Sunday, March 22, 2015

How’s your browser?

If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology.

Bruce Schneier

I personally use Firefox.  Not a fan of IE although there are certain requirements for using it.  Was a fan of Chrome, until I realized what Google is really all about. (You have no idea).  In the following article, the potential bugs were identified in a contest.

Here’s how each browser fared:

  • 4 bugs were demonstrated in Internet Explorer (tested on Windows 8.1)
  • 3 bugs were demonstrated in Mozilla Firefox (tested on Windows 8.1)
  • 2 bugs were demonstrated in Safari (tested on OS X Yosemite)
  • 1 bug was demonstrated in Chrome (tested on Windows 8.1)

(Note: Before anyone says “Hah! Good thing I run Opera!”, remember that Opera has been based on Chrome/Chromium since May of 2013. So Chrome bugs likely affect Opera, too.)

Meanwhile, researchers also demo’d exploits across Adobe Reader, Flash, and Windows itself.

That last browser bug, the one found in Chrome, actually resulted in the biggest payout in the contest’s history: a staggering $110,000. Chrome already has the biggest payout of any of the browsers because it’s notoriously hard to exploit — but the researcher, Jung Hoon Lee, scored some bonus cash for style. He got $75k for the initial bug, $25k for getting his code to run at a system level, and another $10k because the bug also works in the beta build of Chrome.

Tech Crunch

Being able to break security doesn’t make you a hacker anymore than being able to hotwire cars makes you an automotive engineer.

Eric Raymond

No comments:

Post a Comment

You are not entitled to your opinion. You are entitled to your informed opinion. No one is entitled to be ignorant.

Harlan Ellison