Re: Netscape Communicator vs IE

From: dewt (dewt@kc.rr.com)
Date: 03/02/02


From: dewt <dewt@kc.rr.com>
To: Gilles Poiret <poiret.gilles@wanadoo.fr>, SECURITY-BASICS@securityfocus.com
Date: Fri, 1 Mar 2002 19:16:32 -0600

The programming practices of microsoft are the biggest culprit in IE and
outlook security issues. for the most part, netscape's security history is
notably better, and you really only have to use the netscape smart update to
keep up to date.
both browsers can be made more safe by disabling various functions,of course
this limits the functionality of some web pages. I believe netscape gives you
more specific control over this than IE (i haven't used ie in a while), and
the konqueror browser is likely the best with it's per site enabling of
java/javascript/user agent responses/etc., or lynx with it's lack of support
for exploitable protocols =P
as for reading mail, you might just want to have a stand alone email client.

this topic is ripe for a heated discussion, and this thread will prolly never
die =P
 
On Thursday 28 February 2002 03:51 pm, Gilles Poiret wrote:
> Hi,
>
> I would like your advice about security aspects, concerning IE (e.g 5.5) vs
> Netscape Communicator (e.g 4.7x).
>
> I *very often* heard problems with IE, and Outlook.
> But Microsoft provides patches (for instance, a patch for Outlook to block
> dangerous attachments), and permits to control the surf (web site access,
> allow or not downloading,...) with IE. At the opposite, I never (since
> version 4.77) heard about security problem for Netscape Communicator. But
> to my knowledge, there is no embedded mechanism of protection in this
> browser.
>
> So I'm wondering what is the best (safest) browser, concerning security.
> Same thing for mail client (outlook vs messenger)...
>
> For the moment, I think IE is safer (due to patches, and ability to
> control). If you have another opinion, please tell it me.
>
> Thanks for advance.



Relevant Pages

  • [NT] MHTML vulnerability in Outlook Express
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A vulnerability in Outlook Express allows an attacker to run code of the ... If an attacker were to host a malicious website that contained an MHTML ...
    (Securiteam)
  • Bypassing SMTP Content Protection with a Flick of a Button
    ... How about using Outlook Express as ... more than an Outlook Express client and employs a rarely-used feature ... This RFC documented feature called "Message Fragmentation and ... comprehensive security policy to restrict potentially harmful content ...
    (Bugtraq)
  • [VulnWatch] Bypassing SMTP Content Protection with a Flick of a Button
    ... How about using Outlook Express as ... more than an Outlook Express client and employs a rarely-used feature ... This RFC documented feature called "Message Fragmentation and ... comprehensive security policy to restrict potentially harmful content ...
    (VulnWatch)
  • Re: How do I receive an access database?
    ... To provide enhanced security, Microsoft Office Outlook 2003 is designed to ... If you need to share files that have file types blocked by this feature, ... There is no control over those files (no settings within ...
    (microsoft.public.access.gettingstarted)
  • Re: Unsafe Attachments
    ... Teach Yourself Outlook 2003 in 24 Hours ... > Outlook 2002 includes a new security feature that blocks> attachments considered unsafe. ... > Request that the sender use a file compression utility> that changes the file extension. ...
    (microsoft.public.outlook.installation)