HTML/XHTML (which the definition on your Myths page says more directly), and the Wikipedia clearly says that HTML was "[o]riginally defined by Tim Berners-Lee" (the founder of the W3C) and "maintained by the World Wide Web Consortium (W3C)". But I forget that you don't understand how simple logic works.

FYI, the above few comments from me were replies to comments from Mastertech that have since been deleted by the BetaNews administration. I am not schizophrenic. ;)

nobody wants to hear your childish whining "Mastertech"

go be a Fanboy, and leave the thinking to the intelligent people because you clearly cant handle it.

"I'll ignore any sources, facts, or rebuttles you just said, label you a Firefox fanboy, and advertise my web site some more."

Second, you need to accept the fact that there is more than one side to a debate, and that your own personal views and beliefs are not the end-all decision.

There have been several. You choose to ignore them and label the writer a FF fanboy. Typical tactic of an internet forum troll who can't back his s*** up...sad really.

If by "backed up and explained" you mean "yell at them and call them a FF fanboy", then yes I suppose you have.

Excuses or counter arguments you can't defend against and thus you just shout "FANBOY"

You havent proven anything except your complete inability to listen to anything anyone says.

again...if by "defending" you mean shouting "FANBOY" then I suppose your right.

If I yell and call you an IE Fanboy does that mean I win to? No? Damn...

OK I might have been wrong I admit. You listen just fine it's your reading thats impaired

Scroll Down

Thanks, it certainly is fun

You refuted what? Nothing? Yes refuting nothing is very easy.

>>>>>> "nobody wants to hear your childish whining "Mastertech""

AMEN to that!

from one firefox user to another: shut it.

LOL! Ouch!

"and spammed it up here" yeah, thats what you did.

LOL

You have got to be the most retarded poster EVER!
You just did exactly what you were chiding him about.
LOL, you made my day moron. ROTFL

"from one firefox user to another: shut it."

Exactly, couldnt have said it better myself.

Hey lets try to keep things accurate. He is neither a Moron nor Retarded. I know people who are both. They are not the tightest clips in the box but they do learn to accept negative feedback from behavior that produces a non-desired result.

This individual however is what is known as a "Fanatic" in that no matter how many times the same sub-optimal result is achieved, he continues to follow the same procedure as before. Sort of like the gluttons for punishment that try to introduce themselves to the opposite sex by using not-so-witty pick up lines. Begs the question...if you ever did find a person so desperate that they would respond to such an approach positively...would you want to know them?

Sorry to go OT but I thought it germane.

Just a minute, damnit, *I* am the most retarded poster ever! Quit taking my damn title.

I want to be the most annoying, lame, retarded, egotistical, maniacal, childish poster..

Evidently I succeded.. because I have posts to this effect. In the mean time, Mastertech isn't the problem, you are, because you are ALLOWING his comments to sway your judgement.

I don't care about make friends on here. I don't care what you do with my posts, or my advice, I just don't care! someone once said, they were going to report me to the Betanews authorities, is that supposed to be a veiled threat? I don't give a flying ****!

This isn't the real world, its a damn open forum. Get over it! If you have to take these measures of personal behavior to the point where all you can do is focus on how to concentrate your energy on one person, you have some serious problems and you need to have yourself checked.

I don't care what you think of me, but do NOT try to dispute postings where they show you are obviously wrong. This only makes YOU look stupid, not the poster.

Its like arguing with a brick wall, you may win, but who is really going to know?

This has gone beyond stupid and lame, this is just out of control, and ANY post regarding Mastertech and his apparent proof to the contrary, and he does make valid points, whether you can recognize them or not, is just more evidence that you are the idiot.

This is just like the school yard, where he says you are stupid and you are replying with the most utterly lame response ever "I know you are, but what am I". that's all this is.

Keep on making stupid quips and posts like this, and that's all anyone will read "I know you are, but what am I".

If you don't have anything important, or contributes positively to the discussion, please feel free to STFU.

"I want to be the most annoying, lame, retarded, egotistical, maniacal, childish poster.."

Then look forward to the continuing criticism of your peers, who have taken the trouble to learn the art of civil colloquy among themselves. You just take advantage of the fact that no-one is *physically* present here. I challenge you to be as rude and obnoxious at a party or other social gathering as you are in these forums without getting taken outside to be taught a lesson.

Okay, let's vote:

Biggest Loser:

rijp - who desperately wants the title due to some undiagnosed mental illness

MasterTech - who hasn't figured out what a loser he is yet, due to an undiagnosed mental defficiency.

rijp is more like an unruly pet and he wants it too bad, so I vote for MasterTech.

Well said.

Watch it bud. Many more good posts like this and you may lose that title you coveted so.

Here is good summation of your point I think:

http://carcino.gen.nz/im...x.php/00b9a680/463c5922

That was good, thanks for the laugh! :o)

Another vote for MasterFool - biggest loser of them all!

Sorry rijp.

NSFW?

Can't get it past the filter. grrrr...

MasterTech - who hasn't figured out what a loser he is yet, due to an undiagnosed mental defficiency.

It's called cranial-anal inversion.

Undiagnosed, indeed...

In other words, his head's where his arse should be.

I vote MT, because rijp can actually be amusing on occaision.

Mastertech

Everyone already knew that one

The thing is, Firefox is opensource, made by programmers who are so bad they couldn't get a paid job. So what do you expect? Opensource sucks, it has always been rubbish and it will always be rubbish. Maybe it's good for development countries.

I don't know. I kind of like development countries myself.

Man if you are going to troll, try to use more skill and be a little less obvious.

Opensource is not a single product you can bash. There are good and bad products that are open source. I wonder if you can name a few. Hey how about this. What is the fastest growing free software based PBX? What are the fastest growing browsers? Oh and just to rock your world, not all open source products are free. So someone is getting paid. Heck I have gotten paid for doing open source development meager as my skills are. Like taking candy from babies really. As long as you don't close the source and give props where it is due, you can sell it. Try to do a little more clue development before you post, it may help.

aaaa Apple just released 43 patches for flaws in its OS and Quicktime...

You might want to rephrase.

http://www.opensource.ap...darwin/6.0/release.html

ba-dum-bum!

of course, only the kernel is OSS. What *most* people consider to be the OS, the actual Desktop (Aqua), is closed proprietary code.

Apple FUD fanboys just conveniently forget to mention that part most of the time. :)

You missed the point. The people at apple do having paying jobs, and there's still flaws, so the comment was a moot point.

There are only bad opensoource products, no good ones. OSS is for wankers.

Then perhaps you can explain why Apache (an open source project) is by far the most used web server and even so has a better security record than IIS. Please take your fanboyism elsewhere.

He is just trolling and incompetently that.

Your an idiot. Apache is the most popular because it outperforms IIS and is far more stable.

Yes it does. If you pulled your head out of your a** long enough to actually READ you might begin to understand...but probably not.

Yea you missed it.

Apple...big company with paid developers who according to the genious above are better then OS developers...have an operating system with a large count of obvious security flaws. Hence his argument that the OS developers are somehow inferior is bunk.

Oh and incidently, Google hired the Firefox lead developer. So unless you contend that Google only hires bad developers that ALSO refutes the argument.

ROFL You truly are a freakin idiot. IIS comes with every Windows Server installation, hell it even comes with XP Pro...for free. Microsoft does not...get this...does not charge for IIS.

...So you were saying...

How deep does the sand your head is stuck in go down?

Umm...news flash...neither is Unix. Linux might have a low or no price tag on the box but it isn't as free as the press would have you belive either and AIX most certainly isn't free, it's hella expensive. In fact...for genuine Unix installs in a business server environment...nope none of those are free...

So once again...your point is...?

I think my very first observation about you was dead on...you ARE insane.

Ya I'll get right on that. Just as soon as you provide a survey that people only use Apache because its free.
But of course you won't, because once again you take your personal opinion, present it as fact, and claim no one can refute you. Man your ego is so big its a wonder you dont fall over.

incidently:
http://news.netcraft.com..._web_server_survey.html

as for which are Linux, sorry don't have the time to hunt down the obvious. However feel free to peruse the site yourself.

No it isnt stupid its a dodecahedron

No he's actually right. A patchy server and Linux are OSS, made by programmers that are so bad they can't make money from programming. Like all OSS, it sucks, doesn't work and is only meant for wankers who have nothing else to do but tinkering with their systems. People who have a life don't come near it, they don't even want to come near the programmers of OSS, because they usually smell.

Way to stereotype. "All OSS programmers obviously don't have the ability to get paid to program since they're so bad." Many programmers program in OSS in their free time, just for the heck of it, and for a dozen other reasons. Making blanket statements like that makes one look like a fanboy and a troll.

"Apple Java Plugin"

That is a sun/apple problem, not FF. Apple/Sun released a fix for it well over a year ago.

And the cookie injection, well, there you go. One supposed FF vuln, there aren't *any* widespread or even a single user hit.

Don't bother, MasterFud can't read, he can only write. One whole side of the brain has completely malfunctioned.

Yes, there are five (5) unpatched vulnerabilities since 2004 for Firefox. I'd say that's pretty good, considering how much it's grown over the past three years.

Just like g33z I think it is about personal choice. You would think that some of these folks were investors or something the way they fight. I am pretty agnostic about the browser itself, but I really like the plugins I can get with Firefox. Adblock is my favorite. I have not even checked on whether i can get these plugins for opera...don't really care either.

Any IE fanboys out there know where I can find Adblock for IE without configuring my own cumbersome proxy.

There is no secure browser...you want secure, use a phone. I have personally had more problems with IE vulnerabilities but I have heard of some folks that have been poked by FF vulnerabilities.

As a consultant I am responsible for a large number of PCs in a variety of environments. As a service to my clients that had been plagued with spyware infections I put FF on their machines and made it the default browser. Out of nearly 100 machines that I needed to do this for (I just did the ones that seemed to need it) not a single one of them came up with another spyware infection. I know this is anecdotal evidence, but it is good enough for me. My clients were happy. I did not have to keep fixing the same things over and over and I ended up looking like a hero just for switching browsers. Yes i know it has vulnerabilities, but I have never seen one used against me.

There is no perfect browser. I know I just offended some Opera fanboys. Get over it. They all have strengths and weaknesses. No browser combines the strengths of all without intoducing weaknesses of its own.

So much pontificating, so little clue...

I bow in the presence of such godlike skill...

Yawn...been there done that. Unfortunately, when "properly" configured the users do not have the ability to run the needed activex controls in order to properly view the websites they need to. Some of those sites are arguably poorly written but it remains a challenge to be overcome.

The situation you are describing is fine if you have a homogenous environment where you have administrative control over these machines using group policy and your users surfing needs are quite similar. Unfortunately, I find myself in another environment entirely and my own experience is that is is more work to lock down IE to a safe point than not, because I spend all my time unlocking it so that the users can properly view websites. If I leave it up to them they would undo all my configuration in order to get their gambling or MP3 sites working properly.

So in essence you make more work for yourself in the environment I exist in than if you just put FF on there and move on to something else. Desktop support has very thin margins, I would rather spend my time on dev where it pays better.

I have to admire your entreprenurial bent. But no, I would not do that to anyone. I give them my best and that means that they don't have to worry anymore about it. In my town you can get a bad name doing things like that. Doing it my way (and i know, i did it both ways) they have fewer popup problems and if I am feeling especially froggy I slap some Adblock lovin on there with a little custom block list to make their browsing cleaner.

I fail to understand how your thousands of configs manage to differentiate between malicious and harmless activex controls. There really is little difference in the coding. You must really have to keys to the kingdom if your configs can do that. You are missing out on some geld if you are not selling that knowledge somewhere...no not here, that would be giving your birthright to the masses, but you could be rich with that kind of skill.

You're kidding right?

You seriously mean that I have to install a not so short list of third party addons to keep spyware off of windows boxes just so you can run IE safely. I mean it is good to keep updated and all, and some of the security tips there are well advised but you actually sit around and install that software on thousands of machines. I am most impressed by your patience. I don't even bother with putting anti-spyware software on the PC unless the user is known to dig up and run IE despite my efforts. Waste of resources if it is not needed. This may change as more FF vulns are exploited, but up to now has been the case. The most I would bother with is antivirus because you just can't seem to teach users not to open unexpected or fishy looking attachments. What is the best way you have found to keep all that third party software updated? Just wondering.

"What is the weakness of opera?"

Here's what Mastertech (aka Andrew) says of Opera elsewhere:

"I love things that work and IE works. Everytime I have to switch to IE to see or use a page properly is a waste of my time. I have to do it EVERY day. How can I possibly recommend this [Opera] to anyone? When they could simply use IE or preferably Avant Browser and never have to switch to anything? The argument isn't their. I don't sacrifice for things that don't work. My time is my time. Why "put up" with something when you don't have to? For an idealistic dream? Get back to me when Firefox or Opera renders all of the Web correctly. Neither is ready for prime time as far as I'm concerned."

http://s4.invisionfree.c...?showtopic=544&st=0

Truly astonishing hypocrisy!

(If he denies it's him, see proof below.)

He used to be an anti-Opera troll as well:

http://my.opera.com/comm...show=0&perscreen=50

Ironic considering that Microsofts failure to adhere to standards is at the root of much of the sloppy web coding out there causing problems for other browsers.

That's MrFlibble to you, son.

Really.....I could care less, I prefer Firefox over IE, just like I run XP on one of my puters and I run linux on another, they both have good points and bad points. It's all about personal preference. Its like a bunch of little kids fighting about how thier sandwich is better than the others. NUFF SAID....

Way to twist the words of the previous poster. You are doing exactly what he talked about. He made a good, unbiased opinion on the matter, and you come in in say "yeah Firefox fanboys are like that all the time." Fanboys exist in all fasions, not just Firefox.

It's a friggin' browser, people.

Get over yourselves.

...just sayin'.

Firefox was promised as the *SAFEST* browser.
Now look what happened all they (fan-boys) have are excuses, FF fan-boys used to criticise IE whenever they had the chance.
Every time a flaw is found in Firefox it is no big deal for FF fan-boys then why are flaws in IE such big deal ?
And all this is after it has only ~10% market share. Just imagine how many flaws there could be found if Firefox had the market share of IE.

Firefox is good but security wise there is no big diff. between Firefox 1.5 and IE7.
OPERA is the best browser at present.

Every software application has flaws Anmol. I don't understand why people don't get that. Opera too has flaws, it's just that nobody uses it so attackers aren't really interested in messing around with it.

Firefox is the best browser around.

Not for me, and not for the hundreds I've switched around me. They all love it.

"Firefox Myths" in itself is a myth. I bet those who did that website used a computer with very inferior hardware inside.

Anyway, Firefox is extremely fast, functional, feature-filled, user-friendly, and lovable.

You know what though? I predict this flaw to be fixed real soon. Unlike other browsers that take a while or don't have enough user-base for anyone to care.

Hey Andrew, you sad little attention-starved infant, I got some links for you:

http://nanobox.chipx86.com/FirefoxFables/
http://nanobox.chipx86.c...12/re-firefox-myths.php
http://www.thingoid.com/...refox-myths/#comment-43
http://www.evilavatar.co...s/showthread.php?t=8269
http://robert.accettura....fox-myths/#comment-7469
http://www.techspot.com/vb/topic44405.html
http://www.neowin.net/fo...ndex.php?showuser=31164
http://www.jeffevans.us/firefox_myths_comment.txt
http://www.jaredmcateer....ex.php?p=news&id=90

These sites link to dozens more, all debunking and/or banning your sad little butt (after a diaper change).

And a list of sites you have been banned from:

• 3dgpu
• Anandtech
• digg
• Forum bX
• Geeks to Go
• IntelZone
• Lunarsoft.net
• MozillaZine
• Nanobox
• Neowin
• PCMechanic
• TechSpot
• Urban Anarchy
• Web Devout

The only reason you remain here is a bit more liberal policy towards trolls. I'm guessing BetaNews just finds you amusing, for now.

I especially like the ones where you get confused about your name. Are you 18 yet? Still living at home? Still mis-quoting people on your website?

As for facts, no one in the world has ignored the facts like you, as will be obvious to anyone who googles your name.

A parody of a parody??? Now THAT's lame!

Yeah, that's right folks, he parodies (weakly) this (http://nanobox.chipx86.com/FirefoxFables/) parody of his site. You sound a little angry there Andy. Losing your sense of humor?

Wow, now THAT's lying with statistics! Dude, you really are as cracked as they say you are.

Independent and credible sources offer market share numbers...not some teen sitting at home skipping school. You can't argue that Firefox has 11.8% global market share because that's numerical unbiased evidence.

It's also growing by the week so that right there tells you what people think of it. Not some websites filled with misinformation.

haha, that's not how it works.

i agree with you, but have a simple question for you :-
in your opinion what is better using browser with many flaws or a browser having very few or no flaws at all(opera).
At present there are no open flaws in opera , i care about present and use the best stuff at present.
I believe that as opera market share will grow so will flaws in it, but im skeptical if it will have flaws in proportion to those in firefox.
Should not we care about the present scenario ?
Things can / may or may not happen in future.
I have not seen the future, but when FF had little or no flaws i was using that and as the number of flaws grew too big i dumped it for opera.

If in future opera becomes less safe to use i will try to find a better browser.

But at present opera IS the fastest safest and with lots and lots of feature. If i had to add those feature to FF it will not only bloat it and will further make it resource hungry, it will also add lots and lots of flaws too.

That is why OPERA IS THE BEST (IMO).

IF firefox will become faster, safer and will add all the features of opera without adding the flaws i will dump opera quickly.

What makes me laugh is that how people feel so strongly, and are opinionated about BROWSER, let me repeat it again A BROWSER.

Mastertech has now advertised his web site 4 times in one thread.

Likewise, anyone that disproves anything on YOUR web site (firefoxmyths.com) is wrong, just because YOU said so.

"Firefox Myths is facts...."

Nice grammar.

Actually, first you have to PROVE something. I could claim that my skin is in fact olive green. I could claim that my finances are in the billions. I could claim a million things that would be moderately difficult to disprove, if one assumes that it was proven in the first place.

You can't go around saying "disprove this" and "disprove that" without first supplying some sort of credible evidence to support your claim. That's not how the world works.

No, advertising.

"That site covers up the facts. Get the facts at my web site here:"

Additionally, advertising is what you do on your own web page, with your Google Ads (breaking the Ad Sense policy, I might add).

Proof has been posted. Several times. By several different people. The problem is that you dismiss any attempts as Fanboyism.

There is not a direct correlation between popularity and number of vulnerabilities in software. Any moron can figure out that if a product is more widely used than another then it'll be attacked more. Saying that if Firefox had X more percent of the market share then it would have X times more vulnerabilities is ridiculous. If the market share went down, would the amount of vulnerabilities decrease? No, because they already exist.

Common sense is lacking in your arsenal, Mastertech.

Don't you just love it how IE lovers and other Firefox bashers go absolutely wild every time a small bug is found in Firefox? "Oh, it's 10 times more insecure than IE!1!!"

Focus on the dozens of serious unpatched vulnerabilities in IE.

or focus on the 0 security flaws in Opera...

No joke. One day this story is on BetaNews and there are OVER 300 COMMENTS.

heh it'll be fixed by the end of the week, i'm fairly ok with that

Like the 30 or so other ourstanding security flaws?

I'm sitting back, eating some Slim Jim's and watching this spam-fest continue.

Yum....

P.S. - Firefox is the bestest browser in the world.

Firefox rocks your socks at 12 o'clocks?

At least there is a Firefox extension that give the user full control over whether a page can run script in the browser. NoScript, info at http://noscript.net

Yes noscript is very good. Only, i remember it causing problems with some pages that will try to load windows media player embedded. It would crash firefox. I wonder if that's still the case?

bummer, i'm turning off mailto altogether until they fix this. Don't need it on anyway.

That's a lot of vulnerabilities listed. However, I've been using Firefox for a long time and have never once had anything flagged by my virus/adware/spyware scanners. I did with IE though, plenty. This is my personal experience.

Some of the other things mentioned on the myths page are kind of stretching it (sorry), for example the tabbed browsing point about installing the MSN toolbar. No thanks. It still comes nowhere near the Tabbed Browsing Preferences extension.

I also took the popup test and I didn't see one popup. Explanation, you may have java turned off. No, it's called No-Script.

Also. "Firefox supports Extensions and Internet Explorer does not." Yes, they are called add-ons, but one difference, FF extensions are completely free. Internet Explorer offers some free, but not all: http://windowsmarketplac.../Results.aspx?collID=57

The browser speeds comparison is totaly useless as everyone's computing environment is different. I would put much faith in to those results, although interesting.

As I said before, I used to be an IE fan until I found Firefox and what it can do. The anecdotal remarks on the 'myths' page need to be reaccessed and to depict a more accurate reality on browsers. Again, sorry, but I don't see anything wrong with Firefox as every Internet enabled app is at risk.

Whoever did the speed tests are a bunch of morons if they think IE 6 is faster at rendering web sites than Firefox. IE 6 is the slowest web browser ever developed in terms of rendering speed. The browser is also far less stable than Netscape 6 was.

The results speak for themselves. If you don't believe them, and continue to believe FireFix is fast, then it's your loss. If you truely want a fast secure browser, try Opera.

You need to take a step back and look at what you are saying, Mastertech, so you don't look like such an idiot: the Sunbelt blog describes spyware auto-installing on Firefox 1.0.4- a version long since updated (currently 1.0.8/1.5.0.3).

Forefox's record is clearly different from IE, which has had episodes of auto-installing spyware on up-to-date versions of the browser:

http://news.com.com/Micr...6053961.html?tag=cd.top

http://www.sophos.com/pr.../2005/12/msexploit.html

http://blogs.zdnet.com/Spyware/?p=801

A good security summary:

http://www.webdevout.net/security_summary.php

Opera does indeed come out very well, but it too has patched vulnerabilities in the past.

Patching vulnerabilities does not make a program insecure: not patching them does.

Mastertech loves to fling around figures for the number of Firefox vulnerabilities without ever mentioning that they were patched. (Never mentions the number of IE vulnerabilities of course!)

This is all because of his Firefox phobia.

A good parody of Firefox Myths can be found here:

http://nanobox.chipx86.com/FirefoxFables/

Mastertech has produced a rather less funny attempt to parody the parody here:

http://mywebpages.comcas...rtCD/FirefoxFables.html

It's quite obvious that Mastertech is just anti-firefox. I don't get that kind of mentality, the bottom line is that IE is the s***test browser out there. I don't care is someone uses Opera or Firefox, I use firefox because it suites me, it's intuitive and I like the interface... sure Opera has it's advantages like having a whole in one suite for those that want it - I just want a minimalistic browser.

Firefox is definitely a good browser and relatively (to IE) secure. Both opera and firefox will have bugs and security flaws like ANY other piece of software. Combined with common sense and Linux it's very hard to actually get affected

And with Opera , im pretty bored because for almost a year my antivirus and adaware has found not even a single infection/spyware.

That's the way to do it! Keep your head firmly in the sand!

Patched vulnerabilities mean FA.

And the real parody is here:

http://nanobox.chipx86.com/FirefoxFables/

Silly game, Mastertech.

http://news.com.com/Micr...6053961.html?tag=cd.top

http://www.sophos.com/pr.../2005/12/msexploit.html

http://blogs.zdnet.com/Spyware/?p=801

I'm quite happy to trust Sophos and Websense when they say they found sites using the exploit to auto-install spyware. If you don't want to believe them, that's your choice.

It's no fun to argue any more, Mastertech, when you make such moronic statements. Have to love you and leave you! Cheerypip!

Damn, you got nailed again. But you like the abuse, right?

Oh man, busted again! Never tire of losing, do ya?

Posting links for someone (that'd be you, son) who can't read is futile. Maybe this will help, at least comfort you to know you're not alone:

http://www.sil.org/literacy/LitFacts.htm

Look in a mirror and repeat that. Okay, now get therapy.

You would have to have a brain to get it washed, and in that area you are sorely lacking.

No, you never claimed they were unpatched. You just failed to mention that they WERE patched.

A point you seem to miss is that "100% secure" is not the same as "secure." You interchange the terms frequently on your web site to skew the facts to drag Firefox in the dirt.

If I were Firefox I'd sue you on libel charges, but then again, it has to come from a source where people actually believe what they're reading...

With that logic, there are literally hundreds of vulnerabilities in Internet Explorer that are just "covered up." I never said that they were ALL patched. You just failed to mention that SOME were patched, and that NOT ALL of them were UNPATCHED.

You can't possibly believe that advertisers will sit there and tell you every single thing that's wrong with the product. Look at television commercials for crying out loud.

"Telling the truth" and "putting words into people's mouths and then refuting them" are two entirely different things.

Yet you still never mention anything about IE vulnerabilities on your web site. It's completely slanted in one direction.

Again, you are crossing terms. Firefox IS secure, but it is not 100% secure. There is a difference. Now, you may interpret the phrase "Firefox is Secure" as "Firefox is invincible and can never become unsecure," but anyone with half a brain wouldn't come to that dumb conclusion.

Every other non Microsoft web browser that has ever been released (including Opera, Netscape and Firefox) is faster at rendering web pages than IE 6. The only fast browser in terms of web page rendering speed that Microsoft has developed is IE 7.

Firefox myths has been debunked so many times I wonder why anyone ever goes there....master tech is a troll only posting to get a rise out of people

Debunked and done. The only person who doesn't get that is Andrew K., the author, better known as MasterTech - SuperTroll.

Hahahahaha.

You're an IE Fanboy. *pointing finger and laughing*

LOL

What are you a master of? You're for sure not a master of tech.

Hahahahaa!

I've seen all kind of bashers in these posts... but someone who has dedicated extraordinary efforts like mastertech (what a nick for a biased guy towards microsoft) it's quite unusual.

Keep it up! I'm sure this is taking you somewhere! ;)

Yeah yeah, welcome back masterspammer.

Firefox is still better than the spyware BS written into IE. In case your not aware of it, IE records every website you have visited since installing windows, in a hidden and locked file.

IE is also trying to play catchup to Firefox for features.

The articles you linked to are nothing but MS fanboys spreading lies.

Oh jee, what a surprise, he even has ads on their to make profit off his LIES.

Blah, Blah...more garbage from SuperTroll.

every browser has vulnerabilites. get over it. firefox DOES have less vulnerabilities (chances of getting viruses and spyware) for the STANDARD user as most people have no idea what securing their browser and their os means. that being said, i use BOTH ie and firefox (firefox most of the time, ie when i feel like it). in my PERSONAL opinion, i like firefox more and I (ME, NOT YOU) have had less issues with it than ie.

there
done
refute that

Yep, you're right, which is why you keep trying to defend IE.

LOL.

If the truth speaks why do you keep posting links?

Weeeeeee.....keep 'em coming IE Fanboy Spammer Master.

So opera has less unpatched vulnerabilities... big deal, firefox will patch theirs soon enough. I have never been attacked since using Firefox, and opera just doesn't feel right nor does it have the limiteless extensability of Firefox...

As long as people stop using IE everything will be ok, stop bashing firefox and start bashing IE.

"The point? So many people hype Firefox as some security meca but completely ignore the security superior Opera. Double Standard? Of course."

Here's what Mastertech (aka Andrew) says of Opera elsewhere:

"I love things that work and IE works. Everytime I have to switch to IE to see or use a page properly is a waste of my time. I have to do it EVERY day. How can I possibly recommend this [Opera] to anyone? When they could simply use IE or preferably Avant Browser and never have to switch to anything? The argument isn't their. I don't sacrifice for things that don't work. My time is my time. Why "put up" with something when you don't have to? For an idealistic dream? Get back to me when Firefox or Opera renders all of the Web correctly. Neither is ready for prime time as far as I'm concerned."

http://s4.invisionfree.c...?showtopic=544&st=0

Repeating the lie when I have proof just makes you look like a fool:

If the fact that you link to the Poptech blog/forum at the top of the OptimizeXP/Firefox myths site, post there as Andrew, identify yourself as Andrew at the bottom of the OptimizeXP/Firefox site, and say exactly the same things on both sites isn't enough to convince anybody that your are either a)schizophrenic or b)lying, here is the proof:

1) You have posted a reference to Firefox Myths on the Poptech forum, where one of the forum members identified you as the author:

http://standards.spiralmindsinc.com/misc/Priceless/

2) You refered to the OptimizeXP site as 'my' guide on the forum:

http://72.14.203.104/sea...uk&ct=clnk&cd=1

3) You used the name GeneralAres for an image folder on the Poptech blog site. This is the other name you use for posting pages from OptimizeXP/Poptech on forums like TomsHardware, PCMech and AnandTech, and is also an email address you use when posting as Mastertech.

http://images.google.co.uk/images?

After all of these facts were poited out to you, you tried to cover up the truth by deleting pages or renaming folders, but unfortunately Google retains a record of your guilt.

Give it up Mastertech. Wouldn't it just be easier to admit what you have said?

Your persistence is repeating a blatant lie in the face of clear proof is most endearing.

You lose again.....it's a sweep!

Let's play the secunia advisories linking game.

Mastertech provided the unpatched Firefox vulnerabilities from 2004:
http://secunia.com/advisories/12580/
http://secunia.com/advisories/12403/

I will provide the Internet Explorer unpatched vulnerabilities from 2004:
http://secunia.com/advisories/13404/
http://secunia.com/advisories/13396/
http://secunia.com/advisories/13251/
http://secunia.com/advisories/13317/
http://secunia.com/advisories/13203/
http://secunia.com/advisories/13156/
http://secunia.com/advisories/13124/
http://secunia.com/advisories/13015/
http://secunia.com/advisories/12581/
http://secunia.com/advisories/12304/
http://secunia.com/advisories/7277/
http://secunia.com/advisories/11582/
http://secunia.com/advisories/11273/
http://secunia.com/advisories/10996/
http://secunia.com/advisories/10820/

Internet Explorer: 15
Mozilla Firefox: 2

Let's move on -- 2005
Mozilla Firefox
http://secunia.com/advisories/12979/

Internet Explorer
http://secunia.com/advisories/17564/
http://secunia.com/advisories/17565/
http://secunia.com/advisories/16942/
http://secunia.com/advisories/15491/
http://secunia.com/advisories/14335/
http://secunia.com/advisories/14304/
http://secunia.com/advisories/13872/

Internet Explorer: 7
Mozilla Firefox: 1

2006

Mozilla Firefox
http://secunia.com/advisories/19698/

Internet Explorer
http://secunia.com/advisories/19738/
http://secunia.com/advisories/19762/
http://secunia.com/advisories/19521/
http://secunia.com/advisories/19057/
http://secunia.com/advisories/18787/

Internet Explorer: 5
Mozilla Firefox: 1

TOTAL
Internet Explorer: 15 + 7 + 5 = 27
Mozilla Firefox: 2 + 1 + 1 = 4

So from 2004 and on, there are currently FOUR (4) unpatched vulnerabilities for Firefox and TWENTY-SEVEN (27) unpatched vulnerabilities for Internet Explorer. Your problem, Mastertech, is that you simply ignore anything that puts IE in a bad light, when the fact is that it is attacked far more often, simply because more people use it.

These links, of course, are my source. You sit there and whine whenever other people post links, but just to be safe, I've used a source that you yourself use. secunia.com

^^ I love this post ^^

Well done.

/He's a (shhhh) Secret Agent.../

...sorry my kids watch too much LazyTown

No, FirefoxMyths is about you and your ego

I am covering nothing up. You attempted to defend a reply by posting Firefox vulnerabilites. I posted both from Internet Explorer and Firefox. Then, realising that I made a good point, you drag Opera into the discussion, which goes perfectly along with your "anything-but-Firefox" agenda.

And you round off the reply by calling me a Firefox Fanboy. I really wish you would actually consider reading replies without labelling the poster "fanboy." Intelligent discussions and debate are possible. With you, however, it is nearly impossible (I haven't given up hope yet).

"Firefox Myths is about FIREFOX not IE."

"Notes - Internet Explorer with Windows XP Service Pack 2 installed provide the same level of Spyware security as Firefox. SP2 includes a built-in Pop-up blocker, a Download installation warning system and removes MSJVM from the system. This eliminates all the known security exploits some Spyware applications used to auto install themselves. Anyone who claims Internet Explorer cannot be secured from Auto-installing Spyware either doesn't know how or is lying."

What's that doing in there then?

Firefox is insecure because of all those nasty past vulnerabilities, but IE provides the same level of security despite having far more past nasty vulnerabilities, some of which didn't get patched till a long time after spyware emerged to exploit them?

I use Firefox and likewise don't get Spyware. On the other hand, the other three users on this computer, who use the most up-to-date version of Internet Explorer, almost always get Spyware (Ad-Aware catches it every time its run). Your personal experience cannot speak for the entire Internet browsing world. "I use IE and I don't get spyware so nobody else gets it in IE either unless they're stupid." It's a dumb accusation.

What do we call an IE fanboy who dismisses any and all comments, evidence, and information that could tarnish his holier-than-thou belief in IE? Mastertech.

Oh this sucks, they need to fix it pretty quick.

If the xsrc= tag can be used to open an object on a UNC share on the other side of the internet (or call a script over http somehow and execute it) it would be ugly.

WOW, this is embarassing for Firefox, but my #1 question is did the Mozilla team know it existed and how long did they know about it before it went public?

Interesting--if even fewt says this is ugly...man, it must be much worse than I thought :)

Do we have to wait till patch day ??? to fix it .

Fewt! Are you reading this post?

I will never directly oppose you again..

Will you please bestow comments on this please?

huh? This is my first real read today. Been pretty busy. This sucks, umm it's a black eye for firefox *IF* they knew about it and it's not some cowboy wanna be security d00d trying to be cool and release info on a sploit before the Mozilla guys had time to fix it.

WTF is this "I will never directly oppose you again.. " all about? Come to a revelation that I was right about something? You know I am. heh

Who knew browsers are so friggin' complicated! Security is painful. Insecurity is dangerous. And evil hackers blow chunks.

I think it's of note that Secunia is referred to more often in these articles more than SecurityFocus.

Yes, I made a mental note of that as well...well, if someone in betanews is close to someone in "that" company/group, perhaps this comment will receive a -1 or perhaps disappear...

I'll wait and see.

Even before Betanews came along, Secunia was big time. I don't know about this other company, but I know Secunia is pretty much the authority on Security updates, its in several trade pubs in the IT world, so they have many people's ear.

I am not discouting Betanews being in bed with Secunia, but I am stating that Secunia is very well known..

NOSCRIPT extension (which everyone should be using anyway):

https://addons.mozilla.org/firefox/722/

WORKAROUNDS (From Chris Mosby):

Turn off automatic startup of your e-mail application in Firefox. To do so, enter in the URL bar: about:config . This will show a long list of configuration options. Search for 'warn-external.mailto' (e.g. use the 'Filter' option). By default, this value should be set to "false". Click on the line to toggle it to "true" (it will be bold if it is not set to the default).

Now, whenever you click on a mailto: link, you will first be asked if you would like to start your e-mail application. In the case of the exploit this will keep your system responsive, even though you may still have to click on all the dialogs.

Disabling javascript is another option, or disabling mailto: link all together. But these options are more intrusive.

Link:

http://myitforum.com/cs2...e/2006/05/11/20140.aspx

Or just download the fix tomorrow.

say it aint so..Fireflop needs a tuneup?? NOOOOOO

Now there's an unbiased expression of opinion.
-- Changed product name to something "humorous."
-- Lack of any sense of typing or grammatical abilities.
-- Caps Lock

You win.

This is news? In other totally related crappy headlines, IE6 can be told to open a window that opens itself, resulting in explorer crashing.

Also in related crappy headlines, Paint Shop Pro 5 can not be closed while opening images. Users that instructed it to view all images off their cameras would have their system frozen for dozens of minutes as it loads them off a memory card and into VRAM. The only known way to fix it is to Ctrl+Alt+Delete the program or hit the reset button on your computer.

Oh...my...god...horrible!

No Script ver 1.1.4.1.........anyone who allows java script to randomly run on unknown or suspicious web sites deserves what they get.

Yeah, that's true. But I have seen inline and pop-up ad's, such as Google (oh, can't wait to hear it now) and they can run suspicious code..

So it's not ONLY suspicious sites, this is why pop-ups can also be bad...

...and why I love my adblock extension *so* very much.

Why, if I weren't already married...

Easy boy.. load virtual Girl Friend 1.01 (SP1) and take it down a notch..

adblock if it were used on a porn site, would that be a c*** block?

Only if it was connected via USb to a...

uh...

...never mind.

Sounds like a realdoll fantasy mod!

Insert tab A into slot B. If your reticule is stuck, try shaking to give it a rattle, but if it persists longer than 2 minutes, you may have subjected yourself to an unexpected surge and therefore you will be using a soft material to remove the evidence.

Adblock plus version 5.11.3 or higher ;)

Damnit! I said NEVER MIND!!!!

*grin*

"Why, if I weren't already married..."

You'd get a little floppy drive action?

Sounds painful. :-/

It only hurts when I ...

...wait..

What?

Opening windows until someone's computer becomes unresponsive and needs rebooted is a problem with Windows and it's also not a DoS attack. It's called crashing a computer.

Crashing a users computer is not a Denial of Service attack. I don't care what these people today want to call it.

The people that go to those "kinds" of sites deserve to have all their resources hogged and then have to reboot. :)

Well I agree with the people that go off on a tangent and manage to find sites that would engage practices deserve to be rebooted, I don't agree what a Denial of Service is.

A router could experience a DoS by bombarding it with repeat network attacks, but the words Denial and Service, are basic words. ANY thing that causes a malfunction, even a crash, could be regarded as a DoS. I don't care what you THINK they should call it. Definitions are broader to be more inclusive of what actually HAPPENS not original definitions.

A denial of service attack is anything that causes a service (such as your computer) to stop working by overloading it. This very much is a denial of service attack, which is what security researchers are calling it.

Blah blah blah....

words words.....

I'm gonna go eat SlimJims and drive my Hemi.

Tell me, by causing a computer to crash by eating its cpu cycles by opening 1000's of application windows, is that not denying a user access to services and resources on that machine? Denial of service is not just limited to servers, routers, and switches.

....that is a DoS attack. Alert! Alert!

He is attempting to sabotage nate!

Would you make me a poop sandwich?

I don't think they care to hear the truth..

I think there is a similarity between FireFox fanbase security flaws (they don't exist in their world), DoS limited to only routers/switches and NAS Phone Log Submissions..

If I can take a poll, I bet I will find a common ground there.. They are so hell bent that Firefox is perfect they can't see the forrest for the trees.

System failure, of any sort, is a DoS attack.

Call it crash if you want to. But DoS makes people pay attention, and when it involves a flaw that could be serious...

Let's face it, people need to pay attention.

BWAAAHAHAHHAHAA!!!!

Smack!

They got ya with a -1 mod. Lessee if they cancel this account too, eh? :P

I am too broke to pay attention! Who the hell is attention?!?!? Damn, more bills!

MMMMM Hemi

the more firefox grow in popularity, the more people will be looking for vulns and bugs. for whatever the attackers reason, it is usually ment to either work on the majority of people, or work on the most at once, which means they are going to look for the largest browser used. therefore the more firefox gains market share, the more vulns are going to be found

Wow its been almost a week, no MS IE Security articles.. amazing. I guess its almost time!

Law of averages, man. They had to have a good week eventually.

Of course, there's always tomorrow....

Looking forward to it! Bring it on!

-It's already been broughten!-
*movie quote*

Seems pretty benign to me, although 100 mailto: windows could be an annoyance.

Now...can it open a mailto: window and MAIL itself if it had its own SMTP propogation subroutines? Knowing what little I do of programming, it cannot be completely ruled out.

If it is possible, it would make this that much more dangerous than a mere annoyance.

EDIT: Wow, hot topic. Only about 5 minutes since it was posted and already 7 comments and counting...

There is more to it!

*Now it opens ~100 mail windows, but what if it does a lot worse, just because the img xsrc= tag can be used to open almost everything?" warned Securityview in a Web log post on Saturday.*

It doesn't STOP at opening mailto:

oh no! maybe it could open 100 notepad.exe's! notepad is worse than mailto!

Fine, trivialize it. This only goes to further prove, had this been a MS security flaw, you people would be screaming for more MS blood and how they are purposely trying to ruin it for 3rd party products.

Get real.

If it opens a mailto window in a system with Outlook/word 2003 with Macro's enabled and embed a macro.

Don't know if it could get that far, but....

how would it get the macro in there? all it can do is open the window.

all it can do is open the window.

...famous last words.

ATM it's harmless. Since that's *really* all we have to go by, I'm tempted to drop it and agree with you.

It is, however, possible to insert a subject line in the mailto. I am quite sure some ingenius hacker could find a way to pervert that via somne malformed something-or-other sent behind a rouge doo-dad.

Sorry...didn't mean to get technical on ya. I'm sure you've had a hard day in preschool. ;)

hahaha..

Jose, no you can't have a cookie, go back and play with your gameboy.. yes, your mama the crack head, will be along any minute to pick you up, now run along now.. That's a good boy :)

a red doo-dad, huh? well, come up with a way and mozilla will give you the bug bounty, plus you'll be famous.

Uh uh. I don't see that written, show me where if you can prove Firefox has errors they will pay you for proof?

I think someone dipped your pacifier in that hot mustard.

http://www.mozilla.org/s...ity/bug-bounty-faq.html

shows how much you know what you're talking about.

Fine so they offer a reward, so why contest the bug, simply collect the reward. Why are you even arguing? If it is truly a bug, why would you want to discount especially when it means $$$. That is another level of stupidity..

rijp, you just sound ignorant with these playground retorts you come up with when you get excited. You seem like a pretty knowledgeable guy about PCs, capable of making interesting posts, so why do you keep making a fool of yourself by attempting wit?

It's a sexual dysfunction somehow related to a maternal punishment fixation. Or something like that. ;o)

These things are useless. Who cares if it can open up mailto: windows. Whoopie doooo.

This is not a security concern. People are really grasping at straws here.

I wish you people would quit taking things out of context, he didn't stop at opening mail windows...

*. . . but what if it does a lot worse, just because the img xsrc= tag can be used to open almost everything?" warned Securityview in a Web log post on Saturday.*

...such as? you people are grasping at straws.

Are you just commenting to see your name in writing?

Actually, it seems you are trying to just push another firefox flaw off as being not that just because you cant stand seeing your most beloved piece of software be displayed as having a flaw.

pot kettle black.

firefox is hardly my favorite, i actually prefer seamonkey, and there are many pieces of software i like better than any web browser. this is a real bug and it should be fixed, but calling it a security flaw is ridiculous.

ah, but you have to comment to get the last word.. I asked a question, so its not a comment, did you flunk 3rd grade english, ese?

Its giving the hacker a way to access things on your computer (hence opening windows). How is that not a security risk?

3rd Grade? You think too highly of him. *grin*

But, while we're on the subject of 'last words'...

Ha!

monkey see, monkey doo doo! Now there is a fine upstanding product if I ever heard one..

I bet seamonkey is a real tight product..

-rolling eyes-

He probably thinks they are after his collection of Abba, and he just figures he can use Bear Share to download, because the RIAA can't get to him because he is using an off brand web browser, on a wireless connection, in the libary in prison..

*websites* (not hackers) can tell your computer to open things. the things then open on your computer only. neither the websites, nor the "hackers" that run them, get any access to anything.

So next you are telling us, that hackers can't possibly access exploits in browsers, because the article doesn't specifically identify it?

You must have just finished computers 101 yesterday, because you are severely mis informed, uh, firefox glea club.

How do you think websites get created, by spontaneous combustion? Hackers make them, go back and finish, browsing for dummies, because I think you missed the part after "foreward".

this has almost gotten to the point where i shouldn't dignify it with a response, but this is my last attempt. not all exploits are created equal. if you understand the exploit this article is about at all, you would understand how the results are no different than if you'd opened the mail window yourself. i assume you don't think mystery hackers can read your emails as you're typing them when you open the mail window yourself, correct?

*this has almost gotten to the point where i shouldn't dignify it with a response*

Awww, running out of 101 tech responses to say to make you look cool? That's too bad, now you actually have to start thinking on your own.. tsk tsk.

*but this is my last attempt.*

Is this a promise or a threat?

*not all exploits are created equal. if you understand the exploit this article is about at all, you would understand how the results are no different than if you'd opened the mail window yourself.*

And what you fail to realize is, that this article isn't simply ABOUT mailto. Read the damn article. That was an example, not the ultimate experience in what could become of the exploit. This security risk could be used to damage other things, given the hands of a more experienced hacker, and they have shown they can be quite disruptive.

*i assume you don't think mystery hackers can read your emails as you're typing them when you open the mail window yourself, correct?*

This isn't about what I think, its about what the article says CAN happen. Actually, I know hackers *CAN'T* read my emails as I type them, its a potential problem IF you let bad programs like key loggers and spy programs manipulate and access your machine.

My machine is devoid of such programs, and my company is as well, because *I* watch carefully, and I know the right tools to prevent such a mishap. Another reason I don't agree when people try to use OTHER programs, other than MS products.. Its too hard to control when security issues arise.

So, since you won't answer my question, I will respond to yours, NO they can't read my emails mid type. It is conceivable, but not realistic. I am not getting into all the programs I use, and how I monitor my machine, suffice to say, that I keep track of ALL services, and how programs get loaded.

In the general public, if you use the right spyware detection, and anti-virus, you are safe. IE has known issues, which have KNOWN fixes. If you want to use Firefox, netscape, Linux, fine.. but do so at your OWN risk, I will be of no assistance, I have enough to worry about with our standard load than to try and figure out what else can be broken down the road.

Opening a mail window myself, isn't the same any more than, that my windows rolling themselves down during a rain storm when my car isn't on as it is when I accidentally hit the button.. that is NOT the same thing. We are talking about a Firefox bug that ALLOWS outside intrusion, just like IE. It's software, bugs comes with the territory, but for you to deny its a potential problem, isn't helping the situation.

Seamonkey is based off the same product as Firefox is based off of.

I am not 100% up on it, as integration is not the way I like to go, but I believe Firefox extensions work with it as well.

"Is this a promise or a threat?"

would have been both, but your response this time seemed to involve a slight degree of actual thought.

"And what you fail to realize is, that this article isn't simply ABOUT mailto. Read the damn article. That was an example, not the ultimate experience in what could become of the exploit. This security risk could be used to damage other things, given the hands of a more experienced hacker, and they have shown they can be quite disruptive."

i realize that, but, having some understanding of the technology involved, i also realize that all possibilities are just as benign as mailto. if you can provide a single PoC of a single even slight true security risk based on this, you will have my humble apology and a $500 check from MoFo.

"its a potential problem IF you let bad programs like key loggers and spy programs manipulate and access your machine."

this exploit isn't about if you have keyloggers or spyware already on your machine. if you do, you don't need this exploit, and this exploit doesn't help you any.

"IE has known issues, which have KNOWN fixes."

according to secunia, it currently has ~30 known unpatched vulnerabilities.

"Opening a mail window myself, isn't the same any more than, that my windows rolling themselves down during a rain storm when my car isn't on as it is when I accidentally hit the button.. that is NOT the same thing. We are talking about a Firefox bug that ALLOWS outside intrusion, just like IE. It's software, bugs comes with the territory, but for you to deny its a potential problem, isn't helping the situation."

i think you need to read through that and try to figure out what you were trying to say because it doesn't parse. nobody has demonstrated any form of intrusion coming from this bug, or given a logical explanation of how one might be possible. is it a bug? yes. is it an annoyance? yes. is it a security flaw? no.

::edit::

despite your broken phrasing, i think i've figured out your point. you're saying it's not the same in that you requested the action in one case and not in the other. that may be true, but the fact is both actions have the same result. your car is no less secure in having the window down if you caused it than if you didn't.

So, the same bugs would apply then, therby giving a false sense of security?

*according to secunia, it currently has ~30 known unpatched vulnerabilities.*

Many of which Microsoft has CONTESTED as actually exploit/security problems. and it doesn't mean they DON'T exist, they haven't found a fix for them, YET! So what does that prove?

*nobody has demonstrated any form of intrusion coming from this bug, or given a logical explanation of how one might be possible. is it a bug? yes. is it an annoyance? yes. is it a security flaw? no*

I think you need to read the whole article again. Clearly, the first line reads:

"Firefox users may be vulnerable to a denial of service attack after researchers looked into reports of a new vulnerability within Firefox 1.5.0.3"

Because NOW you are directly opposing experts in the field.. So you think you are just the all knowing security authority on Firefox issues now? If so, you not only are a couple cans short of a six pack, but you need a severe reality check. The security industry regarding software vulnerabilities HAS determined that it IS a flaw, and they saw fit to report it publicly. you got a problem with that, write your congressman.

You want to dispute their claim, why don't you argue with them, because I am merely regurgitating what the article already stipulates, that it IS a Vulernability. You don't have to admit, but then, you are just some low life user, and what does your words mean anyway? Firefox users should be wary of such a threat exists.

I know what I was trying to say, and I know what I wrote, it was in perfect english, perhaps it is you that can't realize your argument isn't worthy anymore, because you can't argue with US, we didn't write the damn software. It is what it IS. A security threat. Period.

Microsoft may have contested many, but not all, huh?

"Firefox users MAY BE vulnerable to a denial of service attack after researchers LOOKED INTO REPORTS of a new vulnerability within Firefox 1.5.0.3"

Fasle sense of security?

Only for those foolish enough to believe *any* product is secure. :)

"IE has known issues, which have KNOWN fixes."

humm..i believe there are about 21 according to Secunia.
http://secunia.com/product/4227/
The oldest dates back to 2003.

Firefox has 3 flaws according to Secunia.
http://secunia.com/product/4227/
2 which are less critical
1 that is not critical.

So there!

heh

Damn!.

Oh...wait...

Yeah!!

rijp, you're doing it again, take a deep breath and remember that your opinion is only your opinion, and try not to reply when you have nothing to say and know nothing about the comment you are so desperate to trash.

See there, you actually had a useful POV on something but you wrapped it up in your usual 3-year-old's invective, thereby p***ing off not only your detractors but people who actually agree with you.

...and there, rijp, sitting there with your heart beating and your temple throbbing, writing a derisive novel of a comment. If you'd played nice you wouldn't have gotten into all this name-calling. And yet you keep doing it, thread after thread, over and over....

A little progress, you're clearly making SOME effort to control your temper,but then 'low life user' slips in, what a pity....

Oh dear, more attempts at humour mixed with not-so-biting invective. Keep breathing deep, one day you'll negotiate a controversial thread without descending to nastiness and your own weird idea of 'humor', I know you've got it in you.

I wonder if he has a glass belly-button?

Taking a deep breath with your head up your a$$ can be dangerous.

Vegas odds - 2,000,000,000,000,000 to 1

Someone needs to tell Mr Oswald what a Denial of Service attack is, because this isn't one.

http://en.wikipedia.org/...enial-of-service_attack

Agreed.

Talk about things getting "blown out of proportion".

*eyes rolling*

Opening thousands of application windows and crashing an operating system is very much indeed a denial of service attack. Here's some more information to educate yourself:

http://en.wikipedia.org/wiki/Denial_of_service

OK, from that article:

*A DoS attack can be perpetrated in a number of ways. There are three basic types of attack:
consumption of computational resources, such as bandwidth, disk space, or CPU time

disruption of configuration information, such as routing information

disruption of physical network components*

This would qualify, if opening a bunch of windows caused high CPU or network resource hogging.. so its still is the same thing.

but you didn't see the other part about, what if it does worse than simply open a mail, what if it COULD become something more damaging..

You may think so and wikipedia may think so but it's not. That's called crashing a computer.

For those of us who have been around a LONG time we know what a real DoS attack is. It's not crashing a users computer.

Duh!

Well that's true, but look at the DoS, DENIAL of SERVICE. That could be anything which causes network overflow or ANY service that doesn't allow adequate resource to function, up to AND INCLUDING crashing your machine.. could be contrued as DoS.

They started with a very small definition, but its grown to INCLUDE other things which ultimately causes the problem, which in essence, is DENIAL of your computer or system.

like what? give an example of one single more damaging thing it could do, otherwise it's just FUD.

so then just make a javascript loop that does window.open 1000 times. that's a DOS that works in any browser that supports javascript.

DoS doesn't happen on the USER's machine, it's something that happens to the SERVER. hence why it's Denial of SERVICE and not denial of USE.

And if that computer that crashes serves other computers??? This surely is a DoS attack, just seems people don't want to label at as another serious FireFix bug...

Remember the old viruses? before they were money-making schemes? How they'd destroy data, or cycle the hard drive so much that it literally burned out?

Well, I didn't write the article did I? They said it could be more severe than just opening a mailto, maybe it could open your my documents and send all your stuff to everyone in your address book.

I don't know, it sill stands to reason, that the potential is there to do more damage. But because you are probably a LiarFox fanboy, you don't care about that do you, mr. Cuervo.

Whatever, if that is your definition, you are a dumb ass. Its not user machines, you bone head, it could be a server?

Oh, you didn't think of that did you choir boy? nooo.. Maybe the machine is a backend server that crashed, and people can't access sites from, eh lug nut?

Yeah, that's a good one there. Explain to people that when the server is crashed, and people can't access its data, that its NOT a DENIAL of service.

Why don't you leave the technical stuff to the other people, this is above your head.

wrong, end users can get DoS'd too. You obviously have never used IRC where people will attack your computer to get it to crash so they can steal your nickname or steal your channel

Bingo! That's my point. Its Firefox, oh its "just" blowing smoke.

IE, now its a life threatening event.

Dont let him get to you rjjp, he is just another foxie fan boy that fails to admit when a flaw hits his beloved piece of software. This can be said for any fanboy of any product. You and I both live in something called "the real world" where people admit when something has a flaw.

Only an idiot would surf the web from a server. Duh...

if you run a web browser on your server, I'M the bonehead? nice try.

Yes, god forbid someone surf the web from a server to obtain a security patch for something running on that server. OH NO! THAT NEVER HAPPENS!

oh no, they stole my nickname!! what am i, 12?

if it does, they're asking for it.

ummm, again, I think rjjp's question is valid, are you posting just to see your name on screen? because you are the one that appears to be grasping at straws here instead of just admitting firefox has a flaw and that flaw can cause a DoS attack.

That was an example. Perhaps if you read, you will see that your claim that DoS attacks are only occurring on servers is wrong.

how could it send anything? answer: it couldn't. it could probably open 100 my documents windows, but that's not any worse than opening 100 mailto windows. the potential to open other things is there, but the potential to do damage does not exist.

Bah...

Proof of Concept.

I admit, if it were implemented in the wild, it could get interesting. I just don't see that happening. :)

Note: I am not saying firefox is better or worse than anything else here. I'm merely pointing out the *lack* of seriousness regarding this specific issue.

I actually agtree with you on that.

Talk about bad server management....

What is the weather like on your planet? I am curious, did you even read the article?

So opening other things, which could be a spyware or some program to do harm, if they can potentially open something other than a mailto, they can potentially open something from their site, and potentially copy it to your machine, and use your machine as a proxy.

Are you always this dense, or do you have to work at really hard? If a program can run, ANY program has the potential to do damage you dim witted fool. Firefox, once corrupted, and therefore exploited as a security risk, could be damaging to your computer. Wow, you must be the highlight of your 7 year high school chess club huh?

Yes, I know.. their flaw. He isn't getting to me, nobody gets to me..

I enjoy this, it makes the day go by much quicker..

that's because those overblown figures about how many people actually USE Firefox are severely out of proportion. What doesn't get used, does not get abused.

:P

I use it enough to cover for all those poor misguided individuals that downloaded, installed, and then stopped using it.

So there.

Acutally, I was guessing closer to 5, but... ;)

Well, therein lies a double entendre. What if its a proxy server? People do use those..

You are surfing from a server, but not at the console, its an agent that runs on that machine, but surfing from your workstation COULD potentially cause the proxy server to become unstable, and therefore reboot.

There are people that use servers as workstations, because they work on the servers all the time, so maybe to you using a production server as a workstation doesn't make sense, probably because you don't access a server, and therefore you don't see a need to do it.

Now you can defend FireFox all you want. Its still a viable threat. Maybe you and the programmers at Firefox don't see it that way, but secunia does, and as long as its deemed a security problem, it will stay as an unfixed security problem on Firefox.

So if you work in an actual corporate environment, your Admins surf from servers all the time.. I will guarantee, you will see logs of places they have been surfing.. especially when they are waiting for that patch to install or they are trying to fix a server problem.. Evidently you aren't a high enough tech to appreciate a server for its ability.

so you never had the URGE to look at a website while on the server waiting for that 300 meg patch to download?

C'mon...

No! That's your IQ, stay with us now..

We're losing him, someone get this boy a diaper change..

man, i love a good ad-hominem attack... not that any of yours deserve even that distinction.

Yeah, because update.microsoft.com, hp.com, dell.com all regularly have malicious code embedded on their sites.

Hahahahahaha.

except nobody has a way to make any of those "potentially"s an "actually". i could potentially be sitting on the lawn outside your house right now, but i'm probably not.

No because I run a WSUS server here on site and I don't need to have any of my servers (100+) hit the web.

Never. I do all surfing from my laptop. If I have to go down to the server room I take my laptop with me and surf from it if needed.

that's a ridiculous claim. firefox is not running on the proxy server, so the proxy server will not crash.

i've known people who have been fired for doing such things. servers are not to be used for surfing, plain and simple.

OK, now you are confusing wireless with surfing, they are mutually exclusive. Try to stay in context of the article, and don't dismiss the subject, which is Firefox has a Security hole!

How do you know what people are potentially capable of? Are you some expert on social behavior now? A hacker can do anything, given the right tools.

And don't try to accuse me of being paranoid, I am realistic, unlike you that doesn't want to admit Firefox has a problem.

Wow. You are a complete idiot. What do you have some sort of browser police that checks to insure people AREN'T browsing on the server?

What is the punishment for that, take away your mouse? Admins surf from the servers. Some admins WORK on servers, and they ARE their machines, so surfing is a PART of their daily routine. Database admins and programmers are in the server environment, maybe where you work, you have a policy, but that doesn't imply EVERYOne follows the same principles.

The main article is Firefox security hole. It doesn't matter to what degree people use Firefox, the security hole is big enoug, that if exploited, could be potentially dangerous, and it IS a DoS, despite your objections.

wrong, a "hacker" in the sense you mean it is limited by security holes present in the software. in order to do the things you are discussing, said "hacker" would need several other security holes in the firefox browser that nobody has found and nobody has any reason to even suspect the existence of.

the IT department checks browser logs regularly. first offense is a warning, second offense is a pink slip.

Well goodie for you. But you aren't the rest of the Firefox using public are you?

This is a warning, Firefox has a problem. It is a DoS attack if you subject Firefox to the security breech.

That's all this is, plain and simple.

We aren't talking about you and your servers, or your company, general public, warning.

Everyone can't be as perfect as you, or have the luxury of a laptop.

what percentage of the firefox using public runs servers?

Well if I could actually find an intellect to challenge me, I may be able to actually raise the bar a little.

Show me something other than a simplistic view of a problem made public, and admit culpability, then maybe we can cease this petty banter, otherwise, your responses are just taking up forum space.

you're the one claiming it to be more than the article says it is, so i believe the burden of proof is on you.

Sadist. ;P

Heh...

Wait?

Hell no. My server room does not invite 'hanging out'. It is a warm, dark, cramped, and unsightly little hole in the wall.

I like it that way. I spend the least amount of time in there that I can. Anything I cannot do remotely, which is *very* little, I start and then leave.

No-one else ever goes in there. No-one wants to.

I cannot imagine a better server room.

This actually has very little to do with servers. I suspect 99% of the firefox using public is doing so on systems *not* operating as servers.

Either way, server or not, the vulnerability, ATM is limited in the fact that it is a PoC, and has yet to be found in the wild.

I strongly doubt it ever will be.

That said...

*YOU* of all people don;t have a laptop!?!??!

What the hell dark-age century rock did you crawl out from again??

Well if I could actually find an intellect to challenge me, I may be able to actually raise the bar a little.

Might i suggest the 'newt'?

Hey! There's a new slogan for the burgeoning Newt pet-market!

"Newts. They're cuter *and* smarter than rijp!"

*grin*

Sorry man. They must have upped the caffeine drip. ;P

Dude, read the article. Potential exploits, they don't KNOW what other threats this hole can do. right now, it can open an email, maybe some hacker is exploiting a known issue RIGHT now, that they could do just that, manipulate other programs.

You believe the tooth fairy can read emails mid stream, but you don't believe they can use this exploit (which is capable of opening a mail program - which is an external executable) and they can't use the same code and point to a different *.exe file (and plant something on your machine) to do something else?

Which is it? You are really obtuse or your elevator doesn't go all the way to the top?

That is in direct contrast to what you asked me earlier, now you are saying the two aren't even related? Have been syphoning gas, you are totally high dude.

hahaha, okay i'm done with this thread. you just repeat the same unsubstantiated claims and used tired immature ad-hominem attacks.

only one browser has ever allowed executables to be planted on your machine, and it wasn't firefox. if you just take it for granted that "hackers" can plant exe files on your computer, then there's no convincing you.

I like Firefox, i realize that it has flaws.

The point is that IE has many more at higher security threat levels then the 3 or 4 in Firefox.

Mozilla releases updates much faster then Microsoft who only does it once a month.

Mozilla does not wait and let other company's fix there flaws for them.

I bet this flaw if bad enough will be fixed in an update by Mozilla in the next 7 days or sooner.

Again, you start brilliantly but then I can almost hear your teeth gritting as you try SO hard JUST ONCE to be able to make a salient post without descending into adolescent-level abuse. Not only is this 3-year-old's invective, it's kinda *female* 3-year-old's invective. When you get this heated, I sort of expect a 'so-there' at the end.

rijp, 5/10, here are the salient parts of your reply:

"So opening other things, which could be a spyware or some program to do harm, if they can potentially open something other than a mailto, they can potentially open something from their site, and potentially copy it to your machine, and use your machine as a proxy.

If a program can run, ANY program has the potential to do damage [edit of pointless insult]. Firefox, once corrupted, and therefore exploited as a security risk, could be damaging to your computer."

All the rest only weakens your argument by being

a)Not funny when it was meant to be and b)Abusive.

You will get it eventually, rijp, keep at it.

"You are a complete idiot".

= how to make enemies and influence no-one.

#1
Very good, concise and opiniated-but-informational. But oh dear, see #2 below...

#2
Diaper 'jokes' and infant invective, all that effort to 'fit in' wasted.

Awesome hubris there, rijp! if you do have a great intellect it is being foiled by whatever it is inside you that won't let you penetrate a rational discussion without descending to child-level abuse and language.

(particularly)black marks:

'Dumb ass', 'choir boy' (detracting reference), 'lug nut' (non-technical abusive reference), 'bone-head'.

Keep at it, son, you'll hold a rational argument yet!

Absolutely amazing, the nerdy, geeky, freaky, sicky commentaries over something which is the norm for any browser now stretching over 408 posts. Just be cool, install NoScript extension and you'll be save.

Firefox is great, but for the fact it permanently eats 20/25 CPU time, dare i say, IE7 does not do. Must be all these extensions and page caching processes and to throw more completely off topic comment in, the memory usage WHICH in IE7 now same or worse than Firefox, with less tabs open )>]