Skip to comments.Fail: Chrome, Firefox, and IE all crack during hacking competition
Posted on 03/11/2013 7:11:28 AM PDT by Nachum
Chrome, Internet Explorer, and Firefox all fell to the mercy of the hackers Thursday. That is, in a controlled environment. Security firms Vupen and MWR Labs were able to crack the browsers during a condoned bug-hunt, with one company winning $100,000 for finding a huge hole. The Pwn2Own competition is an event at the CanSecWest conference in Vancouver. The competition was created by HPs DVLabs as part of its Zero Day Initiative: an attempt to get more people to find and report bugs as opposed to exploiting them for personal gains.
(Excerpt) Read more at washingtonpost.com ...
Hackers are among the lowest forms of life on earth; blowing up the site of that competition would have been a patriotic act!
I am stuck at firefox 3.6.18
Every firefox version since then (almost 3 years ago) loads the saved window positions from the taskbar, IN REVERSE order. No fix in 3 years. These outfits create the customer dissatisfaction.
Now my bank is intentional blocking my firefox version from working, trying to force me to upgrade. I cannot control my own monies if I don’t change my computer ways.
They want you to upgrade because your version of firefox is hopelessly out of date.
It’s best to read and understand the article before posting comments.
Life is too short to obsess over software..
I use Slimbrowser. It works very well.
Well, try getting rid of Windows 98SE on your computer..........;^)
I expected IE (Internet Exposure) to epic fail, I expected “Don’t Be Evil” google’s Chrome to blab all it knows (for a price), but I’m disappointed that Firefox did so poorly.
Firefox released 19.0.2 the next day in response to the failure.
I had an ISP tech support guy tell me once that my software was worn out. That could be the problem.
Good to know, I upgraded within minutes of the upgrade’s release.
I also note that the hacks were all on windoze systems, I don’t use the windoze half of my iMac on the net.
Where is the other half of your iMac?
Maybe you made a typo but it looks like 3.6.28 was the last for the 3.6 Firefox releases. Still, as a security fix it’s a year old and the underlying technology is years out of date.
I don’t understand what you mean by loading the saved window versions in reverse order compared to the 3.6 release. Have you reported the bug or do you just expect it to be known and fixed without prompting?
Your bank is absolutely right in blocking a release that old for your own security.
The inference is "half" the disk was loaded with Windows and "half" kept Mac OS X.
No mention of Opera v12.14, the one I use. Probably got ‘holes’, too. Nothing’s 100% secure, out there, I’m guessing.
In a “Parallels” universe...
LOL! Good answer.
I just started FF and it’s up to v19.0, already, with updates and fixes.
Yes, and that’s because some of my CAD programs are windoze only.
I got a “search here” virus on my Firefox browser.. had to stop using it. too bad, I really liked that browser. been using Chrome since then which is faster anyway. I plan on trying that Slimbrowser.. was never into the Opera browser.
Well it is worn out in a way. Its like a old house which hasn’t been maintained and nobody cares enough to secure it.
All the windows and doors are wide open and you have a sign welcoming people who want to steal from you.
Nothing is 100% secure, or even 90% secure.
So, you don't feel that the entrants in the competition are the same ones who attack systems for fun and profit? What would keep that kind out?
I've long suspected that the companies which sell anti-virus and computer fixes hire people to create new problems so that they can sell the "fix". I'd love to be proven wrong.
I find that to free up system memory I need to restart firefox once or twice a day. No Problem as long as firefox will reopen the same windows I had prior to shutdown, in the same taskbar order. 3.6.xx does that. All subsequent version do not. On restart, newer ff’s reverse the order of the windows in the taskbar.
If any freeper wants to try this on their ff version, just launch the Windows Task Manager and under the Process tab, select Firefox and right-click to End Process. When ff restarts it will have an oops msg, you select to Restore and see what the outcome is.
Loads saved windows in reverse order when starting, previous selected window ...
Status: RESOLVED FIXED (but its not)
Component: Session Restore
Target Milestone: Firefox 21 (someday I guess)
“...will have an oops msg...”
No thanks; reminds me too much of the BSOD. Haven’t had one of those in I-can’t-remember-when, so I’ll pass on it.
Nothing more than the restart message from ff when there has been a crash. If I stop ff in Task Manager the restart thinks there was a crash. Fine, no issue here.
It’s just there is no fix from ff, see post 29.
So you’d prefer to have gaping holes in the security of your desktop?
“I got a search here virus on my Firefox browser.. had to stop using it. “
The ‘cure’ for that problem is to ‘reset’ Firefox.
Go to ‘Help’ > ‘Trouble Shooting Information’ > ‘Reset Firefox’ (on the top right). Click it.
Firefox will reset to ‘default’ without losing your Bookmarks or saved passwords.
It will then create and ‘old Firefox’ folder on the desktop that you can either keep as a ‘backup’ or delete.
I deleted mine. (After all, that’s where the problem was in the first place)
Why don’t you use a virtualized version with the updated browser, specifically to access your bank, then just leave the version you want on your computer.
Da-YAM!!! that just sped up everything about a zillion times!!!
While we are here, how do I stop the auo-recall or auto-insert function in FF. It remembers account info.
You do realize OSX was the first broken OS for 3 straight years. Being on OSX doesn’t make you safe online.
As long as the leftists are in power, I will never be safe on line.
This is the first I’ve heard of Slimbrowser. How does it compare to Firefox or IE9?
Its free download it and try it.
I like it better than others.
Its tabbed and easy to use.
One of the safer and well done Chromium/AppleWebKit KHTML browsers (Safari, Chrome, Chrome+ etc.) is Comodo Dragon. Comodo also makes a Firefox (Gecko HTML) "clone" IceDragon. Both share a nice, light Comodo user interface and seem more stable than their better-known "original" browsers. Comodo is well-known Web security firm and has other free programs like firewall, AV and email apps (Comodo free products download page)
Also check out their excellent CCE (Comodo Cleaning Essentials) which contain a stand-alone KillSwitch (IP activity monitor), one of the best full-function Autoruns programs, and CCE AV scanners, as well as their firewall, which is considered one of the lightest and best security products in CPU and memory utilization.
SRWare makes Iron, which is also claimed to be more secure and more privacy-oriented than its open-source Chromium "cousins" Chrome and Safari.
Opera has been an excellent choice of different browser, though many of its early advantages over other browsers have been somewhat diminished due to features incorporated in latest versions of open-source and IE browsers.
For people who like or must use IE, there are several free alternative browsers that use IE-engine, with much better, more usable "skins" and many useful built-in extensions and add-ons :
1. Slimbrowser from FlashPeak that was already mentioned here (fast, tabbed, QuickFilll form-filler, popup blocker, site grouping, language translator, DL manager and many handy UI options). FlashPeak now also makes SlimBoat which has a "skin" similar to its IE-based app but is based on Firefox/Gecko engines code.
2. Avant Browser is also fast, has many extensions (privacy, anti-freezing, memory leaks prevention, site grouping etc.) and features. Also, Avant Browser Ultimate is tri-core, which means it can be put in 3 different browser modes by user (Chrome, Firefox and IE) which could be handy if some web sites are shoddily coded and break the page or making it unattractive when rendered in some other browser.
3. Maxthon. Unfortunately, Maxthon 3 version is not anywhere as good as was Maxthon 2.
4. The World (Chinese) - nice, light browser with great recovery and anti-leak / CPU load options, but doesn't seem to be actively developed at this time.
5. QTWeb (also seems to have stopped development) - excellent, small, portable browser with several security features, quick engine-switch view modes and appearance skins.
FD: I am not beneficially involved with any of the above companies. This is just an (quite incomplete) information for the possible benefit of fellow FReepers.
however, I uninstalled Firefox, then re-downloaded and the “search here” virus was still there. I did some research and my understanding is that it is extremely hard to remove that virus. I followed all the removal steps from several sites and it was still a no go.
unless the reset button accomplishes something that uninstalling does not. is that possible?
The reason the ‘search here’ virus was still there is because Firefox keeps your old settings. Even when doing an ‘uninstall and ‘reinstall’.
That’s why you have to do a ‘reset’ in order to remove it.
It happened to mine twice and my wife’s once, and a ‘reset’ fixed it each time.
will do... thanks
worked... thanks so much for your help.
I hear you, mate. Most of the ones I have are the same way -TurboCAD, ProCAD, OrCAD, DesignCAD, to name just a few, all run 'doze-only, with only a few performing marginally if at all under Wine on a Linux system that allow them to be used at all. Very few alternatives available for the Linux desktop, unfortunately, and the Spice proggies are just as bad, with no offerings in the Mechanical Stress Modeling even hinted at as of yet.
What version are you running? I've got 9.0.1 running here and there is no such option that I can see.
Apparently, it is ‘doze-only. Think I will stick with Opera and Firefox for now...