14
   

How seriously should this advice to ditch Internet Explorer be taken?

Forums: Internet, Internet Explorer, Hacking, Ie, Browsers
Email this Topic Print this Page
 
 
Robert Gentel
 
  2  
Reply Mon 18 Jan, 2010 04:51 pm
@Joe Nation,
Joe Nation wrote:
Who doesn't upgrade from IE6???


Mainly people on corporate computers who are not permitted to change their browser and whose company insists on sticking with XP and IE6. It's a pain to roll out software updates across all the computers, so sometimes they just don't.

Plus, sometimes they coded their intranet in a way that works on IE6's buggy renderer and if they upgrade they now need to fix their site code. Again, this is due to IE's poor implementation of standards and shows possible motivation for it (embrace and extend is a strategy they used where they'd deviate from standards in order to lock you into their products).
0 Replies
 
tsarstepan
 
  1  
Reply Mon 18 Jan, 2010 05:02 pm
@Robert Gentel,
Thanks Robert. Firefox had an addon for the same thing: IE engine embedded into a Firefox tab.
0 Replies
 
margo
 
  1  
Reply Mon 18 Jan, 2010 07:58 pm
Thanks, Robert - a wonderful, clear and well reasoned discussion.

Take 3 jellybeans out of petty cash! Laughing
0 Replies
 
msolga
 
  1  
Reply Mon 18 Jan, 2010 10:32 pm
@Robert Gentel,
Many thanks, Robert. Very informative & clear enough for for even a Luddite to understand without effort!
Robert Gentel
 
  1  
Reply Mon 18 Jan, 2010 10:52 pm
@msolga,
Thanks. If you do end up changing browsers let us know how it goes. I just changed recently myself. I have to use all browsers because I need to test code against them, but I was primarily using Firefox till the Chrome extensions came out. Then I found some extensions I needed and I made the switch to Chrome as my primary browser a few weeks ago.

Changing browsers comes with a lot of little annoyances or differences, I even remember missing the click noise IE makes when you click a link when I switched to Firefox/Opera back then. Now when I use IE I recognize the lag that loading that annoying (now I find it a "noisy" way to surf) noise causes. So if you go for it and find yourself a bit lost let us know. Switching browsers is like going from boxers to briefs for me it's one of the most "intimate"* software decisions there is.

* this part may be too geeky for this crowd, but things like browsers or text editors are so big a part of geek work that it becomes like a personal preference in underwear. Switching changes your world and the comfort of familiarity is a bigger deal.
msolga
 
  1  
Reply Mon 18 Jan, 2010 11:09 pm
@Robert Gentel,
Quote:
Thanks. If you do end up changing browsers let us know how it goes. I just changed recently myself. I have to use all browsers because I need to test code against them, but I was primarily using Firefox till the Chrome extensions came out. Then I found some extensions I needed and I made the switch to Chrome as my primary browser a few weeks ago.


I'm not yet at the stage of considering changing from (mainly) Firefox & (some) IE just yet, Robert. But, who knows, there may be some pressing need to consider a change down the track. From what you've said about Chrome, that would be the obvious next choice. Till now (using mainly Firefox) I have not experienced anything to cause major concern. I must say, though, it's been a huge relief browsing with Firefox, after the IE experience. Fingers crossed it stay that way for a bit!

Thanks again for your interest, Robert. I really appreciate it.
0 Replies
 
Thomas
 
  1  
Reply Mon 18 Jan, 2010 11:11 pm
@msolga,
MsOlga wrote:
How seriously should this advice to ditch Internet Explorer be taken?

Anything that gets you shopping for alternative browsing is good, I guess. But this piece of advice makes no sense to me at all:

Quote:
Germany's Federal Office for Information Security, or BSI, told Germans to avoid use of all versions of Explorer after the security hole led to hacks against Google and others.

Why on Earth would a security hole in a browser allow the Chinese government to crack Google's servers? And how would your choice of a safer browser protect servers from future attacks? I don't understand the logic of the advice's argument at all.
msolga
 
  1  
Reply Mon 18 Jan, 2010 11:17 pm
@Thomas,
Quote:
Why on Earth would a security hole in a browser allow the Chinese government to crack Google's servers? And how would your choice of a safer browser protect servers from future attacks? I don't understand the logic of the advice's argument at all.


I honestly don't know, Thomas. (Heck, you're not asking me, are you? Wink )

I printed the SMH article out in full because it seemed a rather dire warning & I wondered (as a Luddite) if it was an overreaction ... & wondered how appropriate such a warning was.
0 Replies
 
Robert Gentel
 
  3  
Reply Mon 18 Jan, 2010 11:24 pm
@Thomas,
Thomas wrote:
Why on Earth would a security hole in a browser allow the Chinese government to crack Google's servers?


As far as I understand, that particular part of this "Aurora" attack went something like this:

1) Browser contains a vulnerability that allows for a payload to be installed on the computer.

2) Hackers phish Google employees, tricking them into visiting a malicious link. Visiting this link gets the first malware onto their own computers.

3) This malware uses advanced encryption techniques to avoid detection (e.g. it phones out using HTTPS for one) and pulls down more malware. Now it can install things to log keystrokes, sniff network activity etc.

4) With these tools you can now catch the code repository logins and use the credentials to access the servers.

Quote:
And how would your choice of a safer browser protect servers from future attacks? I don't understand the logic of the advice's argument at all.


This kind of thing can and does happen with any browser (e.g. the last examples I recall on a2k of browsers being infected were Firefox), so it's not ultimately going to make a big difference and IMO Germany is one of the leading anti-Microsoft crowds around and this is just another opportunity to say what they already advocated: don't use Microsoft!

Don't use an admin/root account is advice that would have much larger impact.
BillRM
 
  1  
Reply Tue 19 Jan, 2010 08:50 am
@Robert Gentel,
Quote:
Don't use an admin/root account is advice that would have much larger impact
.

There is a free Microsoft program that allow you to drop your rights when running a program such as your browser that can be downloaded from Microsoft by the name of DROPMYRIGHTS.EXE.

Of course you can download and used for free a sandbox program call sandboxie and beside being a sand box it allow you to lower the rights of any program running in the sandbox. They do however desire funds for the program but the free version only real limit is that it take an added five seconds to come on line.

As I had already stated any attack that could get by my layers of security in running IE7 would be some attack indeed.
0 Replies
 
LI995
 
  1  
Reply Tue 19 Jan, 2010 08:48 pm
@msolga,
I use Firefox and Google search engines, Google is more internet-friendly
tsarstepan
 
  1  
Reply Wed 20 Jan, 2010 10:11 am
@LI995,
Quote:
Microsoft patching IE hole used by China cyber spies
January 20, 2010 - 10:55AM
Microsoft says it is working around the clock to patch an Internet Explorer 6 (IE 6) software hole through which China-based cyber spies attacked Google and other firms.

Microsoft is testing a security fix and will make it available as soon as it is ready instead of following its protocol of releasing security updates on the second Tuesday of each month.

For the rest of the story:
http://www.theage.com.au/technology/security/microsoft-patching-ie-hole-used-by-china-cyber-spies-20100120-mk0x.html
0 Replies
 
dou2ble
 
  1  
Reply Sun 14 Feb, 2010 10:47 pm
@Robert Gentel,
There's one for Firefox also. IE tab or something like that.
0 Replies
 
 

Related Topics

Obama Promotes Making the Internet a Utility - Discussion by engineer
YouTube Is Doomed - Discussion by Shapeless
So I just joined Facebook.... - Discussion by DrewDad
Tracking and revealing the trolls....ok or not? - Question by dlowan
You are calling Congress about SOPA today, right? - Discussion by maxdancona
Internet disinformation overload - Discussion by rosborne979
Participatory Democracy Online - Discussion by wandeljw
OpenDNS and net neutrality - Question by Butrflynet
Are you for or against net neutrality, and why? - Discussion by Pronounce
Internet Explorer 8? - Question by Pitter
Blizzard Forum Says You Must Use Real Names ... - Discussion by jespah
 
  1. Forums
  2. » How seriously should this advice to ditch Internet Explorer be taken?
  3. » Page 2
Copyright © 2024 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.08 seconds on 11/23/2024 at 02:35:15