Date : Tue, 27 Jul 2010 05:32:27 +0200
From : rick@... (Rick Murray)
Subject: bbcdocs website problem
On 27/07/2010 01:14, Phill Harvey-Smith wrote:
>> I'm using IE6 and Acrobat reader 9 on WinXP Pro SP2.
> You do of course realise that IE6 and XP SP2 are ancient and very
> vulnarable ?
Not only have sane governments advised against using IE (of any type),
but Microsoft themselves have put IE6 in the ground. You should be
using, as a minimum, IE8. Earlier versions had horrible quirks in
rendering, and you'll find less and less support for IE6's caprices
(hence more and more sites will appear "broken").
SP2 has also been deprecated, fairly recently. You should be using SP3
now. Yeah, it's a big download, that's 'cos you'll probably get IE8. IE8
is the best of the IEs that will run on XP; but even so it's slow,
woefully bad support for those things called standards (try the Acid
tests), and it still doesn't get rendering quite right, but in standards
compliance mode it's infinitely better than IE6.
You are better off dumping IE for one of the following:
1. Google Chrome
Small, slick, likes reporting your activities back to Google. If
you have autosuggest on (default), then EVERY keypress in the
combined URL/search bar is reported back. Could be helpful if you
need guiding, but a security nightmare when you consider that it
can also report hand-typed URLs to your online banking, work, fave
porn sites, etc etc. Given Google's love of data (are they Mormon?)
and given also that Chrome installs itself within the user profile
and NOT within \Program Files, I would not recommend this; but it
is the fastest growing browser.
2. Opera
Many people recommend this religiously, but it has a market share
that never goes anywhere. It looks a fairly decent browser let down
by some dumb design decisions. Beware of insane opinionated fans
who will slap you down for saying Opera is a security risk because
it does not offer NoScript-like behaviour, for said fans appear to
think that NoScript blocks JavaScript and does NOTHING else. For me
it has a tendency to instantly "give up" on a web page fetch,
meaning you have to tell it to refresh. But since its content
filtering is woeful and its ad blocking doesn't, I wouldn't
recommend this either.
3. Firefox
Finally, a browser that supports all of the common protocols and
gunk, yet allows for add-ons. Like iPhone "apps", there are
thousands of junk add-ons. The only ones you need are:
1. NoScript - invasive content filtering, paranoid by default
2. AdBlockPlus - subscribe to an ad list and kill the lag
3. BeefTaco - fake tracing cookies to throw a spanner in the
works of track-n-trace. There's no such thing as net
anonymity, but that doesn't mean you have to consent.
4. BetterPrivacy - we all know about cookies. Did you know
Flash has its own cookies that can be up to 100K, and no
browser can clear these as no browser handles them?
Other useful things at your discretion.
Install Firefox. "Tools" menu, Add-ons, click "Get add-ons" and
enter the names above. You don't need to restart Firefox after
adding each, just do it once at the end.
As a browser, it works. As a customisable tool to browse the web
on my terms, it wins. Thus, I recommend Firefox.
[There are other minority browsers.]
You are aware most modern attacks are coming in via Flash and payloads
in PDFs? Perhaps because of the disparity in browsers, a common vector
being the fancy dodahs? For this reason, it is absolutely imperative to
keep up to date with the latest versions of anything Adobe. Read into
that statement what you will... ;-)
Best wishes,
Rick.
--
Rick Murray, eeePC901 & ADSL WiFI'd into it, all ETLAs!
BBC B: DNFS, 2 x 5.25" floppies, EPROM prog, Acorn TTX
E01S FileStore, A3000/A5000/RiscPC/various PCs/blahblah...