Why are you still using Internet Explorer?
For the second time this month, Microsoft had to release patches for their months-old browser to prevent malicious coders from monkeying around with your Windows-based computer. The most recent bugaboo involved a pop-up ad (which Internet Explorer still has no functionality to blocking, unlike nearly every other browser can) that could install a program on your machine to capture keystrokes when visiting any one of fifty banking institutions. All of the sudden, someone else has your username and password to your bank account.
Take a look at this snippet from News.com:
Microsoft on Friday released a fix that's designed to protect computers from one of three flaws that, together, could be used to digitally slip past a PC's security through the browser. This weekend, however, a security researcher identified another flaw that could serve the same purpose and that isn't fixed by Microsoft's patch.
"They chose to address only one part of the problem," said Jelmer Kuperus, a computer science student in the Netherlands who posted the code for the work-around. "They should have seen this one coming."
This is the same student that discovered a pop-up vulnerability in IE that allowed a coder to install a toolbar on your Windows-based machine that launched unwanted pop-up ads. That's 'student' as in 'not an employee of Microsoft'.
Microsoft's response to this security flaw researchers first discussed six months ago? More fixes would be forthcoming.
"Most exploits we are seeing developed today are composed of multiple vulnerabilities, (each one) bypassing a specific security feature of Internet Explorer," Kuperus said. "Individually, many of these issues often are fairly harmless, but combined they can pose serious risk."
Vulnerabilities in IE have become so common that some security researchers are recommending that people adopt alternate browsers. The Computer Emergency Response Team, the official U.S. body responsible for defending against online threats, also advised security administrators to consider moving to a non-Microsoft browser, as one of six recommended responses.
"Other browsers available on Windows, such as Opera and Mozilla, do not contain [Internet Explorer's] flaws."
Do yourself a favor. Go get Mozilla Firefox. You can configure it so you'll never see a pop-up ad or pop-under ad again. You can configure it so you'll (almost) never see an annoying banner ad while surfing the web. You can also set it up so flash animated ads won't play until you tell them to play.
It's the best web browser I've ever used. Go get it.
[portions of this were taken from http://news.com.com/2100-7349_3-5259374.html and http://news.com.com/2100-1002_3-5229707.html ]
Posted at July 7, 2004 04:32 PM
Also, bear in mind that IE has been so tightly integrated into Windows (purely so that Microsoft could tell the DoJ that it was impossible to ship Windows without IE) that IE will never again be released indepentently of Windows. If you're using IE on a Mac, it will never be updated. Never. There will be more and more patches, but no new functionality will be added. If you're using Windows, then you get a new version of IE when you upgrade Windows as a whole, and not before. This means that it's always going to be several years behind other browsers, and security issues like the ones Mr Cartoonlad details above will hang around for YEARS.
Also, bear in mind that a lot of these problems come directly from the fact that IE is using code that is also allowed to run local programs on your desktop. I mean, what other browser has a "local zone"? (http://techrepublic.com.com/5100-6264-5054722.html)
Posted by: wintermute at July 8, 2004 02:35 AMWell said, both cartoonlad and wintermute.
If IE wasn't bundled with Windows, no-one would be using it now. As it is, people use it because it's there, and it's the most used Web browser on the Internet, therefore designers have to make sure it works in IE, and so more people use it because their favourite site only works in IE...
It's a vicious circle, and one that's typical of Microsoft. Okay, true, it happens with other companies as well, with different items, but not in quite such a bad way as this.
It seems that Firefox is gaining popularity, though. It still officially has a beta status, though, which probably prevents most people from using it - a lot of companies won't allow beta software on their computers, and to be fair you can't blame them. And a quick glance at the version numbers (IE 6.0 vs. Firefox 0.9.1) tells the uninformed surfer that IE must be better because it has a higher version number. But that's like saying a 4x CD-ROM drive is faster than a 1x DVD-ROM drive - it's not, because the 1x is relative to the first DVD-ROM drive.
Anyway, I'll get off my soapbox now. Just two words to end with: Use Firefox. :D
Posted by: Ciaran at July 8, 2004 01:56 PMOf course, Firefox also has its security issues: http://www.theregister.co.uk/2004/07/09/mozilla_bug/
Posted by: wintermute at July 9, 2004 09:37 AM