> while it affects IE6 on XP most no versions are immune. Scaremongering much John?
On Wed, Jan 20, 2010 at 10:20 AM, John Bird <johnkb...@paradise.net.nz> wrote: > In Chrome you can find out what is using CPU for each tab, there is a task > manager. > > Try the Firefox 3.6 beta > > I really really would hesitate to use IE at the moment, seeing as all > versions including IE8 on Windows 7 are vulnerable to the latest China > exploit - while it affects IE6 on XP most no versions are immune. > Especially if you are known to have access to any valuable intellectual > property! > > Chrome UI is an acquired taste, personally I find Firefox Chrome and Opera > all comparable in speed, Chrome and Opera are the speed freaks in most > tests. Safari is also very fast but tends to have more security issues than > the others. > > >From what I have gathered, as details are deliberately a bit vague the > "China attacks" worked like this: > > -They tried to hack into Gmail/Yahoo/Hotmaill accounts of known china > activists and supporters. Gmail has now changed its default to https to > make this harder - others are expected to follow. > > -Last year there were targeted emails sent to certain staff in the Dalai > Lama's office, looking to be from someone the person knew with links to an > innocuous web site, or attached photos/PDFs which had a malware dropper in > it. Once loaded on the target PC, the Trojan started monitoring all email > traffic and logins, and turned on web cams and microphones to monitor what > was happening in the office around the PC, ie conversations nearby were also > being monitored. > > Once security specialists were called in, they found also a significant > number of Asian embassies of various countries also had similar spyware > installed - it was described as the most sophisticated and comprehensive > spyware ever seen > > The traffic looked to being sent to a site in China and Taiwan physically > close to the Chinese governments electronic monitoring site, however no-one > was sure of this as it could in theory have been going anywhere. > > -The Google and Adobe attacks this year look to be similar - There were > targeted emails sent to staff deduced to have privileged access on networks > eg to source repositories. The emails apparently looked innocuous and from > parties known to the receiver (this is the targeted part - the senders had > done careful research). Once installed the malware started downloading the > source it could locate to web sites that Google identified as being Chinese. > Google say up to 30 firms in California were targeted. The fact that they > had publicly identified China as the offender implies they have done some > thorough tracking of the destination of stolen data. > > This exploit is mainly in IE, and may also involve a PDF exploit as well. > By all accounts Microsoft have conceded there is a problem in IE6 and do not > yet have a fix, and it is not certain it can be fixed. Turning the security > zone settings to High makes it less likely but is still not an absolute > preventative. All versions of IE have this vulnerability. > > There was a similar serious problem with https in 2009 where a rogue web > site could impersonate a legitimate site using a specially crafted digital > certificate that had a binary null between the name of the impersonated site > and the false site name - this allowed the certificate to be verified but > the impersonated name would be shown, not the true impersonating domain. > This meant that a man-in-the-middle attack for https traffic to in > particular bank web sites became possible with no warning in the browser as > the certificate looked to be verified (it was but for the malware domain). > This vulnerability was fixed quite fast, but interestingly on Windows it > affected IE, Chrome, Opera and Safari as they all used a Microsoft component > to verify digital certificates - Firefox was the only browser immune in this > case as it used its own component. > > Personally I prefer Firefox as its fast enough (close to if not fastest), > best bookmarks search, and fastest consistently to fix security holes. > However security is a constantly moving target and all software has its > vulnerabilities. > > John > > From: "Jeremy North" <jeremy.no...@gmail.com> > To: "NZ Borland Developers Group - Delphi List" <delphi@delphi.org.nz> > Sent: Wednesday, January 20, 2010 10:28 AM > Subject: Re: [DUG] Offtopic - but.... > > > I'm sorry but I disagree. If all of those tabs are loaded then it > shouldn't be using any CPU, or a very small amount. > > Firefox has security issues, just like IE. > > I use both but prefer IE, it handles flash a lot better than Firefox. > > Couldn't get into Chrome. > > I installed Firefox on the mac but it just seems out of place so > generally use Safari - even though it is a pain to use. I don't browse > often on the mac. > > On Tue, Jan 19, 2010 at 6:13 PM, John Bird <johnkb...@paradise.net.nz> > wrote: >> My Firefox (3.7) is using 12-13%cpu and 400MB with 88 tabs open at the >> moment. Thats not too bad... >> >> John >> >> From: Sean Cross >> >> To: NZ Borland Developers Group - Delphi List >> Sent: Tuesday, January 19, 2010 4:50 PM >> Subject: Re: [DUG] Offtopic - but.... >> >> Ram? I find processor usage is the problem. It can suck up 30% of my >> processor for no apparent reason when it's just sitting in the background! >> >> >> >> Regards >> >> >> >> Sean Cross >> CIO >> >> >> >> Catalyst Risk Management >> PO Box 230 >> Napier 4140 >> DDI: 06-8340362 >> Mobile: 021270 3466 >> >> >> >> Visit us at http://www.catalystrisk.co.nz >> >> >> >> Offices in Auckland, Hamilton, Napier, Wellington, Christchurch & Dunedin >> >> >> >> Disclaimer: >> "The information contained in this document is confidential to the >> addressee(s) and may be legally privileged. Any view or opinions expressed >> are those of the author and may not be those of Catalyst Risk Management. >> No >> guarantee or representation is made that this communication is free of >> errors, viruses or interference. If you have received this e-mail message >> in >> error please delete it and notify me. Thank you." >> >> >> >> >> >> From: delphi-boun...@delphi.org.nz [mailto:delphi-boun...@delphi.org.nz] >> On >> Behalf Of Jeremy Coulter >> Sent: Tuesday, 19 January 2010 12:03 p.m. >> To: NZ Borland Developers Group - Delphi List >> Subject: [DUG] Offtopic - but.... >> >> >> >> I know thi sis offtopic, but does anyone know WHY FireFox consumse SO MUCH >> RAM ?? >> I have 8 tabs open and its usign over 400MB !! Its complete madness ! I >> have started going off Firefox lately. On ym Vista 64bit install at home, >> I >> cant do an F5 to refresh, I have to do a CTRL+F5 ..... grrr >> >> >> Jeremy >> >> ________________________________ >> >> _______________________________________________ >> NZ Borland Developers Group - Delphi mailing list >> Post: delphi@delphi.org.nz >> Admin: http://delphi.org.nz/mailman/listinfo/delphi >> Unsubscribe: send an email to delphi-requ...@delphi.org.nz with Subject: >> unsubscribe >> >> ________________________________ >> >> _______________________________________________ >> NZ Borland Developers Group - Delphi mailing list >> Post: delphi@delphi.org.nz >> Admin: http://delphi.org.nz/mailman/listinfo/delphi >> Unsubscribe: send an email to delphi-requ...@delphi.org.nz with Subject: >> unsubscribe >> >> _______________________________________________ >> NZ Borland Developers Group - Delphi mailing list >> Post: delphi@delphi.org.nz >> Admin: http://delphi.org.nz/mailman/listinfo/delphi >> Unsubscribe: send an email to delphi-requ...@delphi.org.nz with Subject: >> unsubscribe >> > > _______________________________________________ > NZ Borland Developers Group - Delphi mailing list > Post: delphi@delphi.org.nz > Admin: http://delphi.org.nz/mailman/listinfo/delphi > Unsubscribe: send an email to delphi-requ...@delphi.org.nz with Subject: > unsubscribe > > > _______________________________________________ > NZ Borland Developers Group - Delphi mailing list > Post: delphi@delphi.org.nz > Admin: http://delphi.org.nz/mailman/listinfo/delphi > Unsubscribe: send an email to delphi-requ...@delphi.org.nz with Subject: > unsubscribe > _______________________________________________ NZ Borland Developers Group - Delphi mailing list Post: delphi@delphi.org.nz Admin: http://delphi.org.nz/mailman/listinfo/delphi Unsubscribe: send an email to delphi-requ...@delphi.org.nz with Subject: unsubscribe
