In case you missed Part 1 check it out here.
In part 3 I was pointing out insecurities?? in the Safari Browser and showed how the password manager is most likely inadequate and a potential issue. In the same article I cited they also pointed out that Chrome didnt fair too well either. You can read that article here. To be fair Opera did the best but still failed 14 of the tests! So maybe the question is this:
Is anyone safe?
Well the thing about security and the difference between good and bad security is being able to fix holes as soon as they become apparent. There is absolutely nothing that is 100% secure. If enough time, energy and money were to be poured into a project, somewhere and in some place a hole is to be found. Some are easier than others and there are things you can do to help stem the tide of bad things happening to you.
The biggest thing in browser security is simply to be up to date. When a new patch comes out please install it immediately. Yes the minor inconvenience of a reboot might be necessary but this is a small price to pay for the added security.
Above all remember there is nothing that is 100% secure. Some are more secure than others. Just pay attention and update.
…and please if you own a Mac don’t think you are immune.
I hope you enjoyed the series.
Tags: news
In case you missed Part 1 check it out here.
Safari
I love the Mac myths. For some reason when you approach Mac users about security they seem to get this sneaky smile on their face and say, “Not me! Thats why I bought a Mac!”
Well the truth is that its not necessarily any more secure than a Windows machine. Yes, thats the truth.
Safari might be giving away your passwords to untrusted sites. This could mean a very big vulnerability for you and your computer, especially if you use the same password in more than one place.
But wait thats not all!
Not to bring up old news but as recently as March of this year at a hacking convention there was a very interesting battle. First of all it was found “that the Safari browser was surprisingly insecure, allowing successful attacks on Mac computers.”
The mac was pitted against a Vista machine and a Ubuntu machine. You know from the commercials that Vista is not secure while the Mac is right? Well “The Mac fell within minutes, hijacked by security researcher Charlie Miller” In fact during this entire round no one was able to compromise the Vista machine. I will also point out that is a conference where all the leading security experts in the world are invited, and yes hackers, and no one could take out the Vista machine that day.
You can read the full story here.
One final note “Security experts point out that despite Apple’s poor security, its machines remain less attacked than Windows machines. Many believe this is simply a matter of market share. With Mac sales on the rise, there may soon be a large increase in Apple-targeted malware and takeovers with the Safari browsing taking the brunt of the attacks.”
I hope thats enough to finally dispel the myth of the “secure” Mac.
Make sure you check out the rest of the series. I will be offering some new insight into virtually every browser in the market right now.
Tags: news
Posted by admin on Dec 17, 2008 in
Google,
Internet,
Software,
technology
In case you missed Part 1 check it out here.
Earlier this week it was announced “News broke in the security world earlier this week that a critical vulnerability had been found in Microsoft’s Internet Explorer 7. The vulnerability could be used to take over computers and is known to be currently being used to steal passwords.” Now if you are a Internet Explorer user or 70%ish of the current market or you were a past IE user (99% likely) then you are familiar with these sorts of announcements. But if Microsoft had a defcon level and defcon 1 is all out nuclear war, this one is defcon 2.
You know that joke, this is so serious and then you the audience chime in “How serious is it?!” Well its serious for sure. “The seriousness of the flaw was evidenced by Microsoft’s rather public announcement of the vulnerability and panicked rush to develop a patch. So-called “out-of-band” announcements from Microsoft are rare.”
It has also been reported that this exploit has been seen on thousands of sites so far. Some are saying to not even use IE for the time being until the patch is issued. I did see a critical update come through today and I immediately installed it but I cant say for sure whether this patch was supposed to fix this or some other critical flaw… thats just how security goes. There is nothing that is 100% safe.
You can read the article here.
Make sure you check out the rest of the series. I will be offering some new insight into virtually every browser in the market right now.
Tags: news
Posted by admin on Dec 17, 2008 in
Gadgets,
Google,
Internet,
Mobile,
Software,
technology
Firefox has been gaining quite a reputation and quite a following. Recently it was reported that Firefox is taking a 20% market share for browsers. What this means in terms of security is that “This gives it a high profile and leaves it a desirable target to be exploited by hackers and malware writers. Worse yet, it has less money to fund security efforts that Microsoft, and according to some experts, less focus as well.”
This might mean a risk to your computer. But really how can you know? I guess the point is that you really don’t know how safe you are until someone exploits a hole and voila, all your files disappear. Its hard to know you are truly safe before something happens. But a recent study suggests that Firefox might actually pose a very big potential risk to businesses.
You can read this article here that discusses more in depth some of the risks associated with Firefox.
One thing to note is that “The study’s conclusions only marginally apply to the consumer market.”
Make sure you check out the rest of the series. I will be offering some new insight into virtually every browser in the market right now.
Tags: news
Posted by admin on Dec 17, 2008 in
Google,
Internet,
Software,
technology
I recently reported that Facebook was adding a new feature called Facebook Connect and Google was adding Friend Connect. When I wrote those articles I didn’t realize one very big feature staring me in the face. In addition to all of the other interconnectivity that “Connect” will offer they basically act to universally identify you wherever you are in the world.
Huh?
“People may have IDs for the various blogging platforms or commenting systems, but most don’t identify with them. It is a necessary inconvenience. They identify with Facebook or their email because that is where they manage their personal and professional lives.”
Well the point is to identify yourself no matter what site you are using and then report your activity back to Facebook so that your friends are updated too. Ok that may seem strange at first but when you apply this to the blogging world you can see the potential implications immediately. Connect will centralize your comments as well!
Whoa…
Basically no matter what blogging platform you are on as long as you are logged into Facebook Connect you have a universal identity.
The same holds true for Google’s Friend Connect. They essentially work the same way and it will be a fight to the death to see who wins in the end.
Does this make sense yet?
So long story short, you create an account if you don’t have one with one or both of these “connectors.” Now, depending on which one that particular site uses, whatever activity you do on that site will report back to either your Google account or your Facebook account or possibly both in the future?
I actually added the Facebook Connect feature in its Beta stage to my website but was unable to get it to work properly. I will play around and see if I can get it to work.
I think you can begin to see the poinhttp://activerain.com/blogsview/823471/Social-Networking-Updates-Google-Friend-Connectt of all this. I am pretty sure that everyone who uses the internet is sick and tired of having to create 1000’s of logins and passwords. Not to mention I really like the idea of me being me on the Internet versus 1000 random names and logins. But this essentially does more by truly creating a universal presence beyond a simple login.
Take a look at this article for a good read or in case I didn’t make any sense! 
Tags: Blogging
