Avant Browser

Avant Browser community forum
It is currently Tue Oct 21, 2014 1:33 pm

All times are UTC




Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 38 posts ]  Go to page Previous  1, 2
Author Message
 Post subject:
Post Reply #20 on: Thu Jun 23, 2005 11:19 pm 
Offline
AvantGuard
AvantGuard
Semi-Guru
User avatar

Joined: Fri Sep 19, 2003 5:09 am
Posts: 2488
Location: Galway, Ireland
Avant Version:
Sorry; yes, I'm getting the same bug. Sometimes when I click "Picture Viewers/Editors" button it disapperars. Bizarrely, it usually works on images at the right of the page, not the left.

Also I can reduce a picture until it vanishes, but magnifying it doesn't bring it back again!

The image toolbar still hides tooltips, which can become quite irritating.

Also when the menu does turn up it contains an extra icon that doesn't do anything. It looks like an open hand, like the 'shared folder' icon.

_________________
My Cartoons
:
IE7 ][ Windows XP Tablet PC Edition 2005 ][ Avast! Antivirus ][ Kerio Firewall ][ DSL


Top
 Profile  
 
Post Reply #21 on: Fri Jun 24, 2005 12:23 am 
Offline
Semi-Fan
Semi-Fan

Joined: Tue Jun 08, 2004 10:51 pm
Posts: 57
Avant Version:
*** AB IS NOT A SECURE BROWSER !!!!! *******

Not impressed Anderson! AB still requests Favicon over port 80, even though I have set up AB to use port 8080.

This is a security vulnerability because it can expose your real IP address when you think you are using a proxy!

What needs to be done to get this MAJOR BUG fixed ???????


Anderson, You asked for an explanation of how I found out that AB was leaking information and I gave you proof which could not be refuted!

If you don't plan on fixing this *SECURITY VULNERABILITY IN AB* then at least have the decency to reply here as to your reasoning, although there is no excuse for leavining vulnerabilities in apps unless you are somehow profiting from it!!!

I have given you reproducible steps, and I knoiw for a fact that it would take all of 5 (yes five) minutes to fix!

*** AB IS NOT A SECURE BROWSER !!!!! *******

I expect this post to be deleted due to the truthful nature of its content, but I will continue to publish it again, and again, and again......., until it is fixed!

Why won't you fix this Anderson ???????


Top
 Profile  
 
Post Reply #22 on: Fri Jun 24, 2005 1:14 am 
Offline
Administrator
Administrator
Avantus Maximus
User avatar

Joined: Sat Dec 14, 1901 3:19 am
Posts: 5787
Location: Baltimore and McHenry, Maryland, USA
Windows Version: Windows 7 x64
Avant Version:
Defenestration wrote:
I knoiw for a fact that it would take all of 5 (yes five) minutes to fix!
How would you know that it would take 5 minutes to fix? What if, to implement it properly, it took 3 hours to do. Have you looked at the source of Avant enough to decide if it is fixable in 5 minutes.

Also, if you are that afraid of someone getting your IP, why not ad somethings like "*favicon.ico" to an ad-block list.

--OR better yet--

Unplug your ethernet cable and uninstall TCP-IP from your computer.

_________________
Formerly known as DrDrrae.
Image
I am not a member of the development team.
Please search the forum before posting questions.

Avant Force Wiki || Avant Force Blog
Desktop:
Intel C2Q Q9550 @ 3.7GHz || 8GiBs DDR2 800 @ 435MHz || Asus P5E
112 GiB SSD || 931 GiB HDD || 2x ATI 5770 in CrossfireX || Picture

NetBook:
ASUS Eee PC 1000HE || 1.66 GHz Atom N280 || 2 GiB DDR2 667 || 320 GiB HDD

NAS:
Intel E5200 @ 2.632 GHz || 4 GiB DDR2 800 @ 421 MHz || Foxconn G31MXP-K
5.45 TiB RAID 6


Top
 Profile  
 
 Post subject:
Post Reply #23 on: Fri Jun 24, 2005 3:41 am 
Offline
Semi-Fan
Semi-Fan

Joined: Tue Jun 08, 2004 10:51 pm
Posts: 57
Avant Version:
I would know because I have looked at the assembly code of AB, after dis-assembling it (illegal though it may be!).

That's exactly the kind of response I expected from an AB fan/mod! I'm pointing out a serious flaw in AB, and you can only criticise me for doing so.

Granted _DrDrrae_ there are workarounds, but is it really acceptable for an Internet Web browser to have such a big flaw ?

By big, I mean that AB indicates it's sending all traffic through a proxy, but at the same time sending out requests over a port which the user has no control, and witrhout any indication that it's doing something underhand! (which it is!)

I'm sorry, but anyone who defends this kind of behaviour is either being payed by Anderson, or does not respect privacy!!!

I like AB, but at the same time would think twice about using a web browser whose author thinks it's more important to sort out issues like

"Maintain Width/Height ratio when zoom pictures. "

when a security vulnerability is pointed out to him.

I can only ask.....,

"Why are you afraid to fix this Anderson ?"


Top
 Profile  
 
 Post subject:
Post Reply #24 on: Fri Jun 24, 2005 4:34 am 
Offline
Avantus Maximus
Avantus Maximus

Joined: Wed Jan 26, 2005 4:24 pm
Posts: 5624
Windows Version: Vista Ultimate x64 SP2
Avant Version: 11.7 build 43
IE Version: 8
Well

Actually

Try to use some proxy server and go to http://whatismyip.com with any browser (Firefox/Mozilla/Opera/Internet Explorer/Avant Browser)

Even if I'm using the "anonymous proxy server" or even "highly anonymous" and programs like ProxyWay,whatismyip.com still show me 2 IPs
1 my real IP and another IP of the proxy server that I'm using

So...
Where's the vulnerability exists?

_________________
IE8(Pro), Microsoft Security Essentials
Main PC:
Image
Secondary PC same as primary but with Windows 7 x64 Ultimate as the OS.


Top
 Profile  
 
 Post subject:
Post Reply #25 on: Fri Jun 24, 2005 7:39 am 
Offline
Fan
Fan

Joined: Thu Dec 09, 2004 9:50 pm
Posts: 148
Avant Version:
I see a minor flaw. When I move the mouse over an image I get that image menu bar showing up, which is fine. But if I move the mouse over an image and quickly right click the right click context menu comes up but then the image menu bar also shows up, sometimes under and sometimes over the context menu. Although the menu bar disappears shortly anyway if I don't use it, I think it would be better if the image menu bar didn't show up at all if the right click context menu is already up.

_________________
Avant 10.1 build 17
XP pro, IE 6
Kerio Firewall


Last edited by gary100856 on Fri Jun 24, 2005 8:42 am, edited 1 time in total.

Top
 Profile  
 
 Post subject:
Post Reply #26 on: Fri Jun 24, 2005 8:17 am 
Offline
Newbie
Newbie

Joined: Tue Dec 14, 2004 9:40 am
Posts: 32
Location: Fryslân
Avant Version:
I just like to now when can we start translating the new parts, 'cause they seem not to be present in the eng.lng

_________________
Frisian translator Avant,Maxthon,Opera,Google,Poptray,7zip,regseeker,paint.net


Last edited by ytsmabeer on Fri Jun 24, 2005 2:35 pm, edited 1 time in total.

Top
 Profile  
 
Post Reply #27 on: Fri Jun 24, 2005 10:04 am 
Offline
AvantGuard
AvantGuard
Avantic
User avatar

Joined: Fri Dec 12, 2003 3:33 pm
Posts: 988
Location: Italy
Windows Version: Vista Ultimate SP1
Avant Version: 11.6 Build 20
IE Version: 7
Defenestration wrote:

This is a security vulnerability because it can expose your real IP address when you think you are using a proxy!

What needs to be done to get this MAJOR BUG fixed ???????


I'd say that relying on a proxy as a "security" measure is like putting an opaque bag on one's head and pretending there's nothing out there since you cannot see anything :shock: Even being behind a NAT server is insecure...

That's not to say that bypassing the proxy for favicons if a proxy has been specified is good, but that's definitely NEITHER a security issue NOR a major bug (I, for one, don't use a proxy and probably many other users don't), at most it can be an annoyance for you; if this issue has not been dealt with yet, there probably are other problems to tackle before. If you are so afraid, then block port 80 on your firewall so that no traffic can pass through it and let all http traffic through to your proxy on 8080.

_________________
Image formerly known as Image


Top
 Profile  
 
Post Reply #28 on: Fri Jun 24, 2005 2:11 pm 
Offline
Semi-Fan
Semi-Fan

Joined: Tue May 06, 2003 11:52 pm
Posts: 52
Location: Hungary
Windows Version: WinXP SP3
Avant Version: 11.7 build 43
IE Version: IE8.0
Anderson wrote:
Avant Browser 10.1 beta 7

I will release a new official version once the translations are finished.
Anderson


Really good, thanks, Anderson.

But at the moment we don't have the new language file, or the new strings, which need to be translated. Please send those out to the translators in email.

Regards:
batagy

_________________
Hungarian translator of Avant Browser


Top
 Profile  
 
 Post subject:
Post Reply #29 on: Fri Jun 24, 2005 2:42 pm 
Offline
Semi-Fan
Semi-Fan

Joined: Tue Jun 08, 2004 10:51 pm
Posts: 57
Avant Version:
abfan123 wrote:
Try to use some proxy server and go to http://whatismyip.com with any browser (Firefox/Mozilla/Opera/Internet Explorer/Avant Browser)

Even if I'm using the "anonymous proxy server" or even "highly anonymous" and programs like ProxyWay,whatismyip.com still show me 2 IPs
1 my real IP and another IP of the proxy server that I'm using

So...
Where's the vulnerability exists?

I can't speak about other anonymous proxy servers because I don't use them, but when I use Anonymizer as my Anonymous proxy and go to http://whatismyip.com or http://www.ipchicken.com (or any other website that shows your real IP address), only my anonymous proxy IP address is shown, and not my real IP address.

The vulnerability exists because my real IP address is exposed every time a Favicon is requested by AB.

robc wrote:
I'd say that relying on a proxy as a "security" measure is like putting an opaque bag on one's head and pretending there's nothing out there since you cannot see anything Shocked Even being behind a NAT server is insecure...

Granted nothing is totally secure, but does that mean you should not use a firewall, AV etc. because they are not perfect ?! Not at all. It just means you should be aware of the limitations. As with all types of security it should be used as part of a layered defence.

An anonymous proxy service allows you to hide your real IP address from the sites you visit through it. You do expose your real IP address to the anonymous proxy servers, but IMO it's better to only expose your real IP address to a single entity than to multiple entities.

robc wrote:
That's not to say that bypassing the proxy for favicons if a proxy has been specified is good, but that's definitely NEITHER a security issue NOR a major bug (I, for one, don't use a proxy and probably many other users don't), at most it can be an annoyance for you; if this issue has not been dealt with yet, there probably are other problems to tackle before.

I just don't see how you can say a compromise of your privacy, by your real IP address being exposed (unknowingly to most users unless they are aware of this problem), is not a security issue or a major issue. While you and many others don't use a proxy, there are also many people who probably do use a proxy.

An issue like this should go straight to the top of the ToDo list, and be given highest priority.


Top
 Profile  
 
 Post subject:
Post Reply #30 on: Fri Jun 24, 2005 3:13 pm 
Online
AvantGuard
AvantGuard
Avantus Maximus
User avatar

Joined: Thu Jul 31, 2003 2:09 pm
Posts: 11038
Location: Ohio, USA
Windows Version: Windows 7 Pro 64
Avant Version: 2014
Default engine: Firefox / Chrome
IE Version: 11
Skin: Stickers
While not joining the argument, and not to put words in robc's mouth, but I think the "no IP address equaling even teensy weensy security" issue is what he's referring to.

Knowing that someone's IP is AOL, Pipex, or British Communications isn't really a security issue, is it? Interchanging the terms security and privacy just seems to happen a lot to me.


Top
 Profile  
 
 Post subject:
Post Reply #31 on: Fri Jun 24, 2005 4:45 pm 
Offline
AvantGuard
AvantGuard
Semi-Guru
User avatar

Joined: Fri Sep 19, 2003 5:09 am
Posts: 2488
Location: Galway, Ireland
Avant Version:
I agree that this needs to fixed, but by claiming that it must be some sort of plot you're not exactly winning people over by your arguments.

The problem is that not enough people care about this issue. Most people don't value anonymity on the web. Look below here - there's my website address. If you go there you can find my personal phone number. The vast majority of of people aren't concerned, so this flaw has no priority.

But it is a serious flaw. If people think they're anonymous then they should be, even if there aren't many of them. It ought to be fixed as soon as possible.

_________________
My Cartoons
:
IE7 ][ Windows XP Tablet PC Edition 2005 ][ Avast! Antivirus ][ Kerio Firewall ][ DSL


Top
 Profile  
 
 Post subject:
Post Reply #32 on: Fri Jun 24, 2005 6:42 pm 
Offline
AvantGuard
AvantGuard
Avantic
User avatar

Joined: Fri Dec 12, 2003 3:33 pm
Posts: 988
Location: Italy
Windows Version: Vista Ultimate SP1
Avant Version: 11.6 Build 20
IE Version: 7
You cannot be completely anonymous on the Net even if you're using some of the anonymizers out there: the plain simple fact is that somewhere the mapping of your real IP to the "anonymous" one is recorded and can be retrieved, some way or the other. Probably, the maximum "anonymity" one may get is to browse for a few minutes in an internet cafe in another town (better, in another country) while there's nobody in there, then jump on a train and leave for somewhere else :wink: :D :lol: And please, in such a case, don't ever browse to password-protected sites using your true-life account...

I'm afraid the best security nowadays lies in using a fully patched system (whatever the OS, each and every one of them has its own set of problems) behind a dedicated firewall (hardware or IPCop-like) and with "good" browsing habits; the best privacy, using the above system with cookies switched off except for those few cases in which you need them (e.g. online transactions, forums, etc.). Whatever your ISP, there are bound to be logs everywhere, stored for several years at least to comply with the law, so there actually are very few instances in which you may do something that others cannot "trace" if they really want to.

_________________
Image formerly known as Image


Top
 Profile  
 
 Post subject:
Post Reply #33 on: Fri Jun 24, 2005 6:56 pm 
Offline
AvantGuard
AvantGuard
Semi-Guru
User avatar

Joined: Fri Sep 19, 2003 5:09 am
Posts: 2488
Location: Galway, Ireland
Avant Version:
Amen.

_________________
My Cartoons
:
IE7 ][ Windows XP Tablet PC Edition 2005 ][ Avast! Antivirus ][ Kerio Firewall ][ DSL


Top
 Profile  
 
 Post subject:
Post Reply #34 on: Sat Jun 25, 2005 4:47 am 
Offline
Administrator
Administrator
Avantus Maximus
User avatar

Joined: Sat Dec 14, 1901 3:19 am
Posts: 5787
Location: Baltimore and McHenry, Maryland, USA
Windows Version: Windows 7 x64
Avant Version:
Word. In todays internet world, there is no escaping people trying to get your personal information, hacking your computer, etc.

_________________
Formerly known as DrDrrae.
Image
I am not a member of the development team.
Please search the forum before posting questions.

Avant Force Wiki || Avant Force Blog
Desktop:
Intel C2Q Q9550 @ 3.7GHz || 8GiBs DDR2 800 @ 435MHz || Asus P5E
112 GiB SSD || 931 GiB HDD || 2x ATI 5770 in CrossfireX || Picture

NetBook:
ASUS Eee PC 1000HE || 1.66 GHz Atom N280 || 2 GiB DDR2 667 || 320 GiB HDD

NAS:
Intel E5200 @ 2.632 GHz || 4 GiB DDR2 800 @ 421 MHz || Foxconn G31MXP-K
5.45 TiB RAID 6


Top
 Profile  
 
 Post subject:
Post Reply #35 on: Sat Jun 25, 2005 7:13 pm 
Offline
AvantGuard
AvantGuard
Avantus Maximus
User avatar

Joined: Thu Dec 12, 2002 11:16 pm
Posts: 6239
Location: Butler, PA
Windows Version: Windows 7
Avant Version: 2015 Build 2 Lite
Default engine: N/A
IE Version: IE 10(64 bit)
Skin: Crystal
What that means is, don't do anything on the net that you don't want someone else to know about. Just as in real life, we have to live our lives as tho someone is looking over our shoulder--the metaphor can be religious or not, as you like. Obviously there are a lot of people who have fooled themselves into thinking that they are truly untouchable on the net--that they can say and do all kinds of things in the virtual world that they would sneak around about in the real world. What happens when the two worlds meet can be disastrous, whether it's a terrorist plan or a pedophile.

While I'm very careful about personal info like credit card #'s I do rely on secure servers when I shop on line and password protect the data on my computer. Beyond that kind of thing I don't do anything on-line that would do damage to anyone in either the virtual or the real world. I might embarrass myself occasionally, but, hopefully, I've never knowingly harmed anyone else. IMHO folks who are out to do harm forfeit their rights to privacy. When people start talking about plots, I immediately wonder what they are trying to hide...............

Just my 2 cents worth....

Sara :D


Top
 Profile  
 
Post Reply #36 on: Tue Apr 11, 2006 1:39 am 
Offline
Newbie
Newbie

Joined: Tue Apr 11, 2006 1:33 am
Posts: 1
Avant Version:
Yes I would have to agree that this bug, while minor in many respects, is a deal breaker for anyone who surfs anonymously, including me. I used Avant Browser for a while and liked it very much but not having the ability to use it with the proxy made me switch to Firefox.
I actually just registered to find out about this and saw this thread so I figured I may as well include myself in the ones that see this as a deal breaker. Great browser otherwise though!

Quote:
IMHO folks who are out to do harm forfeit their rights to privacy. When people start talking about plots, I immediately wonder what they are trying to hide...............


Maybe so, but that would also mean that people doing no harm also lose their privacy, and why shouldn't law abiding people have privacy?
Thanks,
Paul


Top
 Profile  
 
Post Reply #37 on: Tue Apr 11, 2006 4:36 am 
Offline
Avantus Maximus
Avantus Maximus

Joined: Wed Jan 26, 2005 4:24 pm
Posts: 5624
Windows Version: Vista Ultimate x64 SP2
Avant Version: 11.7 build 43
IE Version: 8
tmpusr wrote:
Yes I would have to agree that this bug, while minor in many respects, is a deal breaker for anyone who surfs anonymously, including me. I used Avant Browser for a while and liked it very much but not having the ability to use it with the proxy made me switch to Firefox.
I actually just registered to find out about this and saw this thread so I figured I may as well include myself in the ones that see this as a deal breaker. Great browser otherwise though!

Quote:
IMHO folks who are out to do harm forfeit their rights to privacy. When people start talking about plots, I immediately wonder what they are trying to hide...............


Maybe so, but that would also mean that people doing no harm also lose their privacy, and why shouldn't law abiding people have privacy?
Thanks,
Paul


As you may see from the changelog of the next beta build , This bug has been corrected quite long ago.
So what's the point to discuss it now?

_________________
IE8(Pro), Microsoft Security Essentials
Main PC:
Image
Secondary PC same as primary but with Windows 7 x64 Ultimate as the OS.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 38 posts ]  Go to page Previous  1, 2

All times are UTC


Who is online

Users browsing this forum: No registered users


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Group