On May 4, 2009, at 1:02 PM, Dan wrote:
> > Ahhhhhh. Plug-In Wars! > > An interesting read: > > <http://arstechnica.com/open-source/news/2009/05/mozilla-ponders-policy-change-after-firefox-extension-battle.ars > > > "Firefox's extension system is really just an officially supported mechanism for monkey-patching the browser. Extensions are not isolated or sandboxed. They are broadly permitted to manipulate the browser's behavior and user interface at will and can easily tamper with the functionality of other extensions." Oh, no security holes THERE! Nosirree! What this DOES do, and sensibly, is start pushing some of these things into the browser code itself. Unfortunately a web browser that natively blocks advertising is going to cause a total sh*tstorm from the people who make their money from web advertising. Of course, this is just also the same kind of behavior Windows malware's been doing for a long, long time. A lot of malware code is expended on battling it out with other malware code on the computer, and preventing other malware from taking over. After all, the surest sign a computer is vulnerable is if you can tell if it's already compromised. Speaking of security, there was a VERY interesting study conducted by UCSD earlier this year...they actually hijacked a live botnet for 10 days and recorded everything it did... The PDF makes for interesting reading, especially the background section, for those of you unfamiliar with how these things work. Note: whenever they speak of a malicious web site or program installing something, that activity would be causing permissions requests to be popping up on a Mac. <http://www.cs.ucsb.edu/~seclab/projects/torpig/index.html> -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed Low End Mac's G3-5 List, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/g3-5-list?hl=en Low End Mac RSS feed at feed://lowendmac.com/feed.xml -~----------~----~----~----~------~----~------~--~---
