Things You Learn With An Open Eye, and Mind

With all the noise being made about browser speed and security, it is sometimes anyone’s guess as to which browser should be used…or is it? If you are at all interested, you have read stories putting up Internet Explorer 8, by Microsoft, as the most secure browser. Of course, that result is specious, as Microsoft initiated the test. On the other side of things, we see that speed claims by the people who flog Chrome show the best times for many tests, and adequate security; but those tests seem to totally ignore usability.

I have been extensively using SRWare’s Iron browser. It’s sort of a ‘I’d better get used to it, because it will be a force in the browser market, and knowledge of it is a necessity’ thing. I see that some things work well with it, but so many things don’t - they seem cobbled together, in what we used to call the ‘down and dirty’ method. By that I mean that there are no exceptions encountered, but then again, things that one expects are not there either. Built for insiders, who already knew how things were going to work.

On the other hand, I use Opera daily, which not only gets the job done; it does it with style, and shows me no surprises. I get none of the unexpected results I get with Iron. By the way, Iron is a work-alike to Chrome, but without any identifying code sent to Google. It uses all the Google Chrome plug-ins, and I’ll let you decide whether that is a curse or a blessing.

When I installed the GMail notifier, I found it worked nicely, but the notifier takes up a decent chunk of the screen at the bottom, and can’t easily be removed from taking up that screen space. This is part of the ‘down and dirty’ that I don’t like. When things aren’t being used, they should be retractable, so as to leave the screen open for viewing of pages. It is not as if everyone has a 24” monitor. I am using Iron on my laptop, which has a native resolution of 1024×768, and I can’t get the browser screen metrics small enough to make up the difference. It’s easy enough to get the browser window font way down, 10 point type works well on that 1024×768 screen, but the browser itself will not slim down. So a lot of screen is wasted.

Anyway, enough about Iron - decent, but for the ‘I use it because I like to suffer’ crowd.  Opera is the browser that is not bloated, but is not so spare that you feel like you’re on an austerity plan while using it.

It seems that the crowd that knows a thing or two about security, and the compromising of it, tend to use Opera, too. Do they know something that the browser floggers don’t?

from ComputerWorld

Hackers using multi-exploit attack “toolkits” take defensive measures of their own against other criminals, a security researcher said today.

“Exploit kit operators do use mainstream browsers, but they’re much more likely to use Opera than the average user, because they know that the browser isn’t targeted by other hackers,” said Paul Royal, a principal security researcher with Atlanta-based Purewire.

While the most generous Web measurements peg Opera, a browser made by Norwegian company Opera Software, at a 2% share of the global market, 26% of the hackers who Purewire identified use the far-from-popular application.

Because of its small market share, few hackers bother to unleash exploits for Opera vulnerabilities, said Royal.

Purewire obtained this insight, and others, by infiltrating hackers’ systems using a bug in the analytics software included with a pair of hacker toolkits, notably one dubbed “LuckySploit,” said Royal. “We forged a ‘refer’ field and put in a little JavaScript,” he explained, “and that revealed the hackers to us via their IP addresses.”

Out of 51 exploit kit-using hackers, Purewire’s tactic successfully identified the IP addresses of 15, as well as the browsers they ran. “We essentially did a code audit,” said Royal. “Even criminals who attack others cannot architect reliable software,” he added, talking about the vulnerabilities in the toolkits.

Most multi-strike attack kits, including LuckySploit, serve up a grab bag of exploits, including code that leverages vulnerabilities in Microsoft’s Internet Explorer (IE), in ActiveX controls that IE uses, and in Adobe’s Flash Player and Reader.

Criminals also try to hide from law enforcement by distancing themselves from the servers that host their exploit kits, said Royal. Of the 15 hackers Purewire identified, only two — both with IP addresses traced to Latvia — resided in the same country that also hosted the system containing their attack kit.

Most had at least one country between where they lived and where their malware-serving machine was located.

“This is a first stab,” Royal said when asked what value could be placed on the information Purewire rooted out. “If we can discover the IP addresses of exploit kit operators, we can then turn that over to law enforcement.”

Exploit toolkits are a prominent weapon in hacker arsenals, especially for “drive-by” attacks launched when unwary users are tricked into visiting Web sites by spam. Last month, for example, thousands of legitimate, but compromised, sites served up a multi-strike kit that included an exploit of a then-unpatched vulnerability in a Microsoft-made ActiveX control.

Sometimes, it is good to not be top dog. Opera has security, style, and an even greater measure of that same security because of its status as a sideliner. Those who use it just might like it that way.

§

•

Opera 9.64 for Ubuntu/Debian really pops, having none of the slow behavior of the Windows version. Version 10 for Linux should be great!