Fog Creek Software
Discussion Board




Latest IE threat

Another phishing exploit.  Turn off active scripting to prevent.  Systems not affected, those not made by Microsoft.

http://secunia.com/advisories/12304/

Mike
Tuesday, August 17, 2004

"Systems not affected, those not made by Microsoft"

Then who made SP2?

Just me (Sir to you)
Tuesday, August 17, 2004

True, technically.  Look one thread down and you'll see someone asking how to keep the gun pointed at his foot.

Mike
Tuesday, August 17, 2004

I find it very amusing.  Damned if you do, damned if you don't. 

First everyone complains, no security and no firewall.  Now no one wants to install it because they've coded their applications to depend on this open atmosphere, and thus continue to remain vulnerable.

When the next exploit hits all those un-upgraded parties (i.e. IBM) whose fault will it be?  It's not like these companies didn't have ample time to download betas and release-candidates for evaluation long ago.

Elephant
Tuesday, August 17, 2004


Gun pointed at his foot? I don't think so.

Care to take a gander at the list of applications that won't work with the XP SP2? A little product called Norton Antivirus tops the list.

A firewall isn't the end-all-be-all of security. It's a measure. Many corporate shops already have firewalls in place; they don't need the one that ships with XP2 and they don't need users jacking with it.

Whatever
Tuesday, August 17, 2004

Norton is not on the list.  Symantec's corporate AV is because it uses TCP/IP ports to do network communication, and the firewall will block those ports, not because SP2 has bugs.

I'm running SP2 and NAV 2004 Pro, with absolutely no problems.

Capn' Kirk
Tuesday, August 17, 2004

"Turn off active scripting to prevent. "

How about "Turn off computer to prevent."  That'd fix it too!

Or maybe "Turn off brain to prevent."  Then i wouldn't notice it.

Crackhead
Tuesday, August 17, 2004

Oh, excuse me. Symantec.

I'm use to calling it Norton since that is what it used to be called. At any rate, my point is the same since many corporate shops are using Symantec there is a reasonably large issue with rolling out SP2 with the firewall enabled.

Whatever
Tuesday, August 17, 2004

Irrevelant side issue:
NAV is not Symantec AV, although they are both Symantec products -- doesn't make much sense to me though


Whatever:
Your point about firewalls not being the end-all is correct.  I would add that it extends beyond XP's to all firewalls.


To the OP:
Pointing out other's flaws is a notable sign of self-doubt, be in your self image or your chosen OS/browser.

Capn' Kirk
Tuesday, August 17, 2004

Do you think Phish (the group) dismantled because of bad press due to this "phishing" (tech term)?

Last I knew, phishing meant going to a phish show....oh and btw  Coventry rocked!!

Yo
Tuesday, August 17, 2004

"Pointing out other's flaws is a notable sign of self-doubt, be in your self image or your chosen OS/browser. "

Thank you, Anthony Fucking Robbins for that psycho babble bullshit.

George Orwell
Tuesday, August 17, 2004

Also, foul language is a sign of relative intelligence, with intellingence going down with the amount of foul language going up.

Capn' Kirk
Tuesday, August 17, 2004

Keep proving the point...

Capn' Kirk
Tuesday, August 17, 2004

Well, it's hard to take someone seriously who suggest that the original poster has a self image problem because he simply posted about a proven flaw within IE.

Agent Orange
Tuesday, August 17, 2004

I'm sorry, not flaw. Exploit. Risk. Danger. Vulnerable to phishing attacks.

Agent Orange
Tuesday, August 17, 2004

What is then the point of such a post?  Are we in awe of a new IE bug?  Are we shocked to hear that MS has bugs?  Does the post change any of our lives one iota?

No, which suggests that the OP was just trying to stick his tongue out at MS.

Capn' Kirk
Tuesday, August 17, 2004

In response to:
"Care to take a gander at the list of applications that won't work with the XP SP2? A little product called Norton Antivirus tops the list."

According to the vendor for Norton AntiVirus (Symantec), installing Windows XP Service Pack 2 will NOT cause any problems for Norton AntiVirus. The following text is from their "home" edition support site ( http://www.symantec.com/techsupp/sp2/faq.html ), but similar comments are on their "enterprise" edition ["Symantec AntiVirus Corporate Edition"]
support site (start at http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=155&EID=0 and click on "XP SP2 Info" which brings you to http://www.symantec.com/techsupp/enterprise/sp2/faq.html ):

"Q: How will installing Service Pack 2 affect the Symantec products I already have installed?

Norton AntiVirus
Installing Service Pack 2 will not affect Norton AntiVirus. The Windows Security Center will be aware that you have Norton AntiVirus installed, but it will not be able to determine its working status due to Symantec's tamper-protection technology.

Norton Firewall/Norton Internet Security
Installing Service Pack 2 will not affect Norton Personal Firewall or Norton Internet Security. The Windows Security Center will be aware that you have one of these products installed, but it will not be able to determine their working status due to Symantec's tamper-protection technology. "

Philip Dickerson
Tuesday, August 17, 2004

"Does the post change any of our lives one iota?"

Are you serious!? Would you have everyone just pretend exploits don't exist for Microsoft products??

Since this exploit was just announced, many people had not heard of it. (Myself included)

I'd much rather be aware of problems rather than just stick my head in the sand. I'm guessing that I'm probably not the only one who would rather know than not know.

Mark Hoffman
Tuesday, August 17, 2004

"Does the post change any of our lives one iota?" 

Probably not.  Lemmings usually march off the cliff to the shrill protestations against it.

Mike
Tuesday, August 17, 2004

> Are you serious!? Would you have everyone just pretend exploits don't exist for Microsoft products??

I didn't say the bug doesn't affect us.  I said flamewar posts don't affect us positively.  Whenever someone posts the latest flame about a bug in <whatever>, it just degrades the quality of the forum.

The IE/MS camp flames the Mozilla/Linux camp, and vice versa, and many good posters from the past have left.

Capn' Kirk
Tuesday, August 17, 2004

I can't remember the last Philo post I read.  Maybe those with the pitchforks finally caught him.

Not Philo in disguise
Tuesday, August 17, 2004

"Probably not.  Lemmings usually march off the cliff to the shrill protestations against it."

Actually, lemmings don't actually do this at all.

http://www.snopes.com/disney/films/lemmings.htm

Kevin
Tuesday, August 17, 2004

"Does the post change any of our lives one iota?"

Not I, finally.  I've finally gotten away from a job that has anything to with support (hooray), and I've had the machines I work on or the machines I need to keep working on SP2 ever since MSDN allowed the download.

:o)

Greg Hurlman
Tuesday, August 17, 2004

*  Recent Topics

*  Fog Creek Home