Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(PC Magazine)   Microsoft criticizes Google over security hole in Chrome. Where the pot/kettle tag?   ( uk.pcmag.com) divider line
    More: Asinine, Exploit, blog post, Linux, Web browser, Chrome, Google Chrome, Google, Computer program  
•       •       •

785 clicks; posted to Geek » on 20 Oct 2017 at 9:20 AM (5 weeks ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



18 Comments     (+0 »)
 
View Voting Results: Smartest and Funniest
 
2017-10-20 09:08:17 AM  
Google then asked Microsoft to pass the hash, please.
 
2017-10-20 09:33:12 AM  
Meanwhile, the Fall Windows Creators Update had one odd side effect: any browser but Edge now has network issues.

"Your connection was interrupted" now happens at random times in everything from Chrome to Firefox to freakin' Steam and the Blizzard launcher...
 
2017-10-20 09:46:13 AM  
Well to be fair, Microsoft never touted IE6 as being secure.

God in the annals of computer history mistakes, that one will have to go down as one of the all time top 3.
 
2017-10-20 10:02:22 AM  
sites.google.comView Full Size
 
2017-10-20 10:04:09 AM  

cirby: Meanwhile, the Fall Windows Creators Update had one odd side effect: any browser but Edge now has network issues.

"Your connection was interrupted" now happens at random times in everything from Chrome to Firefox to freakin' Steam and the Blizzard launcher...


That hasn't happened to me once...yet...probably boned now.  I haven't used Edge except for the few times some random program auto-launched it and I don't plan on changing that.  Chrome & Firefox cover all my needs and run on every major platform.  If MS ever releases Edge for Linux, iOS, Android, BSD, and MacOS I might give it a try...until then, plenty of other browsers that work just as good on more platforms and most of those offer the ability to sync between the various platforms.  Why use a browser locked to a single platform in this day and age (work/business exception of course)?

I just with the Windows updating tool actually showed me what it was doing as it updated stuff.  Unlabeled progress bars and a black screen with a circular animation doesn't give me any indication of what the fark is really going on.  Maybe I've just been spoiled by Arch Linux and knowing every individual file that'll be changed, when it's changed, how it's changed, and why it's changed...knowing what has changed without diffing my entire system before and after would be nice...
 
2017-10-20 10:04:21 AM  

Gubbo: Well to be fair, Microsoft never touted IE6 as being secure.

God in the annals of computer history mistakes, that one will have to go down as one of the all time top 3.


The product that was released Aug 27, 2001?

Do you hold other vendors to a standard of "A product you released 16 years and 5 major revisions ago had a bug, so your current product sucks?"
 
2017-10-20 10:08:30 AM  

Mr. Eugenides: Gubbo: Well to be fair, Microsoft never touted IE6 as being secure.

God in the annals of computer history mistakes, that one will have to go down as one of the all time top 3.

The product that was released Aug 27, 2001?

Do you hold other vendors to a standard of "A product you released 16 years and 5 major revisions ago had a bug, so your current product sucks?"


IE6 was deliberately standard non compliant and every major company in the world wrote software that worked only on IE6. Software that 10/15 years later they were still trying to use.
 
2017-10-20 10:22:50 AM  
Kind of ballsy of them, wasn't Edge the most-hacked-browser of pwn2own this year?
 
2017-10-20 10:56:31 AM  

China White Tea: Kind of ballsy of them, wasn't Edge the most-hacked-browser of pwn2own this year?

Yep. Five successful pwns. Chrome withstood the one attempt to pwn it.
 
2017-10-20 11:00:54 AM  
Funny that the article linked doesn't mention how much Google has done this to MS in the past. Not that two wrongs make a right.

Google has been criticized for its approach to vulnerability disclosures, allowing engineers to disclose details seven days after they're reported to vendors. The search giant regularly finds and discloses security issues in Microsoft's software, and occasionally publishes details before products are patched. It's this approach that has angered Microsoft so much, and it's clear the company will take any opportunity to call Google out on it.
 
2017-10-20 11:00:59 AM  

cirby: Meanwhile, the Fall Windows Creators Update had one odd side effect: any browser but Edge now has network issues.

"Your connection was interrupted" now happens at random times in everything from Chrome to Firefox to freakin' Steam and the Blizzard launcher...


Did you check in the settings?
img.fark.netView Full Size
 
2017-10-20 11:55:58 AM  

Gubbo: Mr. Eugenides: Gubbo: Well to be fair, Microsoft never touted IE6 as being secure.

God in the annals of computer history mistakes, that one will have to go down as one of the all time top 3.

The product that was released Aug 27, 2001?

Do you hold other vendors to a standard of "A product you released 16 years and 5 major revisions ago had a bug, so your current product sucks?"

IE6 was deliberately standard non compliant and every major company in the world wrote software that worked only on IE6. Software that 10/15 years later they were still trying to use.


Not to mention that pretty much everything Microsoft made (and absolutely every windows API) produced from 1995-2005 was absolutely insecure and designed to hand over control at the drop of a hat (*of course* that included data, something that absolutely everyone else was smart enough not to allow to control the computer).

And everything since has to be backward compatible with all those idiotic decisions and has to carefully cherry pick which ones are known to be expoited and stop.
/but to MS fanboys, obscurity is the only form of security
//Is there any way to make a system insecure that MS didn't manage?  Executeable data, check.   Autorun floppies/cds/usb sticks, check.  Even decode jpegs as root with a buffer overrun, check.  And don't even ask about outlook, *of course* you have to make spam executable.  The users absolutely need to execute spam!
///third slashie prevented by antivirus
 
2017-10-20 12:14:01 PM  
Wow, an application and an OS that >90% of the world uses in different ways interacting with different applications and quality have developed flaws. WHAT A SHOCK. This is my surprised face.
 
2017-10-20 12:24:00 PM  
Exploder is very stable for me. Of course, I never use it, but anyway...
 
2017-10-20 12:24:10 PM  

Aezetyr: Wow, an application and an OS that >90% of the world uses in different ways interacting with different applications and quality have developed flaws. WHAT A SHOCK. This is my surprised face.


The issue isn;t that Chrome has a bug, the issue is how Google went about fixing it. MS disclosed the bug privately to Google which in turn published the bug on their developer channel with a fix but left non-developers with a compromised version of Chrome. Google put their whole userbase at risk by giving bad actors a month to exploit the now known bug by not immediately pushing the patch to the release version.
 
2017-10-20 12:24:11 PM  
yet_another_wumpus:
Executeable data, check.

Not to shiat in your bubble, but the NT kernel API supported allocating memory as Read/Write/NoExecute (AKA "PAGE_READWRITE") from day one.  It was Intel's MMU on the x86 that didn't support it, since it only had one bit in the page table for toggling between read and read/write.
 
2017-10-20 12:33:51 PM  
For me, Windows 10 used to do this whole, "Oops. No idea what happened, but we totally had to switch your browser back to Edgelord. Tee-hee. Just didn't have any other options, you know?" Then when I'd switch back to Chrome, Windows would give me a popup with "Are you totes sure you don't want the bestest Internet experience? Let me love you."

It's like the web browser version of Philip Seymour Hoffman's character from "Boogie Nights."
 
2017-10-20 01:54:22 PM  

GreenAdder: For me, Windows 10 used to do this whole, "Oops. No idea what happened, but we totally had to switch your browser back to Edgelord. Tee-hee. Just didn't have any other options, you know?" Then when I'd switch back to Chrome, Windows would give me a popup with "Are you totes sure you don't want the bestest Internet experience? Let me love you."

It's like the web browser version of Philip Seymour Hoffman's character from "Boogie Nights."


And then it does shiat like "I see that you've got a paid version of Adobe on this machine. We're just gonna change the default application for PDFs, editing, reading, ANYthing really, to EDGE. Without asking. ANd then require Admin privs to change it back.

And then stealth take it back over again anyways on the next reboot. Because SATYA SAYS DANCE, MONKEY!
 
Displayed 18 of 18 comments

View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking

On Twitter





Top Commented
Javascript is required to view headlines in widget.
  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report