[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: Web browsers - a mini-farce

To: Georgi Guninski <guninski@xxxxxxxxxxxx>
Subject: [Full-Disclosure] Re: Web browsers - a mini-farce
From: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
Date: Wed, 20 Oct 2004 10:13:31 +0200 (CEST)

On Tue, 19 Oct 2004, Georgi Guninski wrote:

> just out of curiousity, do you use internet exploder for browsing ?

Hell no.

First, it has a good number of higher-level design flaws that make it
fairly vulnerablt to various privilege escalation / zone bypass attacks.
Second, it is far too popular, making it practical to write malware that
targets it; it is rather pointless to "phish" using a lynx address
obfuscation vulnerability ;-)

Third, I generally do not use Windows.

-- 
------------------------- bash$ :(){ :|:&};: --
 Michal Zalewski * [http://lcamtuf.coredump.cx]
    Did you know that clones never use mirrors?
--------------------------- 2004-10-20 10:11 --

   http://lcamtuf.coredump.cx/photo/current/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Web browsers - a mini-farce
  - From: Michal Zalewski
- [Full-Disclosure] Re: Web browsers - a mini-farce
  - From: Georgi Guninski

Prev by Date: RE: [Full-Disclosure] Windows Time Synchronization - Best Practices
Next by Date: Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!
Previous by thread: Re: [Full-Disclosure] Re: Web browsers - a mini-farce
Next by thread: Re: [Full-Disclosure] Web browsers - a mini-farce
Index(es):
- Date
- Thread