Language Selection

English French German Italian Portuguese Spanish

Safe browser an oxymoron?

Filed under
Web

In November 2003, the CERT Coordination Center first advised Web users to consider using a Web browser other than Microsoft Internet Explorer.

IE's problems at the time were pervasive, and many of them were rooted in its complicated architecture. Vulnerabilities in IE were being reported almost monthly, and users faced risk until Microsoft released updates.

By June 2004, attackers started targeting IE. Exploits appeared "in the wild" on Web sites that installed malicious software on visitors' computers. This trend culminated in a "zero day" IE vulnerability, disclosed in an attack where malicious software captured information typed into bank Web sites, giving attackers access victims' accounts.

Since then, two developments have occurred. First, Microsoft released security enhancements in its Windows XP Service Pack 2. Second, attackers have begun to exploit vulnerabilities similar to IE's in alternative browsers.

There is no silver bullet, no such thing as 100 percent secure. Security requires a balance between functionality and cost, and relies on concepts of trust and risk tolerance. With this in mind, here are some recommendations for safe Web browsing.

Full Story.

More in Tux Machines

Linux Foundation releases PARANOID internal infosec guide

Linux Foundation project director Konstantin Ryabitsev has publicly-released the penguinistas' internal hardening requirements to help sysadmins and other paranoid tech bods and system administrators secure their workstations. The baseline hardening recommendations are designed that balance security and convenience for its many remote admins, rather than a full-blown security document. Read more

Second Alpha Build of Liquid Lemur Linux 2.0 Brings LibreOffice 5, Based on Debian 8

Edward Snyder, the creator and maintainer of the Debian-based Liquid Lemur Linux distribution, has announced the release and immediate availability for download of the second Alpha build of the upcoming Liquid Lemur Linux 2.0 distro. Read more

Manjaro Linux 0.8.13.1 Fluxbox Edition Gets Linux Kernel 4.1 LTS, Download Now

The Manjaro Linux team, through Bernhard Landauer, has proudly announced the release of an updated version of the Manjaro Linux Fluxbox Edition, namely 0.8.13.1, which features an updated Linux kernel and numerous improvements. Read more

NVIDIA reveals GPUs for blade servers, Linux desktop support

VMworld 2015 NVIDIA has announced the second version of its Grid desktop virtualisation software, complete with a pair of GPUs for blade servers. NVIDIA is pitching GRID as a hardware offering tuned to the needs of graphically-demanding desktop virtualisation (VDI) workloads. If that sounds a bit exotic, consider environments like the resources industry, where on-site engineers need CAD and modelling tools, but miners are loathe to deploy desktops in the remote sites where stuff gets dug out of the ground. VDI works a treat in such spots. Read more