Google: Chrome News and Discussion Thread
#162
Needs more Lemon Pledge
If my OS degraded my browser's user rights without asking me I would be pissed. Does Chrome allow you to turn this 'feature' off?
#164
Needs more Lemon Pledge
#165
Sanest Florida Man
Thread Starter
Give me one good reason why you would want your web browser that's written by imperfect humans and loads nothing but untrusted content from unknown untrusted people to have access to your system files!?!? Why does a browser ever need to access system files? It doesn't need to access those files and since it's the number one means of malware to get through then it shouldn't have access to system files.
Have you ever tried to visit a site in IE on Vista or 7 and you weren't able to cause you had protected mode turned on? NO, cause it in no way limits your browsing capability. Nothing good can come from the browser having access to system files so it shouldn't be allowed.
Last edited by #1 STUNNA; 09-02-2010 at 09:31 PM.
#166
Needs more Lemon Pledge
I also have never had any negative imapct from not having a sandbox mode, still use XP, and have never had any problems large or even small.
So, why do I need this? Newer isn't better just because it;s newer. IE needs this because it is terribly weak in every security respect and they had to do SOMETHING to not have to completely reinvent it. Chrome, well, who knows, who cares.
You are right. FF sucks. I cant even post on the internet anymore it has fouled up so badly. Oh wait...
So, why do I need this? Newer isn't better just because it;s newer. IE needs this because it is terribly weak in every security respect and they had to do SOMETHING to not have to completely reinvent it. Chrome, well, who knows, who cares.
You are right. FF sucks. I cant even post on the internet anymore it has fouled up so badly. Oh wait...
#167
Sanest Florida Man
Thread Starter
I mean really that's just ridiculous. Are you pissed that the firewall is on by default? Do you turn off the firewall in the OS and your router? No you don't so why wouldn't you want your browser sanboxed, it's the same damn thing except sandboxing doesn't cause communication issues like the firewall can.
Do you remember back in the XP pre SP2 days when worms were spreading like wildfire and there wasn't shit you could do about it. Well there was but it wasn't enabled by default. It was the windows firewall that came with XP, it was turned off by default. Microsoft considers one of their biggest blunders and with SP2 the firewall was turned on by default and that helped ease the spread of malware. It in no way eliminated it but it made it harder for hackers to access your system.
#168
Sanest Florida Man
Thread Starter
Did you even read the electrolysis wiki link I posted? Because it says what you just described.
It has Security/Process Isolation, which is explained as so:
https://wiki.mozilla.org/Security/ProcessIsolation
It has Security/Process Isolation, which is explained as so:
https://wiki.mozilla.org/Security/ProcessIsolation
To use the words of Steve Jobs
If the user has to manually turn on in options or possibly in a command line what should be an essential security feature that every other major browser has on by default then they blew it.
If the user has to manually turn on the firewall then they blew it just like MSFT did in the pre XP SP2 days and they paid far out the ass for it.
Last edited by #1 STUNNA; 09-02-2010 at 10:09 PM.
#169
Sanest Florida Man
Thread Starter
P.s. I've checked in FF 4.0 options and see no mention of low integrity, protected, isolated whatever mode. And by looking at Sysinternals Process Explorer I don't see that 4.0 is even using multiple process for tabs. I still only see one process though I see multiple for Chrome and IE
#170
Sanest Florida Man
Thread Starter
So I'm sure it'll come in the future it just still ain't there yet so I'm still not recommending it or installing it on anyone's PC until they do.
Once they do, my beef with them goes away. Plain and simple.
I use Chrome as an example cause they're a third party that went and implemented the same feature that the first party has while Firefox has dragged it's feet.
I deal with removing viruses pretty much for a living so I see the effects of it. I can say that I remove malware from very few Vista/7 machines (probably has a lot to do with marketshare to but it's not proportionate) and usually when I do they got the malware through Limewire (mainly) or firefox.
Once they do, my beef with them goes away. Plain and simple.
I use Chrome as an example cause they're a third party that went and implemented the same feature that the first party has while Firefox has dragged it's feet.
I deal with removing viruses pretty much for a living so I see the effects of it. I can say that I remove malware from very few Vista/7 machines (probably has a lot to do with marketshare to but it's not proportionate) and usually when I do they got the malware through Limewire (mainly) or firefox.
#171
Sanest Florida Man
Thread Starter
I also have never had any negative imapct from not having a sandbox mode, still use XP, and have never had any problems large or even small.
So, why do I need this? Newer isn't better just because it;s newer. IE needs this because it is terribly weak in every security respect and they had to do SOMETHING to not have to completely reinvent it. Chrome, well, who knows, who cares.
You are right. FF sucks. I cant even post on the internet anymore it has fouled up so badly. Oh wait...
So, why do I need this? Newer isn't better just because it;s newer. IE needs this because it is terribly weak in every security respect and they had to do SOMETHING to not have to completely reinvent it. Chrome, well, who knows, who cares.
You are right. FF sucks. I cant even post on the internet anymore it has fouled up so badly. Oh wait...
I can run just fine without AV, I'm not an idiot but most people can't cause they don't get it, they didn't take classes on this shit.
All programs have security holes and it's the pride like you demonstrated of developers that say "what, my program doesn't have any security holes I wrote it myself I don't need no protected mode that's for faggots that can't write in Visual basic, blah blah blah!" Next thing you now their software blows up everyone starts using it and then the sad reality hits when you hackerproof programming gets fucked in the ass over and over again by some Zero Cool in China and now people's credit card info is getting stolen cause of your shitty programming that you thought was A #1. But if you would've properly implemented protected mode that hacker would've got through you're security hole but then they'd be stuck with jack shit for user rights and therefore can't read or write anything from the system.
No program is perfect no matter what you or the developer thinks so protected mode there for prevent damage when it happens cause it always will.
Who knows hacker may find a way to get around protected mode and then they'll have to another security mechanism created. But right now Protected mode along with DEP and ASLR combined are the bees knees and no ones gotten past all three......yet.
At the last black hat conference a hacker got through DEP and found a sneaky way to skip around ASLR (didn't break it but went around it) but then in the end was still stuck in protected mode with limited user rights.
#172
Sanest Florida Man
Thread Starter
Thank god my dad uses a Mac. Sometime last year he tried for at least an hour to try and find out who sent him a hallmark e-card
I wasn't paying much attention at the time but once he told me what it exactly was he was struggling with for the past hour I busted out laughing. He had gotten an unsolicited email that said someone had sent him a Hallmark ecard and that he needed to open the attachment to see it. Well the attachment was an .exe file, it might've been zipped first IDK. Once he told me that I told him to stop, he was about to boot into bootcamp to get it there. It's for people like him that protected mode was created
I wasn't paying much attention at the time but once he told me what it exactly was he was struggling with for the past hour I busted out laughing. He had gotten an unsolicited email that said someone had sent him a Hallmark ecard and that he needed to open the attachment to see it. Well the attachment was an .exe file, it might've been zipped first IDK. Once he told me that I told him to stop, he was about to boot into bootcamp to get it there. It's for people like him that protected mode was created
#173
Sanest Florida Man
Thread Starter
IF we're on beta 4 and it still doesn't have this feature then I'm not sure it's going to make it. I think FF 3.5 had about 5 beta release then it went to RC stage. So if this thing is going to make it to FF 4 then it's got to show up real fast or it's being pushed back until another release.
I can't see them waiting until the RC stage to add it to public builds, that's too late IMO....
I can't see them waiting until the RC stage to add it to public builds, that's too late IMO....
#174
Thank god my dad uses a Mac. Sometime last year he tried for at least an hour to try and find out who sent him a hallmark e-card
I wasn't paying much attention at the time but once he told me what it exactly was he was struggling with for the past hour I busted out laughing. He had gotten an unsolicited email that said someone had sent him a Hallmark ecard and that he needed to open the attachment to see it. Well the attachment was an .exe file, it might've been zipped first IDK. Once he told me that I told him to stop, he was about to boot into bootcamp to get it there. It's for people like him that protected mode was created
I wasn't paying much attention at the time but once he told me what it exactly was he was struggling with for the past hour I busted out laughing. He had gotten an unsolicited email that said someone had sent him a Hallmark ecard and that he needed to open the attachment to see it. Well the attachment was an .exe file, it might've been zipped first IDK. Once he told me that I told him to stop, he was about to boot into bootcamp to get it there. It's for people like him that protected mode was created
#175
My Garage
I'd rather double-click anywhere on the tab bar than have to click the little box right next to a tab...
#177
Needs more Lemon Pledge
I just enjoy seeing Daniel get all worked up...
#178
Sanest Florida Man
Thread Starter
Let's make simple analogy to help you people understand. So you hire a new intern and needs to access the company network and maybe a couple shared drives for his job, that's all he needs to do his job, no more no less. Do you give the new guy who you don't know and don't trust an Admin account that has full access to all the confidential files on the network and do you also give him the combination to the safe as well!?!? FUCK NO!!! What does he need to know that stuff for, it is not required for him to get his simple job done, that is way more access than should be given to an untrusted employee. He's not restrained in anyway of doing his job with the limits you placed on him and giving him more access than he needs to complete his job is just a recipe for disaster, nothing good can come from it.
So why would you give a browser that runs nothing but untrusted code (web pages) full access to your system files and way more access than it needs to do it's job, nothing good can come of it.
The feature isn't in Firefox now but it WILL be in the future so will you all switch to another browser
It's fuckin amateur hour on AZ....
Firefox 4 does the samething as Chrome so you better stick with FF 3.6 for the rest of your life cause this double-click thing is apparently a deal breaker. How will you ever survive by just hitting the plus sign once instead click twice, oh the humanity, how could they do this to you.....
Last edited by #1 STUNNA; 09-03-2010 at 01:00 PM.
#179
Sanest Florida Man
Thread Starter
You're god damn right! I can't stand watching idiots argue the stupid points ever, have no valid reason why they think they're right but they just keep at it.
Me thinks you're really not THAT dumb, you must be doing it on purpose.....
Me thinks you're really not THAT dumb, you must be doing it on purpose.....
#180
Needs more Lemon Pledge
At this point it amounts to a significant change (switch browser) to solve a problem that does not really exist for me (malicious file system access by the browser), so... Why?
#181
I'm still waiting for ONE good reason for why the browser needs access to system files?
Let's make simple analogy to help you people understand. So you hire a new intern and needs to access the company network and maybe a couple shared drives for his job, that's all he needs to do his job, no more no less. Do you give the new guy who you don't know and don't trust an Admin account that has full access to all the confidential files on the network and do you also give him the combination to the safe as well!?!? FUCK NO!!! What does he need to know that stuff for, it is not required for him to get his simple job done, that is way more access than should be given to an untrusted employee. He's not restrained in anyway of doing his job with the limits you placed on him and giving him more access than he needs to complete his job is just a recipe for disaster, nothing good can come from it.
So why would you give a browser that runs nothing but untrusted code (web pages) full access to your system files and way more access than it needs to do it's job, nothing good can come of it.
The feature isn't in Firefox now but it WILL be in the future so will you all switch to another browser
It's fuckin amateur hour on AZ....
.
Let's make simple analogy to help you people understand. So you hire a new intern and needs to access the company network and maybe a couple shared drives for his job, that's all he needs to do his job, no more no less. Do you give the new guy who you don't know and don't trust an Admin account that has full access to all the confidential files on the network and do you also give him the combination to the safe as well!?!? FUCK NO!!! What does he need to know that stuff for, it is not required for him to get his simple job done, that is way more access than should be given to an untrusted employee. He's not restrained in anyway of doing his job with the limits you placed on him and giving him more access than he needs to complete his job is just a recipe for disaster, nothing good can come from it.
So why would you give a browser that runs nothing but untrusted code (web pages) full access to your system files and way more access than it needs to do it's job, nothing good can come of it.
The feature isn't in Firefox now but it WILL be in the future so will you all switch to another browser
It's fuckin amateur hour on AZ....
.
If I'm not mistaken, you have a problem with Apple and itunes because the code out their music for one player, their's. It's made that way to support the masses, have a better product.
#182
Sanest Florida Man
Thread Starter
You can say it all you want but you still haven't given one example of how limiting the browser's rights limits the users.
I'm waiting........
I'm waiting........
#184
#185
Sanest Florida Man
Thread Starter
You guys do know this isn't anything new right? It's been happening on the world's most popular browser for almost 4 years now right (ever since IE7 was released, it's that old)!? Yet no one has complained there's been no campaign to turn it off, no one has complained in IE or Chrome about how it's limits their web browsing, or takes away their god given rights....
You guys are all talking out of your asses....
You guys are all talking out of your asses....
#186
Sanest Florida Man
Thread Starter
Here's another possible senario where you as the technically aware user can get compromised.
So you're surfing AZ and you see someone posted in the PGT or just body thread. So you're thinking, Hells yeah there's gonna be a new fine ass bitch in this thread, I gots to see this. So you whip you're little dick out get the bottle of jergen's ready click in the thread like you've done hundreds of times before and never had an issue. Then what loads is some new pics, but wait one of the pics is laced with malicious code that targets an unpatched security flaw in Firefox in how it handles JPEGs and it loads a malicious program on your PC and infects your shit with some nasty malware.
You got screwed cause you put your trust in strangers and let their software run with full user rights where if Firefox was running with low user rights this wouldn't have happened. Nothing you did wrong on your part except for being a horny little devil but aren't we all guilty of that???
So you're surfing AZ and you see someone posted in the PGT or just body thread. So you're thinking, Hells yeah there's gonna be a new fine ass bitch in this thread, I gots to see this. So you whip you're little dick out get the bottle of jergen's ready click in the thread like you've done hundreds of times before and never had an issue. Then what loads is some new pics, but wait one of the pics is laced with malicious code that targets an unpatched security flaw in Firefox in how it handles JPEGs and it loads a malicious program on your PC and infects your shit with some nasty malware.
You got screwed cause you put your trust in strangers and let their software run with full user rights where if Firefox was running with low user rights this wouldn't have happened. Nothing you did wrong on your part except for being a horny little devil but aren't we all guilty of that???
#187
But what? People don't have security software on their computers?
#188
Sanest Florida Man
Thread Starter
Of course not you're tech savvy you don't need no stinkin AV, remember!?!?
Plus no AV is 100% either....
Plus no AV is 100% either....
#189
I'm tech savvy enough to know that you don't operate a machine with Windows connected w/o security software. I have never had a virus running a windows machine because I know what I'm looking at and because security software.
I'm also savvy enough to know that it's bullshit that Windows blocking attachments in e-mails because I don't have their programs installed on my computer. .doc and .exe files didn't even show up in Live Mail until I installed Office.
I don't need them to protect me from files that I know are good.
I'm also savvy enough to know that it's bullshit that Windows blocking attachments in e-mails because I don't have their programs installed on my computer. .doc and .exe files didn't even show up in Live Mail until I installed Office.
I don't need them to protect me from files that I know are good.
#190
Three Wheelin'
Your problem is cause you're using Live Mail. Gmail with Thunderbird FTW!
#191
Outlook has never lost anything on me using it for over, I Guess 12 yrs.
#192
Sanest Florida Man
Thread Starter
I know hotmail explicitly blocks the transfer of .exe files as attachments. No way around that. I've never received an exe file in the 10 years I've had my hotmail address nor have I had a legitimate person try to send one. You don't send .exe's as attachments, I think that's an unwritten rule.
I thought your problem with Windows is that it doesn't read Office files without office installed. Then I told you about the free Office viewers which you'd never heard of before. Allowing Windows to read office files by default but not other documents (pdf, odf, etc) would be seen as a monopolistic move by MS and they're not going down that road again.
I thought your problem with Windows is that it doesn't read Office files without office installed. Then I told you about the free Office viewers which you'd never heard of before. Allowing Windows to read office files by default but not other documents (pdf, odf, etc) would be seen as a monopolistic move by MS and they're not going down that road again.
#193
Sanest Florida Man
Thread Starter
Oh and FYI to those so horribly offending that Microsoft has created a feature that steals your programs god given rights to unnecessarily access system files and now want to switch to mac, dont bother. Cause OS X has had the same feature since 10.5 and they keep updating it and putting more programs in the sandbox.
So that means you guys are stuck running XP and Firefox 3.6.x for rest of your lives, better get used to it cause the world is moving on to a safer more secure place without you.....
So that means you guys are stuck running XP and Firefox 3.6.x for rest of your lives, better get used to it cause the world is moving on to a safer more secure place without you.....
#194
Needs more Lemon Pledge
Stunna, you seem a little overly passionate about this. Just saying...
#195
Sanest Florida Man
Thread Starter
I guess that's a good thing.... Don't you want someone working for you that's passionate about their job.
Isn't that the dream? Doing what you love!?
I'm also more knowledgable about this stuff than others on here so it tends to come out. Especially when people say stupid shit....
Isn't that the dream? Doing what you love!?
I'm also more knowledgable about this stuff than others on here so it tends to come out. Especially when people say stupid shit....
Last edited by #1 STUNNA; 09-03-2010 at 09:32 PM.
#196
Needs more Lemon Pledge
The more passionate you are about an implementation, the less likely others will receive it well.
#198
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 39
Posts: 63,177
Received 2,773 Likes
on
1,976 Posts
is that normal?
thats using a buttload more ram then firefox ever used. even after its been bloated up for a few days/months.
Last edited by Mizouse; 09-16-2010 at 01:32 PM.
#199
Sanest Florida Man
Thread Starter
Yes, you want that. It's called tab isolation same feature is coming to FF 4. each tab runs as it's own process so for every tab you have a separate process in task manager
#200
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 39
Posts: 63,177
Received 2,773 Likes
on
1,976 Posts
but i only have 8 tabs open, and there are 11 processes..
just startled me seeing all those chrome.exe's running.
just startled me seeing all those chrome.exe's running.