Proof of concept:

  1. Disable IE7's Protected Mode
  2. ...

OK, I was just joking.

I'm confident this blog post is a joke as well.
After all, its author is a MVP...

21 Responses to “ALERT: IE7's Protected Mode Does NOT Protect From Anything”

  1. #1 Denis says:

    After I saw the comments, in which the author of the original post is replying to the criticism, I doubt it was a joke. That person really has a very strange point of view...

  2. #2 Ben says:

    Hilarious stuff. I love your response.

  3. #3 tuseeketh says:

    She will never admit she was wrong... so pathetic.

    Go on, your addon rocks.

  4. #4 ANELKAOS says:

    An MVP does not always knows what he/she speaks. Anyone with spare time can be MVP ^_^

  5. #5 Daniel says:

    Alert: The condom is not used as contraception. Especially if your name Sandi and before you make a hole.

  6. #6 Dan says:

    I tried to make a few comparative examples in a comment over there, but I'm afraid there are too many stubborn trolls there.

    I also note you use a capcha system, while she does not. Of course you can't infer a knowledge of security from just one example, but it's still interesting. :)

  7. #7 anonymous says:

    Interesting... repeated tries to post comments at Sandi's site (with views contradicting her own) are not being approved. Only the pro-Sandi comments are approved and published.

    She doesn't just not get NoScript... she doesn't get blogging either.

  8. #8 Firefox con NoScript no protege del secuestro del portapapeles mediante Flash (si lo desactivas…) « De música ligera says:

    [...] Lo que piensa Giorgio Maone de ella [...]

  9. #9 Las protecciones de Firefox no protegen si estn desactivadas (obviamente) | Blumex | Noticias de tecnologia, sociedad e informtica says:

    [...] de Sandi en alertar de que las protecciones no funcionan si se desactivan, el creador de NoScript ha respondido, casi por alusiones, parafraseando y no sin sorna, de la siguiente forma: ALERTA: El modo de [...]

  10. #10 a says:

    Who else here has all plugins, (flash, java, javascript, ..) disabled for all sites except whitelisted. I do!

    I don't understand this being a possible security hole in NoScript, I just don't. It's a bug in flash, which adobe needs to fix. Obviously just trying to get some attention.

  11. #11 MVP de Microsoft se columpia con NoScript « Blog personal… says:

    [...] lo que de verdad más merece la pena de este hilarante episodio es la irónica respuesta de Giorgio Maone, creador del excelente NoScript. Tampoco tiene desperdicio el debate, donde Sandi (sostenella y no [...]

  12. #12 LOL! says:

    Sandy, What a looser MUAHAHAHAHAHAHAHA!!!!!

    MS MVP???? Thats Microsoft professionals level, ohyeah!!

    U have NO idea about Inet, Flash, NoScript... Do u know how to turn the machine on????

    Oh dear, what a laugh xDDDDD

    Pathetic Sandy.

    Pathetic Microsoft.


  13. #13 LOL! says:

    Not the smartest tools in the shed, are you.

    BTW, the correct spelling is CAPTCHA and SANDI and LOSER

  14. #14 Vinícius K-Max says:

    Hey, that poc is working for me, with last version of NoScript installed!

    What's wrong?

  15. #15 Giorgio says:

    @Vinicius K-Max:
    You either have

    • in your whitelist
    • NoScript Options|Plugins|Forbid Macromedia Flash unchecked
    • Scripts globally allowed (dangerous) checked
  16. #16 Kyo says:

    Lol, what the fuck?

    I guess I'm gonna go hax0r some noscript users now after nicely asking them to disable it

  17. #17 victa says:

    can i have an advise how to hack an e-mail id on yahoo or somebody help me to get
    the password for this email - id [edited out] this person is distubing
    me on orkut by abusing me so plz help me .as i tried to report on orkut to remove his profile
    but nothing happened.

  18. #18 Morgan Storey says:

    Geez talk about giving MS a bad name. They do do some stuff well... Browser security is not one of them.
    I have a stock standard no script installed and guess what the flash didn't run.
    It is interesting, because IE7 on WindowsXP doesn't run in protected mode, and lets this flash script run and change the clipboard no questions asked. Of course safari lets it through as well.
    Doesn't IE7/8 support rudimentry plugins now, maybe you guys should give MS a much needed hand and port it across so they will quit trying to show up Firefox.
    This is akin to saying Windows 2003/8 is not secure cause I turned off the firewall, enabled all the insecure services like telnet (why in hell is that still there) and stuck it out on the internet not behind a firewall, not even behind nat. I'd give that box 10minutes...

  19. #19 Giorgio says:

    @Morgan Storey:
    IE's support for add-ons is too much inconvenient yet as a platform for developing a pervasive subsystem like NoScript, which also needs to be highly maintainable for quickly reacting to new kinds of threats.

    Anyway MS seems to have started itself "borrowing" NoScript's concepts ;)

  20. #20 Morgan Storey says:

    Yeah I have been subscribed to hackademix for a while, so I saw that. There is no way it will be as good. My request was more a jab at there woeful browser security, sure Mozilla has had their issues too, but the open platform has led to greater advancements, and better plugins.

  21. #21 Nicanor Bonich says:

    Er...well, i just wanted to say thanks for the add-on.
    It's really great.
    That's all, nothing else to be seen here, keep walking.....

Bad Behavior has blocked 852 access attempts in the last 7 days.