IC, Is Opera still better than firefox with noscript? I thought they say Opera is the safest browser... Your opinion?

Any browser has bugs and security halls ;) As more as browser become popular- more security bugs will be find.
In opera you can easily allow on specific web page all scripts for all or no one - in explorer you can't doing even this so easily.But in noscript you can allow on specific site execution of the scrips, and others (mainly advertising systems ) will be still blocked.
For example, lets go to the site http://www.networkworld.com/topics/security.html
I want to allow scripts just for www.networkworld.com, and not for other advertising sites that may be appear on this page. (maby these advertising sites were been hacked (for example :http://www.wired.com/techbiz/media/news/2007/11/doubleclick ) or even www.networkworld.com itself was hacked (and 3th scripts was added) ;) )
You can see this on the pic: 22912
(Sorry that words like "allow " are in russian .)

I have heard, that NoScript can be used on netscape browser too ;)

IC, Is Opera still better than firefox with noscript? I thought they say Opera is the safest browser... Your opinion? Nothing beats NoScript; it's as simple as that. If that didn't exist, I would certainly opt for Opera as my default browser. Paul

Firefox - best tweakable browser =)

Still I really like Opera. But if I need to do any secure browsing I definately use Firefox with NoScript

Someone posted this test over at the Kaspersky fan club forum.
http://www.webdevout.net/browser-security

Sjoeii Do you know is there anything like that thing for other browsers?
(BTW, there: http://en.wikipedia.org/wiki/List_of_web_browsers is some information about many browsers including timeline, but no information about security...)

Does anyone heard/seen/know anything bad about Amaya Browser?
(http://en.wikipedia.org/wiki/Amaya_(web_browser) http://www.w3.org/Amaya/)
I want to try using it... ^_^

No sorry. I just picked it up somewhere.

never heard of amaya, but it sure looks like Maxthon

Hmm... Well... It doesn't realy looks like Maxton... I think...
And Maxton doesn't have it's own engine, but it can use IE or Firefox engine...
I'm trying to find compact and fast browser, what is not eating too much resources and doesn't support java and flash, with its own engine, maybe even something text based(w3m browser looks good: http://en.wikipedia.org/wiki/W3m)...

I want to try to install win2k3 on an old machine(Celeron 300, 520mb hdd, 128mb ram) and make it working there with all common features(Web Browser, File Manager, some archivator(s), some IM client(some icq client for me without all that useless things like sounds, animation, banners, games, avatars, advanced statuses, file transfer...), irc client(looking for something like 0irc(http://www.dev0.de/)), ftp client, some small network tools, some text editor and readers for word documents, pdf, djvu and others, some image viewer(i think about IrfanView), multimedia player, other common apps)... ^_^

I read some posts at mozzillazine forums about IE being infected(or other) through firefox. The method does not apparently affect Firefox but only IE. I can't locate the thread currently, but if I find it I will post a link to it.

If this were possible, would it occur because of the trident layout engine which is a part of IE and Firefox or is it some other bug or vulnerability?

The problem is, of course, not in the browsers themselves, but in Windows. A malware installer capable of working on a range of browsers with native Java support (with the help of Sun Java Runtime Environment) can do very dirty tricks, yes, and I'm afraid this is not only limited to Firefox - it will work with Opera, Netscape and others as well.
Besides there is the URI vulnerability, which has still not been resolved completely. This affects especially the proud owners of IE7. It has to do with the way your browser launches arbitrary programs when special URLs containing the % character are clicked on. In doing so, they may allow spyware to be installed on the user's system, but the technical details go beyond the scope of this forum section. To give one example:
Entering

http:%xx../../../../../../../../../../../windows/system32/calc.exe".bat
under 'Start/Run' launches the calculator. Very scary. That's why, even while Firefox is my default browser, I locked IE down completely, and blocked it from Internet access (it's on a proxy to remote address 0.0.0.0, and I disabled the ability for most programs to launch others in the HKEY_CLASSES_ROOT section of the registry by deleting the Shell/Open/Command-parameter. This *is* risky if you don't know what you're doing, but it's the best defense you can imagine against spyware trying to silently run applications.
P.S.: I also removed Java support on my machine.

Paul

just curious. Anyone using safari browser?

@ Sjoeii

Sure... =)

haha and what do you think?

Safari is the best browser I've ever seen on my iPhone... =)))

haha
I hope I can test that version later this week when I receive mine ;-)

however, the most common avenue of exploitation is via Internet Explorer.
Internet Explorer 5.x, 6.x and 7 running on all versions of Windows are affected.

As plug-ins are generally used to enable access to third party file formats, many plug-in vulnerabilities apply to all compatible browsers on all operating systems. Any web browser running on any version of any operating system is potentially vulnerable.

- www.sans.org/top20/#c1

Could you be more specific on these procedures (would like to impliment them).

"That's why, even while Firefox is my default browser, I locked IE down completely, and blocked it from Internet access (it's on a proxy to remote address 0.0.0.0, and I disabled the ability for most programs to launch others in the HKEY_CLASSES_ROOT section of the registry by deleting the Shell/Open/Command-parameter. This *is* risky if you don't know what you're doing, but it's the best defense you can imagine against spyware trying to silently run applications.
P.S.: I also removed Java support on my machine." -Paul

Safari is the best browser I've ever seen on my iPhone... =)))

I have my iPhone now for couple of days and must admit. safari works great :wink_3:

That's why, even while Firefox is my default browser, I locked IE down completely, and blocked it from Internet access (it's on a proxy to remote address 0.0.0.0, and I disabled the ability for most programs to launch others in the HKEY_CLASSES_ROOT section of the registry by deleting the Shell/Open/Command-parameter. This *is* risky if you don't know what you're doing, but it's the best defense you can imagine against spyware trying to silently run applications.
P.S.: I also removed Java support on my machine.

Paul

I have vista. How do I do that with the registry? PM if you don't want to post. How do I get rid of java support, Add/Remove? I thought I needed IE for Windows Updates.

It has to do with the way your browser launches arbitrary programs when special URLs containing the % character are clicked on.