MozillaZine

Mozilla Downloads Rise Following US-CERT Recommendation to Drop IE

Friday July 2nd, 2004

Wired News is reporting that Mozilla downloads have surged following advice from the US Computer Emergency Readiness Team (US-CERT) to avoid Internet Explorer for security reasons. Download numbers approximately doubled in the days following the US-CERT recommendation, which was made in the form of an update to an earlier vulnerability note and comments to the press. US-CERT is a partnership between the United States Department of Homeland Security — the government organisation set up in the wake of September 11th to prevent terrorist attacks — and the public and private sectors.

US-CERT's advice follows last week's outbreak of the Download.Ject virus, which exploited a number of holes in Microsoft's IIS Web server and Internet Explorer to install a password-stealing trojan horse on Web surfers' computers. Microsoft patched some of the flaws before the outbreak occurred and today released another update that protects against the vulnerability by way of a configuration change (though the underlying problem has not been fixed). Windows users should hotstep it to Windows Update (must be visited using IE) to install the patch, regardless of whether they use Internet Explorer as their default browser.


#1 You mean there is no way to turn off IE???

by pkb351 <pbergsagel@shaw.ca>

Friday July 2nd, 2004 7:09 PM

Reply to this message

I have used Macs since the early 80s and therefore have little knowledge of the Windows world. Are you saying there is no way to switch off IE and that it still must be patched in order to prevent security breaches and viruses from effecting the computer? On the Mac if I choose not to use Safari, I don't have to worry about security patches Apple may release for Safari, as long as I don't intend on using it.

The security of MS Windows, I would think, would be a major reason for users to abandon MS in droves. How come users are not seeking out/damanding alternative OSes in large numbers. MS, It seems can allow viruses and security breaches on an almost weekly basis without loosing hardly any of its user base....amazing. How long would any other software manufacturer be in business if their software was of the same quality as MS IE? Even Adobe Photoshop (which has more than 90% of all the professional graphics users) would in very short order loose significant market share to the Open Source GIMP if Photoshop required weekly patching to prevent major computer damaging faults in its programing from harming the user's computer.

So IE has to be patched even if the user doesn't use it to surf the web: maybe it is time that the MS user look for an alternative OS and browser.

#4 Re: You mean there is no way to turn off IE???

by zookqvalem

Friday July 2nd, 2004 7:40 PM

Reply to this message

To make the long story short, IE is integrated into Windows. It become more tightly integrated into Windows as each version goes by. Some of the Windows feature would stop working if IE is removed or disabled. It is not like that people have a choice here. Also, a lot of people are computer illiterate, they just find Windows easy to use and even easier when IE come with the package. They would be feeling lost or imitated if they use a different browsers and would go back to IE. Also, some of them don't know how to install anything. It show how bad people are, let alone with the anti-virus or anti-spyware software too.

Zook

#5 Re: You mean there is no way to turn off IE???

by Smigit

Friday July 2nd, 2004 7:44 PM

Reply to this message

Im not sure whether one could be effected by the virus if they dont use internet explorer, but i doubt it, unless they get it via email or some other non browser means. However as since IE (and WMP) are not able to be uninstalled (easily anyhow, you can if you manually do the registry changes) draws me to conclude that the update suggestion is made for the event that you do use IE at some point, which will likely happen at some point. (Windows update requires it for example, as well as some pages might render better with it)

#7 Re: Re: You mean there is no way to turn off IE???

by robdogg

Friday July 2nd, 2004 8:54 PM

Reply to this message

Actually both IE and WMP are both easily disabled in XP via provided tools. In Win2k, you need SP3 to disable IE/WMP.

#11 Re: Re: Re: You mean there is no way to turn off I

by Smigit

Friday July 2nd, 2004 11:05 PM

Reply to this message

Ive never seen such tools that will remove IE and WMP from the system. This is in regards to Ie 6 and WMP 9, not older releases. Neither of them have an "uninstall" feature and arent in the "change or remove programs" area. Furthermore the "Add/remove windows components" menu only enables and disables the Access to the aps (as per the description i gained there just then). As such they arent being removed, simply you cant access them. I know you used the word disabled but my initial post was talking about uninstalling the components completly, which is a troublesome task. If you know any other means be my guest.

Ill add this is my experience on XP, 2000 im not quite so sure as I havent really used it a great deal and when i have i had limited privilages anyway

#12 Re: Re: Re: Re: You mean there is no way to turn o

by Smigit

Friday July 2nd, 2004 11:09 PM

Reply to this message

Ill just add the description of the text I got from the Add/Remove windows compnonents Dialoge

"Adds or removes access to Windows Media Player from the Start menu and Desktop." For internet explorer its the same message just saying IE instead. So by that id gather they havent even been disabled, simply it adds and removes the icons from the desktop and start menu. If there is indeed a way to remove the aps, which i dont believe there is, then the method most certainly doesnt follow the normal conventions that other aps stick to.

#37 Re: Re: Re: Re: You mean there is no way to turn

by Gunnar

Saturday July 3rd, 2004 2:46 PM

Reply to this message

Actually, there are tools that allow you to do just that - remove (not disable!) Internet Explorer, Outlook Express, Windows Media Player,...

#39 Re: Re: Re: Re: Re: You mean there is no way to

by Smigit

Saturday July 3rd, 2004 10:15 PM

Reply to this message

im sure there is, but are there any included with windows or are they third party?

If they are part of windowsXP then my mistake, although I am yet to find them and i have gone all around the control panel and the like. The WMP9 installer even states it cant be uninstalled. (you can using a few unintuitive methods I know but they dont supply an uninstaller. One is to reinstall windows, use a 3rd party tool or do it manually)

If they are third party tools then it kinda still leads me down the original road that i was persueing in that the components arent easily removeable since most users will never hear of the tools existance and therefore wont know that WMP and IE can be uninstalled. I personally dont feel having 3rd party tools available classifies it as an easy removal since you have to search the web to find the app. In any event, I think an "easily removeable" program is one that comes with its own uninstaller or is one that isnt installed in the first place (like the firebird .zip releases) and can be removed by deleting its directory.

Ill just add as a side note ive never wanted to remove any of the above programs anyway, I see no damage them being there and I use WMP as my default media player because i like the Libraries layout over winamps and dislike iTunes and Musicmatch. IE i want for windows update and ive never used outlook express.

#42 Re: Re: Re: Re: Re: You mean there is no way to

by tseelee

Sunday July 4th, 2004 9:35 AM

Reply to this message

98lite helped with uninstalling IE5 from Win98, but that was way back when. I doubt they've gotten the XP version to work. Even more, u've gotta use IE once a while if u use Windows.

#51 They did

by Gunnar

Monday July 5th, 2004 2:26 PM

Reply to this message

2000/XP Lite is available. I have used it myself and it works. The downside: There is no free version.

#52 Re: Re: You mean there is no way to turn off IE???

by Rytsarsky

Tuesday July 6th, 2004 5:30 AM

Reply to this message

The Cert Recomendation mentions the the risk is present whenever the mshtml module is used. Many applications for windows utilize the rendering image to embed web content. The ones that pop into my mind are things like winamp, weatherbug (evil anyway), lots of p2p clients. So you don't have to be using the IE browser itself to be vulnerable.

#8 With Mircosoft, it only gets worse :-(

by DP3_001

Friday July 2nd, 2004 8:58 PM

Reply to this message

Seeing this story was the last straw for me, and it should be for anybody out there who has an IBM PC-based computer system. In the short term, only use IE if you have to & use an alternative browser (Hint: Firefox). Long term? Dump Microsoft entirely. Their OS is supposedly so good, yet you have to have all this crap on 24/7 just to make sure that's the case, eating up system resources. I actually remeber a time when going to the Windows Update site was a rariety. Those days are LONG gone.

BTW: Opera downloads haven't changed at all. Hmmm ... I wonder what that means? ;-)

#10 Re: With Mircosoft, it only gets worse :-(

by minh

Friday July 2nd, 2004 9:49 PM

Reply to this message

Opera vs Firefox $ vs Free

#13 Re: With Mircosoft, it only gets worse :-(

by Alastor <rowanmulder@zonnet.nl>

Friday July 2nd, 2004 11:15 PM

Reply to this message

> BTW: Opera downloads haven't changed at all. Hmmm ... I wonder what that means? ;-)

Of course you some reliable sources to proof your statement, don't you? You have information and statistics regarding all the latest downloads from Opera.com and mirrors? No, I don't think so :)

From the Sales and Marketing frontlines their is a journal (Austin, TX) giving some light information on Opera's sales & marketing these last days: <http://my.opera.com/OperaSinger/journal/14>

Besides this, the My.Opera community has seen an uprise recently of new users and new posts, as did MozillaZine's forum and mozilla.org's downloads.

I'm only disproofing his last fact that's all, don't call me a troll, we should be happy both browsers see increased interests, downloads and usage :)

#14 Re: Re: With Mircosoft, it only gets worse :-(

by DP3_001

Friday July 2nd, 2004 11:32 PM

Reply to this message

I don't remember exactly where on ZDNet I saw it, but there wan an article (concerning this recent security hole in IE) that talked about how Mozilla was No. 2 when it came to downloads, and how Opera downloads barely even registered. Of course, it wasn't a surprise to me. I've always known that Opera wasn't that hot. It's UI is too cluttered, and it's just a hell of a lot harder to use.

#17 Re: Re: With Mircosoft, it only gets worse :-(

by treego

Saturday July 3rd, 2004 1:11 AM

Reply to this message

I posted a comment at the OperaSinger blog ....

Thanks for setting the record a little straighter, though. :)

#9 Re: You mean there is no way to turn off IE???

by dave532

Friday July 2nd, 2004 9:45 PM

Reply to this message

The easiest way to disable IE is to set a fake proxy in the settings, then when it tries to access the web it'll fail. Make an exception for *.microsoft.com so that you can still run windows update - alternatively you could always download the windows updates manually using firefox and ditch IE altogether. If you access windows update using an unsupported browser it presents you with the manual update link.

#29 Re: Re: You mean there is no way to turn off IE???

by SomeGuy

Saturday July 3rd, 2004 7:40 AM

Reply to this message

>The easiest way to disable IE is to set a fake proxy in the settings

Thats what I do on computers where IE must be installed in addition to deleting all the icons for it. As an extra bonus that also disables any idiotic apps that try try embed IE from accessing the Internet. (Some developers need to learn to launch the default web browser rather than embed a specific one).

#49 Re: Re: You mean there is no way to turn off IE???

by bogado

Monday July 5th, 2004 2:33 AM

Reply to this message

There is always a chance that the rendering engine would be called by some local document, received by email or some other mean. While it is loaded into memory and tightly integrated into the windows shell there is a chance of problems. If it is there it is adding to the complexity of the system, and the more complex the system is the harder it is to protect it.

#30 Re: You mean there is no way to turn off IE???

by astrosmash

Saturday July 3rd, 2004 8:12 AM

Reply to this message

There are many parts of a web browser that can be used for non-browser tasks: Scripting, Image viewing, XML Parsing. Microsoft puts all of this functionality under the IE umbrella, so when Microsoft refers to IE, it's referring to this stuff.

Windows developers have been embedding this browser functionality into their applications for years. So, even though you don't use IE as your web browser, many Microsoft and non-Microsoft applications do embed different parts of IE, if not the complete IE rendering engine. That's why IE is considered to be part of the operating system. New applications (QuickTax, for one) are increasingly using IE to render complete portions of their interface, as crazy as that sounds. Plus, scripting and XML parsing are fairly ubiquitous now.

I don't know very much about Mac development, but from what I understand Safari's rendering and scripting engines, WebCore and JavaScriptCore, are just as embedable as IE, so even if you choose not to use Safari, there may be other applications you use that embed some parts of Safari. Plan to use Dashboard in the next version of OS X? That's done with Safari. So the browser integration issues on Windows and OS X are essentially the same.

#34 Re: You mean there is no way to turn off IE???

by pizzach

Saturday July 3rd, 2004 11:15 AM

Reply to this message

Be careful of what you're saying. In Jaguar I would have totally agreed. But really, Is QuickTime uninstallable in the Mac OS nowadays? It might be with some work, but I doubt it.

Safari is presently uninstallable. You could just delete the icon and the program will be gone like most other Mac OS apps. Buuuuuuuuut when you go to software update, there is a reason that it'll try to update Safari, creating a broken program instead of just forgetting that it was there. It's supposed to be there. I'm sure 10.4 will rectify that (in a bad way).

But even with these things being built into the Mac OS more and more, I'm not to worried. At least I'm not using Safari to browse my desktop yet. Even, if the OS continuously tries to force me into using the brushed version of the finder: which is SIMILAR to what Windows users have going on. At least since these are different technologies than what Windows uses, so much of the security issues that may occur because of it are much more benign. Yes, you may eat rice, but the people on the other side of the fence eat mashed potatoes.

Correct me if I'm wrong anywhere peoples. :)

#35 Re: Re: You mean there is no way to turn off IE???

by Catfish_Man

Saturday July 3rd, 2004 1:14 PM

Reply to this message

Actually, trashing Safari doesn't trash Webkit (the renderer), or else a bunch of apps like subethaedit would break. Also, Dashboard in 10.4 uses Webkit.

#36 Re: Re: Re: You mean there is no way to turn off I

by pizzach

Saturday July 3rd, 2004 2:07 PM

Reply to this message

Ah, got it. I wasn't sure exactly sure how integrated it is here and now. Dashboard isn't out yet so I wasn't sure if it was already that far already.

#53 Safari's not the best example...

by MillenniumX

Tuesday July 6th, 2004 5:36 AM

Reply to this message

Unfortunately, Apple has taken a very similar path to the Microsoft's lunacy, and integrated Safari into the OS. The integration is not as deep as IE's, but you still cannot afford to ignore Safari's security patches. Just as many apps use MSHTML in Windows, many apps now use WebCore on OSX, so even if you don't use Safari you're still at risk from any bugs that might be found in WebCore.

#54 Re: You mean there is no way to turn off IE???

by skeeter

Tuesday July 6th, 2004 7:55 AM

Reply to this message

Well, it also not a thing of turning 'it' off. Windows is a net operating system by nature and as long as there are TCP stacks and an open port or two, Windows is open to conntact just from the nature of it's built in net systems, thus the wurms that are able to get in reguardless if IE is running or not. ex: Mblaster last summer.

#2 silly

by logan

Friday July 2nd, 2004 7:15 PM

Reply to this message

Microsoft's workaround is really something eeye.com published in October of 2003, sad.

#3 more specific quotes/recommendations?

by ratman

Friday July 2nd, 2004 7:34 PM

Reply to this message

any chance of getting something that more specifically recommends moz and/or firefox out of cert or the department of homeland security? the official notice doesn't actually mention either one by name, and though it's pretty unlikely that a branch of the united states federal government will actually recommend a non-commercial product, i get the feeling it wouldn't be too hard to connive a quote out of *somebody*....

i hope somebody at moz h.q. is working on something like this - it would certainly be a big boost for firefox 1.0 development.

#32 Re: more specific quotes/recommendations?

by DPJ <davidpjames@yahoo.com>

Saturday July 3rd, 2004 10:10 AM

Reply to this message

I doubt CERT would recommend anything in particular, whether it be commercial or not. They are there to warn of specific problems of specific software, not to recommend specific alternatives since doing so would compromise neutrality (just as the FDA issues warnings about certain foods/drugs, it doesn't recommend alternatives).

#41 Re: more specific quotes/recommendations?

by chuckroast

Sunday July 4th, 2004 8:32 AM

Reply to this message

Several Asssociated Press articles in the last week mention Mozilla and Opera as alternatives.

#6 Re: Specific quotes/recommendations

by robw810 <robw810@yahoo.com>

Friday July 2nd, 2004 7:46 PM

Reply to this message

Why not evangelize by quoting the actual statements made by CERT and then YOU suggest that the user try Mozilla (or Firefox or whatever) - I've had several people switch just from seeing Firefox in action, so the CERT recommendation makes it a bit easier... RW

#15 Download statistics?

by zero0w

Saturday July 3rd, 2004 12:19 AM

Reply to this message

Where can we see the download statistics for Mozilla or Firefox?

I want to wait for Firefox 1.0 to do it but it maybe a good time to raise this now:

Currently the local bank where I live do not accept the use of Mozilla to access online banking a/c. while it can accept IE, Netscape 4.7x, and Konqueror. Has the Mozilla Foundation planned any press kit or official recommendation page to ask other organizations (such as banks) to support the access by Mozilla / Firefox, say when Firefox 1.0 comes out? It will be much better to organize an official press kit to convince these organizations to come forward to start supporting Mozilla (which surely is better than Netscape 4.7x!).

#19 Bank sites suck.

by dipa

Saturday July 3rd, 2004 2:06 AM

Reply to this message

Same situation here. They force me to use IE or NS4.x for on-line banking. Someone must convince them to drop support for NS4 and put NS6-7/Mozilla/FF instead. The market share of the latter is still small but I don't think that NS4.x holds larger part of the market.

#23 Re: Bank sites suck. - Educate developers.

by MadMaverick9

Saturday July 3rd, 2004 4:42 AM

Reply to this message

Additionally developers need to be educated to develop web sites/web applications in a way so that they work with any browser. On several occasions now I have been unable to even apply for jobs because the particular job web sites required the use of IE. For a Unix/Linux user this is simply not an option.

Being a developer myself I simply do not understand why sites need to be developed specific for a certain web browser. And there is no reason that will convince me otherwise.

<http://www.anybrowser.org/campaign/abdesign.html>

<http://www.mozilla.org/projects/tech-evangelism/> " ... Complaining to web sites can be an effective means of waking a web site up to the fact that there is more than one browser in the world. ..."

We're gradually loosing our freedom of choice and a lot of people don't even notice it. Freedom of choice of web browser. Freedom of choice of which hardware/software I want to use to play DVDs. etc, etc, etc .....

#26 Re: Re: Bank sites suck. - Educate developers.

by SomeGuy

Saturday July 3rd, 2004 5:12 AM

Reply to this message

The problem is that most web developers are not as smart as you.

I know a number of people who claim to be "web developers" but they know nothing about the underlying technology. All they know is that they can make a quick buck by typing stuff in to FrontPage or slopping together some HTML code by hand. Often they don't even know that there are browsers other than IE. They never know or care if their code is valid or standard - if it works in IE 6.0 they think it is correct. There is a good chance half of the junk the produce won't even work in the next version of IE more or less a standards compliant web browse like Mozilla.

Management never cares about compatibility as long as it works on whatever browser is installed on their computer. And they don't want to hire good developers or spend time correcting the problems created by these bad developers as that costs money.

We need to get the word out that these people are now supporting terrorism by supporting only IE.

#28 Re: Re: Re: Bank sites suck. - Educate developers.

by zero0w

Saturday July 3rd, 2004 7:10 AM

Reply to this message

Let's separate two issues:

1) Asking banks to support the use of Mozilla to access online banking.

2) Asking developers to support multiple browsers in mind.

While achieving the second goal will also fulfill the first, we need to convey the message to organization such as banks in a 'beneficial way', which means more people are starting to use Mozilla because of {put any of your reason here, such as the CERT security report on IE}.

The bank management will likely to support Mozilla with a convincing press kit depicting many recent events such as: security problems of IE, the increasing Mozilla download statistics, the rising usage of Mozilla in Google search Zeitegeist, etc. It isn't really knowledgeable about any "Web standard", not the least on any _obligation_ to support multiple browsers, if it could feel any.

Just send them a clear message about how Firefox / Mozilla is a good replacement for Netscape 4.7x which they claim to have supported; and when they entertain our demand to have Firefox supported, then continue to evangelize about Web standard later on.

#16 mozilla.org

by permanentE

Saturday July 3rd, 2004 12:54 AM

Reply to this message

I think the security concerns with IE should have prominent display on the mozilla.org from page.

#18 Re: mozilla.org

by slugs

Saturday July 3rd, 2004 1:38 AM

Reply to this message

In my opinion that would require allocating valuable resources to keep track of IE vulnerabilities - and you know how often these pop up. I'd rather the Mozilla team spend that time developing a browser so obviously superior to IE that when those belated bandwagon-hoppers see it, they'd slap themselves for not going the Moz way sooner. By the way neither does Linux.com advertise Windows OS' weaknesses.

#45 Re: mozilla.org

by eealex

Sunday July 4th, 2004 6:25 PM

Reply to this message

I think mozilla.org visitors usually know how problematic IE is. Those who are not aware of IE problems don't even know there exists great browsers (Mozilla or Opera or Konqueor or ...). So they don't even access mozilla.org... at least my friends don't know it, don't care it when I tell them, until the recent Dowload.Ject. I even want to say the virus is "good", but in fact everybody here knows IE is BAD. :-)

#20 Nice summary on CNN site

by Kob

Saturday July 3rd, 2004 3:08 AM

Reply to this message

#21 Nice summary on CNN site

by Kob

Saturday July 3rd, 2004 3:12 AM

Reply to this message

#22 Re: Nice summary on CNN site

by Kob

Saturday July 3rd, 2004 3:14 AM

Reply to this message

Sorry for the double post. I never realized that by clicking on the "Reload" button the message will get re-posted...

#24 Terrorists!

by SomeGuy

Saturday July 3rd, 2004 4:48 AM

Reply to this message

I saw this warning from Cert/Homeland Security the other day. You know what this means....

Anyone who designs a page that requires IE is now a terrorist! :)

I would also like to add that there is something about Mozilla 1.7 that feels extra professional. I can't quite put my finger on it, other than how stable it is (Not a single crash since installing it) and all properly coded (non terrorist) web sites seem to render perfectly.

Mozilla Rules!!!

#43 Re: Terrorists!

by Sodbuster <meconium@mhtc.net>

Sunday July 4th, 2004 10:59 AM

Reply to this message

Simply wanting to echo your sentiment. Moz 1.7 has never once offered me the slightest difficulty--not a pause, not a burp, and not even the most minor trifle.

--Sodbuster, having converted two IE users over and working on a third.

#25 Privacy Settings

by PC1

Saturday July 3rd, 2004 5:01 AM

Reply to this message

The default settings should be set for better privacy. I use a customized version when I recomend FF to my friends.

It would be better if there is an option during installation for privacy. More (intermediate level) privacy should have by default: - Session only cookies - Popup block active - Site (image & cookie) block (cookperm.txt) for known malicious sites. - (Future enhancement of Mozilla) Preset list of anomous proxies.

This way whenever a new user/profile is launched, these settings are there by default.

Any other suggestions/comments.

#27 Re: Privacy Settings

by mlefevre

Saturday July 3rd, 2004 5:12 AM

Reply to this message

Blocking non-session cookies will break a lot of sites. Pop-up blocking is active by default I think.

How would you define "known malicious sites"? If you're going to block access to stuff by default, you need to be able to back that up, both legally and in PR terms. Also malicious sites tend to move around, so to be effective you'd really need some way of updating the list.

And which anonymous proxies? Again, if you're going to a supply a list that will be used by hundreds of thousands of people, and which will last for a long time, you'll need to have a formal arrangement with officially available proxies. Also not something that everyone is going to want.

There's probably a market for this kind of thing, but it might be better supplied as a custom build, or as extensions.

#33 Re: Re: Privacy Settings

by PC1

Saturday July 3rd, 2004 10:25 AM

Reply to this message

>Blocking non-session cookies will break a lot of sites.

People can still change the settings back even if they chose the increased privacy installation. Info can be included with the installation prompts. I do not see why any website need to track me or anyone else for life! I have the same settings in Opera amd I never look back.

> How would you define "known malicious sites"?

I have many of them in my hosts file. You can start by the list from Spy Bot S&D in the hosts file. I personally have twice as much (2527 sites). For the legal part, users can be prompted for that option during installation. I do not see a problem with that. Some software are removing AdAware and disabling spybot on instllation (included in the "I Agree" terms); the effect of those software is harmful. Why should it be wrong to do some good and block those sites.

> need some way of updating the list

Once the project is started, it will gain potential. The list can be updated just like you update AdAware, Spy Bot, or your antivirus.

> which anonymous proxies?

A list of public anonyms proxies is good as a start. Again, this should be off by default (unchecked during installation). The list can be updated similar to above.

These are suggestions which I think will improve FireFox. Many people may not want them, but others do.

#38 Re: Re: Re: Privacy Settings

by tono

Saturday July 3rd, 2004 5:13 PM

Reply to this message

>People can still change the settings back even if they chose the increased privacy installation

The point of a default setting is that the vast majority of users won't want to change it. If you disable the function of many websites the average user will think there's something wrong with Firefox. While, we clearly know that this isn't the case, most people don't know what "session only cookies" are. Most people don't even know what cookies are at all, except that you eat them and they taste good. No, I'm sorry but this is the stupidest idea I've ever heard. I'm sure every single person that you know that wants this feature on by default, also know how to change it to suit your preferences.

>Why should it be wrong to do some good and block those sites.

Do two wrongs make a right? Ethically it's just as bad for you to block them as it is for them to block you. At least according to Kant. However, I feel this feature would be far more work than needed when the people who want it already have software to do just this. It's a webbrowser, not a damn nanny.

>A list of public anonyms proxies is good as a start.

Can you provide a list? And if you're going to provide all these as install time options, you're going to frighten a lot of people into thinking your program is too complicated for them to use. And if you just put it in the "custom" install field, noone will ever know these options exist because 99% of the population just clicks "standard." Also, it's a webbrowser, not a nanny, there's already software that exists that does this much better than Firefox ever could.

#31 Netscape

by JuanGonzalez

Saturday July 3rd, 2004 8:32 AM

Reply to this message

Computerworld (July 4, 2004): "Now HP says ditch Netscape" <http://computerworld.co.n…6EC4006935D9?OpenDocument>

Google News: Netscape HP <http://news.google.com/ne…e+HP&btnG=Search+News>

HP is urging users to switch to Mozilla to avoid security problems. Perhaps AOL should be faster these days:

MozillaZine (March 30, 2004): "AOL to Release New Netscape Update in Early Summer" <http://www.mozillazine.or…alkback.html?article=4544>

#44 Re: Netscape

by dveditz

Sunday July 4th, 2004 3:30 PM

Reply to this message

HP's announcement refers to the HP-produced version of Netscape that runs on HP-UX. I read this as an "end-of-life" announcement that they are not going to produce future versions.

#40 another browser flaw

by arielb

Sunday July 4th, 2004 12:02 AM

Reply to this message

<http://secunia.com/advisories/11978/> note that only moz 1.7 and firefox .9 aren't affected. I tested IE6 and I have SP2-it's also affected by the flaw

#46 Re: another browser flaw

by brokensoul

Sunday July 4th, 2004 7:21 PM

Reply to this message

The flaw did seem to affect my Mozilla 1.7 (Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040608). It did bring up the Secunia page inside the msdn website. It did not affect Firefox .9.1.

#47 Re: Re: another browser flaw

by arielb

Sunday July 4th, 2004 8:13 PM

Reply to this message

thats odd...i tested moz1.7 and it was ok

#48 Re: Re: another browser flaw

by eealex

Sunday July 4th, 2004 11:09 PM

Reply to this message

Is your Moz1.7 RC or nightly build? Official build should be 20040616

#50 Re: Re: Re: another browser flaw

by brokensoul

Monday July 5th, 2004 3:11 AM

Reply to this message

Thank you. I hadn't realised that I wasnt using 1.7. It must have been an earlier version. I have checked in Mozilla 1.7 now and it is not affected by the flaw.