US-CERT Vulnerability Note VU#713878: IE Specific Security Hole

[LennonCook]

Ah, right - I misunderstood you. It doesn't support letting a website automatically put another font on your computer, no. It does let you use fonts you have downloaded manually, in much the same way any good word processor does.

[Hivetyrant]

nope, I have dwnloaded a font and I cannot use it. Ill PM you the details.

[LennonCook]

*grumble* ... *goes off to unhide menus* .. *grumble, grumble*

[LennonCook]

Ok, it doesn't seem to be possible after all. I'd say that this (the websites behavior, not Firefox's) is non-W3C (I will check this, though). Websites using non-standard fonts does tend to cause accessability problems, after all.

EDIT: But, I know how people will react to this. Just to make the point clear, this is NOT a bug in Firefox. This is intended behavior.

Edit again, for clarity.

[ 12-16-2004, 11:27 PM: Message edited by: LennonCook ]

[aleph_null1]

Quote:

Originally posted by LennonCook: Linux is the best OS

Ahem ... FreeBSD, anyone?

And, just for equal time here, yesterday a class at U-IL Chicago released 44 vulnerabilities in common UNIX apps, which they discovered as a project for their class.

http://tigger.uic.edu/~jlongs2/holes/

Nobody's perfect

[Thoran]

Quote:

Originally posted by aleph_null1: quote: Originally posted by LennonCook: Linux is the best OS

Ahem ... FreeBSD, anyone?

And, just for equal time here, yesterday a class at U-IL Chicago released 44 vulnerabilities in common UNIX apps, which they discovered as a project for their class.

http://tigger.uic.edu/~jlongs2/holes/

Nobody's perfect [/QUOTE]I've said it before but IMO if other OS's and Apps were the subject of as concerted and intense an attack as M$ faces from it's many opponents... they'd fare no better. Open Source, by virtue of its inherent openness (it's greatest strength imo)... would be PARTICULARLY susceptable.

The risk I see here for M$ opponenets is if M$ can actually put together a secure system... its competitors won't have an adequate response. It's like drug immunity... the more and harder a bug is attacked by a drug, the quicker it builds up immunity and if it survives it emerges stronger than the competition. It's survival of the fittest, and the community is currently assisting M$ in debugging their goliath, seems like fun but possibly not so smart in the long run. I think more people should be working to uncover the weaknesses of the apps they're loyal to (Linux, Firefox, whatever) in order to prevent M$ from getting an insurmountable lead. I'm sure you've all seen the previews of longhorn (and NGSCB)... it's a significant change in security model, and if effective (and it looks like it may be) it will be something that will need to be addressed by the competition.

[Hivetyrant]

Quote:

Originally posted by Thoran: I've said it before but IMO if other OS's and Apps were the subject of as concerted and intense an attack as M$ faces from it's many opponents... they'd fare no better. Open Source, by virtue of its inherent openness (it's greatest strength imo)... would be PARTICULARLY susceptable. The risk I see here for M$ opponenets is if M$ can actually put together a secure system... its competitors won't have an adequate response. It's like drug immunity... the more and harder a bug is attacked by a drug, the quicker it builds up immunity and if it survives it emerges stronger than the competition. It's survival of the fittest, and the community is currently assisting M$ in debugging their goliath, seems like fun but possibly not so smart in the long run. I think more people should be working to uncover the weaknesses of the apps they're loyal to (Linux, Firefox, whatever) in order to prevent M$ from getting an insurmountable lead. I'm sure you've all seen the previews of longhorn (and NGSCB)... it's a significant change in security model, and if effective (and it looks like it may be) it will be something that will need to be addressed by the competition.

Finaly, some one who understands
That was perfect Thoran, I could not have put it better [img]graemlins/thumbsup.gif[/img]

[philip]

You should know by now that you can wait forever on m$ bugfixes But well you never know, maybe one day. Windows might be your thing and there are things to like about. Nobody tells you to go open source or to another operating system. But I'd think a bit more realistic and say that windows is just not so good on security at the moment and that you take the advantages windows has for you over the risk. You don't choose operating systems just on one aspect of them.

I think in the christmas holidays I'll be going to install freeBSD as well. It looks pretty cool as well and I still have HD space. Maybe slackware as well.

[aleph_null1]

Quote:

Originally posted by philip: I think in the christmas holidays I'll be going to install freeBSD as well. It looks pretty cool as well and I still have HD space. Maybe slackware as well.

Yea! [img]graemlins/thumbsup.gif[/img]

I used Slackware from '95 until I came to college; loved it!

I switched to FreeBSD on a lark when I got a cheap new laptop and thought I'd see what's up. The ports package is absolutely wonderful (though I hear Gentoo's got something very similiar, portage).

[philip]

Quote:

Originally posted by aleph_null1: quote: Originally posted by philip: I think in the christmas holidays I'll be going to install freeBSD as well. It looks pretty cool as well and I still have HD space. Maybe slackware as well.

Yea! [img]graemlins/thumbsup.gif[/img]

I used Slackware from '95 until I came to college; loved it!

I switched to FreeBSD on a lark when I got a cheap new laptop and thought I'd see what's up. The ports package is absolutely wonderful (though I hear Gentoo's got something very similiar, portage). [/QUOTE]Yep the package management sounds good. That's the most important thing for me [img]smile.gif[/img] Debian made me lazy But well I don't feel like ending up in dependency hell.