Oracle Knew About Currently Exploited Java Vulnerabilities for Months, Researcher Says

Oracle knew since April about the existence of the two unpatched Java 7 vulnerabilities that are currently being exploited in malware attacks, according to Adam Gowdiak, the founder and CEO of Polish security firm Security Explorations. Read More Click here

 Oracle’s emergency Java patch opens the door to more vulnerabilities After an exploit in the latest Java 7 framework was discovered, Oracle (ORCL) responded with an emergency patch to fix the problem. Read More Click here

 Internet Explorer Zero-Day Flaw Exploited by Same Java Gang Attackers are exploiting a new security vulnerability in Internet Explorer and security experts are recommending users stop using IE until the flaw is patched. Read More Click here

CRIME update, massive JAVA exploit, Samsung's remote wipe issue, Your questions, and more.

Microsoft quashed & diluted IE8's privacy features to appease advertisers inside and outside the company

The online habits of most people who use the world's dominant Web browser are an open book to advertisers. That wasn't the plan at first.

In early 2008, Microsoft Corp.'s product planners for the Internet Explorer 8.0 browser intended to give users a simple, effective way to avoid being tracked online (InPrivate Filtering). They wanted to design the software to automatically thwart common tracking tools, unless a user deliberately switched to settings affording less privacy.

That triggered heated debate inside Microsoft. As the leading maker of Web browsers, the gateway software to the Internet, Microsoft must balance conflicting interests: helping people surf the Web with its browser to keep their mouse clicks private, and helping advertisers who want to see those clicks.

In the end, the product planners lost a key part of the debate. The winners: executives who argued that giving automatic privacy to consumers would make it tougher for Microsoft to profit from selling online ads. Microsoft built its browser so that users must deliberately turn on privacy settings every time they start up the software.

Read the full story at the Wall Street Journal by NICK WINGFIELD

Apple Announces Safari 4 - The World's Fastest Browser

CUPERTINO, Calif., Feb. 24 /PRNewswire-FirstCall/ -- Apple® today announced the public beta of Safari® 4, the world's fastest and most innovative web browser for Mac® and Windows PCs. The Nitro engine in Safari 4 runs JavaScript 4.2 times faster than Safari 3.* Innovative new features that make browsing more intuitive and enjoyable include Top Sites, for a stunning visual preview of frequently visited pages; Full History Search, to search through titles, web addresses and the complete text of recently viewed pages; Cover Flow®, to easily flip through web history or bookmarks; and Tabs on Top, to make tabbed browsing easier and more intuitive.

"Apple created Safari to bring innovation, speed and open standards back into web browsers, and today it takes another big step forward," said Philip Schiller, Apple's senior vice president of Worldwide Product Marketing. "Safari 4 is the fastest and most efficient browser for Mac and Windows, with great integration of HTML 5 and CSS 3 web standards that enables the next generation of interactive web applications."

Safari 4 is built on the world's most advanced browser technologies including the new Nitro JavaScript engine that executes JavaScript up to 30 times faster than IE 7 and more than three times faster than Firefox 3. Safari quickly loads HTML web pages three times faster than IE 7 and almost three times faster than Firefox 3.*

Safari 4 is a public beta for both Mac OS® X and Windows and is available immediately as a free download.

read more | digg story

IE slips further as Firefox, Safari, Chrome gain

Internet Explorer now has 67.55 percent of global browser market share, a drop of over seven percentage points in a year, according to figures from Web metrics company Net Applications, released Monday. Mozilla's Firefox browser, meanwhile, has gained market share in the same time frame, climbing over three percentage points to 21.53 percent.

Microsoft's browser has steadily lost ground to its competitors in the past year. Its share dropped sharply in both October and November 2008, when it lost over one percentage point in each month.

Apple's Safari browser now stands at 8.29 percent, up from 7.13 percent in November, when IE dipped. Safari has gained share more quickly than Firefox in that period: Mozilla's browser accounted for 20.78 percent of browser use three months ago, and now has 21.53 percent.

read more | digg story

Convenience is number one factor in keeping browsers updated

A crawl through Google's search logs reveals that end users are generally oblivious to security alerts, and largely update to secure browser versions based on the convenience of doing so.
By John Timmer

The security community has long had a tendency to focus on the identification and repair of vulnerabilities. There have been significant public debates about the ethics of publicly discussing unpatched vulnerabilities, and coders will happily brag about their ability to have a fix ready immediately after a vulnerability is disclosed. A new study by a pair of Swiss academics and a Googler, however, suggests that much of this focus has been misdirected. They argue that the ergonomics of the end-users' update process has a far more significant effect on the adoption of secure web browsers than any discussion of the severity of a vulnerability.

The authors reached their conclusions thanks to the presence of the Google employee on their team. That got them access to the anonymized search logs for use as their base data set. Since many of these requests come from shared IP addresses and proxies, the authors combined them with a unique ID in Google's PREF setting to distinguish individual end users. Although this ignores users of other search services, three of the four browsers sampled default to using Google. The authors also realize that this probably eliminates the most security conscious of web browsers--those searching anonymously and with cookies disabled--and those with User Agent strings that identify their browsers as something other than what they are. They suspect that this is a small minority.

Read On

Why You Should Download Firefox 3 Right Now

"Firefox 3 — the culmination of a two-year quest to build the best browser ever. And while it’s not perfect, it comes pretty close. It’s faster than Microsoft Internet Explorer, but it’s not the fastest browser in the world — depending on who you ask, either Safari on the Mac or Opera 9.5 claims that crown. Firefox 3 is also incomplete by design — users can customize the browser, adding additional bells and whistles through downloadable extensions (see our list of recommended extensions for some ideas). "

read more | digg story

Chris | Live Tech Support | Video Help | Add to iTunes

IE8 development: Microsoft should learn from Apple, Mozilla

"IE8 should make things a lot better. To really tackle this problem, Microsoft will need to be a lot more open about its plans for the browser and offer updates far more frequently. Both WebKit (the rendering engine of Safari) and Firefox offer nightly builds, and even the commercial Opera browser has weekly builds available. These regular releases make it much quicker for bug fixes to get into developers' hands, making it easier for them to update their sites now rather than having to wait months between betas. Internet Explorer is hemorrhaging market share, thanks to its virtual abandonment between about 2001 and 2006 and the rapid progress by competing browsers. To stop losing ground to Firefox and Safari, Internet Explorer needs to stand head and shoulders above both of them. But with Microsoft's lack of clear objectives, infrequent releases, and poor communication, IE8 will be struggling to even achieve parity with its competitors."

read more | digg story

Hackers Now Target Firefox and Safari

Many people are switching from Internet Explorer to alternative browsers such as Firefox and Safari. Though that might make them feel more secure, the shift has also opened new doors for bad guys. In a somewhat dubious recognition of Firefox's growing popularity, hackers have focused their attention on it, leading to a rash of newly discovered holes. The folks at Mozilla recently released two Firefox updates in less than six weeks, fixing a total of five critical security vulnerabilities. All five can be exploited by planting a poisoned JavaScript file in a Web site and waiting for you to stumble across it.

read more | digg story