[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: Dire straits for Firefox users



Hi Kari,

In the course of looking into this and related questions, I inquired on another list, and received a curious response from an "uber-techie" there who I have known for a long time.  If I understood correctly, he indicated his opinion that malware intrusion via the browser was low-risk, not something he'd worry about.  (I'd like to go back and get some further explication on that.)  Now obviously, that won't apply to blindly and unwisely clicking on an attachment that contains some deadly payload.  Also, he is not normally running Windows, which could have a bearing on the relative risk-exposure.  But, just on the face of it, this suggests the possibility that we could continue running an "outdated" browser version that still runs the XUL extensions we depend upon -- for quite some time. 


   Jordan


From: Kari Eveli
To: xywrite@xxxxxxxx
Sent: Saturday, May 26, 2018 10:24 AM
Subject: Re: Dire straits for Firefox users

Hello Jordan,

I have been wondering the same. If one is paranoiac about this, there is
always the possibility to run the browser within the confines of a
virtual machine, but that can really be an inconvenience. I do all my
banking on the browser, and banking applications require an up-to-date
browser to function. Running different browsers for different
applications would mean quite many complications in daily life, but
going modern and ditching Scrapbook (my number one tool) for something
else feels really bad.

Best regards,

Kari Eveli
LEXITEC Book Publishing (Finland)
lexitec@xxxxxxxx

*** Lexitec Online ***
Lexitec in English: http://www.lexitec.fi/english.html
Home page in Finnish: http://www.lexitec.fi/


> If necessary, I may just keep on using the last functional ESR for FF on
> an indefinite basis . . .  because I think the added functionality of
> those extensions outranks the other concerns.  I have long been
> buttressing them with use of the other two browsers I mentioned anyway,
> for various reasons.  At the same time, I have to wonder whether the
> supposed security risks with the non-updated product are greatly
> overblown.  I think that could be true, but it may depend to some extent
> upon one's individual browsing behavior.
>
>
>     Jordan