(Not security expert). Security is not the job of a single organization or application alone. You may have to rely on the third party's commitment to security, especially the underlying Operating System. For example, if you are using the Windows operating system with the default configuration, then you trust Microsoft for its security including running applications like the browser. You can configure Windows to be as secure as possible if you need it, however most people will just ignore it for it will require a computer scientist to hardened operating systems.
If you care about security without the hard work, try the Qubes OS Project where you can run Windows or any applications at their most secured configuration. Cheers, Allan ----- Original Message ----- | From: "Eric Periard" <eric.peri...@ccirc-ccric.ca> | To: "Klaus Hartnegg" <hartn...@uni-freiburg.de>, "Enterprise@mozilla.org'" <Enterprise@mozilla.org> | Sent: Friday, December 11, 2015 5:10:06 AM | Subject: Re: [Mozilla Enterprise] Firefox ESR 38.4 - Java Plugin Problem | That same mindset is what caused the Ashley Madison leak to begin with... | | -----Original Message----- | From: Enterprise [mailto:enterprise-boun...@mozilla.org] On Behalf Of Klaus | Hartnegg | Sent: Thursday, December 10, 2015 2:11 PM | To: Enterprise@mozilla.org' | Subject: Re: [Mozilla Enterprise] Firefox ESR 38.4 - Java Plugin Problem | | Am 10.12.2015 um 16:40 schrieb Eric Periard: |> Security is not an option in your organization? | | Nobody wants a secure computer. Your computers are not secure either. | Because computers are only secure if all cables are unplugged. | | A computer which allows work to be done is always a compromise. | | For example a computer center here until a few weeks ago told us that SAP can | only be reached via a Java applet. Good luck trying to talk Juniper into | rewriting the way to connect to that terminal server. This left us with no | choice. | | If you make sure that Java in the browser is only active for the applets on your | intranet, then this is theoretically safe. Except that is is not, because Java | until recently could be tricked to run applets from non-whitelisted domains. | But even so there is still the ClickToRun feature of Firefox. | | If Mozilla decides that crashing is better than leaking memory, then | organizations can be forced to stay on the previous version. A perfectly secure | Firefox can cause people to switch to other less secure browsers. | _______________________________________________ | Enterprise mailing list | Enterprise@mozilla.org | https://mail.mozilla.org/listinfo/enterprise | | To unsubscribe from this list, please visit | https://mail.mozilla.org/listinfo/enterprise or send an email to | enterprise-requ...@mozilla.org with a subject of "unsubscribe" | _______________________________________________ | Enterprise mailing list | Enterprise@mozilla.org | https://mail.mozilla.org/listinfo/enterprise | | To unsubscribe from this list, please visit | https://mail.mozilla.org/listinfo/enterprise or send an email to | enterprise-requ...@mozilla.org with a subject of "unsubscribe" _______________________________________________ Enterprise mailing list Enterprise@mozilla.org https://mail.mozilla.org/listinfo/enterprise To unsubscribe from this list, please visit https://mail.mozilla.org/listinfo/enterprise or send an email to enterprise-requ...@mozilla.org with a subject of "unsubscribe"
