Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Matts (1087)

  (email not shown publicly)

I work for MessageLabs [] in Toronto, ON, Canada. I write spam filters, MTA software, high performance network software, string matching algorithms, and other cool stuff mostly in Perl and C.

Journal of Matts (1087)

Thursday August 05, 2004
03:27 AM

2 weeks ago

[ #20247 ]

Two weeks ago I spent the day at a major UK financial institution talking about our anti-spam service. One of the things they asked me was what they should be looking out for next. They feel that as a customer of ours they already have the email virus problem licked, and spam is mostly taken care of, but they expect there will be a new avenue of entry that they haven't thought about.

I talked to them about IM, but they outright block it (to the best of their abilities, via both firewall and proxy blocks). So the only thing I could think that they might be vulnerable to was Spyware. We spoke briefly about this and they asked what they could do. I told them to dump IE in favour of Mozilla or Firefox.

Amazingly they didn't seem too against the idea.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.
  • Whilst firefox is an improvement, it's still got problems of its own. Have a look at this demo [] for a good example.


  • Our IT dept is getting annoyed with SpyWare and AdWare and other malware that installs it's self via IE. So far they are not keen to swicth to another browser, they are very loyal to MS, but cleaning infected machines is starting to try their patience.

    At the individual level, I'm converting people one at a time from IE to Firefox, and having some success. I find once people have installed Firefox they seem happy to stay put.

    -- "It's not magic, it's work..."
  • 1) Firefox and Mozilla have always had the attention of their developers and some of the security tech people. Black hats may only just starting to notice or care about it but that doesn't concern me.

    2) Given a choice would you rather have to admin 100's of peoples desktops and having to patch their O/S regularly just to keep on top of frequent critical flaws in their browser or upgrade only the browser and less often

    @JAPH = qw(Hacker Perl Another Just);
    print reverse @JAPH;
    • Point 2 is a bit of a straw man. The OS will need updates anyway, as will all the applications in use. I would imagine one of the reasons for not using firefox is that it's more maintenance hassle as opposed to simply having everything come through windows update.


      • It is a lot easier to test updates to parts of a system individually. I would expect any outfit with significant IT support to be very careful about updates to O/S.

        Patching windows is known to be something you shouldn't do blindly as it can break key business applications. Also the patches often interfere with unexpected and unexplained parts of the system and behaviour.

        It is a lot better to be able to apply a patch to just the browser, particularly if you have different versions of the O/S running. In


        @JAPH = qw(Hacker Perl Another Just);
        print reverse @JAPH;