Hey there. I’ll try very much to keep this reply strictly technical without personal judgement, just because, well, this topic basically IS about my job and the field I work 9 hours a day in, so I hope I can provide some judgment-free background information.
“The ads on Deviant Art are full of viruses. My firewall and antivirus system are going nutz trying to block all the attacks. Internet explorer is constantly like "Hold the fuck up *blocks cross site scripting.” Ad-Script-Viruses are a pest these days, that’s true, and not only DA suffers from this, but it’s so noticeable there since it’s a big site. The biggest problem here? And please don’t beat me with a stick for saying so, but strictly technically speaking, it’s Internet Explorer. No personal judgment here, but Internet Explorer is a backwater product when it comes to safety features and it contains several huge security faults when it comes to scripting, especially java and the likes. The latest version Release of Internet Explorer 9 contains 22 (twenty-two) critical, unpatched vulnerabilities regarding scripting activity. The things you stated like “browser fingerprinting” are impossible in most modern browsers. Internet Explorer sadly isn’t one of those. It doesn’t even have a code-interpreter, which means it’s not only unable to read Microsoft-Code (Copy+Paste MS-Word text in a HTML frame and IE will crash when trying to view it since it doesn’t understand it), it doesn’t have the ability to judge if code contained in a Site is hostile or not.
“DA has been made aware of the virus issue, and they say they have fixed it. Wrong.” Incorrect phrasing. Correct would be: DA has been made aware of the virus issue, and they say that they have done ever counter-measure they could do regarding their server-farms and css-codes, which is absolutely correct. Sadly they can’t fix people. About the Ads I’ll talk more later on, but Server-Side and from the used CSS-System DA is one very safe platform.
“ I know what you're going to say. "Download Firefox and install antivirus software."” I know that you use antivirus software, and I’m not saying “Download Firefox” . But, as a technician, I’d say “Download a safe browser”. The only Browsers out there without any known vulnerabilities are (at the time of writing this comment) Google Chrome 15, Firefox 8 and SeaMonkey 2
“I'm the first person to advocate protecting yourself.” While this is absolutely true, you are using an insecure browser. Just stating a fact, nothing against you personally, you know I like you!
“Some free antivirus programs do not provide firewall and website blocking protection.” Which actually doesn’t make them bad, lots of people prefer to have separate webblockers and firewalls for increased possibilities of configuration, but for starters I too would recommend a all-in-one solution like Avira
“Some viruses don't even need you to click on them: they run scripts in the background and let themselves right in.” This is true for a lot of browser-based viruses, but requires a browser that does a) Not provide appropriate security setting (Examples: Safari, AOL (seriously, some people still use that)) or b) has script-based Vulnerabilities (Examples: Safari, Internet Explorer, Opera)
“The ads on Deviant Art are full of viruses. My firewall and antivirus system are going nutz trying to block all the attacks. Internet explorer is constantly like "Hold the fuck up *blocks cross site scripting.”
Ad-Script-Viruses are a pest these days, that’s true, and not only DA suffers from this, but it’s so noticeable there since it’s a big site. The biggest problem here? And please don’t beat me with a stick for saying so, but strictly technically speaking, it’s Internet Explorer. No personal judgment here, but Internet Explorer is a backwater product when it comes to safety features and it contains several huge security faults when it comes to scripting, especially java and the likes. The latest version Release of Internet Explorer 9 contains 22 (twenty-two) critical, unpatched vulnerabilities regarding scripting activity. The things you stated like “browser fingerprinting” are impossible in most modern browsers. Internet Explorer sadly isn’t one of those. It doesn’t even have a code-interpreter, which means it’s not only unable to read Microsoft-Code (Copy+Paste MS-Word text in a HTML frame and IE will crash when trying to view it since it doesn’t understand it), it doesn’t have the ability to judge if code contained in a Site is hostile or not.
“DA has been made aware of the virus issue, and they say they have fixed it. Wrong.”
Incorrect phrasing. Correct would be: DA has been made aware of the virus issue, and they say that they have done ever counter-measure they could do regarding their server-farms and css-codes, which is absolutely correct. Sadly they can’t fix people. About the Ads I’ll talk more later on, but Server-Side and from the used CSS-System DA is one very safe platform.
“ I know what you're going to say. "Download Firefox and install antivirus software."”
I know that you use antivirus software, and I’m not saying “Download Firefox” . But, as a technician, I’d say “Download a safe browser”. The only Browsers out there without any known vulnerabilities are (at the time of writing this comment) Google Chrome 15, Firefox 8 and SeaMonkey 2
“I'm the first person to advocate protecting yourself.”
While this is absolutely true, you are using an insecure browser. Just stating a fact, nothing against you personally, you know I like you!
“Some free antivirus programs do not provide firewall and website blocking protection.”
Which actually doesn’t make them bad, lots of people prefer to have separate webblockers and firewalls for increased possibilities of configuration, but for starters I too would recommend a all-in-one solution like Avira
“Some viruses don't even need you to click on them: they run scripts in the background and let themselves right in.”
This is true for a lot of browser-based viruses, but requires a browser that does a) Not provide appropriate security setting (Examples: Safari, AOL (seriously, some people still use that)) or b) has script-based Vulnerabilities (Examples: Safari, Internet Explorer, Opera)
Reply
Leave a comment