I can see it now. Next, it will be declared as a national security risk and Homeland security department will have to sit in One Microsoft Way and debug the program before it is released to the world.

http://www.theinquirer.net/?article=16922

US Government warns against Internet Explorer

Internet Exploder will harm your machine

By Tamlin Magee: Wednesday 30 June 2004, 13:54

THE US GOVERNMENT has sent out a warning out to internet users through its Computer Emergency Readiness Team (US-CERT), pleading users to stop using Microsoft's Internet Explorer.

Following a malware attack last week which targeted a known flaw in IE, like so many other attacks, the US-CERT recommended using alternative browsers thanks to their increased security. Microsoft is hurriedly trying to increase IE's security with the Windows XP Service Pack 2, but it's not fast enough for many.

In a vulnerability note released by US-CERT, it says "there are a number of significant vulnerabilities in technologies relating to the IE domain" and that "it is possible to reduce exposure to these vulnerabilities by using a different web browser." Well, they're right.

The latest "extremely critical" IE bug has still not been patched by Microsoft. µ

one word


MOZILLA

Another - Firefox.

I used to use Mozilla but 1.8a1 kept crashing on me, so I moved to Firefox 0.9.

Better still.....

linux

Or even apple.

Heck Netscape is still available.

The last 2 times I completly crashed my system once was from a virus I got from the windows updates the other was from an update that wasn't compatable with my version of Windows. lol.

Now I've learend to turn off the automatic downloads of the latest updates.

or how about just being smart about it? I've used IE for a while now and while I'm no fan of Microsoft, I've never had a problem due to IE.

I like Opera. (http://www.opera.com/)

US-CERT dont know what they're talking about IE ownz. :D :o ;)

Originally posted by red5angel
or how about just being smart about it? I've used IE for a while now and while I'm no fan of Microsoft, I've never had a problem due to IE.

...that you know of.

IE's major vulnerabilities are to malicious scripting attacks, and most of those install things on your computer without your knowledge. Most DoS attacks on major servers these days are accomplished by using hundreds of "zombie" boxes, home PCs that the users are not aware have been infected with trojans via IE's open remote scripting flaws.

Your computer may already have been involved with a DoS attack without your knowledge.

browser security configuration is too complicated for most folks to even bother with it.

one of the reasons cert is coming down on IE is that there is a program that was released recently out of russia that records keystrokes on the client side and teh app is insidiouly installed through a script that runs when you get hit with a popup ad type function.

fwiw, netscape, ie and many other browsers all run under the original mozilla model and mosaic model.

ms will patch against this program and will put safeguards in place against malicious client side attacks.

Maybe the Cert team is p'od because the nsa registry key is vulnerable now and people can lock carnivore and other such government spy programs out by using ms security features hee hee. (betcha didn't know there were 3 keys on your registry and one is reserved for the Gov. One is yours, one is the system key and the other is the NSA key which allows them to totally have a look through your system remotely if they suspect you of some sort of activities...and you wouldn't even know they were in there!

It's all so complicated to most...but oh well.

I myself use a variety of browsers (part of my work) and I like to design sites mostly for IE because well, most people use IE.

We need merely to convince those of wrongdoing that what they are doing is not nice. Maybe they think there is a point to it?

Yes. And when more people are using something else, then the virus writers/hackers will start programming for that browser. They don't write for IE because it has security holes. Every browser has security loopholes. The write for it because they know they'll get maximum damage. Same thing with writing a virus for windows...

Originally posted by Ford Prefect
Yes. And when more people are using something else, then the virus writers/hackers will start programming for that browser. They don't write for IE because it has security holes. Every browser has security loopholes. The write for it because they know they'll get maximum damage. Same thing with writing a virus for windows...

Actually, IE is demonstrably less secure than other browsers, because of its integration with the operating system - it has ready access and permissions to core dll files which allow viruses written for IE to do more damage and have further reaching effects than viruses and flaws targeting other browsers.

Certainly, IE and Windows' ubiquity play a part in their heavy targeting by virus writers, but even back in the days when Windows and Mac had very similar market share in the PC market, malware for Macs was a fraction of that for Windows. Their security model simply results in more serious security flaws than other programs and OSes.

Hey,

Anyone can recommend a good key logger detector. I might have to scan a couple computer tonight to see if it got hit.

Kungy

Your conspiracy theories are laughable.
of course I know the truth and ~~I'll never tell~~

Originally posted by FatherDog
Actually, IE is demonstrably less secure than other browsers, because of its integration with the operating system - it has ready access and permissions to core dll files which allow viruses written for IE to do more damage and have further reaching effects than viruses and flaws targeting other browsers.

Certainly, IE and Windows' ubiquity play a part in their heavy targeting by virus writers, but even back in the days when Windows and Mac had very similar market share in the PC market, malware for Macs was a fraction of that for Windows. Their security model simply results in more serious security flaws than other programs and OSes.

Well said.

Toby - yeah, the "a" in 1.8a1 is for "alpha" :)

And while switching to another browser, it's a good idea to change from Outlook to another mail client as well - Outlook and Outlook Express attract viruses and worms like a corpse-filled dumpsite. Mozilla has a good one, Opera has a good one, there's one called Thunderbird that's the alter-ego of Firefox...

Tak, I use Eudora. I've used it for years and I'm happy with it. As to Mozilla, I've used most versions for many years, since 0.x days. It's never crashed as much as 1.8a1 did and I've used plenty of alphas, betas and rc's. I certainly don't wait for major releases. Anyway, Firefox is pretty good - I'm happy with it at the moment.