Yourbrowsermatters.org



  • Big joke inflirated on haples ppl by big company like microsoft.



  • ?

    It's just an IE9 marketing site? Am I not in on the joke? Am I a victim? OMG! *jumps out window*



  •  FUD aside, this made me laugh:

    Blah blah blah do things to make your browser teh mostest secure evar...

    [b]THIS SITE REQUIRES YOU TO HAVE FLASH INSTALLED AND JAVASCRIPT ENABLED[/b]




    • Does the browser benefit from Windows Operating System features that protect against arbitrary data execution?   [YES]
    • Does the browser benefit from Windows
      Operating System features that randomize the memory layout to make it
      harder for attackers to find their target?  [YES]

    Wow, and I'm on Linux too!


  • Discourse touched me in a no-no place

    Bit of a crappy site if it can't handle some browsers to even give it a score:




  • I like the "tab" labeled "malware." Like, go there to get some?



  • @PJH said:

    Bit of a crappy site if it can't handle some browsers to even give it a score:

    I can understand Links/Lynx not getting a score, but Chrome? Now that's just lazy.



  • @boomzilla said:

    I like the "tab" labeled "malware." Like, go there to get some?

    image of globe pops up "This is the internet."

    And I always thought it was a series of tubes.



  • @derula said:

    @boomzilla said:
    I like the "tab" labeled "malware." Like, go there to get some?
    image of globe pops up "This is the internet."

    And I always thought it was a series of tubes.
    What do you think those evil red cockroaches are walking on to get to your computer? 

    Also, I always thought viruses and malware were things like executables or scripts, not real bugs!1!!@!  I learned something new today,..



  • @C-Octothorpe said:

    @derula said:

    @boomzilla said:
    I like the "tab" labeled "malware." Like, go there to get some?
    image of globe pops up "This is the internet."

    And I always thought it was a series of tubes.
    What do you think those evil red cockroaches are walking on to get to your computer? 

    Also, I always thought viruses and malware were things like executables or scripts, not real bugs!1!!@!  I learned something new today,..

    Yep, real bugs. They're headed straight for the vacuum tubes at the heart of your computer! You need to install a firewall so that they burn up before they get there (and for awesome lighting inside your box)



  • @UrzaMTG said:

    @C-Octothorpe said:

    @derula said:

    @boomzilla said:
    I like the "tab" labeled "malware." Like, go there to get some?
    image of globe pops up "This is the internet."

    And I always thought it was a series of tubes.
    What do you think those evil red cockroaches are walking on to get to your computer? 

    Also, I always thought viruses and malware were things like executables or scripts, not real bugs!1!!@!  I learned something new today,..

    Yep, real bugs. They're headed straight for the vacuum tubes at the heart of your computer! You need to install a firewall so that they burn up before they get there (and for awesome lighting inside your box)

    So you're telling me the flickering lights I thought were LEDs on my router are actually REAL BUGS being fried?!?!



  • @dohpaz42 said:

    @PJH said:
    Bit of a crappy site if it can't handle some browsers to even give it a score:

    I can understand Links/Lynx not getting a score, but Chrome? Now that's just lazy.

    Haha! It's so easy to make fun of Microsoft... when you're a lying liar whose pants are constantly on fire:



  • @blakeyrat said:

    @dohpaz42 said:
    @PJH said:
    Bit of a crappy site if it can't handle some browsers to even give it a score:

    I can understand Links/Lynx not getting a score, but Chrome? Now that's just lazy.

    Haha! It's so easy to make fun of Microsoft... when you're a lying liar whose pants are constantly on fire:

    Takes one to know one! It tells me that it can't give me a score with chrome or opera. It gives me a 2 with FF7. So, just WTF browser identification? Or maybe it just doesn't know about chrome version 15.0.874.92 beta or Opera 11.51?



  • @boomzilla said:

    Takes one to know one! It tells me that it can't give me a score with chrome or opera. It gives me a 2 with FF7. So, just WTF browser identification? Or maybe it just doesn't know about chrome version 15.0.874.92 beta or Opera 11.51?

    Oh. Well, it would be unethical to score a pre-release browser. But still saying "it doesn't score Chrome" is still a lie, because it does-- just not beta versions of Chrome. It's just a slightly different classification of lie!

    And nobody gives a fuck about Opera.



  • Funny message you receive when you click on the "Update to a ... Windows" or something:

    "To use this site, you must be running Microsoft Internet Explorer 5 or later. "

    MSIE5? Really?



  • @blakeyrat said:

    @boomzilla said:
    Takes one to know one! It tells me that it can't give me a score with chrome or opera. It gives me a 2 with FF7. So, just WTF browser identification? Or maybe it just doesn't know about chrome version 15.0.874.92 beta or Opera 11.51?

    Oh. Well, it would be unethical to score a pre-release browser. But still saying "it doesn't score Chrome" is still a lie, because it does-- just not beta versions of Chrome. It's just a slightly different classification of lie!

    Yeah, I agree that it doesn't make sense, but it would be nice as to some indication of why not. Assuming that's what it is. Even so, they ought to be able to see that it's chrome, and then say something like, "You're not using the latest release, but here's the score for that version."

    Verdict: User unfriendly site with low usability.



  • @blakeyrat said:

    @boomzilla said:
    Takes one to know one! It tells me that it can't give me a score with chrome or opera. It gives me a 2 with FF7. So, just WTF browser identification? Or maybe it just doesn't know about chrome version 15.0.874.92 beta or Opera 11.51?

    Oh. Well, it would be unethical to score a pre-release browser. But still saying "it doesn't score Chrome" is still a lie, because it does-- just not beta versions of Chrome. It's just a slightly different classification of lie!

    And nobody gives a fuck about Opera.

    I'm not using a beta version of Chrome. Hell, apparently I'm using a very old version of Chrome, according to their Blogspot. And amazingly enough, I'm not lying either. Go figure.

    But then again, you're all about the Microsoft, and like Microsoft, Linux never counts. </flamebait>



  • @boomzilla said:


    Yeah, I agree that it doesn't make sense, but it would be nice as to some indication of why not. Assuming that's what it is. Even so, they ought to be able to see that it's chrome, and then say something like, "You're not using the latest release, but here's the score for that version."

    Verdict: User unfriendly site with low usability.

    Agreed. If anything, I would think that Microsoft would take "unsupported browsers" (either betas or browsers on non-Windows systems) as the perfect opportunity to give people reasons to switch to their browser (operating system). Instead, they just give them the big "eff you" and ignore a potential revenue stream. WTF?



  • If you still use IE6, they have nothing to say to you anymore.



  • @dtfinch said:

    If you still use IE6, they have nothing to say to you anymore.

    That's not a WTF, that's how it should be...



  • @dohpaz42 said:

    @dtfinch said:
    If you still use IE6, they have nothing to say to you anymore.
    That's not a WTF, that's how it should be...
    Here here!



  • @dtfinch said:

    If you still use IE6, they have nothing to say to you anymore.

     


     



  • @C-Octothorpe said:

    Here here!

    I thought it was supposed to be: Hear hear!



  • @blakeyrat said:

    ?

    It's just an IE9 marketing site? Am I not in on the joke? Am I a victim? OMG! *jumps out window*

     

    You responded to a Trolly McTrollington thread, so you ARE the joke.

     



  • Wow, and I'm on Linux too!

    Me too. I clicked through to the "download IE 9" page. At the bottom, it asks if the page was helpful. I clicked no, and filled in this explanation:

    Why did the MS site http://yourbrowsermatters.org/ send me to this page if MSIE9 is not compatible with my operating system? Is IE not POSIX compliant?


  • @r250r said:

    Is IE not POSIX compliant?

    Seriously?



  • Hey, if MS wants to use inaccurate info to scare people into downloading their browser, why can't I waste their time with silly questions?



  • @blakeyrat said:

    And nobody gives a fuck about Opera.
    Actually, I think there are a couple from some of the italian composers that are quite nice.



  • @Zecc said:

    • Does the browser benefit from Windows Operating System features that protect against arbitrary data execution?   [YES]
    • Does the browser benefit from Windows
      Operating System features that randomize the memory layout to make it
      harder for attackers to find their target?  [YES]

    Wow, and I'm on Linux too!

    That's because Linux had those Windows Operating System features before Windows Operating System did.



  •  i am waiting for the microsoft website: Yourtrowsermatters.org



  • @MiffTheFox said:

    Wow, and I'm on Linux too!

    Your browser benefits from those Windows features, were it run in Windows. There's nothing wrong with that copy.

    @MiffTheFox said:

    That's because Linux had those Windows Operating System features before Windows Operating System did.

    Microsoft shipped it first, that's all that matters. Linux has so many gadzillion "experimental" projects that it "has" virtually every feature before other OSes do-- but that doesn't mean shit if they're never shipped, as they usually aren't. Until Microsoft announces they're adding the feature, then there's a huge crash-course to get the experimental feature ship-worthy before MS releases their equivalent. (See: Compiz.)



  • @Zecc said:

    Does the browser benefit from Windows
    Operating System features that randomize the memory layout to make it
    harder for attackers to find their target?  [YES]

    I've never seen the point of ASLR, to be honest.

    Here's the basic idea, as I understand it.  Without ASLR:

    • Attacker finds a way to overwrite data on your program, which allows him to jump to an arbitrary location.
    • Attacker has researched the memory layout of your program, and knows exactly what offset to jump to in order to perform $malicious_act.
    • The system is compromised.
    With ASLR:
    • Attacker finds a way to overwrite data on your program, which allows him to jump to an arbitrary location.
    • ASLR changes around the locations of the jump points, so the attacker doesn't know where to jump to.
    • Everyone's safe! Hooray!

    But there's a serious problem with that line of reasoning.  If the function entry points are no longer at fixed offsets, then not only does the attacker not know where to look, but neither does your program!  So it needs a lookup table somewhere, and that lookup table has to be at a known location in memory.

    See where I'm going here?  If the hacker can do enough research to find the offset of a routine to jump to, he can just as easily find the offset of the table and have his code jump to the location found in the appropriate slot on the table.  I don't see how it's technically possible for ASLR to prevent any attacks; it doesn't stop the hack, it just moves the target.  It feels more like "security theatre" than actual security IMO.

    Anyone know more about the way it works, who could fill in some blanks and explain what I'm missing, if anything?

     



  • @C-Octothorpe said:

    Here here!

    Where where?

     



  • @Mason Wheeler said:

    Anyone know more about the way it works, who could fill in some blanks and explain what I'm missing, if anything?

     

    At the most basic level, ASLR ensures that critical system programs don't load into the same spot all the time, before ASLR the order modules are loaded are pretty much they way they are orgranized in memory. Further, thru the magic of virtual memory, you can randomize the location of segments(stack,heap, library entry points) of a given program and it'll be transparent to the program - but only for programs that have that flag enabled.

    OpenBSD had this first anyways.

     



  • @boomzilla said:

    @blakeyrat said:
    @dohpaz42 said:
    @PJH said:
    Bit of a crappy site if it can't handle some browsers to even give it a score:

    I can understand Links/Lynx not getting a score, but Chrome? Now that's just lazy.

    Haha! It's so easy to make fun of Microsoft... when you're a lying liar whose pants are constantly on fire:

    Takes one to know one! It tells me that it can't give me a score with chrome or opera. It gives me a 2 with FF7. So, just WTF browser identification? Or maybe it just doesn't know about chrome version 15.0.874.92 beta or Opera 11.51?

     

     

    If you spof your browser, it give full 4/4. Spof FF useragent string to resembel iE9 and watch fun.



  •  are you serius, using lynx to browse? how is your acess to other websites? on brite side, you can't get any malaware.

    @PJH said:

    Bit of a crappy site if it can't handle some browsers to even give it a score:
    <font color="silver">
    <crapy lynx photo></font>



  • @Nagesh said:

    on bride side, you can't get any malaware.

    FTFY.


  • Discourse touched me in a no-no place

    @Nagesh said:

     are you serius, using lynx to browse?

    No, I'm Regulus when using Links.

    @PJH said:
    <font color="silver"><crapy lynx photo></font>
    1) it's not a photo, it's a screenshot
    2) it's resized - clicking on it will give you a full size version.


  • @blakeyrat said:

    [quote user="MiffTheFox"]That's because Linux had those Windows Operating System features before Windows Operating System did.

    Microsoft shipped it first, that's all that matters. Linux has so many gadzillion "experimental" projects that it "has" virtually every feature before other OSes do-- but that doesn't mean shit if they're never shipped, as they usually aren't. Until Microsoft announces they're adding the feature, then there's a huge crash-course to get the experimental feature ship-worthy before MS releases their equivalent. (See: Compiz.)[/quote]

    I was going to do some research but I ran into the "nobody gives a fuck about old versions of free software since you can just upgrade for free" problem and couldn't find any documentation linking kernel versions to "shipping" dates, sorry. :(



  • @Mason Wheeler said:

    But there's a serious problem with that line of reasoning.  If the function entry points are no longer at fixed offsets, then not only does the attacker not know where to look, but neither does your program!  So it needs a lookup table somewhere, and that lookup table has to be at a known location in memory
    The modules (DLLs, EXEs) have relocation and import table. They always had. It didn't matter where they were loaded. Nothing changed in this regard.



  • @Mason Wheeler said:

    But there's a serious problem with that line of reasoning.  If the function entry points are no longer at fixed offsets, then not only does the attacker not know where to look, but neither does your program!  So it needs a lookup table somewhere, and that lookup table has to be at a known location in memory.

    See where I'm going here?  If the hacker can do enough research to find the offset of a routine to jump to, he can just as easily find the offset of the table and have his code jump to the location found in the appropriate slot on the table.  I don't see how it's technically possible for ASLR to prevent any attacks; it doesn't stop the hack, it just moves the target.  It feels more like "security theatre" than actual security IMO.

    Anyone know more about the way it works, who could fill in some blanks and explain what I'm missing, if anything?

    Your mistake is in your first premise:

    @Mason Wheeler said:

    If the function entry points are no
    longer at fixed offsets, then not only does the attacker not know where
    to look, but neither does your program!  So it needs a lookup table
    somewhere, and that lookup table has to be at a known location in
    memory.

    There doesn't need to be a lookup table because your program doesn't need to know where the function entry points are.  The OS loader directly fixes up all the import references in your program at the time it loads your program and supporting DLLs.  (Once a windows EXE is up and running, you can safely erase all the in-memory import and export tables, they are no longer needed.)  Only the OS loader ever needs to know what is put where, and only before the program starts executing.




  • What the hell is socially engineered malware?



  • @arh said:

    What the hell is socially engineered malware?

    Also known as "Trojan horses", or short (and inaccurately), "Trojans".



  • @DaveK said:

    There doesn't need to be a lookup table because your program doesn't need to know where the function entry points are.  The OS loader directly fixes up all the import references in your program at the time it loads your program and supporting DLLs.  (Once a windows EXE is up and running, you can safely erase all the in-memory import and export tables, they are no longer needed.)  Only the OS loader ever needs to know what is put where, and only before the program starts executing.

    I'm still not clear on this. What I see my VC doing is this: Function calls to external references are actually CALL instructions to a jump table, so the loader has to only fix one JMP instruction for each referenced function and not each call of that function.

    What does ASLR buy you here? The malware author may not know where the imports will end up, but he does know where the jump table is.

     



  • @derula said:

    @arh said:
    What the hell is socially engineered malware?

    Also known as "Trojan horses", or short (and inaccurately), "Trojans".

    Sounds more like a case where the Trojan was sabotaged.



  • @topspin said:

    @DaveK said:

    There doesn't need to be a lookup table because your program doesn't need to know where the function entry points are.  The OS loader directly fixes up all the import references in your program at the time it loads your program and supporting DLLs.  (Once a windows EXE is up and running, you can safely erase all the in-memory import and export tables, they are no longer needed.)  Only the OS loader ever needs to know what is put where, and only before the program starts executing.

    I'm still not clear on this. What I see my VC doing is this: Function calls to external references are actually CALL instructions to a jump table, so the loader has to only fix one JMP instruction for each referenced function and not each call of that function.

    What does ASLR buy you here? The malware author may not know where the imports will end up, but he does know where the jump table is.

    Yeah, exactly.  Delphi does it the same way.



  • @topspin said:

    @DaveK said:

    There doesn't need to be a lookup table because your program doesn't need to know where the function entry points are.  The OS loader directly fixes up all the import references in your program at the time it loads your program and supporting DLLs.  (Once a windows EXE is up and running, you can safely erase all the in-memory import and export tables, they are no longer needed.)  Only the OS loader ever needs to know what is put where, and only before the program starts executing.

    I'm still not clear on this. What I see my VC doing is this: Function calls to external references are actually CALL instructions to a jump table, so the loader has to only fix one JMP instruction for each referenced function and not each call of that function.

    What does ASLR buy you here? The malware author may not know where the imports will end up, but he does know where the jump table is.

    No, the malware author does not know where the jump table is, because it is part of the executable (contained within the .idata section) and hence loaded by ASLR at an unpredictable address.



  • Winner of the 2016 Presidential Election

    If I recall correctly (and I might not), ASLR randomizes to 1 of 256 possible orders. Couldn't they enumerate all 256 possible address layouts and maybe test to see what is where?



  • @arh said:

    What the hell is socially engineered malware?

    The Taliban virus.



  • @joe.edwards said:

    If I recall correctly (and I might not), ASLR randomizes to 1 of 256 possible orders. Couldn't they enumerate all 256 possible address layouts and maybe test to see what is where?

    If they can persuade the same user to restart their crashed browser and go back to the same malware-delivery website 255 times in a row, well perhaps.....

    Generally however you're only going to get one chance at it. 

    Also, I think the weakness you're describing only applies to 32-bit Vista; ASLR is meant to be much improved in Win7, and on 64-bit systems you have a far huger address space to randomise things within.



Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.