NotHereToPlayGames Posted February 24, 2023 Author Share Posted February 24, 2023 31 minutes ago, Jody Thornton said: I didn't know if I was missing out with Build 2022 You shouldn't be missing out on anything. "Upstream" version history notes are literally "foreign". You would basically need to stumble upon one web site out of a few hundred thousand web sites to ever accidentally discover a difference. And most of the later versions only "improved" their telemetry-taking and we axe the telemetry anyway. 1 Link to comment Share on other sites More sharing options...
Cocodile Posted February 24, 2023 Share Posted February 24, 2023 On 2/19/2023 at 1:36 PM, Jody Thornton said: My bigger concern is the security holes in the Chromium code that are reported by the week. That is a legitimate concern. Right. Security holes in Chromium 86, which this browser's based on, are there by definition. 1 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 24, 2023 Author Share Posted February 24, 2023 (edited) Why do people keep beating that dead horse? Pot-stirring? We that use Browsers working on Older NT-Family OSes are already aware that our systems, be it at the OS level or at the browser level, has "security holes". We run our Older NT-Family OSes with that KNOWN "risk". Edited February 24, 2023 by NotHereToPlayGames Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 24, 2023 Author Share Posted February 24, 2023 (edited) Here's something I would be interested in, if anyone has any factual data on the matter. I prescribe to the paradigm that OLDER operating systems are more "secure" DESPITE their security holes. I prescribe to the paradigm that "malware authors" don't waste their time targeting 1% of the population but rather instead spend their time targeting 99% of the population (ie, Win10 and Win11). So here's my interest - does malware hit Vista, 7, or XP most frequently? My theory is that XP is hit the least. I'm talking specific malware distributed by simply visiting a web site (ie, you caught it via your WEB BROWSER being "old" vs "new"), not those installed when a user installs a program they downloaded from an untrustworthy source. Edited February 24, 2023 by NotHereToPlayGames 2 Link to comment Share on other sites More sharing options...
Jody Thornton Posted February 24, 2023 Share Posted February 24, 2023 12 minutes ago, NotHereToPlayGames said: Why do people keep beating that dead horse? Pot-stirring? We that use Browsers working on Older NT-Family OSes are already aware that our systems, be it at the OS level or at the browser level, has "security holes". We run our Older NT-Family OSes with that KNOWN "risk". That doesn't mean that I don't want my browser to be as secure as possible. Ideally, I'd like to bank on my notebook. That's not a stretch. If you look at ghacks, or anywhere Chrome releases are profiled, and you look at the number of security exploits and zero-day patches that are issued with each release, it's worse than Windows by a GREAT DEAL. That's not beating a dead horse at all. That's precisely why I was interested in that new v110 backport. However, I'll have to wait. 1 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 24, 2023 Author Share Posted February 24, 2023 I bank on an 18yr old XP machine with 360Chrome v13.5 build 1030. I don't have to stretch to do it. Security holes aren't really holes for the most part, just a bunch of hype and propaganda. Being "net savvy" and knowing what you are doing is the key to being "secure", not relying on your browser to "safeguard" you from clicking bad links. Thinking 360Chrome isn't safe enough to do banking on is like thinking XP isn't safe enough to run without anti-virus slowing your system to a crawl. We will always have "two camps". One camp will run anti-virus and feel secure. The other camp will be "net savvy" and feel secure. And BOTH, when done properly, will NEVER GET HIT WITH MALWARE. Here at MSFN, we have members running Win98 and using "vulnerable" web browsers on that Win98 - but they never get hit with malware. We have people on XP, on ME, on 2000, on 7, on Vista, on 8, on 8.1, on 10, on 11, on Ubuntu, on Fedora, on Peppermint, on ReactOS - they're all doing fine without running Chrome 112 or Firefox 110 or Edge 110 or whatever the "cutting edge" is at the moment. This is something we each have to decide for ourselves. What works for me may not work for you. What works for you definitely will not work for me. 2 Link to comment Share on other sites More sharing options...
Jody Thornton Posted February 24, 2023 Share Posted February 24, 2023 7 hours ago, NotHereToPlayGames said: I bank on an 18yr old XP machine with 360Chrome v13.5 build 1030. I don't have to stretch to do it. Security holes aren't really holes for the most part, just a bunch of hype and propaganda. Here at MSFN, we have members running Win98 and using "vulnerable" web browsers on that Win98 - but they never get hit with malware. We have people on XP, on ME, on 2000, on 7, on Vista, on 8, on 8.1, on 10, on 11, on Ubuntu, on Fedora, on Peppermint, on ReactOS - they're all doing fine without running Chrome 112 or Firefox 110 or Edge 110 or whatever the "cutting edge" is at the moment. This is something we each have to decide for ourselves. What works for me may not work for you. What works for you definitely will not work for me. Well, when it comes to security, you aren't accountable to me or anyone. I'm glad that you made your software available, and that's all I can ask However, I don't 100% agree with the security by obscurity stance that most MSFN board members side with here. Nor do I believe that AV or third party BS will save you either. But some of the holes that have been discovered on Chromium code has actually been exploited on users already. That's how they were discovered. That's also why up until recently I stuck more with Gecko based projects. Nonetheless, just because you think it's all BS, and you've never never been attacked on an old OS and browser, doesn't mean it's not a real thing. Anyway, 360Chrome is very promising. I'll keep using it conservatively on my Vista notebook (which is kept at my girlfriend's so it isn't a daily driver or anything like that), and I'll keep looking for newer backports and projects. Maybe it will be one of yours. 1 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 24, 2023 Author Share Posted February 24, 2023 But what you also have to remember (at least to the best of my knowledge but I also don't have an interest to hunt it down) is that browsers such as NM27, NM28, St52, St55, et cetera, are never checked for security vulnerabilities and reported to the public like Chrome/Chromium/Edge/Firefox vulnerabilities are. 1 Link to comment Share on other sites More sharing options...
Milkinis Posted February 24, 2023 Share Posted February 24, 2023 12 hours ago, NotHereToPlayGames said: I'm talking specific malware distributed by simply visiting a web site (ie, you caught it via your WEB BROWSER being "old" vs "new"), not those installed when a user installs a program they downloaded from an untrustworthy source. I personally don't use any real time AV. every time I got infected was because I downloaded and installed software that I didn't check carefully (some times Virus Total reports trojans on software utilities from legit sources) my question is, how can one infect XP by visiting a website ? when I check out my email spam folder I'm able to distinguish fishing type links from safe links. Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 24, 2023 Author Share Posted February 24, 2023 1 hour ago, Milkinis said: my question is, how can one infect XP by visiting a website ? I'm not sure if it is possible nowadays. "Theoretically" I suppose anything is possible. It used to be possible back in the IE8 days. But IE8 was "part of" XP. So I would think that ChromiumOS users are the one's that have to be wary, not XP users. But not my area of expertise, so "who knows". Link to comment Share on other sites More sharing options...
D.Draker Posted February 24, 2023 Share Posted February 24, 2023 3 hours ago, NotHereToPlayGames said: I'm not sure if it is possible nowadays. "Theoretically" I suppose anything is possible. It used to be possible back in the IE8 days. But IE8 was "part of" XP. So I would think that ChromiumOS users are the one's that have to be wary, not XP users. But not my area of expertise, so "who knows". Well, I'm sure and I'll answer instead of you, there's lots of things that could be done using ones browser, one example would be malicious java scripts. Another one, cross cookie stealing. When one cookie from a malicious website steals your bank cookie and then makes a login into your account. 1 Link to comment Share on other sites More sharing options...
Milkinis Posted February 25, 2023 Share Posted February 25, 2023 36 minutes ago, D.Draker said: there's lots of things that could be done using ones browser, one example would be malicious java scripts. how can you infect your computer files without downloading and executing java scripts ? in fact web browsing protective shield is an optional requirement for any AV Link to comment Share on other sites More sharing options...
D.Draker Posted February 25, 2023 Share Posted February 25, 2023 3 hours ago, Milkinis said: how can you infect your computer files without downloading and executing java scripts ? in fact web browsing protective shield is an optional requirement for any AV Well read again what I wrote, one doesn't need to "infect" it per se. Stealing a cookie would be already enough to bring you troubles. Or just execute a script to steal your identity . Read about "file system feature" in Chrome, for example. It has access to your files ! Or scroll back to see how this browser spins up/scans even sleeping HDDs ! 1 Link to comment Share on other sites More sharing options...
Milkinis Posted February 25, 2023 Share Posted February 25, 2023 50 minutes ago, D.Draker said: When one cookie from a malicious website steals your bank cookie and then makes a login into your account. why don't banks introduce the 2-step verification system into their webs ? https://blog.google/technology/safety-security/one-step-closer-to-a-passwordless-future/ Link to comment Share on other sites More sharing options...
D.Draker Posted February 25, 2023 Share Posted February 25, 2023 3 hours ago, Milkinis said: why don't banks introduce the 2-step verification system into their webs ? Inconvenient, might drive someone nuts ? I don't know. 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now