Huge security hole in Internet Explorer for MacOS X!

anerki

Registered
Hyo all, bad news, I'm posting this as I read this on Slashdot thus all credit goes to them :)


Huge security hole in Internet Explorer for MacOS

Posted by CmdrTaco on 22:30 02 October 2001
from the now-thats-really-funny dept.

Brad Lucier writes "Macintouch is reporting that Internet Explorer 5.1, which comes preinstalled on MacOS X 10.1, has a huge security hole---when it downloads arbitrary programs encoded in the Macintosh's standard BinHex (.hqx) format, it automatically executes them. " Well I guess thats one way to make Unix insecure. Can anyone actually confirm this since it looks kinda sketchy. I wonder what someone's rationale would be for that:"Oh this won't hurt anyone, and saving that extra 'OK' click will be great!".


Greetz,
.anerki
 
I'm sure that M$ doesn't consider this a "Huge security hole". It's a probably meant to be a "feature" for your convenience (it saves you a mouse click) ;)

You can turn off the automatic decoding of bin.hex files in the prefences panel under "downloading options". This allows you to have some control.

Of course the most obvious, and better solution would be - don't use IE.

-tony
 
Which other browsers are there? I know some ...

Opera
iCab
Netscape

I like iCab and Opera most, Netscape just plain sux (slow slow slow) ...

Does anybody know a browser that supports most codes, flash, mp3, rm, ... In short, all the plugins out there?

Tx,
.anerki
 
I like netscap 6.1. I think it works great. Better than Omniweb (because omniweb wont let me into my email) and seems more stable than Opra (but i havent tried the latest version.

Twister
 
yesterday i maid an end with the M$ Things on my iMac....

$ too much TCP/IP Activities without a good reason
$ more than 10 sec. difference, between the quit-command for one of theire application to the real kill
$ too less thrust between me an M$, to the explained case.
$ experience that IE let deliever Internet-Preferences Information to somewhere
$ too much incompatibility between M$-Stuff and Open-Source or any Extern Dataformat Stuff!
$ too often they don't use HTML-Standards, but wants to sabotage it by taking own systems to make Conversions from one System (theirs) to another a maximum of difficult and during!
$ untrue information-politics to the customers
$ on both systems a remove of IE and OE apps incures some funny effects of processes, still searching for M$-relevant files
$ too much use of ram and diskspace for relatively small-rated applications.
$ thrust-loosing hotmail thing
$ 99% of any Virus allways uses the same security holes from M$-Applications

and last but not least:

$ i tried to remove M$-Explorer from OS 10.0.4.... its incredible how instable the system is after that.... also are there some relations between IE and MS from OS X to OS 9 and back! i would like to know from microsoft exactly, what files are there lieing around, which names they have and how many they are! I would like to have a totally list of everything that is from M$ on my System! (they not allways use the MS, Microsoft or Explorer Names)

because this all is reality and nothing is gonna clearer, i decided to remove every M$ Stuff and use from now on the Mozzilla and AW! POINT!!!!!


 
Back
Top