Scott's Web Browsers Blog

The response to Why Do You Use Your Browser?, via the forums as well as email, has been impressive thus far. You've told me what browsers you use each day as well as why you use them. Based on your answers I've come up with what the readers think are the most important aspects of a browser. Now it's time to refine things even further. Which of the following is the most important to you when it comes to a Web browser?

Do you surf the Web with Firefox? Perhaps your browser of choice is Internet Explorer. Maybe you're a big Opera fan. These days there are a fairly large selection of Web browsers available to choose from, and many of us pledge our allegiance to a specific one. There are several reasons why we fire up a certain browser each day. Whether it be speed, security, or something else altogether About Web Browsers wants to know why.

Visit the Web Browsers forum today and post the reasons that you use your favorite browser. Your answers may appear in a future article here on About!

Microsoft's monthly security update was released yesterday, fixing over two dozen bugs within its applications. Included in this list were six vulnerabilities affecting the Internet Explorer browser. Each of the six could result in remote code execution on a victim's machine if exploited correctly. Viewing a specially crafted Web page is the trigger in each potential attack, most dealing with memory corruption as well as the handling of HTML components within the browser. IE users are encouraged to update their browser right away, either through Windows Update or the Internet Explorer download site.

Whether you're tired of watching Olympic events broadcast several hours after they've actually taken place or if you just want to catch the latest action from your cubicle at work, NBC and your favorite Web browser can help. To watch live footage from Beijing, visit NBC's official Olympics site and look for any sports with a red and white LIVE indicator next to their name in the left menu pane. First click on that name and then look for the Watch Live link. The only things you'll need to access the video streams are your browser, Microsoft's Silverlight plug-in, and an active Internet connection. Enjoy!

At this week's Black Hat security conference in Las Vegas, researchers Mark Dowd and Alexander Sotirov planned to unveil a new technique that takes advantage of the way Internet Explorer handles active scripting and .NET objects in the Vista operating system. According to a story first reported by SearchSecurity, the two have been able to bypass Vista's memory protection safeguards and load malicious content into any location on a victim's PC. It appears that the attacks exploit Vista's current architecture along with Microsoft's protection methods and have nothing to do with any newly discovered vulnerabilities in either the browser or the OS. It will be interesting to see further details on this research as well as what Microsoft's response will be. Stay tuned...

There are many things that Internet users want to keep private, ranging from the sites they visit to the information they enter into online forms. The reasons for this can vary, ranging from concerns over security to something else entirely. Regardless of what drives the need it is nice to be able to clear your tracks, so to speak, when you are done browsing.

This desire to wipe your browsing slate clean does not only exist in the desktop world. Mobile Web surfers, like those using the iPhone's Safari browser, may also want to clear their browsing history, cache, or cookies from time to time. The following tutorials show you just how it's done.

• Manage Your iPhone's Browsing History


• Delete Safari's Cache


• Delete Safari's Cookies

Cross-Site Cooking is a term that describes performing a session fixation attack in order to hijack an unsuspecting user's HTTP session. An attacker issues a fixed session ID, via a specially crafted cookie, to a user's browser. This forces the browser into using a chosen session rather than allowing it to exhibit its normal behavior of generating a random session ID. If exploited correctly, Cross-Site Cooking can expose a victim's sensitive data.

It turns out that Apple's Safari browser is vulnerable to this type of attack. Heise Security has provided details of the vulnerability, stating that a hacker could potentially spy on a victim's connection if the attack is carried out correctly. The flaw lies in the way Safari handles cookies in multi-part top level domains such as .co.uk and .com.au. A fix has not been issued yet so you may want to use an alternate browser in the meantime.

The benefits to your wallet and, more importantly, your health can be outstanding when you quit smoking. However, it is a tough task on all accounts, especially if you have been puffing away for an extended period of time. Help may be a mouse click away! If you are a Firefox user, there is a great add-on available that just might give you all the motivation you need to succeed.

A URL Spoofing vulnerability in the iPhone's Mail and Safari browser applications can be exploited to conduct phishing attacks. According to security researcher Aviv Raff, a specially crafted malicious URL could appear in the device's Mail application as if it were pointing to a trusted domain. If a user clicked on this spoofed URL it would then be displayed intact in Safari's address bar, giving he or she the impression that they were visiting a safe and secure Web page when in fact they may be a step away from becoming a phishing victim.

Raff has confirmed that iPhones running firmware version 1.1.4 as well as the new 2.0 release are affected. Earlier versions may also be at risk but that is unconfirmed thus far. Technical details of the vulnerability are being withheld by Raff until Apple, who has acknowledged the issue, has delivered a fix. In the meantime, it is recommended that you avoid clicking on any links within the device's Mail application. If you need to visit a specific URL, enter it manually in Safari's address bar.