Linked by Wes Bascas on Wed 3rd Jul 2013 11:00 UTC
Mozilla & Gecko clones Over the weekend, the crew at Tom's Hardware was busy testing the recently-released Firefox 22 using the usual bevy of benchmarks. This roundup included Chrome 27, Firefox 22, IE10, and Opera 12, along with the new Chromium-based build of Opera Next (alos known as Opera 15).
Thread beginning with comment 566207
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Comment by lucas_maximus
by bassbeast on Thu 4th Jul 2013 05:46 UTC in reply to "RE[2]: Comment by lucas_maximus"
Member since:

Nice straw man, shame if this match were to get too close...whoosh!

Nice attempt at trying to spread FUD but you fail when it comes to browser knowledge, since Chrome as well as any based on it or based on IE ALREADY HAVE low rights mode, in fact the Chromium team added support less than 6 months after the release of Vista.

As for Linux I'm sorry but a simplistic R/W/E schema doesn't cut it, hence why AppArmor and SELinux were created which again it should be trivial to adopt the same mechanism so that Linux could enjoy a low rights browser in SELinux and AppArmor so its really no excuse.

But if you want to claim FF is only usable on Linux fine, do that, but good security practices are good practices and bad is bad, and having the browser run at the same rights as the user is not only bad security practice its just plain stupid. Remove the browser as a vector and malware drops right off the chart, as I have found thanks to low rights mode, but if you want to support bad security practices that is your choice, just as its mine to warn people who may not know all browsers are NOT created equal.

But FYI I haven't used IE in over a decade and I don't recommend IE to my customers, but its kind of sad when even IE has better security practices than FF which is the case now. Use Chrome,Chromium, Comodo Dragon,SWIron, plenty to choose from that won't make you sacrifice security just to surf the web.

Reply Parent Score: 2

Fergy Member since:

Nice straw man
I have no idea where I strawman you.
Is that feature really that important? If it is is Mozilla just really really dumb or just incompetent?

Years ago when it was introduced in Vista there was talk about it at Mozilla. Their security people thought it was more a gimmick.

I am no security researcher but I trust Mozilla over MS.

Reply Parent Score: 1

bassbeast Member since:

Your straw man was saying that it was "IE or Mozilla" like they were the only choices, and again you try to make an "US VS Them" argument which again holds ZERO water.

Don't like Chrome? Great, you have MANY choices that also have low rights mode and don't call home. I personally use Comodo Dragon, it gives the user Privdog right off the bat (but can be disabled if you don't want it) and the only "phone home" it has is an update checker. You can choose to use their free DNS service which is great at blocking phishing sites but unlike Chrome its a checkbox at install or a simple checkbox in options so you can flip it on and off whenever you like. Don't like dragon either? SWIron, Chromium, heck even QTWeb supports low rights mode IIRC and its not only FOSS its cross platform as well.

At the end of the day all you are doing is making excuses and everybody knows that excuses are just like a certain orifice in that everybody has one and they all stink. Good security practices are good, bad security practices are bad, and for whatever reason Moz has decided to stick with the latter. If that serious risk is something you are willing to put up with? Fine that is your choice, just as its mine to warn people they are taking risks with their systems that they don't have to.

Reply Parent Score: 3

lvl21ogre Member since:

Next you'll be telling me to not use Chrome because it uses the same NSS/NSPR networking library that Mozilla created. Take a look at cvedetails before trying to tell me that Chrome is safer.

Reply Parent Score: 2