sho_nuff1997

iTrader: (2)

If you double click an empty space to the right of a tab in IE8, it opens a new tab. Same with FF.

stogie1020

If my OS degraded my browser's user rights without asking me I would be pissed. Does Chrome allow you to turn this 'feature' off?

sho_nuff1997

iTrader: (2)

Nope. Chrome turns you into a bot named stunna, and you are required to bash all other browsers.

stogie1020

Eggs Zactly.

#1 STUNNA

I guess you better go back to XP and never use Vista, 7, any future version of Office (including 2010) or any future version of Adobe Reader with it cause it they all use it.

Give me one good reason why you would want your web browser that's written by imperfect humans and loads nothing but untrusted content from unknown untrusted people to have access to your system files!?!? Why does a browser ever need to access system files? It doesn't need to access those files and since it's the number one means of malware to get through then it shouldn't have access to system files.

Have you ever tried to visit a site in IE on Vista or 7 and you weren't able to cause you had protected mode turned on? NO, cause it in no way limits your browsing capability. Nothing good can come from the browser having access to system files so it shouldn't be allowed.

stogie1020

I also have never had any negative imapct from not having a sandbox mode, still use XP, and have never had any problems large or even small.

So, why do I need this? Newer isn't better just because it;s newer. IE needs this because it is terribly weak in every security respect and they had to do SOMETHING to not have to completely reinvent it. Chrome, well, who knows, who cares.

You are right. FF sucks. I cant even post on the internet anymore it has fouled up so badly. Oh wait...

#1 STUNNA

If you click the top bar in IE8 or FF it minimizes and maximizes just like in Chrome and every other Windows application, try it. Try it in Firefox 4 cause it does the same thing that chrome does. So I guess you should never upgrade to Firefox 4 cause doubleclicking in the open space minimizes and maximizes just like it will in IE 9, it's part of the UI guidelines for Windows applications.

I'm not bashing all browsers and I just strongly believe that sandboxing the browser from the rest of the system is a common sense security feature that offer no downsides. Microsoft, Google and Adobe agree with me hence why they're putting it in their products. Mozilla also agrees that's why they're looking into putting it in their products but I just looked at FF 4.0 beta 4 and it's still not in there, it still running in Medium user rights but hopefully it will change in the future. But I guess you guys will have to stop using firefox then.....

I mean really that's just ridiculous. Are you pissed that the firewall is on by default? Do you turn off the firewall in the OS and your router? No you don't so why wouldn't you want your browser sanboxed, it's the same damn thing except sandboxing doesn't cause communication issues like the firewall can.

Do you remember back in the XP pre SP2 days when worms were spreading like wildfire and there wasn't shit you could do about it. Well there was but it wasn't enabled by default. It was the windows firewall that came with XP, it was turned off by default. Microsoft considers one of their biggest blunders and with SP2 the firewall was turned on by default and that helped ease the spread of malware. It in no way eliminated it but it made it harder for hackers to access your system.

#1 STUNNA

yeah that's what I'm talking about but it's not in the 4.0 beta 4 and reading the article they don't have a timeline when it will arrive, if it CAN arrive and if it will be a user decision or not. If it's off by default then they fail.

To use the words of Steve Jobs

If the user has to manually turn on in options or possibly in a command line what should be an essential security feature that every other major browser has on by default then they blew it.

If the user has to manually turn on the firewall then they blew it just like MSFT did in the pre XP SP2 days and they paid far out the ass for it.

#1 STUNNA

P.s. I've checked in FF 4.0 options and see no mention of low integrity, protected, isolated whatever mode. And by looking at Sysinternals Process Explorer I don't see that 4.0 is even using multiple process for tabs. I still only see one process though I see multiple for Chrome and IE

#1 STUNNA

So I'm sure it'll come in the future it just still ain't there yet so I'm still not recommending it or installing it on anyone's PC until they do.

Once they do, my beef with them goes away. Plain and simple.

I use Chrome as an example cause they're a third party that went and implemented the same feature that the first party has while Firefox has dragged it's feet.

I deal with removing viruses pretty much for a living so I see the effects of it. I can say that I remove malware from very few Vista/7 machines (probably has a lot to do with marketshare to but it's not proportionate) and usually when I do they got the malware through Limewire (mainly) or firefox.

#1 STUNNA

You're not the average person, you're technically aware you don't go clicking on random stupid shit. "What's that? I'm the 100,000 visitor and now I just won a free iPad!?!? All I have to do is click here to download this .zip file that has the form to fill out and mail it in. Ok sweet!"

I can run just fine without AV, I'm not an idiot but most people can't cause they don't get it, they didn't take classes on this shit.

All programs have security holes and it's the pride like you demonstrated of developers that say "what, my program doesn't have any security holes I wrote it myself I don't need no protected mode that's for faggots that can't write in Visual basic, blah blah blah!" Next thing you now their software blows up everyone starts using it and then the sad reality hits when you hackerproof programming gets fucked in the ass over and over again by some Zero Cool in China and now people's credit card info is getting stolen cause of your shitty programming that you thought was A #1. But if you would've properly implemented protected mode that hacker would've got through you're security hole but then they'd be stuck with jack shit for user rights and therefore can't read or write anything from the system.

No program is perfect no matter what you or the developer thinks so protected mode there for prevent damage when it happens cause it always will.

Who knows hacker may find a way to get around protected mode and then they'll have to another security mechanism created. But right now Protected mode along with DEP and ASLR combined are the bees knees and no ones gotten past all three......yet.

At the last black hat conference a hacker got through DEP and found a sneaky way to skip around ASLR (didn't break it but went around it) but then in the end was still stuck in protected mode with limited user rights.

#1 STUNNA

Thank god my dad uses a Mac. Sometime last year he tried for at least an hour to try and find out who sent him a hallmark e-card

I wasn't paying much attention at the time but once he told me what it exactly was he was struggling with for the past hour I busted out laughing. He had gotten an unsolicited email that said someone had sent him a Hallmark ecard and that he needed to open the attachment to see it. Well the attachment was an .exe file, it might've been zipped first IDK. Once he told me that I told him to stop, he was about to boot into bootcamp to get it there. It's for people like him that protected mode was created

#1 STUNNA

IF we're on beta 4 and it still doesn't have this feature then I'm not sure it's going to make it. I think FF 3.5 had about 5 beta release then it went to RC stage. So if this thing is going to make it to FF 4 then it's got to show up real fast or it's being pushed back until another release.

I can't see them waiting until the RC stage to add it to public builds, that's too late IMO....

jupitersolo

Yes, ignorant people, but those who know what they're doing shouldn't have their hand's tied. It's an overeaction to their lack of proactive solutions.

GIBSON6594

I'd rather double-click anywhere on the tab bar than have to click the little box right next to a tab...

alex2364

+1

stogie1020

I just enjoy seeing Daniel get all worked up...

#1 STUNNA

I'm still waiting for ONE good reason for why the browser needs access to system files?

Let's make simple analogy to help you people understand. So you hire a new intern and needs to access the company network and maybe a couple shared drives for his job, that's all he needs to do his job, no more no less. Do you give the new guy who you don't know and don't trust an Admin account that has full access to all the confidential files on the network and do you also give him the combination to the safe as well!?!? FUCK NO!!! What does he need to know that stuff for, it is not required for him to get his simple job done, that is way more access than should be given to an untrusted employee. He's not restrained in anyway of doing his job with the limits you placed on him and giving him more access than he needs to complete his job is just a recipe for disaster, nothing good can come from it.

So why would you give a browser that runs nothing but untrusted code (web pages) full access to your system files and way more access than it needs to do it's job, nothing good can come of it.

The feature isn't in Firefox now but it WILL be in the future so will you all switch to another browser

It's fuckin amateur hour on AZ....
Firefox 4 does the samething as Chrome so you better stick with FF 3.6 for the rest of your life cause this double-click thing is apparently a deal breaker. How will you ever survive by just hitting the plus sign once instead click twice, oh the humanity, how could they do this to you.....

#1 STUNNA

You're god damn right! I can't stand watching idiots argue the stupid points ever, have no valid reason why they think they're right but they just keep at it.

Me thinks you're really not THAT dumb, you must be doing it on purpose.....

stogie1020

At this point it amounts to a significant change (switch browser) to solve a problem that does not really exist for me (malicious file system access by the browser), so... Why?

jupitersolo

So tie everybody's hands together because some dumb fucks don't know what they're doing.

If I'm not mistaken, you have a problem with Apple and itunes because the code out their music for one player, their's. It's made that way to support the masses, have a better product.

#1 STUNNA

You can say it all you want but you still haven't given one example of how limiting the browser's rights limits the users.

I'm waiting........

nbennettksu

iTrader: (2)

whats up doucher

jupitersolo

Stay right there, don't move I'll have something for you soon.

#1 STUNNA

You guys do know this isn't anything new right? It's been happening on the world's most popular browser for almost 4 years now right (ever since IE7 was released, it's that old)!? Yet no one has complained there's been no campaign to turn it off, no one has complained in IE or Chrome about how it's limits their web browsing, or takes away their god given rights....

You guys are all talking out of your asses....

#1 STUNNA

Here's another possible senario where you as the technically aware user can get compromised.

So you're surfing AZ and you see someone posted in the PGT or just body thread. So you're thinking, Hells yeah there's gonna be a new fine ass bitch in this thread, I gots to see this. So you whip you're little dick out get the bottle of jergen's ready click in the thread like you've done hundreds of times before and never had an issue. Then what loads is some new pics, but wait one of the pics is laced with malicious code that targets an unpatched security flaw in Firefox in how it handles JPEGs and it loads a malicious program on your PC and infects your shit with some nasty malware.

You got screwed cause you put your trust in strangers and let their software run with full user rights where if Firefox was running with low user rights this wouldn't have happened. Nothing you did wrong on your part except for being a horny little devil but aren't we all guilty of that???

jupitersolo

But what? People don't have security software on their computers?

#1 STUNNA

Of course not you're tech savvy you don't need no stinkin AV, remember!?!?

Plus no AV is 100% either....

jupitersolo

I'm tech savvy enough to know that you don't operate a machine with Windows connected w/o security software. I have never had a virus running a windows machine because I know what I'm looking at and because security software.

I'm also savvy enough to know that it's bullshit that Windows blocking attachments in e-mails because I don't have their programs installed on my computer. .doc and .exe files didn't even show up in Live Mail until I installed Office.

I don't need them to protect me from files that I know are good.

alex2364

Your problem is cause you're using Live Mail. Gmail with Thunderbird FTW!

jupitersolo

Used Thunderbird for about two months years ago, was the biggest piece of shit ever. After I finally got it set up and had all of my addresses, contacts, etc. it locked up and I couldn't recover anything.

Outlook has never lost anything on me using it for over, I Guess 12 yrs.

#1 STUNNA

I know hotmail explicitly blocks the transfer of .exe files as attachments. No way around that. I've never received an exe file in the 10 years I've had my hotmail address nor have I had a legitimate person try to send one. You don't send .exe's as attachments, I think that's an unwritten rule.

I thought your problem with Windows is that it doesn't read Office files without office installed. Then I told you about the free Office viewers which you'd never heard of before. Allowing Windows to read office files by default but not other documents (pdf, odf, etc) would be seen as a monopolistic move by MS and they're not going down that road again.

#1 STUNNA

Oh and FYI to those so horribly offending that Microsoft has created a feature that steals your programs god given rights to unnecessarily access system files and now want to switch to mac, dont bother. Cause OS X has had the same feature since 10.5 and they keep updating it and putting more programs in the sandbox.

So that means you guys are stuck running XP and Firefox 3.6.x for rest of your lives, better get used to it cause the world is moving on to a safer more secure place without you.....

stogie1020

Stunna, you seem a little overly passionate about this. Just saying...

#1 STUNNA

I guess that's a good thing.... Don't you want someone working for you that's passionate about their job.

Isn't that the dream? Doing what you love!?

I'm also more knowledgable about this stuff than others on here so it tends to come out. Especially when people say stupid shit....

stogie1020

The more passionate you are about an implementation, the less likely others will receive it well.

TypeSSS

Chrome convert.. love linkpush/chrome to phone for Android.. use it almost every day

Mizouse

is that normal?
thats using a buttload more ram then firefox ever used. even after its been bloated up for a few days/months.

#1 STUNNA

Yes, you want that. It's called tab isolation same feature is coming to FF 4. each tab runs as it's own process so for every tab you have a separate process in task manager

Mizouse

but i only have 8 tabs open, and there are 11 processes..

just startled me seeing all those chrome.exe's running.