MozillaZine

Comparatively Speaking...

Monday July 1st, 2002

Linux Online recently compared the major Linux browsers, including the Mozilla-based trio of Mozilla 1.0, Netscape 6.2 and Galeon. Reviewer Michael J Jordan praises Mozilla's stability, tabbed browsing, rendering and customisation.

As mentioned by fondacio on our forums, the International Herald and Tribune took a look at Mozilla, Opera and NeoPlanet (note that the site doesn't seem to work in some builds of Mozilla). Reviewer Lee Dembart says that "Mozilla is impressive and has it all over Opera." He especially likes the ability to block pop-ups, tabbed browsing and pipelining.

UPDATE! tuxracer writes: "I've put up a browser comparison list, comparing various features that affect usability and W3C standards compliance. It compares Mozilla 1.0, Netcaptor 7.01, Internet Explorer 6.0 (Windows), and Internet Explorer 5.x (Mac)."


#111 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: No

by asa <asa@mozilla.org>

Tuesday July 9th, 2002 11:29 PM

You are replying to this message

I'm not trying to convince you that it proliferated heavily due to web surfing. I'm trying to convince you that it's spread due to web surfing was non-trivial and treating it as if it was trivial is reckless.

NIMDA proliferated heavily. There are first person accounts in this forum that recall NIMDA spreading via web pages. You're free to discount the security experts and the first person accounts from mozillaZine forum participants but it doesn't seem to be a reasonable position to me.

Cisco says: "Minimizing Damage and Limiting Fallout...# Use netscape as your browser, or disable Javascript on IE, or get IE patched to SP II." <http://www.cisco.com/warp/public/63/nimda.shtml>

CERT says: "This modification of web content allows further propagation of the worm to new clients through a web browser or through the browsing of a network file system." <http://www.cert.org/advisories/CA-2001-26.html>

news.com: " The ability to infect others through viewing a Web page is the Nimda worm's second path of infection. The snippet of JavaScript added to each Web file on an infected server will cause the worm, renamed "readme.eml," to upload from the server to the surfer's computer. The worm will run automatically on PCs using unpatched versions of Microsoft's Internet Explorer 5.5 SP1 or earlier. On any browser with JavaScript enabled, the worm's script will cause the browser to try to upload the code but will first ask the PC user's permission. PCs can also be infected through the worm's third mode of transmission: e-mail. " (that sounds an awful lot like they put the browser spreading higher in importance than the email spreading) <http://news.com.com/2100-…1-273353.html?legacy=cnet>

ISG says: "Not only does 'Nimda' spread by e-mail and through network shares, it compromises servers in a similar manner to 'Code Red', and can infect users via their web browser - a method not seen with any previous virus. Traditional mail based virus protection is not adequate in protecting your organisation's systems from this virus/ worm." <http://216.239.35.100/sea…er&hl=en&ie=UTF-8>

PCWorld: "Nimda was originally fought using a combination of e-mail and Web filters, antivirus updates, and updates to Microsoft's Internet Explorer Web browser, which is the browser exploited to automatically download the worm." <http://www.pcworld.com/ne…rticle/0,aid,68966,00.asp>

wired: "This worm, named W32/Nimda.A-mm, is dangerously different than virtually all other e-mail and network-borne viruses: It can infect a computer when a user simply clicks on the subject line of an e-mail in an attempt to open it, or visits a Web page housed on an infected server. And many of the infected machines now contain a gaping security hole, created by the worm, that will allow a malicious hacker complete access to the contents of an infected machine or network....Code Red was deemed by the FBI to be so dangerous that it could bring down the entire Internet due to the increased traffic from the scans." <http://www.wired.com/news…logy/0,1282,46944,00.html>

If that's not enough to convinve you that this worm infects MS servers and visiting web pages on those servers with a MS browser is dangerous and that there was a real impact due to it's spread via web browsers, then I guess we're back to agreeing to disagree.

Do you have experts to refute my experts in their claim that NIMDA spread via web browsers?

--Asa