Re: What is the most secure web browser,

["gregh" <chows () ozemail com au>]

----- Original Message ----- 
From: "secureot" <secureot () yahoo com>
To: <security-basics () securityfocus com>
Sent: Tuesday, September 16, 2003 9:37 AM
Subject: What is the most secure web browser,


> I don't think that continuous, almost daily patching
> is realistic or even close to a resolution. I also do
> not believe that Lynx is an answer.
> Any input would be appreciated. 

Just my 2 cents on this which isn't so much an INFORMED issue as an issue of plain facts - unfortunately.

1 - The great majority of Internet users USE - and will CONTINUE to use no matter what you tell them about the 
insecurities of it - IE and OE. For most people it is a case of "Wont happen to me" just like it wont happen to them 
that they will be shot in the street.

2 - Because of the truth of the issue I put to you in point 1, MS will have to continue patching. For a start there are 
blunderers in there coding their programs but the honest truth is that sometimes sh!t happens. Sometimes against all 
possible precautions, a stuffup gets through that was looked at by everyone and not seen. Have you ever coded something 
that you consider difficult, checked it out with a group of people and missed it completely then had someone completely 
divorced from the issue pick up the problem with a few seconds of checking? Been there, done that from both sides. So, 
while MS makes mistakes, sometimes you have to put yourself in their place and ask if you could do any better. 

3 - A disclaimer from me. I am not the level of programmer that the programmers in there would be. I also use IE and OE 
for purely masochistic reasons.... my customers use it and wont be told any different because they only want the 
computer to use as a tool or as a plaything. They don't want to think of anything else because, as one said plainly to 
me, "That's what I *&^% you for" and of course he is right. I cant make him use anything else which would likely 
safeguard him against some things so I have to know the problems they will get themselves into, firsthand!

Greg.

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------