Security Now 189
Topic: Internet Explorer 8
Recorded: March 25, 2009
Published: March 26, 2009
Security Now 189: Internet Explorer 8
News & Errata
02:39 - 05:35
- Steve Gibson is planning to add a Spinrite fix for Mac OS X in version 7
- DNS benchmark is now running and Steve is just adding some new features requested by the news group
- Steve's cookie work is finished but not public yet
- Serious work will begin on CryptoLink after he has finished the DNS benchmark and cookie work.
08:11 - 12:39
- A botnet has been found running in Netcom NB5 routers.
- The web interface and Telnet port was open and exposed to internet when shipped by default.
- The company has now fixed its firmware, power cycle the router to remove the worm.
12:40 - 13:43
- Adobe has patched Acrobat reader versions 7 & 8.
13:44 - 15:56
- Steve fixed a friends laptop which had been infected by a trojan
- It downloaded a spray of recently known exploits for multiple pieces of software such as PDF's and HTML files.
15:57 - 17:35
- Steve had misspoken on previous podcast where he stated that SSH is using SSL tunnelling. In fact SSH has its own transport
26:53 - 29:27
- Conficker is set to do 'something' on April 1st when Leo and Steve next record Security Now.
- AVAST found more viruses than AVG when Steve ran it on his friends infected laptop (About 50% more).
- Steve is using an image of his friends infected hard drive to test MSRT and will report back next week.
17:36 - 22:25
- Prio - It is a small DLL which functions as an extension to the Task Manager.
- It colours processes based on if they are signed or not.
- TCP / IP monitor which is a real time netstat
- Allows you to assign sticky process priority.
22:26 - 26:52 Anonymous (Toronto, Ontario)
- A listeners friends Outlook .pst file wouldn't copy from the laptop hard drive to a USB memory stick it returned a CRC check error. He downloaded Spinrite to a USB drive and ran it. It fixed the drive and they could copy the .pst file off the drive onto a memory stick
Internet Explorer 8
22:28 - 01:11:51
- Leo found page that offers the history of IE - The History of Internet Explorer
- IE 8 is only faster under "Dumb" pages
- IE 8 cookie handling is still broken and does not block third-party cookies
- IE 8's Compatibly Mode makes IE 8 render the page in IE 7 render mode
- IE 8 also enhanced the delete browser history controls
- IE 8's In Private mode causes browser not to write to history
- IE 8's Smart Screen filter will give you on-the-fly site warnings
- IE 8's Active X controls now allow for per site and per user installs
- Top level domains are now highlighted while the rest of the domain stays grey in IE 8
- Toolbars in IE 8 now have a red X that allow you to close the toolbar faster
- By default DEP will be enable in IE 8
- IE 8 is still very crashable and will even re-crash on reload.
- IE 8 has upgraded the development tools
- Ad time: 0:33-0:44 and 05:35-08:10
- Recorded Date: March 25, 2009
- Release Date: March 26, 2009
- Duration: 1:13:55
- Log line:
- Edited by: Tony
- Notes: Removed Steve Coughing @ 0:36:08
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|