Users of IE are being urged by experts to use alternative..
Moderators: NeilBlanchard, Ralf Hutter, sthayashi, Lawrence Lee
-
- *Lifetime Patron*
- Posts: 2269
- Joined: Sun May 21, 2006 9:09 am
- Location: Northern California.
Users of IE are being urged by experts to use alternative..
Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.
http://news.bbc.co.uk/2/hi/technology/7784908.stm
http://news.bbc.co.uk/2/hi/technology/7784908.stm
This is old now, but still worth remembering:
http://www.heise-online.co.uk/security/ ... news/81419
http://www.heise-online.co.uk/security/ ... news/93018
http://www.heise-online.co.uk/security/ ... news/81419
http://www.heise-online.co.uk/security/ ... news/93018
I got an e-mail forwarded to me earlier explaning that they should NOT use IE-7. This e-mail would have been sent to all 6,000 employees. I imagine that hundreds of other businesses would do the same.
As much as I despise IE's total lack of security and its propensity to install anything for any reason at any time without so much as notifying the end user is a disgrace, but that most people have poor security and internet awareness. Its like the age old problem of people and guns, guns are deadly, but they dont kill people - people do. IE can be perfectly safe to use if you are shrewd, likewise you dont need AV and Firewall software. The problem is when you mix these thing up with someone who looks at the wrong porn sites (as opposed to the right ones), and kids.
The more people who end up using more secure browsers than IE the better for everyone. Ideally everyone should have decent security, use a more secure browser, tweak the browser even further, and be far more cautious on the internet.
Personally I would like to see no-one use Antivirus or Firewall software and everyone use IE, I would get more business, which would suit me just fine.
Andy
As much as I despise IE's total lack of security and its propensity to install anything for any reason at any time without so much as notifying the end user is a disgrace, but that most people have poor security and internet awareness. Its like the age old problem of people and guns, guns are deadly, but they dont kill people - people do. IE can be perfectly safe to use if you are shrewd, likewise you dont need AV and Firewall software. The problem is when you mix these thing up with someone who looks at the wrong porn sites (as opposed to the right ones), and kids.
The more people who end up using more secure browsers than IE the better for everyone. Ideally everyone should have decent security, use a more secure browser, tweak the browser even further, and be far more cautious on the internet.
Personally I would like to see no-one use Antivirus or Firewall software and everyone use IE, I would get more business, which would suit me just fine.
Andy
-
- SPCR Reviewer
- Posts: 561
- Joined: Tue May 30, 2006 8:22 pm
- Location: Vancouver, BC
When was the last time you used IE7? On a fresh install, Internet Explorer will ask you if you want to install a plugin (or even enable one that's already installed but inactive). Likewise with downloading files - you'll get the information bar at the top of the window telling you that something tried to download stuff to your computer.andyb wrote:As much as I despise IE's total lack of security and its propensity to install anything for any reason at any time without so much as notifying the end user is a disgrace, but that most people have poor security and internet awareness. Its like the age old problem of people and guns, guns are deadly, but they dont kill people - people do. IE can be perfectly safe to use if you are shrewd, likewise you dont need AV and Firewall software. The problem is when you mix these thing up with someone who looks at the wrong porn sites (as opposed to the right ones), and kids.
Firefox has had it's share of fairly serious vulnerabilities as well. Just look at the security holes that have crept up into OSX - heck, Apple is recommending that people use an anti-virus on OSX! Windows and IE are the biggest targets in this day and age. That's the only reason why they get more attention from everyone (both good and bad).
This latest vulnerability aside, IE7 is not the problem here (of the other unpatched vulneratbilities, they're low-risk spoofing problems). It's the stupid people who will blindly click on the "Ok" button without looking at what it is first.
Me and my colleagues talked about it briefly, everybody laughing about it, shrugged and went back to work developing our application. As soon as any of the salesreps phoned in, they were advised to go with FF for a little while Aye, dangers lie mostly in habbits, but a little help isn't to much to ask for, is it?andyb wrote: IE can be perfectly safe to use if you are shrewd, likewise you dont need AV and Firewall software.
-
- *Lifetime Patron*
- Posts: 2269
- Joined: Sun May 21, 2006 9:09 am
- Location: Northern California.
Nick Geraedts wrote:When was the last time you used IE7? On a fresh install, Internet Explorer will ask you if you want to install a plugin (or even enable one that's already installed but inactive). Likewise with downloading files - you'll get the information bar at the top of the window telling you that something tried to download stuff to your computer.andyb wrote:As much as I despise IE's total lack of security and its propensity to install anything for any reason at any time without so much as notifying the end user is a disgrace, but that most people have poor security and internet awareness. Its like the age old problem of people and guns, guns are deadly, but they dont kill people - people do. IE can be perfectly safe to use if you are shrewd, likewise you dont need AV and Firewall software. The problem is when you mix these thing up with someone who looks at the wrong porn sites (as opposed to the right ones), and kids.
Firefox has had it's share of fairly serious vulnerabilities as well. Just look at the security holes that have crept up into OSX - heck, Apple is recommending that people use an anti-virus on OSX! Windows and IE are the biggest targets in this day and age. That's the only reason why they get more attention from everyone (both good and bad).
This latest vulnerability aside, IE7 is not the problem here (of the other unpatched vulneratbilities, they're low-risk spoofing problems). It's the stupid people who will blindly click on the "Ok" button without looking at what it is first.
I had to use IE just yesterday as many, many sites with silverlight content are broken if using FF.BBC article wrote:"The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn't enough."
BBC article wrote:"The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn't enough."
Andy, you don't need seatbelts as long as you are careful not to drive in to anyone/anything.andyb wrote: IE can be perfectly safe to use if you are shrewd, likewise you dont need AV and Firewall software.
Earlier today on a customers laptop, IE was broken due to malware and possibly viruses.When was the last time you used IE7? On a fresh install, Internet Explorer will ask you if you want to install a plugin (or even enable one that's already installed but inactive). Likewise with downloading files - you'll get the information bar at the top of the window telling you that something tried to download stuff to your computer.
I have never personally used IE7 for more than a few minutes because its crap, and I only ever use it on customers machines to see that its working and has not been infected.
I am sure it has, but I have only ever seen FF infected with something bad twice (it also infected IE). I have no proof at all that any PC I have had to fix was infected whilst using FF, its always IE. Also none of the FF problems have had me running for the hills, have they had that effect on you.? Did I miss any that are really really bad.Firefox has had it's share of fairly serious vulnerabilities as well. Just look at the security holes
Already mentioned.This latest vulnerability aside, IE7 is not the problem here (of the other unpatched vulneratbilities, they're low-risk spoofing problems). It's the stupid people who will blindly click on the "Ok" button without looking at what it is first.
I have used PC's that are 6-years old, never been patched, have no AV or Firewall, and are used on the internet whilst using IE for years - no infections, no problems. Just because it is not likely does not mean that it is impossible.Me and my colleagues talked about it briefly, everybody laughing about it, shrugged and went back to work developing our application. As soon as any of the salesreps phoned in, they were advised to go with FF for a little while Smile Aye, dangers lie mostly in habbits, but a little help isn't to much to ask for, is it?
BTW If you want to take a single sentence and concentrate on that whilst ignoring the others it just makes you look silly.
I am always more worried about an idiot driving into me - at which point you would have a firewall to stop those pesky people hacking into your PC over the internet whilst your not even browsing the net.Andy, you don't need seatbelts as long as you are careful not to drive in to anyone/anything.
Most peoples PC's are infected by general stupidity, porn-surfing the wrong websites and kids.
Most websites that dont work properly with FF are broken anyway. If the web developers are stupid enough to make webpages to Microsofts standards and not the real "standards" that FF adheres to then you can do what I do dont us it. If I find a website that doesnt work on FF they wont get any trade from me, or a return visit, I just wont use that website at all.I had to use IE just yesterday as many, many sites with silverlight content are broken if using FF.
I know someone who works for an enormous Bank as a web developer, it has taken years to get the idiots in charge to even let them install FF on a PC for testing - but only so long as its NOT attached to the network. As you would expect the banks webpage has a notice on it saying "ONLY USE Internet Explorer", if you are are running Linux or OSX bank elsewhere. Some websites (banks) actually have code built into them to detect the browser you are using and then allow/deny access.
Andy
-
- *Lifetime Patron*
- Posts: 2269
- Joined: Sun May 21, 2006 9:09 am
- Location: Northern California.
Microsoft Issues Emergency Security Patch For IE
http://www.informationweek.com/news/int ... nd+threats
http://www.informationweek.com/news/int ... nd+threats
The company on Saturday warned that 1 in 500 Internet Explorer users worldwide may have been exposed to malware hosted at both legitimate Web sites and porn sites that exploit an unpatched vulnerability.
Stephan Chenette, manager of security research at Websense Security Labs, said in a phone interview that he's seeing a lot more legitimate sites being infected than porn sites. "I would characterize the severity as quite critical," he said. "It has quickly become the exploit of choice among attackers."
Did I?BTW If you want to take a single sentence and concentrate on that whilst ignoring the others it just makes you look silly.
First of all, I'm not a native English speaker, it is an acquired language for me. I'm sorry if my way of expressing myself is a bit quirky or grammatically incorrect. As what I wrote is obviously prone to missconception, let me try again...
First off, your entire first post has two messages:
1) Yes, FF is slightly more secure than IE (even if it could be better)
2) But even more importantly is the user habbits/knowledge
In my response I agree fully with you saying that neither of the computer savvy .NET developers I work with thought nothing of this, shrugging it off with a "nothing new under the sun".
The sales people that phoned in and was worried and asked "So if I stay away from all gaming-related sites I should be fine, right?", was told that they should consider using the more secure FF for a while.
And to summarize, I intended to state that "Yes, good habbits are the best, but in lack thereof any help one can get is good".
However, since you already had said all this just above, I just thought I should give a supportive example. And yes, I do know how habbits help, I've not installed a windows update since XP SP1 was released and I've never used AV You have a funny way of treating those who agree with you, but then again, it may be my crappy English...
Tobius, fwiw, as a native English speaker I would just like to say that I grasped that you were agreeing with andyb immediately, your English is good.
However....if you follow up a quote from somebody with
(I should probably shut up because this is nothing to do with me, but I hate to see disagreements between people where none is intended.)
And btw I've updated IE anyway even though I don't use it (normally).
However....if you follow up a quote from somebody with
you can see why someone *might* get the wrong impression, and thus reverse the whole meaning of your post.Me and my colleagues talked about it briefly, everybody laughing about it
(I should probably shut up because this is nothing to do with me, but I hate to see disagreements between people where none is intended.)
And btw I've updated IE anyway even though I don't use it (normally).
-
- SPCR Reviewer
- Posts: 561
- Joined: Tue May 30, 2006 8:22 pm
- Location: Vancouver, BC
I've seen several infected computers where the users never used IE for anything. Updates were handled by Automatic Updates, and they used Firefox or Opera as their main browser.andyb wrote:I am sure it has, but I have only ever seen FF infected with something bad twice (it also infected IE). I have no proof at all that any PC I have had to fix was infected whilst using FF, its always IE. Also none of the FF problems have had me running for the hills, have they had that effect on you.? Did I miss any that are really really bad.
There have been some pretty serious vulnerabilities in Firefox - right from the source. It's kinda upsetting that most of those are rated Critical for "The Safest Web Browser". They're also using security data from 2006 to backup their claims that FF is more secure than IE. If you look at the numbers for 2008, the two are neck and neck in terms of vulnerabilities and time-in-the-open.
I've worked at places where the IT crew insisted on not installing the latest security updates because they were scared that it would cause problems for the current setup. One workplace only got around to installing XP SP2 over a year after it was released - a full year! Microsoft does some pretty stringent testing of their products and has one of the best support systems in the software industry.
@Tobias - Why have you not updated your system since XP SP1? It's like telling someone not to check the tire pressure or the oil in their car...
-
- *Lifetime Patron*
- Posts: 2269
- Joined: Sun May 21, 2006 9:09 am
- Location: Northern California.
Just to be fair...
Mozilla Fixes Security Bugs In Firefox Browser
http://www.crn.com/security/212501064
I have seen a few infected PCs with user that only use FF before as well. (not from this latest threat.)
Mozilla Fixes Security Bugs In Firefox Browser
http://www.crn.com/security/212501064
I have seen a few infected PCs with user that only use FF before as well. (not from this latest threat.)
I was about to post the report of 8 fixes issued for Firefox, 3 classified as critical too. Notorious bank robber Willie Sutton, when asked why he robbed banks answered "because that's where the money is." IE has been a target for so long because it had all the marketshare. Now that other players are getting more numerous, they are increasingly becoming targets too. No surprises here. If Windows had never existed and Mac + Linux controlled all the worlds computers, all exploits would be written for those platforms. It's not like nobody's ever been able to hack a *nix based operating system before.