MozillaZine

Mozilla Downloads Rise Following US-CERT Recommendation to Drop IE

Friday July 2nd, 2004

Wired News is reporting that Mozilla downloads have surged following advice from the US Computer Emergency Readiness Team (US-CERT) to avoid Internet Explorer for security reasons. Download numbers approximately doubled in the days following the US-CERT recommendation, which was made in the form of an update to an earlier vulnerability note and comments to the press. US-CERT is a partnership between the United States Department of Homeland Security — the government organisation set up in the wake of September 11th to prevent terrorist attacks — and the public and private sectors.

US-CERT's advice follows last week's outbreak of the Download.Ject virus, which exploited a number of holes in Microsoft's IIS Web server and Internet Explorer to install a password-stealing trojan horse on Web surfers' computers. Microsoft patched some of the flaws before the outbreak occurred and today released another update that protects against the vulnerability by way of a configuration change (though the underlying problem has not been fixed). Windows users should hotstep it to Windows Update (must be visited using IE) to install the patch, regardless of whether they use Internet Explorer as their default browser.


#33 Re: Re: Privacy Settings

by PC1

Saturday July 3rd, 2004 10:25 AM

You are replying to this message

>Blocking non-session cookies will break a lot of sites.

People can still change the settings back even if they chose the increased privacy installation. Info can be included with the installation prompts. I do not see why any website need to track me or anyone else for life! I have the same settings in Opera amd I never look back.

> How would you define "known malicious sites"?

I have many of them in my hosts file. You can start by the list from Spy Bot S&D in the hosts file. I personally have twice as much (2527 sites). For the legal part, users can be prompted for that option during installation. I do not see a problem with that. Some software are removing AdAware and disabling spybot on instllation (included in the "I Agree" terms); the effect of those software is harmful. Why should it be wrong to do some good and block those sites.

> need some way of updating the list

Once the project is started, it will gain potential. The list can be updated just like you update AdAware, Spy Bot, or your antivirus.

> which anonymous proxies?

A list of public anonyms proxies is good as a start. Again, this should be off by default (unchecked during installation). The list can be updated similar to above.

These are suggestions which I think will improve FireFox. Many people may not want them, but others do.