12 Scariest Applications

[DelJo63]

1. Yahoo Messenger, 8.1.0.239 and earlier
2. Apple QuickTime 7.2
3. Mozilla Firefox 2.0.0.6
4. Microsoft Windows Live (MSN) Messenger 7.0, 8.0
5. VMware Player (and other products) 2.0, 1.0.4
6. Apple iTunes 7.3.2
7. Intuit QuickBooks Online Edition, 9 and earlier
8. Sun Java Runtime Environment (JRE) 1.6.0_X
9. Yahoo Widgets 4.0.5 and previous
10. Ask.com Toolbar 4.0.2.53 and previous
11. Broadcom wireless device driver as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter 3.50.21.10
12. Macrovision (formerly InstallShield) InstallFromTheWeb, unversioned

see article for details

 

[gex1991]

limewire
any instant messangers
games
XXX stuff of course (sorry bout that yall)

 

[halo71]

nah, XXX stuff is not scary!

 

[DelJo63]

Maybe you haven't read:

Several pornography sites are loading a Trojan disguised as a video codec ​

 

[eroz]

I thought that was only affecting Apple......

 

[DelJo63]

the sited report is re Apple, but clearly PCs use codec also and it is well known
that porn sites are full of trojans and keyloggers.

 

[gex1991]

also the cookies can spam up your computer so bad

 

[howard_hopkinso]

Unfortunately, the article doesn`t say how they came to those conclusions. It just says they got them from Bit9, whoever they are.

I`ve just been looking on the Bit9 website, and they don`t go into much detail either. That`s a shame, because without the details, it`s not very convincing.

Original article HERE.

Again, it`s just a statement, without any facts to back it up.
Interesting, nonetheless.

Regards Howard

 

[DelJo63]

I agree that the justifications are weak to say the least, but posted the info
to give cause for rethinking how we use our systems and the implied risks in that
usage.

eg: IM and P2P are frought with issues but many people will blindly use them
as if they were in Fort Knox!

"Life's a box full of chocolates; you never know what you're going to get"!
....F. Gump

 

[Lusher]

eg: IM and P2P are frought with issues but many people will blindly use them
as if they were in Fort Knox!

What's so scary about using Im and P2P? it's the same tricks all over again. Malware people never come up with anything really new, they just change the packaging...

It's pretty easy to stay safe. I don't know why "security experts" like to talk as if it takes a phd and constant reading of security sites and blogs to be safe...

Make them feel smarter and better i guess...

 

[Cinders]

You know some people do serious work on computers. If you have a $12,000,000.00 account you're working with and you install an old version of FireFox and sombody uses that to hack your computer and break into the account then you are %F^!@#! Many users do less than wise things to and with their computer.

 

[halo71]

Maybe you haven't read:

Several pornography sites are loading a Trojan disguised as a video codec ​

It all comes down to common sense I think. I have had computers I've used for years without any firewall or AV and never had any issues. But I do have a sacrificial laptop for torrents and perving sites now. So i dont have anything really on it that i would hate to loose if i did catch something.

 

[Bobbye]

Please explain #3: Mozilla Firefox v2.0.0.6- was there some problem with that version? I've been using Firefox for 3 years, updating from v1 to the current v2.0.0.9 without problem. I read the article and it says nothing.

Listing what some site says are the "12 Scariest Applications" by themselves is misleading. Perhaps the entire article could have been referenced instead. I would venture to guess that some other company might come up with an entirely different list!

 

[Phantasm66]

But I do have a sacrificial laptop for torrents and perving sites now.

That's the way forward. Use a dedicated machine / installation on your machine for all that crud, then wipe it periodically.

 

[DelJo63]

Please explain #3: Mozilla Firefox v2.0.0.6- was there some problem with that version? I've been using Firefox for 3 years, updating from v1 to the current v2.0.0.9 without problem.

I concure. I have elected to freeze at FF 1.5.0.12, while the wife's Mac is 2.0.0.7
(ie: never update all systems at once to the same update; let it 'cook' for awhile
'til it firms-up a bit )

I read the article and it says nothing.

we all agree it's weak

Listing what some site says are the "12 Scariest Applications" by themselves is misleading. Perhaps the entire article could have been referenced instead. I would venture to guess that some other company might come up with an entirely different list!

AH, the wonders of OPINIONS -- we have have one.

Again, the motivation for posting the article was to get users to think about their systems
and how they are used/secured. Eg: The article lists Java. If you never run
Java applications or Applets, then who cares! Java has always been a moving target with
(imo) too many and significant upgrades and bloated to boot.
Sure is nice when I need though.

 

[Bobbye]

I do not recommend "freezing" Firefox at v1.5.0.12. Not only are you missing the new build of v2, but you have also denied yourself the security updates.

 

[DelJo63]

I have been aware of these issues for some time now and will choose to
update 'when appropriate' to my environment.

btw: not all updates are 'golden' but let's agree to table that topic please.

 

[Lusher]

You know some people do serious work on computers. If you have a $12,000,000.00 account you're working with and you install an old version of FireFox and sombody uses that to hack your computer and break into the account then you are %F^!@#! Many users do less than wise things to and with their computer.

Well i don't know about serious work but At my last job, one of my subordinates was tasked to setting up a home computer securely for the President of a small but rich country.

You don't want to know what I did...

 

[Bobbye]

jobeard, you are the one who elected to post this. Discussion was bound to follow- now you want to "table this topic"?

I take it something doesn't agree with you. That's what 'discussions' are about and we can all learn from them.

No ALL updates aren't "golden" but NO updates may turn to brass!

 

[DelJo63]

You misread the comment; I intended that we table only the aspect that some
software updates are 'not golden', ie: may actually induce regressions or cause
usability impacts. For example, the SP2 update caused much concern when the
new firewall inhibited print/file sharing. The Forced update for IE 7 was also an example.

 

[Bobbye]

Firefox was included in on the list of "The 10 Scariest Apps."

You said: "I have elected to freeze at FF 1.5.0.12," which means you are not updating Firefox for some reason. There has, so far, been no reference made to either the SP2 update or the Forced update for IE 7.

I did not misread the comment. Perhaps you should have been more specific.

Edit for correction.