Language Selection

English French German Italian Portuguese Spanish

Safe browser an oxymoron?

Filed under
Web

In November 2003, the CERT Coordination Center first advised Web users to consider using a Web browser other than Microsoft Internet Explorer.

IE's problems at the time were pervasive, and many of them were rooted in its complicated architecture. Vulnerabilities in IE were being reported almost monthly, and users faced risk until Microsoft released updates.

By June 2004, attackers started targeting IE. Exploits appeared "in the wild" on Web sites that installed malicious software on visitors' computers. This trend culminated in a "zero day" IE vulnerability, disclosed in an attack where malicious software captured information typed into bank Web sites, giving attackers access victims' accounts.

Since then, two developments have occurred. First, Microsoft released security enhancements in its Windows XP Service Pack 2. Second, attackers have begun to exploit vulnerabilities similar to IE's in alternative browsers.

There is no silver bullet, no such thing as 100 percent secure. Security requires a balance between functionality and cost, and relies on concepts of trust and risk tolerance. With this in mind, here are some recommendations for safe Web browsing.

Full Story.

More in Tux Machines

Linux on Servers

Debian, Devuan, and Ubuntu

  • My Free Software Activities in April 2016
    I handled a new LTS sponsor that wanted to see wheezy keep supporting armel and armhf. This was not part of our initial plans (set during last Debconf) and I thus mailed all teams that were impacted if we were to collectively decide that it was OK to support those architectures. While I was hoping to get a clear answer rather quickly, it turns out that we never managed to get an answer to the question from all parties. Instead the discussion drifted on the more general topic of how we handle sponsorship/funding in the LTS project.
  • Initial Planning For Ubuntu 16.10 Today At UOS
    Beyond the announcement that Ubuntu 16.10 won't ship with Mir and Unity 8 by default, many other items were discussed for the Ubuntu 16.10 release due out in October.
  • Ubuntu 16.10 Isn't Going To Use Mir / Unity 8 By Default
    Well, another setback for Unity 8 and Mir. Kicking off the Ubuntu Online Summit for Ubuntu 16.10, it's been confirmed that the Unity 8 desktop and Mir display server will not be the default for the desktop spin. Similar to the current situation with existing Ubuntu releases, Unity 8 and Mir will be available as an opt-in feature for users wanting to upgrade their desktop, but Unity 7 and the faithful X.Org Server is planned to be the default for Ubuntu 16.10 Yakkety Yak.
  • Devuan Beta Release
    After two years in development, a beta release of the Devuan distro has made it into the world (Devuan is a registered trademark of the Dyne.org foundation). Devuan is a very Debian-ish distro. In fact, it basically is Debian, with one notable absence. Devuan doesn't use systemd. In fact, that's its main claim to fame. Devuan was created to offer an alternative to Debian fans who were alienated by the controversial switch to systemd.

Leftovers: OSS

today's howtos