20
08
2008
ALERT: IE7's Protected Mode Does NOT Protect From Anything
Posted by: Giorgio in IE, Flash, Mozilla, Security, NoScriptProof of concept:
- Disable IE7's Protected Mode
- ...
OK, I was just joking.
I'm confident this blog post is a joke as well.
After all, its author is a MVP...
August 20th, 2008 at 2:06 pm
After I saw the comments, in which the author of the original post is replying to the criticism, I doubt it was a joke. That person really has a very strange point of view...
August 20th, 2008 at 2:34 pm
Hilarious stuff. I love your response.
August 20th, 2008 at 8:26 pm
She will never admit she was wrong... so pathetic.
Go on, your addon rocks.
August 20th, 2008 at 9:05 pm
An MVP does not always knows what he/she speaks. Anyone with spare time can be MVP ^_^
August 20th, 2008 at 9:14 pm
Alert: The condom is not used as contraception. Especially if your name Sandi and before you make a hole.
August 20th, 2008 at 9:51 pm
I tried to make a few comparative examples in a comment over there, but I'm afraid there are too many stubborn trolls there.
I also note you use a capcha system, while she does not. Of course you can't infer a knowledge of security from just one example, but it's still interesting. :)
August 21st, 2008 at 12:22 am
Interesting... repeated tries to post comments at Sandi's site (with views contradicting her own) are not being approved. Only the pro-Sandi comments are approved and published.
She doesn't just not get NoScript... she doesn't get blogging either.
August 21st, 2008 at 6:58 am
[...] Lo que piensa Giorgio Maone de ella [...]
August 21st, 2008 at 12:17 pm
[...] de Sandi en alertar de que las protecciones no funcionan si se desactivan, el creador de NoScript ha respondido, casi por alusiones, parafraseando y no sin sorna, de la siguiente forma: ALERTA: El modo de [...]
August 21st, 2008 at 5:46 pm
Who else here has all plugins, (flash, java, javascript, ..) disabled for all sites except whitelisted. I do!
I don't understand this being a possible security hole in NoScript, I just don't. It's a bug in flash, which adobe needs to fix. Obviously just trying to get some attention.
August 21st, 2008 at 7:40 pm
[...] lo que de verdad más merece la pena de este hilarante episodio es la irónica respuesta de Giorgio Maone, creador del excelente NoScript. Tampoco tiene desperdicio el debate, donde Sandi (sostenella y no [...]
August 21st, 2008 at 8:51 pm
Sandy, What a looser MUAHAHAHAHAHAHAHA!!!!!
MS MVP???? Thats Microsoft professionals level, ohyeah!!
U have NO idea about Inet, Flash, NoScript... Do u know how to turn the machine on????
Oh dear, what a laugh xDDDDD
Pathetic Sandy.
Pathetic Microsoft.
LOL!
August 22nd, 2008 at 4:07 pm
Not the smartest tools in the shed, are you.
BTW, the correct spelling is CAPTCHA and SANDI and LOSER
August 22nd, 2008 at 4:36 pm
Hey, that poc is working for me, with last version of NoScript installed!
What's wrong?
August 22nd, 2008 at 4:50 pm
@Vinicius K-Max:
You either have
August 24th, 2008 at 1:13 pm
Lol, what the fuck?
I guess I'm gonna go hax0r some noscript users now after nicely asking them to disable it
August 26th, 2008 at 3:26 pm
hi
can i have an advise how to hack an e-mail id on yahoo or somebody help me to get
the password for this email - id [edited out]@yahoo.co.in this person is distubing
me on orkut by abusing me so plz help me .as i tried to report on orkut to remove his profile
but nothing happened.
August 31st, 2008 at 11:59 am
Geez talk about giving MS a bad name. They do do some stuff well... Browser security is not one of them.
I have a stock standard no script installed and guess what the flash didn't run.
It is interesting, because IE7 on WindowsXP doesn't run in protected mode, and lets this flash script run and change the clipboard no questions asked. Of course safari lets it through as well.
Doesn't IE7/8 support rudimentry plugins now, maybe you guys should give MS a much needed hand and port it across so they will quit trying to show up Firefox.
This is akin to saying Windows 2003/8 is not secure cause I turned off the firewall, enabled all the insecure services like telnet (why in hell is that still there) and stuck it out on the internet not behind a firewall, not even behind nat. I'd give that box 10minutes...
August 31st, 2008 at 12:11 pm
@Morgan Storey:
IE's support for add-ons is too much inconvenient yet as a platform for developing a pervasive subsystem like NoScript, which also needs to be highly maintainable for quickly reacting to new kinds of threats.
Anyway MS seems to have started itself "borrowing" NoScript's concepts ;)
August 31st, 2008 at 12:22 pm
Yeah I have been subscribed to hackademix for a while, so I saw that. There is no way it will be as good. My request was more a jab at there woeful browser security, sure Mozilla has had their issues too, but the open platform has led to greater advancements, and better plugins.
September 18th, 2008 at 5:38 am
Er...well, i just wanted to say thanks for the add-on.
It's really great.
That's all, nothing else to be seen here, keep walking.....
:-)