Skip to comments.Firefox once again proves to be the most vulnerable browser at Pwn2Own hackfest
Posted on 04/10/2014 10:33:23 PM PDT by ari-freedom
CanSecWest wrapped up on Friday in Vancouver, and while there was a minor controversy over self-censorship of a talk said to be a blueprint for terrorists, the most watched part of the event once again proved to be the Pwn2Own hacking competition.
Pwn2Own offered some serious cash incentives for teams to develop exploits for Chrome, Internet Explorer, Firefox and Safari. During the competition no browser proved invulnerable, but Firefox had the most security shortcomings with four separate exploits being developed for Mozillas browser. In comparison Internet Explorer, Chrome and Safari were all exploited only once...
Historically Firefox has always been the most pwned browser at Pwn2Own. This has been largely attributed to Firefox not having a sandbox a memory space that creates a virtual firewall between the browser and the rest of the computers memory. Usually sandboxes have two components: Address space layout randomization (ASLR) and Data Execution Prevention (DEP). These prevent malicious code from accessing the computers RAM and running code in executable memory space, respectively....
(Excerpt) Read more at vr-zone.com ...
I understand it now has a very large back door.
Go Google /s
A big gaping back door that is always open
The rainbow browser?
Brown and red isn’t a rainbow
I am interested to know what Firefox FReepers are doing.
I do have Google Chrome available on this XP computer, but have not used it. My wife and child use another laptop with Windows Vista.
It is depressing that Google (!) Chrome is purported to have the best browser security and that the most flexible and user-friendly, Firefox, has the poorest security. There is no mention of Opera. Does anyone have an assessment of Opera’s security?
I installed Chrome on my old XP computer the other day, just for the heck of it. Now I’m having second thoughts.
“I installed Chrome on my old XP computer”
I did the same a few years ago, but I never used it.
I am still using Firefox
Are you having problems with Chrome?
And while we are on the subject of computer security, what about this “heartbleed” bug? Anybody know anything or had a bad experience or whatever?
I played around with it a little bit and didn’t have any problems. During the installation process, it seemed to be a little too nosy about wanting information about your browsing habits and installing 3rd party extensions/add-ons.
I mostly use Opera.
Hard for us to do anything about heartbleed since it’s server side. Be careful with giving any financial info that was ordinarily protected by SSL encryption (such as bank, shopping, etc) unless you know they’ve taken care of the problem on their end.
I don’t do much of anything financial on line. My Pay Pal is linked to a bank account that has under $500 in it and I plan to keep it that way. I don’t pay bills on line and don’t plan to. My sweetheart keeps urging me to pay and buy on line. I refuse, and pay him to buy things for me on line if necessary.
Most of my security efforts are keeping google from stealing my life.
“HeartBleed” was a server-side problem with SSL (a big one!) if you visit a lot of “secure/encrypted (https://)" sites and have accounts on them you might want to change your password. (about 500,000 sites involved?)
Problem is even if you don’t pay online, many businesses rely on internet financial transactions. So it has the potential to really wreck the economy.
Opera is running a chrome base, nearly indistinguishable.
Here’s what Eric S Raymond (”Cathedral and the Bazaar”) had to say
“When I heard that Brendan Eich had been forced to resign his new job as CEO at Mozilla, my first thought was Congratulations, gay activists. You have become the bullies you hate.
On reflection, I think the appalling display of political thuggery weve just witnessed demands a more muscular response. Eich was forced out for donating $1000 to an anti-gay-marriage initiative? Then I think it is now the duty of every friend of free speech and every enemy of political bullying to pledge not only to donate $1000 to the next anti-gay-marriage initiative to come along, but to say publicly that they have done so as a protest against bullying.
This is my statement that I am doing so. I hope others will join me.
It is irrelevant whether we approve of gay marriage or not. The point here is that bullying must have consequences that deter the bullies, or we will get more of it. We must let these thugs know that they have sown dragons teeth, defeating themselves. Only in this way can we head off future abuses of similar kind.
And while Im at it shame on you, Mozilla, for knuckling under. Ill switch to Chrome over this, if its not totally unusable.”
Does Opera, therefore, offer the security of Chrome without the Google back door, or am I kidding myself?
“Does Opera, therefore, offer the security of Chrome without the Google back door, or am I kidding myself?”
It depends on how fast they deliver security updates. If it takes them a long time to fix a problem (and everyone will have problems no matter what engine they use), you may be exploited in the meantime.
For reference, “Chrome” is actually based on the Chromium opensource browser. Chromium doesn’t have any of Google’s tracking/reporting code in it.
Probably kidding yourself. There are options in both to not track your activities online...
And I have ghostery and no ad running.
Use both. Firefox allows video downloaders for Youtube and all other websites with video. Chrome won’t.
Good for Eric Raymond! I’m impressed.
So, who cares?
Note to self - install ghostery.
Why is that sad? IE is more widely used and is very secure overall. I’d say more so than even chrome.
I found this one yesterday, it’s newly uploaded to, hmm, CNet? Also available on its own website. Small d/l, works acceptably, fast enough, one weird quirk (has to do with search results on Google) that I noticed, tabs (I like having tabs open in the background for example), can zoom pages (I’m using a monitor across the room).