The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Yahoo unveils test toolbar for Firefox
Time: 14:44 EST/19:44 GMT | News Source: Yahoo News | Posted By: Chris Hedlund

Yahoo said late Wednesday that it has released a test version of its toolbar for the Mozilla Firefox Web browser.

Toolbars from companies such as Yahoo enable users to go directly to particular services, such as e-mail or Web search, by simply clicking on an icon. Yahoo says on its download page that people can customize and access the toolbar from any PC. Amazon.com's A9.com search unit also offers a toolbar for Firefox, an open-source browser that is gaining in popularity as an alternative to Microsoft's dominant Internet Explorer.

Write Comment
Return to News

  Displaying 1 through 25 of 371
Last | Next
  The time now is 9:05:37 AM ET.
Any comment problems? E-mail us
#1 By 3653 (68.54.224.219) at 2/10/2005 4:48:30 PM
Why does the Yahoo toolbar come with an installer? Seems like it would be faster if Yahoo simply installed their toolbar via one of the many security vulnerabilities found in Firefox this week.

#2 By 37 (24.183.41.60) at 2/10/2005 5:56:47 PM
Moores...that is the FUNNIEST thing I have heard on these comment boards in YEARS!

ROFLMAO!

#3 By 37 (24.183.41.60) at 2/10/2005 5:57:58 PM
LinuxIsTheft...why would Firefox let such security issues go untouched for so long? I would have assumed that since it's open source anyone could have fixed the issue by now since it is indeed open to everyone. Yahooglefoxfireser?

This post was edited by AWBrian on Thursday, February 10, 2005 at 18:03.

#4 By 29903 (4.245.182.111) at 2/10/2005 6:10:03 PM
mooresa56 wrote:

Why does the Yahoo toolbar come with an installer? Seems like it would be faster if Yahoo simply installed their toolbar via one of the many security vulnerabilities found in Firefox this week.

Which security vulnerabilities would those be, Elmer FUD?

The vulnerabilities which allow Web sites to install spyware/trojans/etc through IE, without user interaction, do not work in Firefox.

http://secunia.com/graph/?type=cri&period=all&prod=11

http://secunia.com/graph/?type=cri&period=all&prod=4227

Perhaps you meant that they should install it more easily through IE.

This post was edited by 0nslaught on Thursday, February 10, 2005 at 18:12.

#5 By 37 (24.183.41.60) at 2/10/2005 6:17:41 PM
onslaught, you must not read the latest on Firefox everyday....Firefox security holes are being exposed weekly. I think you better do a better job reading. One was just posted on AWIN.

I should see if my Firefox will automagically install the new yahoo toolbar..ROFL!

#6 By 29903 (4.245.182.111) at 2/10/2005 6:26:27 PM
AWBrian wrote:

onslaught, you must not read the latest on Firefox everyday....Firefox security holes are being exposed weekly. I think you better do a better job reading. One was just posted on AWIN.

It looks like you too are unable to point out "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction."

Seeing as how these are released weekly, it shouldn't be difficult for you to point it out. Be sure to return with some excuse though.

Perhaps it is more accurate to say that I read enough of the facts and you read too much of the FUD? Did you not read these sites?

http://secunia.com/graph/?type=cri&period=all∏=11

http://secunia.com/graph/?type=cri&period=all∏=4227

AWBrian wrote:

I should see if my Firefox will automagically install the new yahoo toolbar..ROFL!

Good luck with that. Be sure to update us on how (un)successfully that goes. Though, I did run across one site that attemps to trick you into opening Internet Explorer so that it can proceed with the installation of the spyware. You might run across something like that.

#7 By 37 (24.183.41.60) at 2/10/2005 6:32:45 PM
It looks like you are in denial. Are you saying that there are no new, current and outstanding Firefox security issues??!

Post back when you figure that one out. Right now you get an E for effort.

#8 By 29903 (4.245.182.111) at 2/10/2005 6:47:52 PM
AWBrian wrote:

It looks like you are in denial. Are you saying that there are no new, current and outstanding Firefox security issues??!

You failing, for a second time, to point out "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction" is my denial?

It looks like the denial is on your part, and you are unable to accomplish this simple request.

This time, do not just read these sites, but make an effort to comprehend them as well:

http://secunia.com/graph/?type=cri&period=all&prod=11

http://secunia.com/graph/?type=cri&period=all&prod=4227

Why do you think the ratings for both of these browsers are so different? You are now claiming that Secunia is wrong?

Feel free to throw insults, make more unsubstantiated claims, or to make an attempt at changing the subject.

I request again: Show "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction."

This post was edited by 0nslaught on Thursday, February 10, 2005 at 18:51.

#9 By 29903 (4.245.182.111) at 2/10/2005 6:58:52 PM
AWBrian wrote:

Good call 511! We all await for onslaughts reply showing us that Firefox is security issue free.

I've never made the claim that "Firefox is security issue free." I've quoted my assertion a number of times now. How many times must I repeat it before you think you'll be able to comprehend it?

Remember this?

Show "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction."

AWBrian wrote:

Good thing AWIN holds all the history...so we will know if he lies :)

You trying to change my claim to something else and then claim that I'm not supporting it wouldn't be *me* lying. It might be taken as someone *else* attempting to lie though.

Are you ignoring the following information?

http://secunia.com/graph/?type=cri&period=all&prod=11

http://secunia.com/graph/?type=cri&period=all&prod=4227

Would you also give me an estimation on the number of times you think the above would need to be repeated for you to properly comprehend it?

This post was edited by 0nslaught on Thursday, February 10, 2005 at 19:03.

#10 By 37 (24.183.41.60) at 2/10/2005 7:07:15 PM
Maybe he will catch on? Maybe not?

As a quick detail, IE 6 has 17 unpatched and Firefox has 8 unpatched.

And with the latest IDN security breach, that would put it at 9 unpatched and growing.

Still waiting for your proper reply...let us know when your ready.

http://secunia.com/graph/?type=sol&period=all&prod=4227

#11 By 29903 (4.245.182.111) at 2/10/2005 7:08:41 PM
AWBrian wrote:

Good call 511! We all await for onslaughts reply showing us that Firefox is security issue free.

By the way, if you had gone to the link that I had posted < http://secunia.com/graph/?type=cri&period=all&prod=4227 >, and comprehended it, it should have been very obvious that I was not making that claim. I don't see how you became confused.

Hint: The thing to look for here is the "Extremely." That would be the red. (Or even "Highly," which would be the orange.)

For comparison:

http://secunia.com/graph/?type=cri&period=all&prod=11

#12 By 37 (24.183.41.60) at 2/10/2005 7:14:37 PM
L E T me S L O W this D O W N for you onslaught.

75% of Firefox's security issues are UNPATCHED, with a 9th one yet to be added to Secunia's database.

Let us know when you find out whom ever said "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"

Once you figure out who said the above, you might want to ASK them. Until then, we await your kind reply.

Just a reminder...9 UNPATCHED security issues with FIREFOX. Firefox is NOT secure. Again..Firefox is NOT secure.

#13 By 37 (24.183.41.60) at 2/10/2005 7:17:21 PM
I wasn't thinking Googlefox...more like Yahooglefoxfireser. Currently one of the most insecure browsers on the web. 9 unpatched security issues. Opera 7 only has 3 unpatched. Firefox is very INSECURE.

#14 By 29903 (4.245.182.111) at 2/10/2005 7:20:06 PM
LinuxIsTheft wrote:

#13 "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"

It depends what you mean by "user interaction".

http://news.com.com/Spyware+takes+aim+at+Mozilla+browsers/2100-7349_3-5569635.html

"Although the spyware is only installed if users agree to download a certain file, many users are likely to click through, as the download's dialogue box gives no indication of the file's malicious payload, Sjouwerman said.


You're saying that you don't understand if clicking a link and downloading the file to your PC is user interaction or not? So, if I agree to download Sub7, or just about anything else to my PC, that's an exploit in the browser and might not qualify as user interaction?

If I put up a link to a virus and you click the link and agree to download it that this is a security exploit? I guess I can go click on a link to a virus, download it, and report this exploit to secunia.com.

I would have to say that this example fails miserably and does not qualify as:

"the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"

[snip]

http://secunia.com/graph/?type=cri&period=all&prod=11

http://secunia.com/graph/?type=cri&period=all&prod=4227

#15 By 11888 (64.230.35.124) at 2/10/2005 7:39:07 PM
Could my account be deleted? It's too embarrassing to have one.

This post was edited by MrRoper on Thursday, February 10, 2005 at 19:40.

#16 By 29903 (4.245.182.111) at 2/10/2005 7:39:44 PM
AWBrian wrote:

L E T me S L O W this D O W N for you onslaught.

This is a good idea, but only because you are slowing it down for yourself and getting your thoughts together.

AWBrian wrote:

75% of Firefox's security issues are UNPATCHED, with a 9th one yet to be added to Secunia's database.

You can understand the difference between amount and severity, can you not?

Once again:

http://secunia.com/graph/?type=cri&period=all&prod=11

http://secunia.com/graph/?type=cri&period=all&prod=4227

You seem as though you don't want to address this issue.

AWBrian wrote:

Let us know when you find out whom ever said "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"

There were two claims which seemd to be implying this. At the least, perhaps you can clear up, or retract, your own:

mooresa56 wrote:

Why does the Yahoo toolbar come with an installer? Seems like it would be faster if Yahoo simply installed their toolbar via one of the many security vulnerabilities found in Firefox this week.

Does this not equate to:

"the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"?

And you seemed to be in agreement with mooresa56's insinuation at some level. You certainly didn't seem to disagree with it.

AWBrian wrote:

onslaught, you must not read the latest on Firefox everyday....Firefox security holes are being exposed weekly. I think you better do a better job reading. One was just posted on AWIN.

I should see if my Firefox will automagically install the new yahoo toolbar..ROFL!


Does this not insinuate a belief in "the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"?

If you were not replying to this comment of mine, then what was your reply about?

AWBrian wrote:

Once you figure out who said the above, you might want to ASK them. Until then, we await your kind reply.

Okay, so what exactly did you mean by your reply?

AWBrian wrote:

Just a reminder...9 UNPATCHED security issues with FIREFOX. Firefox is NOT secure. Again..Firefox is NOT secure.

You can understand the difference between amount and severity, can you not?

Once again:

http://secunia.com/graph/?type=cri&period=all&prod=11

http://secunia.com/graph/?type=cri&period=all&prod=4227

#17 By 37 (24.183.41.60) at 2/10/2005 7:42:43 PM
....waiting...good thing I have patience. Post back when you have a reply Onslaught...that addresses the 9 oustanding security issues that make Firefox an insecure browser.

#18 By 37 (24.183.41.60) at 2/10/2005 7:44:28 PM
MrRoper..if your serious, I can have your account deleted. Please confirm via email at brian@activewin.com

#19 By 3653 (68.54.224.219) at 2/10/2005 7:44:51 PM
onslaught, you are funny in a helplessly clueless kind of way...

Let's review your original message. Pay attention here.

---------
Why does the Yahoo toolbar come with an installer? Seems like it would be faster if Yahoo simply installed their toolbar via one of the many security vulnerabilities found in Firefox this week.

Which security vulnerabilities would those be, Elmer FUD?

The vulnerabilities which allow Web sites to install spyware/trojans/etc through IE, without user interaction, do not work in Firefox.
---------

I noticed you added "without user interaction" even though I didn't mention it. Were you trying to speak for me? No thanks.

#20 By 37 (24.183.41.60) at 2/10/2005 7:48:07 PM
mooresa56....grrrrrrrrrrrrrrrrrrr...i have been giving him clues to figure that out on his own...and now you ruined it.

Oh well.

#21 By 3653 (68.54.224.219) at 2/10/2005 7:48:39 PM
Just saw your last note onslaught. you said:

---------------
Why does the Yahoo toolbar come with an installer? Seems like it would be faster if Yahoo simply installed their toolbar via one of the many security vulnerabilities found in Firefox this week.

Does this not equate to:

"the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"?
---------------

The answer is NO. But don't let that stop you.

#22 By 29903 (4.245.182.111) at 2/10/2005 8:21:40 PM
mooresa56 wrote:

onslaught, you are funny in a helplessly clueless kind of way...

Let's review your original message. Pay attention here.

Why does the Yahoo toolbar come with an installer? Seems like it would be faster if Yahoo simply installed their toolbar via one of the many security vulnerabilities found in Firefox this week.

[snip]

I noticed you added "without user interaction" even though I didn't mention it. Were you trying to speak for me? No thanks.


So, which "security vulnerabilities found in Firefox" would make it "faster" for "Yahoo" to "simply" install "their toolbar"? If it required just as much user interaction, how would it be any faster?

Are you saying there are no such "security vulnerabilities found in Firefox" that would make it "faster" for "Yahoo" to "simply" install "their toolbar," and that your comment has no point?

#23 By 29903 (4.245.182.111) at 2/10/2005 8:26:29 PM
AWBrian wrote:

I should see if my Firefox will automagically install the new yahoo toolbar..ROFL!

So, care to explain what "automagically" means, if not "without user interaction"?

http://secunia.com/graph/?type=cri&period=all&prod=11

http://secunia.com/graph/?type=cri&period=all&prod=4227

#24 By 29903 (4.245.182.111) at 2/10/2005 8:32:27 PM
mooresa56 wrote:

By mooresa56 (1515 Posts) at 2/10/2005 7:48:39 PM
Just saw your last note onslaught. you said:

---------------
Why does the Yahoo toolbar come with an installer? Seems like it would be faster if Yahoo simply installed their toolbar via one of the many security vulnerabilities found in Firefox this week.

Does this not equate to:

"the vulnerabilities which allow Web sites to install spyware/trojans/etc, without user interaction"?
---------------

The answer is NO. But don't let that stop you.


Ah, all well and good. I guess this means you will now explain the "security vulnerabilities found in Firefox this week" would allow the Yahoo toolbar to be installed "faster."

I'm not sure how an install which requires "user interaction" would even be much an exploit, or how it would be any faster, but that's for you to explain!

#25 By 29903 (4.245.182.111) at 2/10/2005 9:04:06 PM
LinuxIsTheft wrote:

By LinuxIsTheft (142 Posts) at 2/10/2005 8:48:10 PM
#21 "You're saying that you don't understand if clicking a link and downloading the file to your PC is user interaction or not?"

It depends. In the case of the Firefox vulnerability, not only does the file get downloaded, it gets executed and installed.


Have an example or a link to this vulnerability? Once again, you would have to choose to dowload this virus onto your computer. I would hardly call that "without user interaction." So, this virus can be defeated by my choosing not to install it? Well, I guess I just won't install it. I also don't go around installing other trojans on my PC either. What do you suggest? Taking away the ability to download anything at all?

LinuxIsTheft wrote:

As I quoted:

"Although the spyware is only installed if users agree to download a certain file, many users are likely to click through, as the download's dialogue box gives no indication of the file's malicious payload, Sjouwerman said.

"It's done in a way that people might not recognize as a normal install, and will work in Firefox," Sjouwerman said.

Hmmm. If I download a gif with Firefox and it downloads a bat file, I would suggest that the normal user interaction associated with downloading a bat file has been bypassed.

Maybe you wouldn't.


I will agree as soon as you show me a link to a .gif that Firefox will download onto my PC as a .bat file and then execute.

I find it interesting that secunia.com doesn't appear to be interested in this "exploit."

Write Comment
Return to News
  Displaying 1 through 25 of 371
Last | Next
  The time now is 9:05:37 AM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *