Re: Iceweasel updates

On Wed 04 Nov 2015 at 14:59:23 +0100, Vincent Lefevre wrote: > On 2015-11-03 13:59:12 +, Brian wrote: > > The contention is that overriding a bank security decision and altering > > the user-agent string is unwise and not to be recommended. > > > > Access to digital banking at RBS and

Re: Iceweasel updates

On 2015-11-03 13:59:12 +, Brian wrote: > The contention is that overriding a bank security decision and altering > the user-agent string is unwise and not to be recommended. > > Access to digital banking at RBS and Natwest in the UK is allowed only > when the string "Firefox" is found. Many

Re: Iceweasel updates

On Mon, 2 Nov 2015 22:53:03 + Brian wrote: > > An attacker must inject a payload into a web page that the user > visits. When the page loads in the user’s browser the attacker’s > payload will be executed. A user would likely have no knowledge of > this, irrespective

Re: Iceweasel updates

On Tue, Nov 03, 2015 at 08:27:42AM +, Joe wrote: > On Mon, 2 Nov 2015 22:53:03 + > Brian wrote: > > > > > > An attacker must inject a payload into a web page that the user > > visits. When the page loads in the user’s browser the attacker’s > > payload will be

Re: Iceweasel updates

On Tue 03 Nov 2015 at 02:57:47 +0100, Vincent Lefevre wrote: > On 2015-11-02 22:53:03 +, Brian wrote: > > An attacker must inject a payload into a web page that the user visits. > > When the page loads in the user’s browser the attacker’s payload will > > be executed. A user would likely have

Re: Iceweasel updates

On Tue 03 Nov 2015 at 23:07:56 (+1300), Chris Bannister wrote: > On Tue, Nov 03, 2015 at 08:27:42AM +, Joe wrote: > > On Mon, 2 Nov 2015 22:53:03 + > > Brian wrote: > > > An attacker must inject a payload into a web page that the user > > > visits. When the page

Re: Iceweasel updates

On Mon 02 Nov 2015 at 15:10:55 +0200, Alex Moonshine wrote: > Not really a solution to OPs problem, but I've decided that it's much > easier to just use a stand-alone precompiled Firefox downloaded from > Mozilla website, which happily updates itself. Debian's update policy > for Iceweasel is far

Re: Iceweasel updates

On 2015-11-02 07:23:07 -0700, Charlie Kravetz wrote: > On Mon, 02 Nov 2015 08:00:59 -0600 > John Hasler wrote: > > >Jack Dangler wrote: > >> The next version of iceweasel i found in deb packages is 41 (quite a > >> jump), but says it is likely buggy (i'm guessing its in

Re: Iceweasel updates

On Monday 02 November 2015 14:34:49 Vincent Lefevre wrote: > On 2015-11-02 07:23:07 -0700, Charlie Kravetz wrote: > > On Mon, 02 Nov 2015 08:00:59 -0600 > > > > John Hasler wrote: > > >Jack Dangler wrote: > > >> The next version of iceweasel i found in deb packages is 41

Re: Iceweasel updates

On Mon 02 Nov 2015 at 14:17:39 +0100, Vincent Lefevre wrote: > On 2015-11-02 13:03:14 +, Brian wrote: > > The reason you advance is probably the one which bank's IT section would > > give if you asked them. Quite how a user's browser can compromise the > > security of the site itself is

Re: Iceweasel updates

On 11/02/2015 03:22 PM, Vincent Lefevre wrote: But some videos are not supported with official precompiled Firefox versions due to obsolete gstreamer: https://bugzilla.mozilla.org/show_bug.cgi?id=947287 Oh, right. I use gstreamer from http://www.deb-multimedia.org/ Yes, I know I just said

Re: Iceweasel updates

On Monday 02 November 2015 07:19:46 Jack Dangler wrote: > Got a msg this morning from online bank service that my browser > (iceweasel) is no longer up to date (equates to ff31) and wants to > 'either update your browser to a compatible version or install one of > the following - [list of usual

Re: Iceweasel updates

Jack Dangler wrote: > The next version of iceweasel i found in deb packages is 41 (quite a > jump), but says it is likely buggy (i'm guessing its in experimental). Unstable has 38.3. Works fine. -- John Hasler jhas...@newsguy.com Elmwood, WI USA

Re: Iceweasel updates

On Mon 02 Nov 2015 at 14:58:24 +0100, Vincent Lefevre wrote: > On 2015-11-02 13:47:41 +, Brian wrote: > > On Mon 02 Nov 2015 at 14:17:39 +0100, Vincent Lefevre wrote: > > > The user's browser cannot compromise the site itself. But a security > > > bug may permit an attacker to get the user's

Re: Iceweasel updates

Am 02.11.2015 um 15:23 schrieb Charlie Kravetz: > The stable release of Firefox is Version 41.0.2, released Oct 15. > Doesn't that make 38 old? No, it doesn't. 38.x is the currently stable extended support release (ESR) of Firefox. -- Regards mks

Re: Iceweasel updates

On 2015-11-02 15:10:55 +0200, Alex Moonshine wrote: > Not really a solution to OPs problem, but I've decided that it's > much easier to just use a stand-alone precompiled Firefox downloaded > from Mozilla website, which happily updates itself. But some videos are not supported with official

Re: Iceweasel updates

On 2015-11-02 13:47:41 +, Brian wrote: > On Mon 02 Nov 2015 at 14:17:39 +0100, Vincent Lefevre wrote: > > The user's browser cannot compromise the site itself. But a security > > bug may permit an attacker to get the user's login and password, and > > neither the bank nor the user would like

Re: Iceweasel updates

On Mon, 02 Nov 2015 08:00:59 -0600 John Hasler wrote: >Jack Dangler wrote: >> The next version of iceweasel i found in deb packages is 41 (quite a >> jump), but says it is likely buggy (i'm guessing its in experimental). > >Unstable has 38.3. Works fine. The stable

Re: Iceweasel updates

On 2015-11-02 07:19:46 -0500, Jack Dangler wrote: > The next version of iceweasel i found in deb packages is 41 (quite a > jump), but says it is likely buggy (i'm guessing its in experimental). Yes, it's in experimental. But 41 is *not* the next version. The current stable version is

Re: Iceweasel updates

On Mon 02 Nov 2015 at 13:48:13 +0100, Vincent Lefevre wrote: > On 2015-11-02 12:35:43 +, Brad Rogers wrote: > > On Mon, 02 Nov 2015 07:19:46 -0500 > > Jack Dangler wrote: > > >Got a msg this morning from online bank service that my browser > > > > Your banking service is

Re: Iceweasel updates

Not really a solution to OPs problem, but I've decided that it's much easier to just use a stand-alone precompiled Firefox downloaded from Mozilla website, which happily updates itself. Debian's update policy for Iceweasel is far from ideal or comprehensive, using third-party repositories is

Re: Iceweasel updates

On 2015-11-02 13:03:14 +, Brian wrote: > The reason you advance is probably the one which bank's IT section would > give if you asked them. Quite how a user's browser can compromise the > security of the site itself is unlikely to be explained. The user's browser cannot compromise the site

Re: Iceweasel updates

On Mon 02 Nov 2015 at 11:42:50 -0500, Jack Dangler wrote: > On Mon, 2015-11-02 at 07:23 -0700, Charlie Kravetz wrote: > > On Mon, 02 Nov 2015 08:00:59 -0600 > > John Hasler wrote: > > > > >Jack Dangler wrote: > > >> The next version of iceweasel i found in deb packages is

Re: Iceweasel updates

On Mon, 2015-11-02 at 07:23 -0700, Charlie Kravetz wrote: > On Mon, 02 Nov 2015 08:00:59 -0600 > John Hasler wrote: > > >Jack Dangler wrote: > >> The next version of iceweasel i found in deb packages is 41 (quite a > >> jump), but says it is likely buggy (i'm guessing its in

Re: Iceweasel updates

On 2015-11-02 15:00:19 +, Brian wrote: > On Mon 02 Nov 2015 at 14:58:24 +0100, Vincent Lefevre wrote: > > > On 2015-11-02 13:47:41 +, Brian wrote: > > > On Mon 02 Nov 2015 at 14:17:39 +0100, Vincent Lefevre wrote: > > > > The user's browser cannot compromise the site itself. But a

Re: Iceweasel updates

On Mon 02 Nov 2015 at 23:02:38 +0100, Vincent Lefevre wrote: > On 2015-11-02 15:00:19 +, Brian wrote: > > On Mon 02 Nov 2015 at 14:58:24 +0100, Vincent Lefevre wrote: > > > > > On 2015-11-02 13:47:41 +, Brian wrote: > > > > On Mon 02 Nov 2015 at 14:17:39 +0100, Vincent Lefevre wrote: > >

Re: Iceweasel updates

On 2015-11-02 22:53:03 +, Brian wrote: > An attacker must inject a payload into a web page that the user visits. > When the page loads in the user’s browser the attacker’s payload will > be executed. A user would likely have no knowledge of this, irrespective > of whatever browser or

Re: Iceweasel updates

On Mon, Nov 02, 2015 at 07:19:46AM -0500, Jack Dangler wrote: > Got a msg this morning from online bank service that my browser > (iceweasel) is no longer up to date (equates to ff31) and wants to > 'either update your browser to a compatible version or install one of > the following - [list of

Re: Iceweasel updates

On Mon, Nov 02, 2015 at 04:13:44PM +0200, Alex Moonshine wrote: > > > On 11/02/2015 03:22 PM, Vincent Lefevre wrote: > >But some videos are not supported with official precompiled Firefox > >versions due to obsolete gstreamer: > >https://bugzilla.mozilla.org/show_bug.cgi?id=947287 > > Oh,

Re: Iceweasel updates

On Mon, 02 Nov 2015 07:19:46 -0500 Jack Dangler wrote: Hello Jack, >Got a msg this morning from online bank service that my browser Your banking service is being lazy; They don't want to 'support' an older version Ff. If Iceweasel still works on their site, carry on using

Iceweasel updates

Got a msg this morning from online bank service that my browser (iceweasel) is no longer up to date (equates to ff31) and wants to 'either update your browser to a compatible version or install one of the following - [list of usual suspects]. The next version of iceweasel i found in deb packages

Re: Iceweasel updates

On 2015-11-02 12:35:43 +, Brad Rogers wrote: > On Mon, 02 Nov 2015 07:19:46 -0500 > Jack Dangler wrote: > >Got a msg this morning from online bank service that my browser > > Your banking service is being lazy; They don't want to 'support' an > older version Ff. If