BYTE.com
RSS feed
Archives
Columns
Features
Print Archives 1994-1998
Special
Michael Abrash's Graphics Programming Black Book
101 Perl Articles
About Us
Write to BYTE.com
Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
Email Address
First Name
Last Name




 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE    
BYTE.com > Chaos Manor > 2003

The Fire-Breathing Browser

By Jerry Pournelle

October 13, 2003

(The Fire-Breathing Browser :  Page 1 of 1 )



Column 279

The system attacks continue. They're very dangerous, but most of them require your cooperation. Be careful out there. Things aren't what they seem. Of course you know not to open unexpected e-mail attachments, but there are other dangers, and as Chaos Manor Associate Dan Spisak says, there is no patch for the human brain.

The latest series looks like official notifications from eBay to the effect that unless you send a lot of information to what looks like a secure site, you'll lose your eBay accounts and all your bids and sales will be cancelled.

There are many variants of this attack, involving eBay, PayPal, and other financial services you may use. I presume BYTE readers know better than to fall for this stuff, but do warn your friends: these things can look quite official. Incidentally, in most cases the entire letter is a hyperlink that will take you to the scam Web site.

There are also new vulnerabilities. The latest of those is a hole in Internet Explorer that could allow anyone using Internet Explorer to be vulnerable. In Microsoft's own words, the "Impact of vulnerability" is to "Run code of attacker's choice"—which means anything including turning your system into a zombie that mounts attacks against other sites, or spams the White House with terrorist threats…

The good news is that this is one of those holes found and reported by Microsoft along with the fix, and I have no confirmation of any actual exploits. The bad news is that if this was found to be in the Internet Explorer code after all these security reviews, what other holes might be in there?

Mozilla

One solution suggested by many of my readers and a number of my associates is to give up Microsoft Internet Explorer and use Mozilla. This is started as an open source version of Netscape and is now maintained by the Mozilla Foundation. I am told that when they began serious work on Mozilla, they found the Netscape code was such a mess that they started over.

 Page 1 of 1 


BYTE.com > Chaos Manor > 2003
Dr. Dobb's Media Center

Extending Enterprise Value with Web 2.0
In this webcast we will talk about how to simply build and quickly remix Web 2.0 applications and the role of the IT department and how they support mashups. We will discuss how IBM can help IT teams adapt existing enterprise systems as well as develop unique ones that can support end user driven mashups in a reliable, scalable and secure way. We will highlight a simple scenario adapting an enterprise information source for mashups and how to test it. We will also cover how IBM can help you build agile, fast and simple web applications based on dynamic scripting languages that dramatically reduces development time. Wednesday, September 24, 2008 - 12pm PT / 3pm ET

2008 International Mathematica Conference
Dr. Dobb's interviews Wolfram Research's Theo Gray, co-founder and Director of User Interfaces, and Roger Germundsson, Director of Research and Development, about the upcoming 2008 International Mathematica Conference.
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE: Volume 2 - Heuristic Algorithms
The Best of BYTE: Volume 2 - Heuristic Algorithms
In this volume of Best of BYTE, we explore the emergence of some heuristic algorithms. Although we have only scratched the surface of this intriguing subject, we hope we've suggested the potential of the synthesis of heuristics and algorithms.

© 2008 Think Services, Privacy Policy, Terms of Service, United Business Media Limited
Site comments: webmaster@byte.com
Web Sites: BYTE.com, dotnetjunkies.com, Dr. Dobb's Journal, SD Expo, Sys Admin, sqljunkies.com, Unixreview



MarketPlace
simple helix is the most trusted name in the hosting industry! Join us and host with the experts!
Automatically capture customer crash data, no debugger required. Support for .NET, C++, OS X, Java.
Understand C/C++ code in less time. A new team member ? Inherited legacy code ? Get up to speed faster with Crystal Flow for C/C++. Code-formatting improves readability. Flowcharts are integrated with code browser. Export flowcharts to Visio.
Develop 10 times faster ! ALM, IDE, .Net, RAD, 5GL, Database, 5GL, 64-bit, etc. Free Express version
Certificates & Degrees in IT from Accredited Online Colleges! Request Free Information!
Wanna see your ad here?
 

web2