[DUG] Offtopic - but....

John Bird johnkbird at paradise.net.nz
Wed Jan 20 12:20:00 NZDT 2010 

In Chrome you can find out what is using CPU for each tab, there is a task 
manager.

Try the Firefox 3.6 beta

I really really would hesitate to use IE at the moment, seeing as all 
versions including IE8 on Windows 7 are vulnerable to the latest China 
exploit - while it affects IE6 on XP most no versions are immune. 
Especially if you are known to have access to any valuable intellectual 
property!

Chrome UI is an acquired taste, personally I find Firefox Chrome and Opera 
all comparable in speed, Chrome and Opera are the speed freaks in most 
tests.  Safari is also very fast but tends to have more security issues than 
the others.

>From what I have gathered, as details are deliberately a bit vague the 
"China attacks" worked like this:

-They tried to hack into Gmail/Yahoo/Hotmaill accounts of known china 
activists and supporters.  Gmail has now changed its default to https to 
make this harder - others are expected to follow.

-Last year there were targeted emails sent to certain staff in the Dalai 
Lama's office, looking to be from someone the person knew with links to an 
innocuous web site, or attached photos/PDFs which had a malware dropper in 
it.   Once loaded on the target PC, the Trojan started monitoring all email 
traffic and logins, and turned on web cams and microphones to monitor what 
was happening in the office around the PC, ie conversations nearby were also 
being monitored.

Once security specialists were called in, they found also a significant 
number of Asian embassies of various countries also had similar spyware 
installed - it was described as the most sophisticated and comprehensive 
spyware ever seen

The traffic looked to being sent to a site in China and Taiwan physically 
close to the Chinese governments electronic monitoring site, however no-one 
was sure of this as it could in theory have been going anywhere.

-The Google and Adobe attacks this year look to be similar - There were 
targeted emails sent to staff deduced to have privileged access on networks 
eg to source repositories.  The emails apparently looked innocuous and from 
parties known to the receiver (this is the targeted part - the senders had 
done careful research).   Once installed the malware started downloading the 
source it could locate to web sites that Google identified as being Chinese. 
Google say up to 30 firms in California were targeted.  The fact that they 
had publicly identified China as the offender implies they have done some 
thorough tracking of the destination of stolen data.

This exploit is mainly in IE, and may also involve a PDF exploit as well. 
By all accounts Microsoft have conceded there is a problem in IE6 and do not 
yet have a fix, and it is not certain it can be fixed.  Turning the security 
zone settings to High makes it less likely but is still not an absolute 
preventative.  All versions of IE have this vulnerability.

There was a similar serious problem with https in 2009 where a rogue web 
site could impersonate a legitimate site using a specially crafted digital 
certificate that had a binary null between the name of the impersonated site 
and the false site name - this allowed the certificate to be verified but 
the impersonated name would be shown, not the true impersonating domain. 
This meant that a man-in-the-middle attack for https traffic to in 
particular bank web sites became possible with no warning in the browser as 
the certificate looked to be verified  (it was but for the malware domain). 
This vulnerability was fixed quite fast, but interestingly on Windows it 
affected IE, Chrome, Opera and Safari as they all used a Microsoft component 
to verify digital certificates - Firefox was the only browser immune in this 
case as it used its own component.

Personally I prefer Firefox as its fast enough (close to if not fastest), 
best bookmarks search, and fastest consistently to fix security holes. 
However security is a constantly moving target and all software has its 
vulnerabilities.

John

From: "Jeremy North" <jeremy.north at gmail.com>
To: "NZ Borland Developers Group - Delphi List" <delphi at delphi.org.nz>
Sent: Wednesday, January 20, 2010 10:28 AM
Subject: Re: [DUG] Offtopic - but....


I'm sorry but I disagree. If all of those tabs are loaded then it
shouldn't be using any CPU, or a very small amount.

Firefox has security issues, just like IE.

I use both but prefer IE, it handles flash a lot better than Firefox.

Couldn't get into Chrome.

I installed Firefox on the mac but it just seems out of place so
generally use Safari - even though it is a pain to use. I don't browse
often on the mac.

On Tue, Jan 19, 2010 at 6:13 PM, John Bird <johnkbird at paradise.net.nz> 
wrote:
> My Firefox (3.7) is using 12-13%cpu and 400MB with 88 tabs open at the
> moment. Thats not too bad...
>
> John
>
> From: Sean Cross
>
> To: NZ Borland Developers Group - Delphi List
> Sent: Tuesday, January 19, 2010 4:50 PM
> Subject: Re: [DUG] Offtopic - but....
>
> Ram? I find processor usage is the problem. It can suck up 30% of my
> processor for no apparent reason when it's just sitting in the background!
>
>
>
> Regards
>
>
>
> Sean Cross
> CIO
>
>
>
> Catalyst Risk Management
> PO Box 230
> Napier 4140
> DDI: 06-8340362
> Mobile: 021270 3466
>
>
>
> Visit us at http://www.catalystrisk.co.nz
>
>
>
> Offices in Auckland, Hamilton, Napier, Wellington, Christchurch & Dunedin
>
>
>
> Disclaimer:
> "The information contained in this document is confidential to the
> addressee(s) and may be legally privileged. Any view or opinions expressed
> are those of the author and may not be those of Catalyst Risk Management. 
> No
> guarantee or representation is made that this communication is free of
> errors, viruses or interference. If you have received this e-mail message 
> in
> error please delete it and notify me. Thank you."
>
>
>
>
>
> From: delphi-bounces at delphi.org.nz [mailto:delphi-bounces at delphi.org.nz] 
> On
> Behalf Of Jeremy Coulter
> Sent: Tuesday, 19 January 2010 12:03 p.m.
> To: NZ Borland Developers Group - Delphi List
> Subject: [DUG] Offtopic - but....
>
>
>
> I know thi sis offtopic, but does anyone know WHY FireFox consumse SO MUCH
> RAM ??
> I have 8 tabs open and its usign over 400MB !! Its complete madness ! I
> have started going off Firefox lately. On ym Vista 64bit install at home, 
> I
> cant do an F5 to refresh, I have to do a CTRL+F5 ..... grrr
>
>
> Jeremy
>
> ________________________________
>
> _______________________________________________
> NZ Borland Developers Group - Delphi mailing list
> Post: delphi at delphi.org.nz
> Admin: http://delphi.org.nz/mailman/listinfo/delphi
> Unsubscribe: send an email to delphi-request at delphi.org.nz with Subject:
> unsubscribe
>
> ________________________________
>
> _______________________________________________
> NZ Borland Developers Group - Delphi mailing list
> Post: delphi at delphi.org.nz
> Admin: http://delphi.org.nz/mailman/listinfo/delphi
> Unsubscribe: send an email to delphi-request at delphi.org.nz with Subject:
> unsubscribe
>
> _______________________________________________
> NZ Borland Developers Group - Delphi mailing list
> Post: delphi at delphi.org.nz
> Admin: http://delphi.org.nz/mailman/listinfo/delphi
> Unsubscribe: send an email to delphi-request at delphi.org.nz with Subject:
> unsubscribe
>

_______________________________________________
NZ Borland Developers Group - Delphi mailing list
Post: delphi at delphi.org.nz
Admin: http://delphi.org.nz/mailman/listinfo/delphi
Unsubscribe: send an email to delphi-request at delphi.org.nz with Subject: 
unsubscribe

More information about the Delphi mailing list