General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsAll major browsers fall during second day of Pwn2Own hacking contest
http://www.pcworld.com/article/2108560/all-major-browsers-fall-during-second-day-at-pwn2own-hacking-contest.html?google_editors_picks=trueSecurity researchers demonstrated zero-day exploits against Google Chrome, Microsoft Internet Explorer, Apple Safari, Mozilla Firefox and Adobe Flash Player during the second day of the Pwn2Own hacking competition Thursday, racking up total prizes of $450,000.
A team from French vulnerability research firm Vupen hacked Google Chrome by exploiting a use-after-free vulnerability that affects both the WebKit and Blink rendering engines. The researchers then successfully bypassed Chromes sandbox protection to execute arbitrary code on the underlying system.
On Wednesday, the first day of the contest that takes place every year at the CanSecWest security conference in Vancouver, researchers from the same team hacked Internet Explorer 11, Firefox, Flash Player and Adobe Reader.
Another anonymous researcher presented a Chrome remote code execution exploit Thursday, but the contest judges declared it only a partial win because some details of the hack were similar to those of an exploit presented earlier at Pwnium, Googles own hacking contest that runs aside Pwn2Own.
TreasonousBastard
(43,049 posts)browsers have become so complex that exploits are inevitable.
I still use Opera, though, partly under the theory that it has so small a share that hardly anyone bothers to look for specific exploits.
steve2470
(37,457 posts)They ditched their old rendering engine and went with Chrome's.
TreasonousBastard
(43,049 posts)so I still use the old version when I can. It has features the new one doesn't have.
Problem is, they couldn't make all the changes needed in the old rendering engine to deal with the latest code nonsense. Some pages just won't load in the old one, and most of those are full of crappy code trying to sell me something or make me jump to another page. It's not popups as we know them-- it's some bizarre two or three pages of insane code.
cui bono
(19,926 posts)It can be annoying at times but it's easy to temporarily/permanently allow individual scripts if you need to get something to load on a page. For example, I keep facebook and google analytics blocked unless I absolutely need to allow them, then I revoke it immediately after viewing what I needed to view.
hunter
(38,301 posts)I don't have anything Adobe installed either.
I figure if someone doesn't want people like me to see their stuff then it's probably not worth looking at anyways.
Mostly I'm right too.
KoKo
(84,711 posts)Mozilla still runs "SeaMonkey" and a version of Netscape.
Is one better off using either of those versions of Mozilla? I'm finding Firefox so bloated that it slows everything down on the web for me, anyway. And, I have only a few Add On's.
lpbk2713
(42,736 posts)Mainly because it's not as popular as the others. I know it's not a whole lot different
from FF. But I've been using it for several years without any security issues arising.
I've used it a few times and web browsing goes much faster...but, was worried the security wasn't as good as Firefox. Glad to hear you are a user and haven't had a problem.
I use MSSE, Malwarebytes and Spybot with it. I used to use Comodo, didn't have
any problems with it, just wanted to give MSSE a try. Also, I use CCleaner daily
to keep the crap out of my machine.
Good luck.
Rex
(65,616 posts)It is sad.