In a surprise announcement today the U.S. Computer Emergency Readiness Team (CERT) issued a note saying that users shouldn't use Internet Explorer. Sounds to me like they got tired of all the security problems that IE has been popping up with.
Microsoft shares traded in the red Wednesday, but the software giant's stock appeared not to feel a significant negative impact from a government group's warning against using the Internet Explorer Web browser.
The U.S. Computer Emergency Readiness Team, known as CERT, issued a "vulnerability note" saying that computer users should not use the Internet Explorer browser because of security vulnerabilities that hackers can exploit to launch attacks on personal computers and corporate networks.
The security lapses can cause a Web site to make the browser think, in effect, that it is running a program that violates its security settings. The Web site can then be used to do anything from recording keystrokes, which make it easier to steal passwords and credit-card numbers, to installing pop-up-ad programs. CERT is suggesting that computer users take steps such as applying security updates to Outlook e-mail programs and maintaining antivirus software, and using alternative Web browsers.
News source: CBS MarketWatch
Microsoft shares traded in the red Wednesday, but the software giant's stock appeared not to feel a significant negative impact from a government group's warning against using the Internet Explorer Web browser.
The U.S. Computer Emergency Readiness Team, known as CERT, issued a "vulnerability note" saying that computer users should not use the Internet Explorer browser because of security vulnerabilities that hackers can exploit to launch attacks on personal computers and corporate networks.
The security lapses can cause a Web site to make the browser think, in effect, that it is running a program that violates its security settings. The Web site can then be used to do anything from recording keystrokes, which make it easier to steal passwords and credit-card numbers, to installing pop-up-ad programs. CERT is suggesting that computer users take steps such as applying security updates to Outlook e-mail programs and maintaining antivirus software, and using alternative Web browsers.
News source: CBS MarketWatch
*Added for EU comparison; it appears its not just the UK getting ripped off.
Although I believe the security concerns regarding internet explorer for users like us are minimal, they should never have left so many holes opened up for the average user... it's really just a matter of them setting the default security settings higher.
I'm on day three of using firefox myself, and I must say I'm impressed with the browser. I tried avant, didn't like it.. search was buggy, interface seemed too cluttered. Like the tabs, middle mouse feature, search bar for ebay, google, dictionary.com, etc .. extensions, ability to write an ad blocker right into the program itself.... overall impressed will probably stick with firefox.
All you IE fanbois that haven't at least tried it yet, you have nothing to lose. I use to be not a fanboi, but a defender of internet explorer, and while as a whole I don't think there is anyhing particularly bad about IE, it is stale, and needs new life. It also had a few annoying glitches that were getting to me, such as the cursor resetting in the address bar when I was trying to type in webpages.
Last edited by 1712 on 30 Jun 2004 - 21:34
I'm sure you are. Apparently, you have no other use for your time.
I do not believe this statement is right. Microsoft makes most of their money from businesses running their products. Anywhere from Windows Server, to Exchange Server, to SQL Server. Windows XP and Office for Home users is a SMALL part of where their money comes from.
I don't consider myself a "fanboi" but I use IE. I have tried Firefox, and Opera. I use them for a couple of days, and they have some nice features, but all I look for in a web browser is a piece of software to browse webpages, nothing complicated. It would take me days of doing nothing but configuring FF to make it work the way I like it, so I went back to IE, and With SP2 I don't use any External plugins.
im not exactly sure who microsoft gets all of their money from, but certain things are for sure:
- microsoft's main money makers are Windows and Office.
- microsoft's server products come in next
- then some other divisions like MSN (which finally started making money a year or two ago).
- then all of the divisions that lose money.
STV
They sure do.
Er... what exactly is it you need to change? FF works just like IE out-of-the-box.
Pretty soon there will be a huge, bloated browser built into Windows with half the features it originally had because they'll be disabled.
Nope, that would "We know our VM is crap, but we don't like Sun anyway, so we won't ask them nicely for their superior one, we'll just remove it from the OS without telling you and bugger up all those Java sites you got used to viewing. That way we can carry on taking over the world by making a gobload of developers [of competitive architecture] redundant because the most used browser in the world won't show their efforts."
When was the last time you viewed a Java applet on XP? Did you know you had to go to Sun and get the VM? Most don't.
I don't think they "Turned Off" their VM because it had a vulnerability. They "Turned it Off" because of law suits coming from sun microsystems.
This wasn't because of a security hole, it was because of a lawsuit.
They didn't do this because of a security hole in outlook, they did this because there are WAYYY too many stupid users who open stuff up in a email client that they shouldn't be opening.
The security hole here is the user, not the program.
When did Microsoft ever "Turn Off" Active X? It is still running in my browser.
So, I don't know where you get your information from, but next time, check into it before you post.
MOST new machines that are being built come with Sun Java. If you are capable of building your own machine then you should know where to either get Microsoft VM, or Suns VM, and if you don't, go back to buying OEM machines.
And if your argument is the small period of time that these machines were not shipped with Java, then when you try to view a java page a dialog box comes up asking you to install it. If you tell it to automatically do it, it will take you to This web page which has links to Sun's site, and explains how to get it.
avant is very slow and freezes alot
myie2 is very good but opera beats it hands down
basicaly firefox and opera are the ones to use
i used to love IE(i started using it way back when it was ie3 when netscape was too slow for us)But Now That Firefox and opera are around it's time to switch to better browsers
Cheers
Ps. You can always do pretty good comparison on loading times with stopwatch.
Go alternative browsers, people need to wake up to the fact that IE is a piece of crap that they can't get rid of, and move on to better software.
just because they are giving u software for free does not justify the fact that you have to suffer the downtimes they have due to heavy server loads. genuine firefox lovers should be concerned and more forthcoming to help keep the reputation intact...
Did you look at the Mozilla Mirrors page for Firefox?
http://www.mozilla.org/products/firefox/mirrors.html
Go Mozilla !
now we need firefox/opera to save us from the **** called IE.
feel better now troll?
Last edited by 37896 on 30 Jun 2004 - 23:31
So CERT have brains too? Wow, I could never have guessed.
Here is the source: CERT Vulnerability Note VU#713878
In short, lazy. But *Not* Stupid. When CERT, which isn't exactly famous for supporting open source, Finally Admits IE is causing grief worldwide through exploitable holes.. and I see it's quite possible MY bank info is at risk, hey.. even I'll give in and wade the transition.
No, I don't want to use FF .. but I'm gonna. And when I hear the horror stories about Identity Theft and spyware infestations... that weeping you hear won't be me.
so far im not impressed, Ill have to go to like this, but Ill test it.
Im still an ie BROTHER
Last edited by 37896 on 01 Jul 2004 - 02:57
STV
Silly ol' tapo, always trying to shoot my posts with no proof.
STV
Last edited by 40230 on 01 Jul 2004 - 22:15
STV
i dont think that this is as big a thing as it is being made out to be.
the guide is very simple to follow: http://www.microsoft.com/security/incident/download_ject.mspx
STV
Unfortunately 99% of the Neowinians cannot grasp this concept and go around bashing IE in the end.
not everyone has broadband. not everyone has the time to waste looking for ms patches.
and dont expect everyone to have a mbit broadband connection. it takes me 30 minutes to download firefox. i dont have the time/patience/bandwidth to patch a patch that was supposed to patch a security glitch in ie.
about time the government did something. IE is sh*t i dont use it except for windowsupdate and to see how sites i design look in ie id rather download a newer version of firefox then download an IE patch thats just as big
it will only take long if you dont know what you are doing. IE will get better and thi whole discussion about how IE sucks will go away.
STV
so, the government did something "good" because you think it is "good". i think that it is rather irresponsible of the government to say things like this about a company's product. but in the end, it will only kick microsoft into making IE better. so i say, "good luck microsoft".
STV
this is what we all want. I dont hate IE because its IE or it is from microsoft. i dont like it because i am forced to use it at times. and it is not good enough at the moment.
i can understand that.
STV
So your saying the "Average Net User" can download and configure FF and make it work right with no issues? Riiiiggghhtt.
Would you suggest that I tell them to set their privacy and security settings to high, adding Microsoft.com as a trusted site, and clicking yes or no to every cookie that passes their way?
What about the friends that already have *random spyware toolbar* installed in IE? Should I guide them through Spybot, backing up their registry, and removing it and then doing the privacy/security settings?
I'm sorry, but a lot of the people I know just get so frustrated that they completely give up on IE.
STV
I will only use IE for Windows Update/Catalog and that is only because it won't allow me to use another browser to use WU.
The shame of it is that many sites are designed specifially for virus petri dish of a browser - IE (read: not following W3C standards!). Resultingly many sites do not format correctly nor function properly. Microsoft really did a bad thing by breaking away from the standards set forth by the W3C. This was obviously a monopolistic effort on Microsoft's part and now we are to suffer the results. Thanks Bill, you asshat.
feel free to use this on any IE users you know, from me 2 you:
I equate browsing the Internet with IE to having sex with a prostitute without a condom.
actually, you are being lazy by just giving up on IE at the sign of trouble. if the browser that you use right now had something similar, i bet that you would go to another browser. that is the "easy" way out. actually sticking with IE and managing it, is a little more work, but not by much if you actually know what you are doing.
many FF an Opera users obviously dont know how to set the security and privacy settings appropriately.
like i said before, this is something that has been blown up to be something that is not as big as many will have you think.
I dont have anyproblems with my security and privacy setting and they protect me. also, the fact that I also have a firewall increases my security.
STV
Yours is the type of response I would expect from an irrational zealot. You feel some sort of "connection" to a piece of software and thus feel the need to evangelize it. I feel no need to evangelize my browser, which, for the sake of my argument, will not be disclosed. I will say that I do not use Internet Explorer.
The privacy and security settings are the condom.
STV
When I buy (or otherwise acquire, lol) a piece of software, one of the first things I do is to go through all the menus and options and find out what everything does and configure it to my liking/needs. Most people are either too stupid or too lazy to do this. I've known people to get really pi$$ed off with that $hitty 'MSN Today' b0ll0cks that keeps popping up every time they sign in to MSN Messenger and put up with it for as long as it's been out, when all they need do is to go into options and disable it.
Having configured IE so that it's more secure, I've never had any trouble with it whatsoever. I'm also behind 2 firewalls, 1 hardware (router) and 1 software, so that helps a lot too.
As for having to 'apply patch after patch', most patches are cumulative, which means that each one also includes all previous fixes (i.e. the June update will also contain fixes for issues addressed in the May update). Where's the hardship in downloading one patch a month?
As for IE not conforming to W3C standards, I've never noticed any problems with IE's rendering engine. In fact, I've found it to be the reverse: some DHTML elements that render fine in IE don't render properly in Netscape, Opera, Firefox...
I'm not claiming IE is perfect, but it's my preferred browser and always will be.
Last edited by 17021 on 01 Jul 2004 - 14:35