How many failed in your browser?

[Lisandro]

Polonus, can you explain to us? Thanks.

[polonus]

Hi Tech,

This is a test for vulnerabilities that can be explored in a browser or with a browser or are design related and it could be very hard to explore these. As the developers of the scan say:

all common browsers fail anywhere from 10 to 30 of less significant tests due to various design decisions (most of which bear some privacy considerations by making it to fingerprint simultaneously open pages).  

So 14 as with Flock is a very reasonable number. There always could be some danger when a malcreant can run their own code in a browser or on a browser site. The attack is carried out on the data loaded in the browser's DOM. For this reason, it is highly advisable to make sure you don't have more than one window open when using a website of a confidential in nature. Re for such an exploit: http://blog.stevepoland.com/exploit-knowing-the-websites-your-visitors-visit/
Fuzzers can be used to find abusable exploits: http://browserfun.blogspot.com/
Know that as DavidR also said in this thread that the NoScript extensions makes this a non-issue because it fully protects. A general issue for various browsers (patched for Fx and Flock): http://www.g-sec.lu/crash/select.html

polonus

[Lisandro]

The attack is carried out on the data loaded in the browser's DOM. For this reason, it is highly advisable to make sure you don't have more than one window open when using a website of a confidential in nature.

Do you mean it could be dangerous to be running in more than one tab? Or just another IE window?
Confidential is banking here?

[polonus]

Hi Tech,

Just as I tell it, with NoScript installed no sweat. On a banking site yes, only one window open in any browser to execute what you have to do there for optimal safety. In Chrome this could be different because every tab/window open is handled as a separate process. I think eventually all browsers will have that for security reasons,

polonus

[Lisandro]

Thanks Polonus. I'll stop using IE while banking. Sometimes I have some issues with Firefox + NoScript.

[polonus]

Hi Tech,

Join us at the one and only NoScript forum run by the extension's developer, Giorgio Maone, and we certainly can help to solve these issues: http://noscript.net/forum
My nick there is "luntrus",

Damian

[jadinolf]

There is soooo much that we must know that it's getting scary.

[Lisandro]

Hi Tech,

Join us at the one and only NoScript forum run by the extension's developer, Giorgio Maone, and we certainly can help to solve these issues: http://noscript.net/forum
My nick there is "luntrus",

Damian

Thanks for the offer. I need to consider other forum... When I enter one I do not leave

[YoKenny]

Hi Tech,

Just as I tell it, with NoScript installed no sweat. On a banking site yes, only one window open in any browser to execute what you have to do there for optimal safety. In Chrome this could be different because every tab/window open is handled as a separate process. I think eventually all browsers will have that for security reasons,

polonus

IE8 opens every tab in a new process.

Enhanced tabbed browsing
http://www.microsoft.com/windows/internet-explorer/features/easier.aspx