All Major Browsers Fall at Pwn2Own Day 2

Layback Bear · 23 Mar 2015

Go figure the Chinese are the best hackers.

jimbo45 · 23 Mar 2015

Hi there

Until computers have something like the RACF system (IBM Mainframes) then ALL computers are hackable. I believe though the only time RACF was ever hacked was when it was an "inside" job.

IBM Resource Access Control Facility (RACF)

Mainframe Hacking: Fact or Fiction? | Enterprise Systems Media

Cheers
jimbo

maxseven · 23 Mar 2015

For those of you who are intimate with these things, what browser is most popular with advanced/paranoid users? I use Firefox for most of my surfing but IE11 has better Print options so I use that for most banking activities, which may be wrong given it's the least secure of all huh!

carwiz · 23 Mar 2015

Microsoft Security Essentials last in banking trojan detection test

Except for loading a few tables and setting the options, IE11 requires no additional "add-ons".

Firefox is one of the worst. It requires a bloated bundle of add-ons to be secure. If you can keep your settings from one update to the next. :)

lehnerus2000 · 23 Mar 2015

Just add NoScript to Firefox and you should be OK.

How do you block individual scripts in IE or Chrome?

According to the article:

IE11 is "buggier" than FF
Chrome had the least bugs (but since it has Flash built-in, it's a disaster waiting to happen)

ThrashZone · 23 Mar 2015

By 1 exploit

Firefox had 3 ie11 had 4

maxseven · 23 Mar 2015

carwiz said:

Microsoft Security Essentials last in banking trojan detection test

Except for loading a few tables and setting the options, IE11 requires no additional "add-ons".

Firefox is one of the worst. It requires a bloated bundle of add-ons to be secure. If you can keep your settings from one update to the next. :)

Wow I missed that post. So IE11 blocked almost 100% of malware vs. 4.2% for Firefox!?!?!

I haven't followed the "MS discontinuing IE" that closely but hopefully then what is really meant by that is they are abandoning the name only and will still offer their own IE-based browser app.

lehnerus2000 · 23 Mar 2015

ThrashZone said:

By 1 exploit

Firefox had 3 ie11 had 4

Sure. :)

I noticed in the comments that people were debating the bug count (especially about Chrome).

If you want to be safer don't install Adobe software or Java.

Anecdotally, after I stopped using IE6 (on XP) and swapped to FF, malware issues stopped.
In W7 (using FF + NoScript and now PM + NoScript) I've only received "false positive" results from my AV programs (Avast, AVG & MBAM).

andrew129260 · 24 Mar 2015

lehnerus2000 said:

Just add NoScript to Firefox and you should be OK.

How do you block individual scripts in IE or Chrome?

According to the article:

IE11 is "buggier" than FF
Chrome had the least bugs (but since it has Flash built-in, it's a disaster waiting to happen)

But chrome is sandboxed, firefox is not. Internet explorer is not either by default. You can enable protected mode though to make IE11 sandboxed. And that is the most important thing.

Flash is built integrated into chrome, which is sandboxed. A normal install has admin rights to the pc and is not sandboxed as it runs outside of the browser. Flash is a lot better to have in chrome, because you can then uninstall the other flash plugins completely from windows (if you only use chrome). That then leaves your system to less vulnerabilities. Another factor is flash then gets updated whenever chrome updates automatically. Most average users close out of the flash update box and never do it. The way chrome handles it is always up to date which also leaves users less vulnerable.