Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[OT] 2013 Browser Security Comparative Analysis

19 views
Skip to first unread message

Mel Bourne

unread,
May 16, 2013, 10:10:57 AM5/16/13
to
Interesting read...

https://www.nsslabs.com/reports/2013-browser-security-comparative-analysis-socially-engineered-malware

Browser Protection:
IE 10 = 99.96%
Google Chrome 25/26 = 83.16%
Safari 5 = 10.15%
Firefox 19 = 9.92%
Opera 12 = 1.87%

Alias

unread,
May 16, 2013, 11:00:07 AM5/16/13
to
Out of date. FF is now at 21.

--
Alias

J.O. Aho

unread,
May 16, 2013, 12:10:28 PM5/16/13
to
Allowing 100% false positive, I can throw together a browser which
blocks all web sites and I will have the most secure one according to
them :)

Richard Kettlewell

unread,
May 16, 2013, 12:16:27 PM5/16/13
to
That’s a point the report does actually make...

--
http://www.greenend.org.uk/rjk/

Shadow

unread,
May 17, 2013, 11:29:01 AM5/17/13
to
Interesting watch...

http://www.youtube.com/watch?v=-Cr6AgUo764

Purely commercial, just like the report above.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

Qruqs

unread,
May 17, 2013, 2:22:56 PM5/17/13
to
On Thu, 16 May 2013 21:10:57 +0700, Mel Bourne wrote:

> Interesting read...

Maybe!

IF, and that's a big one, you're a doze user. (There is not bleedin' "win"
in using their os. It's bleedin' lameware, the lot of it.)
--
http://community.linuxmint.com/

Mike Yetto

unread,
May 17, 2013, 6:13:45 PM5/17/13
to
In a world where Shadow <S...@dow.br>
posts to Usenet.
>On Thu, 16 May 2013 21:10:57 +0700, Mel Bourne <m...@bourne.oz> wrote:

>>Interesting read...
>>
>>https://www.nsslabs.com/reports/2013-browser-security-comparative-analysis-socially-engineered-malware
>>
>>Browser Protection:
>>IE 10 = 99.96%
>>Google Chrome 25/26 = 83.16%
>>Safari 5 = 10.15%
>>Firefox 19 = 9.92%
>>Opera 12 = 1.87%

>Interesting watch...

> http://www.youtube.com/watch?v=-Cr6AgUo764

> Purely commercial, just like the report above.
> []'s

It's a good thing you never find programs loaded on your computer
that phone home or collect marketing data on any Microsoft OS.

Mike "wait... that was my C128 I was thinking about" Yetto
--
"Skeptical scrutiny is the means, in both science and religion,
by which deep thoughts can be winnowed from deep nonsense"
- Carl Sagan

Norm X

unread,
May 17, 2013, 7:02:50 PM5/17/13
to
"Mel Bourne" <m...@bourne.oz> wrote in message
news:kn2pde$kge$1...@speranza.aioe.org...
Here is a better read:

http://www.f-secure.com/v-descs/pdf.shtml

"This is the first worm to use Adobe Acrobat PDF format as a platform.
However, it only works under the full 'developer' version of Acrobat. The
common Acrobat Reader program is not affected by this worm.

The worm operates as a VBS script embedded within a PDF file. The worm show
a simple 'peach' game on screen, with a large collage picture of peoples
behinds and this text:

You have one minute to find the peach!

[ ]

Double click the icon
to show the solution

Note: Full version (not Acrobat
Reader) is needed to show the solution

When the user doubleclicks on the icon shown, the worm collects e-mail
addresses from Microsoft Outlook and sends itself further via e-mail."

When I click on "2013-04 CAR Browser Socially Engineered Malware" :
https://www.nsslabs.com/system/files/public-report/files/2013-04%20CAR%20Browser%20Socially%20Engineered%20Malware%20130513c.pdf

my Chrome browser flagged it "This type of file can harm your computer." I'm
not going to open "socially engineered" crap like that. How many fools are
there in these newsgroups? As the OP noted, this thread is OT!


Alias

unread,
May 17, 2013, 7:24:23 PM5/17/13
to
On 5/18/2013 1:02 AM, Norm X wrote:
> As the OP noted, this thread is OT!

New to Usenet?

--
Alias

Cybe R. Wizard

unread,
May 17, 2013, 7:27:46 PM5/17/13
to
You obviously missed this part below what you quoted:
"As of 9th August 2001, this worm is not a real-world threat."

Cybe R. Wizard
--
Once a scary computer virus (or malware) story gets going, everyone
wants -their- scary computer virus story. The same quotes appear
multiple times in different sources. The phenomenon becomes unstoppable
when everyone speedily gives up asking pointed questions, instead being
satisfied that the validity of a news piece be determined by the number
of competitors who can be seen doing it exactly the same way.

DanS

unread,
May 19, 2013, 8:58:18 AM5/19/13
to
On Fri, 17 May 2013 16:02:50 -0700, Norm X wrote:


>
> When I click on "2013-04 CAR Browser Socially Engineered Malware" :
> https://www.nsslabs.com/system/files/public-report/files/2013-04%20CAR%
> 20Browser%20Socially%20Engineered%20Malware%20130513c.pdf

You seriously think that a pdf from a security company about browser
security would be infected with malware/virii?


> my Chrome browser flagged it "This type of file can harm your computer."
> I'm not going to open "socially engineered" crap like that. How many
> fools are there in these newsgroups?

That depends on your answer to the above.



J.O. Aho

unread,
May 19, 2013, 12:51:13 PM5/19/13
to
On 19/05/13 14:58, DanS wrote:
> On Fri, 17 May 2013 16:02:50 -0700, Norm X wrote:
>
>
>>
>> When I click on "2013-04 CAR Browser Socially Engineered Malware" :
>> https://www.nsslabs.com/system/files/public-report/files/2013-04%20CAR%
>> 20Browser%20Socially%20Engineered%20Malware%20130513c.pdf
>
> You seriously think that a pdf from a security company about browser
> security would be infected with malware/virii?

Why couldn't they be affected by viruses and other malware? Just look at
microsoft who has released win98 preloaded with malware.
Just for someone claims they are a security firm don't make them immune
to things in the same way that politician ain't always equal with
uncorrupted person who tends to the majority's welfare.


--

//Aho

Aragorn

unread,
May 19, 2013, 3:02:16 PM5/19/13
to
On Sunday 19 May 2013 18:51, J.O. Aho conveyed the following to
alt.os.linux...

> On 19/05/13 14:58, DanS wrote:
>
>> On Fri, 17 May 2013 16:02:50 -0700, Norm X wrote:
>>
>>> When I click on "2013-04 CAR Browser Socially Engineered Malware" :
>>> https://www.nsslabs.com/system/files/public-
report/files/2013-04%20CAR%
>>> 20Browser%20Socially%20Engineered%20Malware%20130513c.pdf
>>
>> You seriously think that a pdf from a security company about browser
>> security would be infected with malware/virii?
>
> Why couldn't they be affected by viruses and other malware? Just look
> at microsoft who has released win98 preloaded with malware.

Uh-oh! You said something bad about Microsoft Windows. Now he's going
to /have/ to start stalking you and calling you a liar, just as he has
done with me and with other people who have dared to say something bad
about Microsoft Windows.

I mean, he /uses/ it, so that makes him an expert on the innards of the
Windows operating system. Or so he thinks.

> Just for someone claims they are a security firm don't make them
> immune to things in the same way that politician ain't always equal
> with uncorrupted person who tends to the majority's welfare.

Security-related IT businesses and the computer anti-virus industry make
their living out of the existence of malware, and in a for-profit
manner. That's an interesting thought, isn't it? Where would those
companies be if it weren't for all that malware out there, and what
would they ever do if one day all the malware in the world were gone,
and no computer system could be compromised anymore?

--
= Aragorn =
GNU/Linux user #223157 - http://www.linuxcounter.net

J G Miller

unread,
May 19, 2013, 3:09:16 PM5/19/13
to
Op zondag, 19 mei, 2013, om 21:02:16u +0200, schreef Aragorn:

> Security-related IT businesses and the computer anti-virus industry make
> their living out of the existence of malware, and in a for-profit
> manner.

Hey, it is even better than that.

There is a market for malware that has effectively been encouraged
by the federal government of the USofA.

Found a zero day exploit? Do not publicize it -- sell it!
(Like all good capitalist entrepreneurs.)

<http://www.technologyreview.com/news/507971/welcome-to-the-malware-industrial-complex/>

<http://www.economist.com/news/business/21574478-market-software-helps-hackers-penetrate-computer-systems-digital-arms-trade>

Aragorn

unread,
May 19, 2013, 4:46:39 PM5/19/13
to
On Sunday 19 May 2013 21:09, J G Miller conveyed the following to
alt.os.linux...
Yeah, I already knew that [1], but if I were to dare let those words
come out of /my/ mouth, /I/ get called a conspiracy theorist, or an
"anti-American Euro-communist" [3] or something of that nature.


[1] Who in their right mind would suspect anyone other than the USA'n
government to be behind the Stuxnet worm [2] or the DDoS attacks on
all organizations who financially supported (or aided in gathering
financial support for) Wikileaks right after they published the
cables leaked by Bradley Manning?

What was that infamous Windows registry key called again? "NSA_KEY"
or something like that, wasn't it? ;-)


[2] Stuxnet was specifically aimed at the Iranian nuclear installations,
and Iran has no real enemies other than the United States of
America. Oh, and Israel, of course. But that's essentially the
same thing. <grin>


[3] One can accuse the Ewwropean Union of many things, but not of
communism. Anyone who says that doesn't know what communism is.
The Ewwropean Union is full of corporatists, crypto-fascists and
aristocrats. You can call it whatever you like, but communist it
is not. Not even socialist, and certainly not anti-American. Too
many Ewwropean nations are all too willing to help the USA invade
sovereign third world nations to instate US shill regimes there.

J G Miller

unread,
May 19, 2013, 5:23:51 PM5/19/13
to
Op zondag, 19 mei, 2013, om 22:46:39u +0200, schreef Aragorn:

> [3] One can accuse the Ewwropean Union of many things, but not of
> communism. Anyone who says that doesn't know what communism is.
> The Ewwropean Union is full of corporatists, crypto-fascists ...


Like Nigel Farage MEP

<http://nigelfaragemep.co.UK/>

and even non-crypto, good old fashioned, plain and simple, fascists
like Nicholas Griffin MEP

<http://www.nickgriffinmep.EU/>


As compared to the corporatist David William Donald Cameron,
leader of the Conservative and Unionist Party of Great Britain
(December 6th, 2005 - present day):

"So I speak as British Prime Minister with a positive vision for the future
of the European Union. A future in which Britain wants, and should want,
to play a committed and active part."

"Britain is at the heart of that Single Market, and must remain so."

"I want completing the single market to be our driving mission."

January 23rd, 2013

DanS

unread,
May 20, 2013, 8:17:42 AM5/20/13
to
On Sun, 19 May 2013 18:51:13 +0200, J.O. Aho wrote:

> On 19/05/13 14:58, DanS wrote:
>> On Fri, 17 May 2013 16:02:50 -0700, Norm X wrote:
>>
>>
>>
>>> When I click on "2013-04 CAR Browser Socially Engineered Malware" :
>>> https://www.nsslabs.com/system/files/public-report/files/2013-04%20CAR%
>>> 20Browser%20Socially%20Engineered%20Malware%20130513c.pdf
>>
>> You seriously think that a pdf from a security company about browser
>> security would be infected with malware/virii?
>
> Why couldn't they be affected by viruses and other malware? Just look at
> microsoft who has released win98 preloaded with malware.

What malware was that?


> Just for someone claims they are a security firm don't make them immune
> to things in the same way that politician ain't always equal with
> uncorrupted person who tends to the majority's welfare.

"Claims" they are a security firm? The *are* a security firm.

DanS

unread,
May 20, 2013, 8:17:48 AM5/20/13
to
On Sun, 19 May 2013 21:02:16 +0200, Aragorn wrote:

> On Sunday 19 May 2013 18:51, J.O. Aho conveyed the following to
> alt.os.linux...
>
>> On 19/05/13 14:58, DanS wrote:
>>
>>> On Fri, 17 May 2013 16:02:50 -0700, Norm X wrote:
>>>
>>>> When I click on "2013-04 CAR Browser Socially Engineered Malware" :
>>>> https://www.nsslabs.com/system/files/public-
> report/files/2013-04%20CAR%
>>>> 20Browser%20Socially%20Engineered%20Malware%20130513c.pdf
>>>
>>> You seriously think that a pdf from a security company about browser
>>> security would be infected with malware/virii?
>>
>> Why couldn't they be affected by viruses and other malware? Just look
>> at microsoft who has released win98 preloaded with malware.
>
> Uh-oh! You said something bad about Microsoft Windows. Now he's going
> to /have/ to start stalking you and calling you a liar, just as he has
> done with me and with other people who have dared to say something bad
> about Microsoft Windows.

No. That's BS and you know it. You acted like a complete jerk-off from the
start, insisting, for 2 years, that MS recommended you reboot your
computer after changing the desktop background color in Win9x. I had asked
you to explain this repeatedly, which you never did. I was expecting some
published recommendation by MS, or like a "Tips to a better running
Windows9x", or whatever, but then after two years you explain that you
came up with that little diddy because you *thought* you remembered that
when you used Windows98 *15 years ago*, when you changed the background
color in the display dialog box it offers to restart.

Subsequent checking of 2 different version of 98 I have installed at work
and use daily, indicated this does not happen.

So what am I too believe? You and your selective, biased memory from 15
years ago, or my own experience from like 6 months ago whe you finally
admitting what you thought you meant?

So, I have done the same I did when *you* were posting your decade old
rhetoric. I asked you to explain, which took you two years.

I asked him, "what malware" was that. One simple question.


> I mean, he /uses/ it, so that makes him an expert on the innards of the
> Windows operating system. Or so he thinks.

I've more than used it. I've used it since 3.1. I program for it, to this
day. I've run a decent size IT department. I've provided support for
family and friends for years. I can clean PC of malware, manually, yes,
because I know how most of it works.

So there you go, you recently stated you were posting something just to
make sure the "right" story was told.

That's what I just did above.





DanS

unread,
May 21, 2013, 9:29:24 PM5/21/13
to
On Sun, 19 May 2013 21:02:16 +0200, Aragorn wrote:

> On Sunday 19 May 2013 18:51, J.O. Aho conveyed the following to
> alt.os.linux...
>
>> On 19/05/13 14:58, DanS wrote:
>>
>>> On Fri, 17 May 2013 16:02:50 -0700, Norm X wrote:
>>>
>>>> When I click on "2013-04 CAR Browser Socially Engineered Malware" :
>>>> https://www.nsslabs.com/system/files/public-
> report/files/2013-04%20CAR%
>>>> 20Browser%20Socially%20Engineered%20Malware%20130513c.pdf
>>>
>>> You seriously think that a pdf from a security company about browser
>>> security would be infected with malware/virii?
>>
>> Why couldn't they be affected by viruses and other malware? Just look
>> at microsoft who has released win98 preloaded with malware.
>
> Uh-oh! You said something bad about Microsoft Windows. Now he's going
> to /have/ to start stalking you and calling you a liar, just as he has
> done with me and with other people who have dared to say something bad
> about Microsoft Windows.
>
> I mean, he /uses/ it, so that makes him an expert on the innards of the
> Windows operating system. Or so he thinks.

First off, I've *never* said I was an expert at anything. So that *is* a
lie.

Second, I believe hands-on with 20+ years of experience in more capacities
than you could count with keeping your shoes on, beats your 15+ years of
not using Windows, and only reading about it on anti-MS Linux websites.

Let's talk about PAE. Did you know 32-bit Windows supported PAE with
memory over 4 Gig before I posted the link?

I'm nearly certain you didn't. You probably *still* don't know it does,
and will *still* repeat the same misinformation over and over again.

So much for making sure your info is "correct" like you claim.










J G Miller

unread,
May 24, 2013, 10:27:49 AM5/24/13
to
On Monday, May 20th, 2013, at 07:17:48h -0500, DanS explained:

> I asked him, "what malware" was that. One simple question.

Well at present in not so much malware as convenience service that is a gaping
security hole

From <https://nodpi.ORG/2013/05/09/wpad-the-internet-explorer-security-flaw-that-exposes-all-microsoft-users-in-the-uk/>

QUOTE

WPAD: The Internet Explorer Security Flaw that
Threatens all UK Microsoft Users

May 9, 2013

As a result almost every UK installation of Windows/Internet
Explorer is now exposed, by default, to a gaping yawning chasm
of a security flaw.

Your Windows PC can be hijacked on a whim by a man in Brazil.

QUOTE

Another reason why if you must use Windoze, never use
Internet Exploring for browsing because it is just too
insecure and the security fixes never keep up with the
threat or new security flaws introduced with each version.
0 new messages