www.computeractive.co.uk/ item ref.2169253 on reading the magazine last night I read firefox has a flaw, you must not use password manager it is not secure Peoplearesaying use firefox not ie7 just think carefully before you do use firefox
2006-12-05 21:59:52 · 10 answers · asked by angie 3 in Computers & Internet ➔ Security
Well said. Recently firefox has been getting more bugs than IE6/7. Had to happen now that firefox has become more popular. Guess those lousies will start producing as many viruses for FF as they have done for IE, unfortunately.
2006-12-05 22:02:40 · answer #1 · answered by Carella 6 · 1⤊ 1⤋
It was thought to have been a flaw, and it was, but it was fixed before the release of Firefox 2.0, Firefox 1 didn't have the flaw either, it was just something they missed in the development, don't go for IE7, Firefox 2.0 for the win. The password manager can be dangerous as any user can sign in any sites..kind of thing, but you can always clear the list.
2006-12-05 22:22:09 · answer #2 · answered by Aaron 5 · 2⤊ 0⤋
Internet Explorer 7 web browsers are vulnerable to a flaw that could allow attackers to steal passwords it has been found.
Called the Reverse Cross Site Request vulnerability (RCSR) by its discoverer Robert Chapin, the flaw allows attackers to get users passwords and usernames by presenting them with a fake login form.
Firefox Password Manager will automatically enter any saved passwords and usernames into the form which it seems is part of the problem.
The Password Manager component of Firefox can be exploited to send a username and password combination to an attacker's computer without the user's knowledge.
"This may be a new breed of phishing attack unique to websites with user-contributed HTML", said Chapin on a Mozilla bug reporting site.
According to Chapin, "Users of both Firefox and Internet Explorer need to be aware that their information can be stolen in this way when visiting blog and forum websites at trusted addresses".
According to Chapin, Microsoft already knows about the issue and is "aware of the issue".
Before you resist from using the Internet at all, for the attack to work the user to follow a malicious link or form button.
"Webmasters have little recourse against stopping the attacks from happening. The only effective measure would be to remove all
elements in user-contributed HTML", Chapin said.
An exploit for this flaw has already been seen on social networking site MySpace. A recent large-scale attack using RCSR targeted the social networking site's users and was first reported by Netcraft 27/10/2006. That incident involved fake login forms on the MySpace website inviting users to type in their username and password.
The bad news is that the vulnerability could affect anyone using a blog or forum that allows user-generated HTML code to be added, according to Chapin.
2006-12-05 22:13:03 · answer #3 · answered by Sreejith Kumar P 2 · 1⤊ 0⤋
No-one is saying Firefox is immune from attack - no browser is - but the general consensus is that Firefox is the browser to use - all the surveys I have read rate Firefox ahead of IE.
Also - if you got to the Firefox home page you will find all kinds of nifty extensions you can add to Firefox to make it even more secure.
2006-12-05 22:17:03 · answer #4 · answered by Anonymous · 1⤊ 0⤋
Check out this weeks Webuser, install a sandbox and run your browser from inside that.
Use decent security - and that means common sense as well as programs. Password managers are not good security.
FF still has fewer security issues than IE7.
2006-12-06 01:34:15 · answer #5 · answered by sarah c 7 · 0⤊ 0⤋
I use Firefox and will even after reading that. I don't use the password manager anyways - it's clearly bad security practise to store your passwords on your machine in ANY format.
Despite that, Firefox is _still_ safer, more stable, and a whole lot more user-friendly than IE.
Rawlyn.
2006-12-05 22:12:50 · answer #6 · answered by Anonymous · 1⤊ 1⤋
IE7 is the better but due to so many people using it, IE7 is succeptible to more bugs than FF.Also IE is pre-installed in some manufacturers computers
2006-12-06 02:24:45 · answer #7 · answered by D G 6 · 0⤊ 0⤋
Firefox is fine so long as you have a proper firewall in place to stop hackers getting into your system.
I would recommend Firefox over IE7 any day.
2006-12-05 22:02:11 · answer #8 · answered by Anonymous · 3⤊ 1⤋
Firefox user and happy I do not and would not use anything that saves my passwords for me, but thanks for the warning.
2006-12-05 22:03:36 · answer #9 · answered by ♣ My Brainhurts ♣ 5 · 0⤊ 0⤋
Try out Opera. Its the best browser.
2006-12-05 22:16:30 · answer #10 · answered by Sunny 4 · 0⤊ 1⤋