Re: Blog post on Firefox 58.


Gene
 

Also, I found this lecture and discussion by the author of the book.  I haven't listened to much of it yet but it sounds very good.  Whether people read the book or not, this lecture and discussion appears to present a lot of good information on the subject.
 
Gene

----- Original Message -----
Sent: Wednesday, January 24, 2018 2:38 PM
Subject: Re: [nvda] Blog post on Firefox 58.

Read the book cyber fobia. I think I spelled the title wrong, but it points out exactly waht gean is saying, and this thign was written I believe in 2017 or so.

Take care

On Jan 24, 2018, at 12:13 PM, Gene <gsasner@...> wrote:

Snail mail can come from anyone.  But it doesn't steal your passwords for criminal purposes or do other malicious things, nor does it propogate.  You get it and that's it.  
 
What I'm talking about is the question of browsers and security for the most part.  The argument has been made that the individual is the main security problem.  the individual is a security problem but that is by far not the only problem.  and phishers are becoming increasingly skilled in tricking even knowledgeable people to take actions they otherwise wouldn't.  
 
But regarding browsers, which is the main thing being objected to in the discussion, the issue is that even reputable sites can't check effectively for hacked adds.  See this article.  
 
As with the Internet in general and now with the Internet of Things, we are building and have built systems that are completely inadequate from a security standpoint and post a clear and present danger.  This is just one example.
 
Gene
----- Original Message -----
Sent: Wednesday, January 24, 2018 1:50 PM
Subject: Re: [nvda] Blog post on Firefox 58.

The issue jean is not malware, or privacy, or piracy, or anything.

The issue is people and business.

A lot of the offline worlds laws and rules are uploaded to the internet, 
and just like a device with an incompatible driver they don't work or 
work at degraded performance.

Copywrite is one of those, its a lot better than it was but still has a 
while to go.

2.  junk mail, some of it could be but couldn't be at the same time its 
hard to know.

Then there is the big thing.

Adds, to make cash, while we have free and opensource about, people will 
make adds.

Thats where the issue is.

In the real worlds there are laws to what one can post, authorities to 
make sure companies sell things which are reasonable.

For example its simply a no go to get free penis enlargement in your 
mailbox.

The issue with the net is that adds, junkmail and the rest can come from 
anywhere they want.

They don't even have to fit the country you are in.

Digital content means you don't even have to know where it comes from if 
you don't want to and here in is the issue.

I am not a law expert but I'd imagine judging by what adds and junk 
snail mail I get here and when I am in other places tv and radio adds 
are different even shops in different parts of my country new zealand 
that a lot of the laws around adds are location based to some degree, 
take the location away and you have an issue.

Even if you slap them in there, to inforce things well.

And there is another issue.

You can't enforce law on the net or at least that easily because like 
the old vhs, you need a converter to convert analog to digital, now, 
thats fine, however what about if you need to convert digital to analog.

In this case, someone unknown commits a crime.

You can't just grab them because they may be outside your location.

Now the only way to get to that is the standard way which may take a while.

It doesn't matter if its done online the standard way follows.

So there is the issue.

Because of this there is a vacuum, sometimes we get lucky and someone is 
carted off to the slammer but its by no means easy.

And if that wasn't enough digital is faster than our analog systems and 
you could have thousands of things at one time.

Advertising in the real world can be quite cutthroat, now the net is worse.

And this is the standard net.

There is the dark net, a hidden network just like our real world black 
market which could be just as bad as that.

Mirroring the real world has its advantages but because we sleep and it 
doesn't thats the technical bit anyway.

Anyway if we got rid of adds, bundled software, and all that junk, not 
only would we not need as much security, we wouldn't have to update that 
often, etc, etc, etc.

Sadly, a lot of sites connect to add servers, sometimes the add server 
can get hacked or things can be sent to the owner that may or may be 
hacked without infecting either side at all they are just sent.

Everyone gets smarter online.

Everyone wants to make cash, the security software companies are just as 
bad.

And if users are gullible enough to be hit with a good scam attack, you 
can be sure they don't expect their trusted security previder to pull a 
fast one on them.

I have noticed even the big companies making bold moves because they 
think they are immune and to some extent they are, there is no way we 
can get them all and they know this.

I once had a friend who said she got a virus and after her software 
recomended a lot of things to do she did these things.

The system stopped working.

Well, I had to remove all the security software and clear the junk I 
almost reformatted and then put things back.

I had the same issue myself, a new magazine had a security software 
which was supposed to secure the network and make it run nicely.

I installed and it thought that most of windows was a virus it also 
wasn't accessible.

I ended up reformatting 3 machines to get rid of it because windows was 
dammaged even though I removed the software.

When I went online to post my complaint, the site for that software no 
longer existed, and the magazine shop I got it from had suddenly closed.

I never found what happened but for all of it to suddenly drop, that 
unsetteled me.




On 25/01/2018 6:58 a.m., Gene wrote:
> People are an important part of the problem.  But the security environment is less in the control of people than it used to be.  Just yesterday, I saw an article discussing how much more common it is for reputable web sites to have hacked advertising on them and how difficult it is to detect hacked advertising for the users and the advertising companies that provide adds.  Saying the user is the problem for security is not accurate.  If people were the problem, then if someone really knew what they were doing, they could avoid all infections without using any antimalware programs.  That isn't true.  Maybe this so-called paranoia you object to so strenuously is in recognition of the possibility that malware will become increasingly sophisticated over time.  I don't know that but I wouldn't be at all surprised.  With so much money to be made, why shouldn't it?
>
> Maybe what you are objecting to is actually a reason to use Firefox.
> Gene
> ----- Original Message -----
>
> From: Brian's Mail list account via Groups.Io
> Sent: Wednesday, January 24, 2018 10:00 AM
> To: nvda@nvda.groups.io
> Subject: Re: [nvda] Blog post on Firefox 58.
>
>
> They are being over paranoid. and why should it not have its own sounds,
> cannot be that hard to achieve and you could turn them on and off. I can see
> I'll be looking for a better browser if they continue down this over the top
> security path. people are the problem for security, and unless Mozilla are
> intending to replace people as well they are on a fools errand!
>   Brian
>
> bglists@...
> Sent via blueyonder.
> Please address personal email to:-
> briang1@..., putting 'Brian Gaff'
> in the display name field.
> ----- Original Message -----
> From: "Shaun Everiss" <sm.everiss@...>
> To: <nvda@nvda.groups.io>
> Sent: Tuesday, January 23, 2018 9:37 PM
> Subject: Re: [nvda] Blog post on Firefox 58.
>
>
>> Well navigational sounds will never become part of firefox, I asked the
>> short answer is that due to the new web extentions framework, while a lot
>> of improvements are made, there are a lot of things that have been killed
>> for security reasons.
>>
>> One of these is registry access which the addon uses.
>>
>> It uses windows sounds.
>>
>> So for that to even work it would have to have its own sounds and have
>> those as part of the addon and each event would need adding manually.
>>
>> It would be good if firefox had things like a download completed sound, or
>> other sounds or simply had a way to access windows sound registry info or
>> things, ofcause there is security issues accessing registry info I guess
>> but if that was part of the permitions I don't see a problem.
>>
>> One thing I was and am still sore about is the fact the new addons ie
>> noscript due to what firefox did can not have the menu bar they had and
>> options all of them are buttons which seem to be out of my reach.
>>
>>
>>
>>
>> On 24/01/2018 6:43 a.m., J.G wrote:
>>> Hello,
>>>
>>> I posted a comment on this blog about sounds in future Firefox (see it)
>>> and MR Zehe replied me, that he has not known Navigational sounds addon
>>> until now and there is currently no plan to embed sounds into Firefox. So
>>> if we want this feature, we must contact developers and politely request
>>> this feature.
>>>
>>> regards, Jožef
>>>
>>
>>
>>
>
>
>




Join nvda@nvda.groups.io to automatically receive all group messages.