Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
What risks of an Outdated Internet Browser?
What risks of an Outdated Internet Browser?
They say you must update inmediatly your internet browser, but I'd like to know what are really the dangers of using an outdated Internet Browser.
In windows systems there's the risk a malware software install by itself due to an outdated security hole in the browser, but we're discussing here about a linux system, when there's is no possibility a malware/virus component being insalled or executed by itself as it hasn't got the admin account.
So, What dammages can they do with an outdated browser, if they can't install anything in it?? (phissing maybe??). I'd like to know as ive using an outdated browser for a whole year.. , and i intent to keep doing it for regular use but virtual bank operations
In windows systems there's the risk a malware software install by itself due to an outdated security hole in the browser, but we're discussing here about a linux system, when there's is no possibility a malware/virus component being insalled or executed by itself as it hasn't got the admin account.
So, What dammages can they do with an outdated browser, if they can't install anything in it?? (phissing maybe??). I'd like to know as ive using an outdated browser for a whole year.. , and i intent to keep doing it for regular use but virtual bank operations
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...
- Head_on_a_Stick
- Posts: 14114
- Joined: 2014-06-01 17:46
- Location: London, England
- Has thanked: 81 times
- Been thanked: 133 times
Re: What risks of an Outdated Internet Browser?
If you are using Debian with any display manger other than GDM then the X server itself is being run as root and any successful exploits in FF will be able to gain full root access to your system.bester69 wrote:a linux system, when there's is no possibility a malware/virus component being insalled or executed by itself as it hasn't got the admin account
https://www.debian.org/releases/stable/ ... uires-root
If any security fixes have been published then the exploits are widely known and will be tried by every script kiddie, to not update is sheer foolishness and this is the reason why FF & Chromium are some of the only packages in the stable release which are kept up to date.
There are also _many_ other ways to compromise the security of the average Linux system and gain elevated privileges, you are very naive.
https://en.wikipedia.org/wiki/Linux_malware
deadbang
Re: What risks of an Outdated Internet Browser?
If you believe that there is no possibility of malware or a virus obtaining root privileges, why are you asking the following question?bester69 wrote:[...] we're discussing here about a linux system, when there's is no possibility a malware/virus component being insalled or executed by itself as it hasn't got the admin account. [...]
If you never lock the door to your house and have never had anything stolen from your house, does that mean that nobody can steal from your house?bester69 wrote:So, What dammages can they do with an outdated browser, if they can't install anything in it?? (phissing maybe??). I'd like to know as ive using an outdated browser for a whole year.. , and i intent to keep doing it for regular use but virtual bank operations
[edit]
Carefully read the materials at the links Head_on_a_stick provided. I'm sorry if I've come across as harsh, but computer security is no laughing matter considering the information that many people have on their computers. Linux virus programs exist!
[/edit]
Last edited by RU55EL on 2017-10-20 15:28, edited 1 time in total.
Re: What risks of an Outdated Internet Browser?
As always, it depends upon what you do with it. As you noted, you want good security when banking. Depending upon the sites visited there may be nasty little surprises waiting. Sites that specialize in vices (porn, gambling, sex, drugs) are simply not trustworthy to begin with so avoid them.
One of the best things about using Debian is that when I do apt-get install [package] what I receive is clean. Do something similar with Windows and the odds are that it will come loaded with all sorts of crap that can take weeks to find and get rid of. We once downloaded a Windows version of Firefox and it came pre-loaded with hidden commercial redirects.
One of the best things about using Debian is that when I do apt-get install [package] what I receive is clean. Do something similar with Windows and the odds are that it will come loaded with all sorts of crap that can take weeks to find and get rid of. We once downloaded a Windows version of Firefox and it came pre-loaded with hidden commercial redirects.
-
- Posts: 1939
- Joined: 2006-04-21 11:19
- Location: Sol Sector
- Has thanked: 1 time
- Been thanked: 2 times
Re: What risks of an Outdated Internet Browser?
Which web browser, and WHY?bester69 wrote:I'd like to know as ive using an outdated browser for a whole year.. , and i intent to keep doing it for regular use
Freespoke is a new search engine that respects user privacy and does not engage in censorship.
- GarryRicketson
- Posts: 5644
- Joined: 2015-01-20 22:16
- Location: Durango, Mexico
Re: What risks of an Outdated Internet Browser?
"What we expect you have already Done"
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
- alan stone
- Posts: 269
- Joined: 2011-10-22 14:08
- Location: In my body.
Re: What risks of an Outdated Internet Browser?
An outdated feeling of online security.bester69 wrote:What risks of an Outdated Internet Browser?
Re: What risks of an Outdated Internet Browser?
Those articles speaks about window viruses, worns, and malware. As you know linux systems doesnt allow propagation, and nothing can be installed without theGarryRicketson wrote:Just do a search :
What risks of an Outdated Internet Browser?
There are plenty of results.
authorization and admin password, So that's why I was asking about it. In windows I can understand it, in Linux i still dont get it, I dont see how a security hole in the browser, could infect the own browser, or delete , or steal any home documents, cos to do those operations you need a running program that should run throught the own browser's services, and to do that the browser need to be rewritted its code, and i only see that happening as long as the browser is running in memory ram, once its reopened the bad code would be pushed away and cleanned back. But im just guessing and asking to figure it out
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...
Re: What risks of an Outdated Internet Browser?
I suppose, to get root access, would mean a kernel exploit accesed throught a security browser hole, wouldnt it?., nothing to be with the browser bug..Head_on_a_Stick wrote:If you are using Debian with any display manger other than GDM then the X server itself is being run as root and any successful exploits in FF will be able to gain full root access to your system.bester69 wrote:a linux system, when there's is no possibility a malware/virus component being insalled or executed by itself as it hasn't got the admin account
....
https://en.wikipedia.org/wiki/Linux_malware
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...
Re: What risks of an Outdated Internet Browser?
it is foolhardy to say the least to accept the myth that *nix is immune to malware/viruses etc... If the day ever comes when *nix users are a percentage worthy of such attacks then it will be prevalent indeed. Also, there are many rootkits, viruses etc... for *nix, if you use sudo, guess what that virus can find out easily what your "root" password is. Look at Ebury/Windigo and tell me that something as simple as ssh cannot be used as an exploit, or dare I say the Debian openSSL fiasco a few years back.
Your browser is your first line of defense (actually your router), if your browser is hosed, outdated etc... then you are walking around naked in the matrix telling everyone to take a pull for free. Banking is the least of your worries if you continue to use an old browser for anything other then liveCD trivial browsing, why do you think TOR updates their browser often etc....
***Wait a minute, are you not the same person that likes to herald the benefits of frankendebian and having the latest and greatest?
Your browser is your first line of defense (actually your router), if your browser is hosed, outdated etc... then you are walking around naked in the matrix telling everyone to take a pull for free. Banking is the least of your worries if you continue to use an old browser for anything other then liveCD trivial browsing, why do you think TOR updates their browser often etc....
***Wait a minute, are you not the same person that likes to herald the benefits of frankendebian and having the latest and greatest?
Re: What risks of an Outdated Internet Browser?
See,HuangLao wrote:it is foolhardy to say the least to accept the myth that *nix is immune to malware/viruses etc... If the day ever comes when *nix users are a percentage worthy of such attacks then it will be prevalent indeed. Also, there are many rootkits, viruses etc... for *nix, if you use sudo, guess what that virus can find out easily what your "root" password is. Look at Ebury/Windigo and tell me that something as simple as ssh cannot be used as an exploit, or dare I say the Debian openSSL fiasco a few years back.
Your browser is your first line of defense (actually your router), if your browser is hosed, outdated etc... then you are walking around naked in the matrix telling everyone to take a pull for free. Banking is the least of your worries if you continue to use an old browser for anything other then liveCD trivial browsing, why do you think TOR updates their browser often etc....
***Wait a minute, are you not the same person that likes to herald the benefits of frankendebian and having the latest and greatest?
Millons of users are using everyday oudated Android's Apps from litle trust sources and i dindnt heard anything bad happening to them. And they've their smartphone full of important documents and stuff and full of all kind of litle trusted apps. Most of them even has litle knowns about security risks,
So my feeling is all this paranoid about security is a so exagerated in a linux system, facts say otherwise, there's litle to be worried if you know more or less what you 're doing.
I think using an oudated browser for a regular use, and preventing bank operations with it, in linux should be ok; the browser code cant be altered, so once its reopened the worm, or whatever that might be exploiting the bug, would be pushed away, getting the code fresh and clean back.
Just think about the millons Android users, installing and uninstalling thousands of apps from litle trusted sources.. Its maddness if you compared with my case,
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...
- stevepusser
- Posts: 12930
- Joined: 2009-10-06 05:53
- Has thanked: 41 times
- Been thanked: 71 times
Re: What risks of an Outdated Internet Browser?
Similar to the risk of running a stop sign on a remote, little-used country road: https://www.youtube.com/watch?v=7Esrly_qWOc
End of the stream: https://www.youtube.com/watch?v=7Esrly_qWOc&t=8732s
End of the stream: https://www.youtube.com/watch?v=7Esrly_qWOc&t=8732s
MX Linux packager and developer
Re: What risks of an Outdated Internet Browser?
I get Bester's point. Security is a procedure not a package/product. Greater risks come from running a browser or other external/network program as root, or other doorways such as from installing browser add-ons, or opening email attachments.
Old browser with known exploit/breakout leaves a hacker sitting at user command level ... what damage could be done. Could steal or delete any of the users files/view emails etc. but if backed up and the content wasn't personal/sensitive that might be of little concern to a casual computer user. Greater concern about privilege escalation ... get access to root and be able to install ransomware or proliferate into other systems behind the same LAN, but most systems are designed to prevent such privilege escalation so by no means a easy choice, easier to attack other vectors such as via updates/addons or human error.
Similar (or lower) risk than having a laptop stolen. If there is limited damage that such a theft could achieve then running older browser is of even less concern?
For many users likely data is the more valuable. Systems are relatively easily/cheaply replaced. Data such a family pictures might be invaluable. Provided you're not particularly bothered about a stranger seeing those pictures or whatever and you have disconnected/offsite backup copies then you're relatively safe.
Computer security is big business and you hear much about potential exploits that are found (and plugged), but much much less so about actual exploits, at least at a single desktop user software breached level. The bigger targets are servers, or human error (getting individuals to disclose their banking details via a telephone call or via credit card skimming ...etc.).
Turn it around and perhaps its safer to use a pristine factory fresh operating system and brand new copy of a browser, booted and used to go directly to your banks web site, nowhere else before or after (shutdown afterwards) ... even though that operating system and browser might be 10+ years old (dated), is perhaps securer than using the latest patched up system, that has been used to browse here, there and everywhere before/after going to your banks website.
Old browser with known exploit/breakout leaves a hacker sitting at user command level ... what damage could be done. Could steal or delete any of the users files/view emails etc. but if backed up and the content wasn't personal/sensitive that might be of little concern to a casual computer user. Greater concern about privilege escalation ... get access to root and be able to install ransomware or proliferate into other systems behind the same LAN, but most systems are designed to prevent such privilege escalation so by no means a easy choice, easier to attack other vectors such as via updates/addons or human error.
Similar (or lower) risk than having a laptop stolen. If there is limited damage that such a theft could achieve then running older browser is of even less concern?
For many users likely data is the more valuable. Systems are relatively easily/cheaply replaced. Data such a family pictures might be invaluable. Provided you're not particularly bothered about a stranger seeing those pictures or whatever and you have disconnected/offsite backup copies then you're relatively safe.
Computer security is big business and you hear much about potential exploits that are found (and plugged), but much much less so about actual exploits, at least at a single desktop user software breached level. The bigger targets are servers, or human error (getting individuals to disclose their banking details via a telephone call or via credit card skimming ...etc.).
Turn it around and perhaps its safer to use a pristine factory fresh operating system and brand new copy of a browser, booted and used to go directly to your banks web site, nowhere else before or after (shutdown afterwards) ... even though that operating system and browser might be 10+ years old (dated), is perhaps securer than using the latest patched up system, that has been used to browse here, there and everywhere before/after going to your banks website.
Re: What risks of an Outdated Internet Browser?
I will say it again!bester69 wrote:
Millons of users are using everyday oudated Android's Apps from litle trust sources and i dindnt heard anything bad happening to them.
It is your choice to use an outdated browser, or leave your front door unlocked when you leave. But, don't claim that there is no security risk.RU55EL wrote:If you never lock the door to your house and have never had anything stolen from your house, does that mean that nobody can steal from your house?
There are many vulnerabilities in any operating system. The way to keep them secure as possible is to fix the security bugs as soon as they are found.
If you are using an outdated browser, or other software, with known vulnerabilities, it makes it very easy for someone to exploit your system. If the vulnerability is known, someone with limited computer skills can look up how to use the exploit and use it. It is not rocket science. For example.
I did this years ago, to demonstrate to my employer the need to keep an operating system updated. Using nothing more than instructions and software from the Internet I was able to decrypt the password file and obtain everyones password using an unprivileged account. (My computer did have to run for a couple nights, and most of the password were not very good.) A month later, we had a brand new operating system installed. The method I used wouldn't work today, because operating systems have been updated to prevent it. Unless, of course, you are using outdated software.
Re: What risks of an Outdated Internet Browser?
My point, is
I dont think none in world is looking for a me to rapped me, isnt it?, I dont think none knows me, they dont know my ip, they dont know what its within my computer, and i dont think we both concur in same temporarily gap activity, language, or whatever... and given into my ip, and getting to listen and trying to operate me, when i can inmediatly close the browser or turn off the computer. I mean, to be rapped for someone, there must be a good reason for it. isn't it?? None with enought hacking knowledge was going to put such an efforts at sniffing trying to hacking me in anyway without knowing what is behind the router, there must be a known and good reason for it,i think you can get my point.. Perhaps if i were a knowed server bank, i could be worried to not being enought secured.
I see it really silly the critycal worry of having to update the browser in a linux system. It can't be infected in the code as we're talking about linux persmissions , to practical effects, the app is behaving as it was a hardware device or an old Livecd. And we dont put to update router's firmware everyday, dont we?. Its secure by itself in the same way as any linux apps, as long as they can't hack the user, they cant operate. I dont see it..Its similar to being infected by a virus. I think we've more chances to see The Loch Ness Monster that being hacked.. its just my feeling.. but somene said so about linux viruses, they exists, but none has never seen them, and none knows someone that has ever seen them.. i read that recently in a linux article .
The only risk i see here with outdated browsers, might be with an infected addon ..supposing that's even possible (by exploiting a vulenerability browser's hole in remote and behing router).
I dont think none in world is looking for a me to rapped me, isnt it?, I dont think none knows me, they dont know my ip, they dont know what its within my computer, and i dont think we both concur in same temporarily gap activity, language, or whatever... and given into my ip, and getting to listen and trying to operate me, when i can inmediatly close the browser or turn off the computer. I mean, to be rapped for someone, there must be a good reason for it. isn't it?? None with enought hacking knowledge was going to put such an efforts at sniffing trying to hacking me in anyway without knowing what is behind the router, there must be a known and good reason for it,i think you can get my point.. Perhaps if i were a knowed server bank, i could be worried to not being enought secured.
I see it really silly the critycal worry of having to update the browser in a linux system. It can't be infected in the code as we're talking about linux persmissions , to practical effects, the app is behaving as it was a hardware device or an old Livecd. And we dont put to update router's firmware everyday, dont we?. Its secure by itself in the same way as any linux apps, as long as they can't hack the user, they cant operate. I dont see it..Its similar to being infected by a virus. I think we've more chances to see The Loch Ness Monster that being hacked.. its just my feeling.. but somene said so about linux viruses, they exists, but none has never seen them, and none knows someone that has ever seen them.. i read that recently in a linux article .
The only risk i see here with outdated browsers, might be with an infected addon ..supposing that's even possible (by exploiting a vulenerability browser's hole in remote and behing router).
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...
Re: What risks of an Outdated Internet Browser?
OK. That is your opinion, and it is your choice to decide how important security is on your system.bester69 wrote:My point, is
I dont think none in world is looking for a me to rapped me, isnt it?[...]
This is wrong! Every single Linux computer can be hacked! It might not be easy, and it is certainly not probable in many cases. To claim otherwise is wrong.bester69 wrote:I see it really silly the critycal worry of having to update the browser in a linux system. It can't be infected in the code as we're talking about linux persmissions , to practical effects, the app is behaving as it was a hardware device or an old Livecd.[...]
This is true, at least with me. I check for router firmware updates every three months. I prefer DD-WRT firmware.bester69 wrote:And we dont put to update router's firmware everyday, dont we?. [...]
Just because you can't see the risk or vulnerability, doesn't mean it doesn't exist.bester69 wrote:The only risk i see here with outdated browsers, might be with an infected addon ..supposing that's even possible (by exploiting a vulenerability browser's hole in remote and behing router.
My point is that it is your choice how much security you want to worry about. But, don't spread the idea that Linux isn't vulnerable. Don't mislead others into thinking there are no threats or vulnerabilities.
Re: What risks of an Outdated Internet Browser?
The problems lie not in outdated browsers but rather browsers not actively receiving security patches as holes are discovered. That, and poor browsing habits.
Debian 9 (Stretch)
Asus Vivobook S551LB
Asus Vivobook S551LB
Re: What risks of an Outdated Internet Browser?
bester69, you asked a question.
you got some answers.
and now you're doing everything to disprove those answers.
it's like i said in that other thread: you won't listen to advice.
or maybe you just hope for someone to come along and say:
"It's OK. You have permission to run an outdated browser."
There. I said it.
Happy now?
you got some answers.
and now you're doing everything to disprove those answers.
it's like i said in that other thread: you won't listen to advice.
or maybe you just hope for someone to come along and say:
"It's OK. You have permission to run an outdated browser."
There. I said it.
Happy now?
Re: What risks of an Outdated Internet Browser?
Hey, at least there is no jumbo sized screenshot in this thread (yet).debiman wrote:you won't listen to advice.
Debian 9 (Stretch)
Asus Vivobook S551LB
Asus Vivobook S551LB
- alan stone
- Posts: 269
- Joined: 2011-10-22 14:08
- Location: In my body.
Re: What risks of an Outdated Internet Browser?
And now for something completely different.
The Damn Vulnerable Linux distribution, which didn't include web browser software, is discontinued.
Conclusion: [since then] Linux based OS's and software, and especially web browsers - outdated and updated, are 100% secure!.
QED.
The Damn Vulnerable Linux distribution, which didn't include web browser software, is discontinued.
Conclusion: [since then] Linux based OS's and software, and especially web browsers - outdated and updated, are 100% secure!.
QED.