Support NeoGAF

[Deku Tree]

http://www.theregister.co.uk/2005/09/19/symantec_threat_report/

Symantec has attacked the perceived security advantages of Firefox and Apple Macs by drawing unfavourable comparisons with Microsoft's software and describing Mac fans as living in a "false paradise".

switching from IE to Firefox as a way of minimising security risks was no longer valid advice. "Cross-site scripting attacks have been used to attack more vulnerabilities in Mozilla browsers over the last six months than IE,"

"Mac users may be operating under a false sense of security as a noteworthy number of vulnerabilities and attacks were detected against Apple Mac’s operating system, OS X," Symantec said, reflecting comments in the previous edition of its threat report that OS X was an emerging target for attack.

"While the number of vendor-confirmed vulnerabilities in OS X has remained relatively constant during the last two reporting periods [12 months], Symantec predicts this could change in the future. Symantec’s analysis on a rootkit (OSX/Weapox) reveals it is designed to take advantage of OS X. This particular trojan demonstrates that as OS X increases in popularity, so too will the scrutiny it receives from potential attackers."

 

[Late Stage Marxist]

Symantec seems to be really enjoying this news. Hmm...

 

[SyNapSe]

Firefox has been getting hammered lately, but I still like it. Most people consider it more secure due to stopping most spyware crap by stopping a lot of pop-ups... Which is nice

 

[aoi tsuki]

It's also more frequently updated, so critical flaws are fixed sooner than IE. While a bigger group like Symantec would know just how many attacks were directed at IE, we've all known part of the security of Firefox was due to the greater popularity of IE. We'll see just how good the Firefox team is in the coming months as Firefox gets hammered with attacks with growing frequency.

 

[maharg]

Firefox is hardly that frequently updated. There have only been six patch releases since FF1.0 came out, and that was at least a year ago. I bet there are more than 6 IE bugfixes on windowsupdate from the last year.

(not that that's a particularily good thing, or I would know personally since I don't use it)

 

[Drensch]

Opera.

 

[Panajev2001a]

Does anyone here know about the beauty of NoScript ?

http://www.noscript.net

It blocks Java, Javascript, Flash plugins/scripts from web pages (besides a carefully compiled "always" whitelisted list of sites... although if you go down to it most of them can be removed from the "permanent" whitelist too with some chnages in about:config ) allowing you to add temporarily or permanently sites you deem as secure to the extension's whitelist.

It is your Firefox's best friend .

Edit: Upgrade to Firefox 1.0.6 while you are at it.

 

[Smiles and Cries]

Symantec seems to be really enjoying this news. Hmm...

why not this is how they make money scare people into investing in the software they provide

 

[sans_pants]

Does anyone here know about the beauty of No Script ?

http://www.noscript.net

It blocks Java, Javascript, Flash plugins/scripts from web pages (besides a carefully compiled "always" whitelisted list of sites... although if you go down to it most of them can be removed from the "permanent" whitelist too with some chnages in about:config ) allowing you to add temporarily or permanently sites you deem as secure to the extension's whitelist.

It is your Firefox's best friend .

can anyone else confirm this?

 

[MIMIC]

I can here the stampede now...

 

[Panajev2001a]

can anyone else confirm this?

Yes, me .

Edit: You meant someone other than me, right ?

3. NoScript, (4.44 stars, 139066 downloads)
Extra protection for your Firefox: NoScript allows JavaScript, Java (and other plugins) only for trusted domains of your choice (e.g. your home-banking web site). This whitelist based pre-emptive blocking approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality... Experts will agree: Firefox is really safer with NoScript ;-)

https://addons.mozilla.org/extensions/?application={ec8030f7-c20a-464f-9b0e-13a3a9e97384}


There .

 

[Crispy]

Opera.

QFT, nothing more to add.

 

[fugimax]

Symantec's suggestion? Use non-mainstream software...then you won't need their product..

...er...I guess that's not what they said.

Please continue using Windows/IE and Symantec products!

 

[shantyman]

Every 3-4 months, an antivirus vendor warns security vulnerabilities "Could be on thew rise" or "at risk of exploding" on the Mac. When it actually happens, then let me know.

The fact of the matter is for OS X, there have been proofs of concepts, nothing more. Think about that. Zero real world viruses/trojans in over 4 years.

 

[Ruzbeh]

You cannot conclude that Firefox is more vulnerable than IE, based on the findings discussed in that link.

 

[Lord Error]

All I know is that since I started using Firefox, I almost forgot about using AdAware, as it never finds anything anymore. Earlier, I always had the latest patched IE, and some spyware crap would always find it's way in.

 

[Hitokage]

According to Symantec, Firefox is less secure because more attacks of one paticular type exist for Mozilla than IE? Wha?

 

[Koshiro]

Listen carefully... you can almost hear the MS moneyhats.

 

[EekTheKat]

adblock is a pretty nice extension for firefox.



With the proper filter too it catches nearly everything now (though I still get one or two popups here and there)

 

[shantyman]

As well as making comments that will doubtless irk Firefox fans, Symantec has renewed its assault of the perceived security advantages of Apple Macs. "Mac users may be operating under a false sense of security as a noteworthy number of vulnerabilities and attacks were detected against Apple Mac’s operating system, OS X," Symantec said, reflecting comments in the previous edition of its threat report that OS X was an emerging target for attack.

"While the number of vendor-confirmed vulnerabilities in OS X has remained relatively constant during the last two reporting periods [12 months], Symantec predicts this could change in the future. Symantec’s analysis on a rootkit (OSX/Weapox) reveals it is designed to take advantage of OS X. This particular trojan demonstrates that as OS X increases in popularity, so too will the scrutiny it receives from potential attackers."

They must have not sold enough copies of their Mac antivirus software in the last fiscal quarter. What a bunch of dickheads.

 

[Phoenix]

A vendor who sells software that 'secures' your machine says that the stuff you were using to avoid buying their software will soon be heavily attacked....


somehow I have a problem with their objectivity.

 

[Nick]

I'm sorry, but I just have to express how much I love being a full time mac user. I never have to worry about this bullshit, and I never have had to. Safari for life.

 

[scorcho]

it's not strictly about more security/less security, but the way these different platforms/programs release their security updates. i trust Firefox to release fast updates in a totally transparent manner, i don't with Microsoft.

 

[shantyman]

I'm sorry, but I just have to express how much I love being a full time mac user. I never have to worry about this bullshit, and I never have had to. Safari for life.

You know, it will happen someday I'm sure. But, until then, I don't want to see stories on tech news sites talking about it happening "soon."