(07-31-2011, 03:55 AM)Ace Wrote: Alright, hows this for accurate information?:
That's exactly the same flawed report from NSS Labs.
Quote:Based on the info you gave me i'm reading that was in effect for IE8, IE9 is a completely different version.
The criticism is still perfectly valid, because NSS Labs has not changed the flawed methodology, and still refuses to release information that would let independent parties verify the results.
Quote:PCMags is a highly reputable website for computer information. You can't confirm that EVERY website isn't paid by Microsoft for how much money they have. Why do you not go ahead and do some tests yourself to relay back to this thread then?
Again, they are just quoting NSS Labs.
Quote:Opera's lack of support for DEP and ASLR makes it one of the weakest web browsers just for that one reason. This automatically makes it much easier to find secure data saved and stored by the web browser during a session.
Opera does support DEP and ASLR. I'm not sure what you are talking about here...
Quote:There were original tests done by them uninfluenced by IE in any way. That was back with IE8 btw, not after IE9 came out. I wouldn't be referencing IE security to an older version of the program.
The point is that the NSS Labs reports, all of them, use flawed methodology, a poor sample of sites (they could be using as few as 10 sites for testing), and no one has independently been allowed to look at the tests to verify them.
In other words, it's pseudoscience.
Quote:Malware is a part of general security so how can you define them as being separate?
I pointed out that NSS Labs only claims to test "socially engineered malware." You seemed to base your general comments on security on this extremely narrow test.
NSS Labs does not test general security. They test "socially engineered malware," and the evidence clearly shows that they don't even do this well.
Do you really think that IE catches nearly all such malware, while other browsers hardly catch any? Warning bells should have been ringing right there...
Quote:Socially engineered or not, it's still a demonstration on how the web browser attempts to block it lol. The ones that don't do a good job of keeping you secure are still less secure. Google blocks known malware pages for instance.
All browsers block malware sites. And my point is that NSS Labs doesn't test general security. They only claim to test one specific thing, and they don't even do that well.
Quote:Am I wrong then? Along with all of these other tests?
http://internet-browser-review.toptenreviews.com/
http://www.infoworld.com/d/security-cent...-opera-620
What about those? I'm not sure what you want me to look at.
Posts: 2,216
Threads: 187
Joined: Jul 2011
Wow, you sure like your writing. tl;dr imho.
I did add a TL;DR where I summarized some of my points. I can do one here for increased visibility:
- The NSS Labs test is unscientific and deeply flawed
- The NSS Labs test does not test general security, only one specific thing (tricking users into opening executable files they are downloading)
- NSS Labs refuses to let independent parties look at their data or in any way verify their claims
Hope that helps.
Posts: 5,793
Threads: 268
Joined: Sep 2010
Reputation:
85
Quote:The criticism is still perfectly valid, because NSS Labs has not changed the flawed methodology, and still refuses to release information that would let independent parties verify the results.
Who said it was up to NSS labs to let others verify any results, they can do testing on their own. If you can't trust PCMag, I don't know what you can trust. Even if it was funded, how can you prove that they weren't just trying to get from say 3rd place to 1st place? Still a pretty decent rank.
Quote:Again, they are just quoting NSS Labs.
Provide me with a legit link and I will reconsider what I know. Sound fair?
Quote:Opera does support DEP and ASLR. I'm not sure what you are talking about here...
I read about their previous version around the latest version of Opera 9 not having it. Before trying to make me look like a liar, verify it for yourself.
Quote:I pointed out that NSS Labs only claims to test "socially engineered malware." You seemed to base your general comments on security on this extremely narrow test.
NSS Labs does not test general security. They test "socially engineered malware," and the evidence clearly shows that they don't even do this well.
Do you really think that IE catches nearly all such malware, while other browsers hardly catch any? Warning bells should have been ringing right there...
You act like all web browsers are supposed to be close in security just because that was what they were designed to do here. It's like saying that a vb.net application programmed by some 2 year old to act as a calculator is almost just as good as one coded by a software developer because they are both calculators.
I pointed out several other facts for why i've claimed for Firefox for example to be a better web browser, and why IE hasn't been the greatest, but different web browsers are better for different things. with the test that I posted, the website through PCMag's words, states that NSS wasn't funded for that test. Unless they were both funded by Microsoft, which you can't guarantee as a definite truth or not. Why would PCMag cover up for NSS on this?
I dont see why you have such negative thoughts about the statistics here, for socially engineered malware in specific. I think Microsoft has the biggest database for information on how to defend against such an attack. That should sound reasonable to you. Do you think some random developer of Opera would have access to a lot of information on how to secure their web browser like that?
Quote:All browsers block malware sites.
This is like saying all web browsers browse the net. All Antiviruses block malware to some point. What is your point here? There's a level or an extent to which each does their job in terms of how well they do it.
Quote:What about those? I'm not sure what you want me to look at.
If you're just going to troll my post as the first couple posts you make on the forum then you shouldn't be on this thread. I was giving you some research information to look at since you're so focused on how NSS displays their results.
I'll look into NSS further, as it was new to me, but you're completely closed minded to what you don't want to hear. IE9 is fairly new, and Firefox development is starting up as well. You can't hold on to the same beliefs from 2010 just because you don't like Microsoft or something else.
Posts: 2,216
Threads: 187
Joined: Jul 2011
Wow, is this turning into a 'Who's more high quality' argument?
I really need to catch up on some sleep, so I can read things with out it just going over my head.
Posts: 5,793
Threads: 268
Joined: Sep 2010
Reputation:
85
I'm sure there's lots of tests out there that are funded by companies, i'm cautious, but I don't trust any result 100% as I just found out that in the past, Microsoft funded this test they did from NSS. Although IE9 is a lot more secure than IE8 from what I personally know about it. You just can't really tell accurately how good each is in comparison. I'm saying firefox though because everyone attacks Microsoft stuff, some out of pure hate for the company, and some because they know it's used by at least 75% of computer users out there. It's easy to get an audience through MS. Lower end web browsers like Chrome, and Opera don't have as many interested attackers, so their development can continue without the risk of all of the intruders that IE would have. Firefox has improved a lot though. I used to think that Firefox 3.* was good, Firefox 4 and 5 were questionable, but based on the number of things i've read in the past day or 2 about Nightly and Aurora, they seem to be very efficient. I got a glipse at a few snippets of the code in Firefox, maybe that's not a good thing that some are public like that, but it does have a more secure method.
I take back what I mentioned about Opera though because that proof I provided I don't trust quite as much as I did when I posted it. I did try and look at numerous other sources to go by yesterday, but their were some discrepancies in the results that I found, and lots of inconsistent results. Who's to say which ones aren't funded by Microsoft or another company? Microsoft is huge, i'm sure they have the money to spend on funding a lot of the bigger sites for their name to look good.
Based on the latest versions of Opera 9 though I found one method of their code that was insufficient for preventing attacks against session information, but other than that, version 10 is out, so i'm not sure if they fixed that or not. I didn't find any information on that bit.
I will still never use IE again, because it seems lots of Microsoft developers only care about the visual, and for that, the performance definitely suffers. IE is one of the slowest web browsers i've ever used, and it was proven in a few benchmark tests that I read about through Google, so they must have been accurate results, otherwise Microsoft funding would have put them at the top. Nonetheless, Microsoft can't hide how slow their browser is just by showing results in a test, everyone experiences page loading times, and can be their own dictator for how they view IE performance.
In sum, I do agree with what the new SF member had to say to my post there, and I don't agree with what I posted quite as much as I did when I wrote it yesterday, however, you need to have a mind of your own when it comes to this sort of thing as well. Every company want's to make themselves look good, so how do you verify anything if you can't see firsthand a legit result for yourself? That's hard to do if you're not a developer or you don't have the proper tools to do so.
Posts: 2,216
Threads: 187
Joined: Jul 2011
I agree with what you said about IE, I too do not like it. I never have, especially after seeing Google Chrome, I know it may not be the best browser nor the safest, but I love it.
Posts: 5,793
Threads: 268
Joined: Sep 2010
Reputation:
85
Though it hasn't been tested that much, and it's still in alpha, I'm using Nightly the most currently. It's an amazing browser. I don't think i'll ever go back to Iron again after using this.
Posts: 2,216
Threads: 187
Joined: Jul 2011
(08-02-2011, 12:53 AM)Ace Wrote: Though it hasn't been tested that much, and it's still in alpha, I'm using Nightly the most currently. It's an amazing browser. I don't think i'll ever go back to Iron again after using this.
Would you like to show some pics?
Posts: 5,793
Threads: 268
Joined: Sep 2010
Reputation:
85
|