EVE Search - Rubicon successfully deployed but the IGB is still chrome version 3!?

Check My IP Information

All Channels

EVE General Discussion

Rubicon successfully deployed but the IGB is still chrome version 3!?

» Click here to find additional results for this topic using Google

Monitor this thread via RSS [?]

Pages: [1] :: one page

Author	Thread Statistics \| Show CCP posts - 0 post(s)
xarjin UNSOL Training 64	Posted - 2013.11.19 20:53:00 - [1] - Quote I posted about this issue 6 roughly six months ago that the IGB badly needed a version upgrade because of critical security vulnerabilities and it still hasn't been addressed. https://forums.eveonline.com/default.aspx?g=posts&t=245325 CCP when if ever can we expect to have the IGB not be vulnerable to remove web exploits? I'm really not trying to be a buzzkill here but taking the security of your subscriber's computers more seriously would be very positively received. If the Hypothetical reverse scenario ever happened where every CCP subscriber 's computer of eve online was infected with a trojan virus because websites can detect browser versions the fallout could be catastrophic. If you dont think this is a serious problem or your a subscriber check for yourself. http://www.whatismybrowser.com Google chrome version 3 is a serious security risk.
Landrae Sacred Templars Fatal Ascension 575	Posted - 2013.11.19 20:54:00 - [2] - Quote Does anyone really use the IGB for anything but funny pictures? Or am I alone in that? Welcome to Eve Online
Dixie Branda The Soul Society Pax Romana Alliance 0	Posted - 2013.11.19 20:55:00 - [3] - Quote Agreed I would actually like to see this updated
Unsuccessful At Everything The Troll Bridge 7408	Posted - 2013.11.19 21:00:00 - [4] - Quote Landrae wrote: Does anyone really use the IGB for anything but funny pictures? Or am I alone in that? There was another guy in another thread who was using it for Redtube... but he didn't want to admit that. *Since the cessation of their usefulness is imminent, may I appropriate your belongings?*
Landrae Sacred Templars Fatal Ascension 575	Posted - 2013.11.19 21:05:00 - [5] - Quote Unsuccessful At Everything wrote: Landrae wrote: Does anyone really use the IGB for anything but funny pictures? Or am I alone in that? There was another guy in another thread who was using it for Redtube... but he didn't want to admit that. Do videos even run on the IGB? Welcome to Eve Online
Batelle Komm susser Tod 387	Posted - 2013.11.19 21:06:00 - [6] - Quote Landrae wrote: Does anyone really use the IGB for anything but funny pictures? Or am I alone in that? There's also ****, because sometimes you have downtime in fleet and someone nice is usually available to provide links. Occasionally I'll open up dotlan or eve-kill using the IGB, but more typically I'll just use use an out of game browser and juggle 2 clients and a browser between 2 screens. Adding more clutter to my eve clients isn't that helpful Fighting is Magic
xarjin UNSOL Training 64	Posted - 2013.11.19 21:10:00 - [7] - Quote A friend in game mentioned CCP Stillman would be the guy to inquire with specifically about this issue. Perhaps he would be willing to comment on this. I messaged CCP Manifest about this last June just assuming he might be able to aid with this gaining some traction. The thing here with this being the IGB is so far out of date and insecure it really wouldn't matter what type of web content you only used the IGB to view. If someone wanted to go to the trouble of using social engineering to popularize a malicious website for the eve community to consume they would have very little resistance potentially creating a botnet of infected computers from eve subscribers computer systems.
Batelle Komm susser Tod 387	Posted - 2013.11.19 21:13:00 - [8] - Quote xarjin wrote: If someone wanted to go to the trouble of using social engineering to popularize a malicious website for the eve community to consume they would have very little resistance potentially creating a botnet of infected computers from eve subscribers computer systems. Pretty sure this would be the kind of player ingenuity that leads to bad press instead of good press. Fighting is Magic
Messoroz AQUILA INC 438	Posted - 2013.11.19 23:44:00 - [9] - Quote The only way to get CCP to update it is to exploit it. Which is incredibly simple because you jsut have to search for CVE's for Chrome for the last 4 years, pick any. The best part is, the work is so easy for CCP, they use a framework called Awesomium to embed it. It has an API and everything, they jsut need to update the package and potentially some API calls. http://www.awesomium.com/
xarjin UNSOL Training 66	Posted - 2013.11.20 09:05:00 - [10] - Quote Just bumping this for some visibility since i did post this after office hours icelandic time yesterday and by my watch it should be around 9am Wednesday morning in Reykjavik. Hoping some dev's or CCP Stillman will see this topic. this has been an ongoing concern for several years and remains unresolved with no comment from any CCP staff. When the eve subscribers have already been able to test and confirm the the IGB can be remotely exploited i find myself more persistent to continue trying to help get this issue fixed. Not commenting on this doesn't help the issue. No amount of Obscurity can help with security in this scenario. CCP Stillman your our only hope!

Kaarous Aldurald ROC Academy The ROC 1560	Posted - 2013.11.20 09:06:00 - [11] - Quote I use the IGB for FleetUp.com (Best fleet planner. ever.) and when I feel like getting trolled and clicking on links to potentially (potentially, who am I kidding) offensive links in local. That's it. Otherwise, I quite simply don't care. Not posting on my main, and loving it.-á Because free speech.-á
xarjin UNSOL Training 66	Posted - 2013.11.20 09:18:00 - [12] - Quote Kaarous Aldurald wrote: I use the IGB for FleetUp.com (Best fleet planner. ever.) and when I feel like getting trolled and clicking on links to potentially (potentially, who am I kidding) offensive links in local. That's it. Otherwise, I quite simply don't care. The people that dont care tend to be the ones most at risk. I agree you shouldn't have to be concerned at all but even the image renderer in chrome versions as old as this are vulnerable to exploits.
SpaceSaft Brave Newbies Inc. Brave Collective 18	Posted - 2013.11.20 11:15:00 - [13] - Quote Batelle wrote: xarjin wrote: If someone wanted to go to the trouble of using social engineering to popularize a malicious website for the eve community to consume they would have very little resistance potentially creating a botnet of infected computers from eve subscribers computer systems. Pretty sure this would be the kind of player ingenuity that leads to bad press instead of good press. What?! RL EWAR! You're in a fleet about to engage the enemy, start attacking and YOUR WHOLE FLEETS' EVE SHUTS DOWN. Shut down by a program a spy in the enemy alliance that volunteered for their website team and used an exploit there. All he would have to do is occasionally link something unsuspicious in alliance chat. That would be hillarious. And probably illegal. Besides that I also hold the oppinion that CCP should make a PC version for Dust 514.
marVLs 516	Posted - 2013.11.20 11:43:00 - [14] - Quote I think they're waiting for WiS to implement better web browsing into UI
James Amril-Kesh 4S Corporation Goonswarm Federation 6265	Posted - 2013.11.20 11:50:00 - [15] - Quote Messoroz wrote: The only way to get CCP to update it is to exploit it. Which is illegal in most countries. EVE Online - A Rigged Game
xarjin UNSOL Training 66	Posted - 2013.11.20 17:39:00 - [16] - Quote 9 hours later and Eve online is still the most insecure software program installed on my computer with no hope of a remedy and no replies from the developers
Captain Tardbar Sons of Sam 715	Posted - 2013.11.20 18:24:00 - [17] - Quote I would like to also point out that viewing Slashdot usually crashes the in game browser. "Entitlement" is a euphemism for "I hate the way you play and it makes me cry like a baby". If you fantasize about being immoral it means you enjoy being immoral deep down. Captain Tardbar: The official grumpy cat of General Discussion.
Messoroz AQUILA INC 439	Posted - 2013.11.21 04:59:00 - [18] - Quote James Amril-Kesh wrote: Messoroz wrote: The only way to get CCP to update it is to exploit it. Which is illegal in most countries. Welcome to the internet, nobody gives a fudge.
Pak Narhoo Splinter Foundation 1188	Posted - 2013.11.21 08:24:00 - [19] - Quote Somehow I'm not surprised not seeing any dev response on this topic which, one way or the other, affects us all. Come on guys, not that hard to type: "we're aware of it" or "we're working on it". Anyway, not going to let this one die like the OP's first post which went down without any reply.
Ben Scavng 3B Industries 0	Posted - 2013.11.21 08:38:00 - [20] - Quote I was not aware of this problem and I really think they should work on that.

Espenson Native Freshfood Minmatar Republic 12	Posted - 2013.11.21 09:47:00 - [21] - Quote Likewise, thanks for highlighting something I was not aware of. Bumping for CCP attention.
Mythrandier Spacelane Salvage 205	Posted - 2013.11.21 09:58:00 - [22] - Quote Landrae wrote: Does anyone really use the IGB for anything but funny pictures? Or am I alone in that? That and FleetPornGäó "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." --á D. Adams.
xarjin UNSOL Training 68	Posted - 2013.11.21 18:38:00 - [23] - Quote Just an update. I sent Riptard Teg an evemail about this linking all the posts from the last 9 months that have gone ignored and unanswered by ccp staff about this. https://forums.eveonline.com/default.aspx?g=posts&t=297403 https://forums.eveonline.com/default.aspx?g=posts&t=245325 https://forums.eveonline.com/default.aspx?g=posts&t=205388 http://www.reddit.com/r/Eve/comments/18osz9/i_was_not_successful_just_posting_on_the_forums/ Hopefully the CSM's can get involved. If someone knows a better more preferred method to contact the CSM about this that is something I may have not done properly in the past. I should also mention i'm not the first to try and motivate ccp to fix this giant security issue they have continued to ignore. everyone that tried previously i'm immediately aware of also was ignored.
Pak Narhoo Splinter Foundation 1190	Posted - 2013.11.22 09:12:00 - [24] - Quote Quote: Hopefully the CSM's can get involved. Haha & lol current CSM is a joke but good luck. Also bump.


Pages: [1] :: one page
First page \| Previous page \| Next page \| Last page

COPYRIGHT NOTICE
EVE Online, the EVE logo, EVE and all associated logos and designs are the intellectual property of CCP hf. All artwork, screenshots, characters, vehicles, storylines, world facts or other recognizable features of the intellectual property relating to these trademarks are likewise the intellectual property of CCP hf. EVE Online and the EVE logo are the registered trademarks of CCP hf. All rights are reserved worldwide. All other trademarks are the property of their respective owners. CCP hf. has granted permission to EVE-Search.com to use EVE Online and all associated logos and designs for promotional and information purposes on its website but does not endorse, and is not in any way affiliated with, EVE-Search.com. CCP is in no way responsible for the content on or functioning of this website, nor can it be liable for any damage arising from the use of this website.