Microsoft Edge 105.0.1343.42 Stable fixes 8 security issues

Microsoft Edge 105.0.1343.42 Stable Fixes 8 Security Issues


It’s strange that your comments appear under “thoughtful” when the actual content is the exact opposite. I already posted one hateful comment that I was so upset about to reply to, I think this is the second part now and I shouldn’t ignore this bullshit anymore.

> What blogger security? Many people consider that stupid, outdated blog a form of privacy and security theater and full of confusion.

I do not think so. There has never been a single credible refutation (it shouldn’t be a problem if what he’s saying is plain BS, right?) and reputable websites like PrivacyGuides arguably use it as a source too. Furthermore, since the pro/con vote is apparently the holy grail of how truth is measured in your eyes, let me remind you that @madaidan also has a Reddit account and I don’t see an anti-vote the hell out there, neither in the privacy communities nor anywhere else.

> Several tech news sites have reported that Firefox has a security architecture and site isolation protection, a simple search will tell you it’s there and working.

‘Exist’ yes, ‘working’ no. When web content from different key domains is still able to share the same content process, as in Firefox, it does not meet the definition of site isolation. There is no sandbox on all operating systems and wherever it is, it suffers from minor escapes.

Andy Prough, you mentioned earlier that you don’t use javascript in your browsers? This is a good security practice, while Iron Heart says it’s annoying to turn off JS.

“JS off” is not a reality for most browser users, due to usability concerns. This should be obvious to anyone with a mind. This is also the reason why ad blockers with their curated lists of third parties are more popular than for example NoScript, because people don’t have time to maintain a blacklist/whitelist system for every website they visit.

> Iron Heart gets away with posting FUD because there is no pro or anti comment voting system to show people that they are not very educated on these topics. It would be funny to see it get a lower vote on reddit.

Up-voting/assigned voting systems are useful for tribal communities that mistake a negative vote as ‘dislike’ rather than ‘disagree’ (based on factual information), and vote for ‘like’ rather than ‘agree’ (based on factual information). It also splits into single multi-purpose communities, which means that while I’ll likely vote hell in the Firefox community, I’ll get a pro vote in heaven in the Brave community. As a result, notice how the subreddits of opposing products don’t talk much to each other? Yes, the result of the pro/negative voting system. A website with mixed opinions is the only place where your positions can be challenged, as long as you are really thoughtful and are not here to just post nonsense.

Anyway, to show you that I’m not afraid of anything: I support the particular pro/vote system, but I hope that system will appear next to upvote/negative vote as for example MacRumors. Let’s see how you love it when you can’t hide.

Also LOL in your implicit idea that your hateful displacement against me would get any upvotes. I have no problem with most gHacks readers and the usual 5 people who always write under my comments are something I’m used to and can handle.

> It would be funny to see him get a lower vote on reddit.

That’s a sadistic streak, I’m afraid you’ll be disappointed though. Because of the tribalism that the affirmative vote/vote system encourages, I will be looking for communities in which to vote for me of course. Exactly such a system planned in the end.

> Threat Model

You don’t need to mention threat models if the advice you give isn’t breaking and will be beneficial to everyone.

> Some terrible security advice is given on that blog as well, such as recommending to use chrome-based browsers over the most secure and least buggy Firefox (Firefox has been statistically proven to be more secure)

Statistically? You mean as in: “Nobody is using Firefox anyway, so nobody is interested in hacking it, so that means it’s safe.” Which excuse is bullshit? like this?

This isn’t a comparison of actual exploit mitigations implemented, which is the real thing Mada’in does, it’s a hopeful idea that nothing goes wrong because no one cares. And Firefox is also getting security patches, due to security issues.

> The recommendation to use Windows in S-mode over Linux distributions.

Windows S-Mode only accepts apps signed from the Windows Store. While Linux manages binaries from any source. How safer linux is remains your secret, I guess it would be “nobody uses linux anyway” trivial stats again, go ahead.

> No security expert worthy of the salt recommends the use of closed source software over FOSS.

Well, sure. You don’t know what you’re talking about. Closed source does not mean less secure. It just means that the code is not public. And security (= resistance to external exploitation) is different from privacy (= lack of data mining).

> In no way would any serious security expert say that windows are more secure than FOSS Linux distributions, when windows is a closed source program, when the security of the code cannot be confirmed by the free and open source software community.

The code that hasn’t been made public doesn’t say anything about its quality. The quality can be excellent for all you know, because these two concepts are very distinct. You confuse them though because you don’t really understand them.

And Linux can be trivially hacked, it’s not really interesting to do that with an overall 2% market share.

Madaen trusts M$ to tell him that their OS is secure even though the code is closed source and windows has a history of terrible security problems, what a noob!

Windows has documentation and from various security incidents that have occurred in the past, we know that some exploit mitigations are in place. Hacking Windows is often not a simple matter (unlike Linux). And with 90% of the market share, Windows is expected to be the main target for any attacker, and Linux being irrelevant doesn’t make it automatically “secure” in terms of the actual underlying code. I know this is a strange idea for you, but the popularity of the program is a determining factor in the attempts made on it.

> No security expert worthy of the salt recommends the use of closed source software over FOSS.

Closed source does not mean poor code quality, no matter how many times it is repeated. Historically, Blackberry has been used in many high security environments via open source Android…maybe due to lack of security, right down to the level of heads of state who seem to have relied on unsafe things according to you. very funny.

I appreciate the open source concept, but only because of the accountability, for the verification of the app developer. Open source doesn’t mean “secure”, Firefox is open source and has terrible security practices, which is something we know (somewhat ironically) because of its public code. It also seems that you’re assuming wrongly that just because code may be generic, there are enough people who are able to debug security issues, when in fact, for example, paid Firefox developers who work with code every day really know it’s in and out. I rarely see a third party fix a security issue, they are always Mozilla employees. How is that different from MS? Just because it’s generic here? very funny.

> There is no security expert worth their salt who would recommend using a less secure browser like Chrome based over more secure Firefox based browsers.

On what basis do you call Firefox “more secure”? Based on its insignificance? If so, LOL.

> Conclusion = This stupid blog is a mess and full of cherry-picking looking for corners to talk crap about Firefox.

So refute it. You can not.

You don’t actually refute any concrete point the blog makes, and people get noticed.

> The blog says to avoid Firefox or browsers based on it, because it lacks security? But then he says use Tor Browser for privacy?

Security = Resist external exploitation via malware.

Privacy = resistance to data collection.

Not the same thing.

> It basically says that Tor is one of the most private browsers out there. But never mention that such a browser is just a Firefox browser connected to the onion network.

You cannot copy Tor via your Firefox installation. Firefox suffers major version hashing (the newly introduced standard web support that becomes part of the fingerprint, and changes to existing standard web applications) every 4 weeks, and you’ll never get the same Tor fingerprint. But I didn’t expect you to know that.

> It says Firefox is not secure? If this is the case, why not publicly advocate the removal of tor browser from whonix since tor browser is based on Firefox, which says it lacks security?

Because the Tor Project was based on Firefox before Chromium was a thing, and now depends on it for better or worse, since all of their patch kits are written for it and will have to be rewritten for Chromium. Also, Whonix depends on what the Tor Project does since they get the Tor Browser as is.

Mada’in works with FF code every day and doesn’t consider it safe should raise a red flag for you, but hey, who am I talking to? You know, if anything, it has to be biased towards Firefox. It’s unbelievable that you, whoever he is, are accusing him of not having a clue what code he works with on a daily basis. It is all I can say here.

And that security and privacy are not the same thing, that’s not something I’m going to explain to you again, you just don’t get it anyway.

> Why didn’t he do that? Because it’s a theater of security and privacy and a Windows/grapheneOS/chrome fan has no clue what he’s talking about like Iron Heart.

Talking about different products objectively doesn’t make him “like” them. And if he doesn’t know what he’s talking about, but you do, why not face his points head on? What is the matter? No arguments in store?

> A group of low IQ people who think smartphones are privacy devices

Tell me about privacy issues with GrapheneOS, GalyxOS, etc… They don’t have more or less than any other connected device.

> Windows is more secure than Linux

Let’s just say the hacks are less important there.

> and that the hardened Firefox has no advantages

It does not have any. It reduces usability, and less than 1% of all Firefox users call it “strengthening” their browser, with most running a very unique setting when all is said and done.

> Also only a newbie will say that it is important to make a clear distinction between privacy and security Lol.

Certainly, my friend. lol, actually.

> He’s probably only saying that because he probably knows windows are terrible for privacy, well guess what? It’s shocking for security too if one looks at the stats.

Windows pulls data by itself (Microsoft Privacy Policy etc.), but it is pretty much resistant to external exploitation, and hacking is not a simple matter. Statistics tells you that the operating system that is used the most should also be the one that checks for security issues the most. Linux being irrelevant does not make it secure in terms of the actual underlying code.

> How is there privacy if the door is not closed tightly?

One example: Linux doesn’t collect user data itself (most distros don’t, anyway), but it’s relatively easy to hack. why? Because privacy and security are not the same thing.

> Talking to Iron Heart is like talking to people with IQs in a two-digit category, they are usually terrible at critical thinking and are misled about many things.

Thank you for the flowers, but I don’t think anyone who can’t take an argument head-on and can’t differentiate between distinct concepts should accuse others of having a low IQ.

>Iron Heart only uses these comment sections as a soapbox to post a lot of FUD and BS and create drama. Other societies would have banned it too quickly or would oppose it.

Thank you for the flowers again, but neither ‘vote’ nor ‘ban’ is a substitute for good counterarguments. These are the procedures you use when you don’t have any arguments.

#Microsoft #Edge #Stable #Fixes #Security #Issues

Leave a Comment

Your email address will not be published.