PDF exploits shown in this comparison as exceeding Flash based

On 02/20/2010 07:02 PM, Jeff Richards wrote:
You may not be aware that there is an ongoing campaign to introduce as much
irrelevant material as possible, particularly if it relates to security,
into the W98 groups, mostly by casual addition of the W98 groups to postings
in groups related to other versions of Windows. This is done purely to
enhance the status of several trolls who think they are making themselves
appear knowledgeable about W98. All they are doing is completely confusing
the W98 users and creating flame wars which are then fanned as much as
possible. It would be helpful to the W98 groups if this irrelevant
crossposting was removed before replying.

Thanks,

Excuse me, do you have something you wish to say.
Please show us how knowledgeable you are Jeff.

Show us WITH SPECIFICS, that Win98 hacks are not being used and Windows
98 users can rest assured that parties like you are providing the
information they need to protect themselves while on the Internet when
confronted with PDFs, Flash, JAVA, email attacks, and other factors one
finds out here.
While you are explaining these facts [per your thoughts] please explain
your prior support of installation of IE6 files from Win2K AFTER the EOL
of Win98 as recently as the 10th month of last year, into the Win98 OS
and how it would/will protect Win98 users.

Or is it that you believe Win98 users should be "kept in the dark" and
continue to be provided with false information regarding their security
by those apparently without the comprehension to understand the threats
involved?

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

In message , FromTheRafters
writes:
"David H. Lipman" wrote in message
...
From: "J. P. Gilliver (John)"

| In message , David H. Lipman
| writes:
| []
There are some PDF vulnerabilities that FoxIt is vulnerable to and
some
that both Adobe
and FoxIt are vulnerable to.

| Is the former a subset of the latter (i. e. Foxit is vulnerable to
some,
| and Adobe to those and more), or are they overlapping sets (such
that
| there are some Foxit is vulnerable to that Adobe is _not_)?

I'm confused now ...

FoxIt suffers from a subset (so to speak) of the greater amount of
vulnerabilities that
afflict Adobe Reader/Acrobat.

.... if the above is true, then one will always be safer (safer, not
safe!) by using Foxit than Acrobat. But ...

I think he's asking a math question.

(I did express it in that way, yes - sorry if it caused confusion.)

To define his "sets" he may need to clarify some things. The
vulnerability is in the software used to process the PDF format files
and implement their extensions.

Some vulnerabilities may be for Foxit *only*, some for Adobe *only* and
some for *both*. Intersecting sets.


.... if that is true, then "Foxit is always safer" is NOT true.

And then there's the question of how the latest version of each _that
will work under '98_ compare with respect to these vulnerabilities, and
also whether any vulnerabilities either is subject to are actually a
concern under 98 ...

So to summarise, the questions a

What is the latest version of Foxit that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?
What is the latest version of Acrobat that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?
How do those lists compare?
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf
** http://www.soft255.demon.co.uk/G6JPG-PC/JPGminPC.htm for ludicrously
outdated thoughts on PCs. **

Who's General Failure & why's he reading my disk? (Stolen from another .sig)

In message , FromTheRafters
writes:
"David H. Lipman" wrote in message
...
From: "J. P. Gilliver (John)"

| In message , David H. Lipman
| writes:
| []
There are some PDF vulnerabilities that FoxIt is vulnerable to and
some
that both Adobe
and FoxIt are vulnerable to.

| Is the former a subset of the latter (i. e. Foxit is vulnerable to
some,
| and Adobe to those and more), or are they overlapping sets (such
that
| there are some Foxit is vulnerable to that Adobe is _not_)?

I'm confused now ...

FoxIt suffers from a subset (so to speak) of the greater amount of
vulnerabilities that
afflict Adobe Reader/Acrobat.

.... if the above is true, then one will always be safer (safer, not
safe!) by using Foxit than Acrobat. But ...

I think he's asking a math question.

(I did express it in that way, yes - sorry if it caused confusion.)

To define his "sets" he may need to clarify some things. The
vulnerability is in the software used to process the PDF format files
and implement their extensions.

Some vulnerabilities may be for Foxit *only*, some for Adobe *only* and
some for *both*. Intersecting sets.


.... if that is true, then "Foxit is always safer" is NOT true.

And then there's the question of how the latest version of each _that
will work under '98_ compare with respect to these vulnerabilities, and
also whether any vulnerabilities either is subject to are actually a
concern under 98 ...

So to summarise, the questions a

What is the latest version of Foxit that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?
What is the latest version of Acrobat that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?
How do those lists compare?
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf
** http://www.soft255.demon.co.uk/G6JPG-PC/JPGminPC.htm for ludicrously
outdated thoughts on PCs. **

Who's General Failure & why's he reading my disk? (Stolen from another .sig)

MEB wrote:

Show us WITH SPECIFICS, that Win98 hacks are not being used

Meb again is asking for negative proof. He is asking that a negative be
proved- that something DOES NOT exist or that something DOES NOT happen.

Either Meb is truely a moron and doesn't understand the concept of a
negative proof, or he knows that full well but is nonetheless using it
to support his mindless arguments.

A negative can usually never be proved unless the scope of the argument
is sufficiently small. In this case, the scope of the argument (all
data that can pass between or into any computer on planet earth) is too
large to rationally ask for a negative proof.

But this is frequently how MEB responds in an argument. You can never
ask him for a positive example to prove his point - he will always turn
it around and ask you to supply a negative proof.

Or is it that you believe Win98 users should be "kept in the
dark" and continue to be provided with false information
regarding their security by those apparently without the
comprehension to understand the threats involved?

You have failed time and time again to explain why you do not test
various threats on your win-98 system and post the results. All you
ever do is blather on and on and on about the latest flash or adobe
threats and post CERT pgp keys (god knows why you do that) without
providing any shread of evidence that those threats or exploits are
operable on win-98 systems.

And when others post the observation / suggestion that win-98 users
apply IE-patch rollups released by Microsoft for win-2k IE6-sp1, you
froth at the mouth against doing that, claiming it would make win-98
systems *less* secure.

You claim that IE6 was never properly "ported" to win-98, but your
analysis is based on a faulty understanding of dependency walker and a
faulty understanding of multi-platform DLL's.

I post most of this here for the benefit of those of you here in
microsoft.public.security.homeusers for whom MEB is an unknown
quantity. He is a well-known kook here in m.p.win98.gen_discussion.

MEB wrote:

Show us WITH SPECIFICS, that Win98 hacks are not being used

Meb again is asking for negative proof. He is asking that a negative be
proved- that something DOES NOT exist or that something DOES NOT happen.

Either Meb is truely a moron and doesn't understand the concept of a
negative proof, or he knows that full well but is nonetheless using it
to support his mindless arguments.

A negative can usually never be proved unless the scope of the argument
is sufficiently small. In this case, the scope of the argument (all
data that can pass between or into any computer on planet earth) is too
large to rationally ask for a negative proof.

But this is frequently how MEB responds in an argument. You can never
ask him for a positive example to prove his point - he will always turn
it around and ask you to supply a negative proof.

Or is it that you believe Win98 users should be "kept in the
dark" and continue to be provided with false information
regarding their security by those apparently without the
comprehension to understand the threats involved?

You have failed time and time again to explain why you do not test
various threats on your win-98 system and post the results. All you
ever do is blather on and on and on about the latest flash or adobe
threats and post CERT pgp keys (god knows why you do that) without
providing any shread of evidence that those threats or exploits are
operable on win-98 systems.

And when others post the observation / suggestion that win-98 users
apply IE-patch rollups released by Microsoft for win-2k IE6-sp1, you
froth at the mouth against doing that, claiming it would make win-98
systems *less* secure.

You claim that IE6 was never properly "ported" to win-98, but your
analysis is based on a faulty understanding of dependency walker and a
faulty understanding of multi-platform DLL's.

I post most of this here for the benefit of those of you here in
microsoft.public.security.homeusers for whom MEB is an unknown
quantity. He is a well-known kook here in m.p.win98.gen_discussion.

98 Guy

Do yourself a favor and get a life. You are wrong and you are beating a dead horse.
Being foolish does not make you look good and your little credibility that you had
is also going the way of the wind .

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"98 Guy" wrote in message ...
MEB wrote:

Show us WITH SPECIFICS, that Win98 hacks are not being used

Meb again is asking for negative proof. He is asking that a negative be
proved- that something DOES NOT exist or that something DOES NOT happen.

Either Meb is truely a moron and doesn't understand the concept of a
negative proof, or he knows that full well but is nonetheless using it
to support his mindless arguments.

A negative can usually never be proved unless the scope of the argument
is sufficiently small. In this case, the scope of the argument (all
data that can pass between or into any computer on planet earth) is too
large to rationally ask for a negative proof.

But this is frequently how MEB responds in an argument. You can never
ask him for a positive example to prove his point - he will always turn
it around and ask you to supply a negative proof.

Or is it that you believe Win98 users should be "kept in the
dark" and continue to be provided with false information
regarding their security by those apparently without the
comprehension to understand the threats involved?

You have failed time and time again to explain why you do not test
various threats on your win-98 system and post the results. All you
ever do is blather on and on and on about the latest flash or adobe
threats and post CERT pgp keys (god knows why you do that) without
providing any shread of evidence that those threats or exploits are
operable on win-98 systems.

And when others post the observation / suggestion that win-98 users
apply IE-patch rollups released by Microsoft for win-2k IE6-sp1, you
froth at the mouth against doing that, claiming it would make win-98
systems *less* secure.

You claim that IE6 was never properly "ported" to win-98, but your
analysis is based on a faulty understanding of dependency walker and a
faulty understanding of multi-platform DLL's.

I post most of this here for the benefit of those of you here in
microsoft.public.security.homeusers for whom MEB is an unknown
quantity. He is a well-known kook here in m.p.win98.gen_discussion.

98 Guy

Do yourself a favor and get a life. You are wrong and you are beating a dead horse.
Being foolish does not make you look good and your little credibility that you had
is also going the way of the wind .

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"98 Guy" wrote in message ...
MEB wrote:

Show us WITH SPECIFICS, that Win98 hacks are not being used

Meb again is asking for negative proof. He is asking that a negative be
proved- that something DOES NOT exist or that something DOES NOT happen.

Either Meb is truely a moron and doesn't understand the concept of a
negative proof, or he knows that full well but is nonetheless using it
to support his mindless arguments.

A negative can usually never be proved unless the scope of the argument
is sufficiently small. In this case, the scope of the argument (all
data that can pass between or into any computer on planet earth) is too
large to rationally ask for a negative proof.

But this is frequently how MEB responds in an argument. You can never
ask him for a positive example to prove his point - he will always turn
it around and ask you to supply a negative proof.

Or is it that you believe Win98 users should be "kept in the
dark" and continue to be provided with false information
regarding their security by those apparently without the
comprehension to understand the threats involved?

You have failed time and time again to explain why you do not test
various threats on your win-98 system and post the results. All you
ever do is blather on and on and on about the latest flash or adobe
threats and post CERT pgp keys (god knows why you do that) without
providing any shread of evidence that those threats or exploits are
operable on win-98 systems.

And when others post the observation / suggestion that win-98 users
apply IE-patch rollups released by Microsoft for win-2k IE6-sp1, you
froth at the mouth against doing that, claiming it would make win-98
systems *less* secure.

You claim that IE6 was never properly "ported" to win-98, but your
analysis is based on a faulty understanding of dependency walker and a
faulty understanding of multi-platform DLL's.

I post most of this here for the benefit of those of you here in
microsoft.public.security.homeusers for whom MEB is an unknown
quantity. He is a well-known kook here in m.p.win98.gen_discussion.

"J. P. Gilliver (John)" wrote in message
...
"David H. Lipman" wrote in message
.. .

FoxIt suffers from a subset (so to speak) of the greater amount of
vulnerabilities that
afflict Adobe Reader/Acrobat.

... if the above is true, then one will always be safer (safer, not
safe!) by using Foxit than Acrobat. But ...

False conclusion, because it is the future you are gambling on. Maybe
Adobe's code has been tested more rigorously now, and FoxIt's code
remains to be tested.

I think he's asking a math question.

(I did express it in that way, yes - sorry if it caused confusion.)

I infer from David's post that he is attesting to the fact that the
Adobe PDF vulnerability set has many more members than does the FoxIt
Reader PDF vulnerability set.

To define his "sets" he may need to clarify some things. The
vulnerability is in the software used to process the PDF format files
and implement their extensions.

Some vulnerabilities may be for Foxit *only*, some for Adobe *only*
and
some for *both*. Intersecting sets.


... if that is true, then "Foxit is always safer" is NOT true.

I don't see how that conclusion hinges upon my statement.

Anyway, even though I don't know anything about either program, I could
suggest that FoxIt Reader is safer than Adobe's. This is based only on
my strong suspicion that Adobe's has more lines of code.

And then there's the question of how the latest version of each _that
will work under '98_ compare with respect to these vulnerabilities,
and also whether any vulnerabilities either is subject to are actually
a concern under 98 ...

Well, Win98 is practically impervious to any privilege escalation
exploits.
Filesystem security sure isn't an issue. D

You should ask in the Win98 group. Treat PDFs as you would executables -
no browser add-on to autorender content - no scripting or "Flash"
extensions etc...

.... the devil is in the extensions (usually)

So to summarise, the questions a

What is the latest version of Foxit that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?

One thing about 98 and NT versions is that even though an exploit can be
written that affects all, it is often coupled with shellcode or further
processing that is OS specific. 98 is becoming less of a target, so
actual threat decreases. A remote code execution exploit using a PDF
file may have shellcode to get control of an XP machine while only doing
a DoS to a 98 machine.

This doesn't mean that the writer couldn't have just as easily written
the shellcode part of the exploit for the Win98 machine.

What is the latest version of Acrobat that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?

Another one specifically for the 98 group.

How do those lists compare?

Have fun with your research, I suspect you will end up with FoxIt being
the better choice even if it is old and unpatched.

"J. P. Gilliver (John)" wrote in message
...
"David H. Lipman" wrote in message
.. .

FoxIt suffers from a subset (so to speak) of the greater amount of
vulnerabilities that
afflict Adobe Reader/Acrobat.

... if the above is true, then one will always be safer (safer, not
safe!) by using Foxit than Acrobat. But ...

False conclusion, because it is the future you are gambling on. Maybe
Adobe's code has been tested more rigorously now, and FoxIt's code
remains to be tested.

I think he's asking a math question.

(I did express it in that way, yes - sorry if it caused confusion.)

I infer from David's post that he is attesting to the fact that the
Adobe PDF vulnerability set has many more members than does the FoxIt
Reader PDF vulnerability set.

To define his "sets" he may need to clarify some things. The
vulnerability is in the software used to process the PDF format files
and implement their extensions.

Some vulnerabilities may be for Foxit *only*, some for Adobe *only*
and
some for *both*. Intersecting sets.


... if that is true, then "Foxit is always safer" is NOT true.

I don't see how that conclusion hinges upon my statement.

Anyway, even though I don't know anything about either program, I could
suggest that FoxIt Reader is safer than Adobe's. This is based only on
my strong suspicion that Adobe's has more lines of code.

And then there's the question of how the latest version of each _that
will work under '98_ compare with respect to these vulnerabilities,
and also whether any vulnerabilities either is subject to are actually
a concern under 98 ...

Well, Win98 is practically impervious to any privilege escalation
exploits.
Filesystem security sure isn't an issue. D

You should ask in the Win98 group. Treat PDFs as you would executables -
no browser add-on to autorender content - no scripting or "Flash"
extensions etc...

.... the devil is in the extensions (usually)

So to summarise, the questions a

What is the latest version of Foxit that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?

One thing about 98 and NT versions is that even though an exploit can be
written that affects all, it is often coupled with shellcode or further
processing that is OS specific. 98 is becoming less of a target, so
actual threat decreases. A remote code execution exploit using a PDF
file may have shellcode to get control of an XP machine while only doing
a DoS to a 98 machine.

This doesn't mean that the writer couldn't have just as easily written
the shellcode part of the exploit for the Win98 machine.

What is the latest version of Acrobat that runs under '98, and what
vulnerabilities is that version subject to which actually are a threat
under '98?

Another one specifically for the 98 group.

How do those lists compare?

Have fun with your research, I suspect you will end up with FoxIt being
the better choice even if it is old and unpatched.

"98 Guy" wrote in message ...

[...]

without providing any shread of evidence that those threats
or exploits are operable on win-98 systems.

Considering exploits, it is not reasonable to assume that your OS is
more secure just because an exploit is not operable on it.

If the vulnerable software falls over, but the OS doesn't recognise the
shellcode, the system is *still* vulnerable to the exploit. If it is an
NT specific malware *payload* you might not be vulnerable to the
payload, but you still are vulnerable to the exploit. It is the exploit
that delivers the payload (often in the form of shellcode).

Just because a malware instance can't complete its worm function on a
Win98 system does not mean it cannot complete its PE infection routine
and be a virus on Win98.