homepage Welcome to WebmasterWorld Guest from 174.129.130.202
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

This 44 message thread spans 2 pages: < < 44 ( 1 [2]     
ZDNet Calls 2004: Internet Explorer's year of shame
Long time Microsoft supporter issues strong statements about IE
Brett_Tabke




msg:573090
 1:25 pm on Jul 12, 2004 (gmt 0)

[zdnet.co.uk...]

Small businesses should be seriously looking at alternatives because they are less likely to be able to maintain very good security around the browser with vulnerability management. Smaller businesses should seriously be looking at changing browsers," said Perry.

Since the article was written, another hole was found late last week in the latest IE Patch:
[keralanext.com...]

 

danny




msg:573120
 3:48 am on Jul 13, 2004 (gmt 0)

All of this focus on IE at the moment is only natural as they dominate more than 90% of the browser market share.

This is a common argument, but I think the security records of Apache (with 70% or so of market share) and IIS (with 25% or so) provide a counterexample.

With free software, the larger the market share the more secure systems usually are - it's the specialised products only used by a few people that are the bigger worry, because there are fewer people thinking about their security.

hutcheson




msg:573121
 12:03 am on Jul 14, 2004 (gmt 0)

Funny how many spout the Microsoft propaganda lie, and how few remember the truth.

There was a time -- anyone who is over ten years old and has their full mental faculties should remember it -- when Netscape dominated the browser landscape, and security was not an issue.

The IIS/Apache counterexample has already been mentioned. But fewer security organizations have warned the world to get off of IIS immediately. (although, IIRC, Gartner did last year.)

Pete_Dizzle




msg:573122
 7:24 pm on Jul 14, 2004 (gmt 0)

at one point Netscape had a 100% market share. and it slowly declined. But check the history books there was never ever a security hole that installed a virus on your computer because you just browsed to a website.

the worst security whole ever in netscape was when there was a java app that could download files from your computer. downloading files from your comp and installing viruses TO your comp is a whole different level of security threat.

Mozilla occationally has security wholes which range from 1 to 3 in a scale of 10 (as worst). Most are patched before there is an exploit in the wild.

MS has had level 10 security flaws left unpatched for some time now. Just as we recently saw that people visited their trusted bank sites a few weeks ago and a virus was installed on their box.

IE users, wake up. It's not a black and white world. Mozilla/Opera will have bugs but not on the scale of IE.

Security is an attitude and MS doesn't have it.

RammsteinNicCage




msg:573123
 8:10 pm on Jul 14, 2004 (gmt 0)

Is comparing security issues years ago to today really a fair comparison? I'm sure there are a lot more hackers out there now with a grudge....

Jennifer

webdevsf




msg:573124
 8:31 pm on Jul 14, 2004 (gmt 0)

We forced the entire company to go to Firefox this month. They're not happy but we are.

About says it all, doesn't it?

CritterNYC




msg:573125
 9:25 pm on Jul 14, 2004 (gmt 0)


We forced the entire company to go to Firefox this month. They're not happy but we are.

About says it all, doesn't it?

Everyone is afraid of change. Within a week, they'll notice no difference, except the lack of fear when yet another IE vulnerability is announced.

hutcheson




msg:573126
 11:26 pm on Jul 15, 2004 (gmt 0)

>The one thing that's always bothered me about "open source" stuff is that you generally have NO CLUE who's providing "fixes", "extensions", "upgrades", etc.

Yes, right, that would be the second scariest thing on earth. The only thing that will give an old professional programmer the cold shivers faster than that is, say, IE, where you KNOW who's providing "fixes".

But your fear is no longer true, if it ever was. In fact, with Linux all the fixes have names attached to them. If you don't trust the name, you can look at the code. If you don't trust the code, you can fix it yourself. That's three lines of defense that Microsoft can't provide.

If you want to know what Microsoft's good name on a patch guarantees, look at the EULA. Basically it guarantees that if you install it and it doesn't work, you have to pay for all the repairs: and if you don't like them apples, you can go suck eggs with your broken software.

vkaryl




msg:573127
 12:33 am on Jul 16, 2004 (gmt 0)

In fact, with Linux all the fixes have names attached to them. If you don't trust the name, you can look at the code. If you don't trust the code, you can fix it yourself.

*sigh* Are you being WILLFULLY obtuse?

I'm NOT a linux "specialist". Therefore I don't KNOW any "linux" names. Why would I?

I can look at the code. Of course I can. And your point is?

If I don't trust the code, I can fix it myself. Ummhummm. I'm NOT A PROGRAMMER. I do WELL to tweak js, php, perl, cgi, and MUSHcode - stuff that's already written by those who know what the hell they're doing.

You just PROVED MY POINT that linux folks are elitist. Thank you.

Now how about you provide some REAL, HELPFUL, INFORMATION instead of being snide and sarcastic?

digitalv




msg:573128
 1:04 am on Jul 16, 2004 (gmt 0)

You just PROVED MY POINT that linux folks are elitist. Thank you.

Heh I can agree with that. When I asked my resident Linux geek for help when I couldn't find a driver for a wireless network card he told me to "just write one".

vkaryl




msg:573129
 1:07 am on Jul 16, 2004 (gmt 0)

Sounds like the IT guy at work.... *sigh* He just doesn't get it. And I mean that literally. I'm the only other person in the company who has ANY brains at all machine-wise, so he expects me to breathe that rarefied air....

Don't. Could maybe. Don't want to....

CritterNYC




msg:573130
 2:37 am on Jul 16, 2004 (gmt 0)

The one thing that's always bothered me about "open source" stuff is that you generally have NO CLUE who's providing "fixes", "extensions", "upgrades", etc.

Well, you have about as much clue as you do with closed source stuff. It also depends on the size of the project. Comparing apples to apples... if you look at the big ones...

1. Internet Explorer fixes are provided by Microsoft
2. Firefox fixes are provided by the Mozilla Foundation

1. Microsoft Office fixes are provided by Microsoft
2. Open Office fixes are provided by Sun and the Open Office developers

One is a for-profit corporation and the other is a non-profit organization in the 1st instance. But to you, as an end user, is there a difference, support-wise? Well, leaving out all of the ethical and moral arguments, is there? And don't say that Microsoft is responsible for it because you paid for it and you can sue them. Read your End User License Agreement (EULA). Your only rights are to get your money back. The software isn't guaranteed to boot, work or not blow up your PC.

With smaller projects, it would be analogous to smaller companies. You need to make a judgement call. If you buy XYZ widget from abccorp.com, how do you know they'll be around in a year if something breaks? Same thing with open source. Just because there's a "company" behind something with an LLC or an INC at the end of their name, doesn't mean they are any better organized or will be around for any longer than a group of developers getting together to work on an open source project.

The other good thing with open source is that ANYONE can edit the code. Now, for you and me... the endusers... umm... I sure as hell can't edit the C code which makes up Mozilla. But, if for some reason, the Mozilla Foundation went bankrupt, someone else could pick up the code and keep fixing it up, updating it, etc... and they would have to make it available to us, the users. If your commercial software vendor goes bankrupt, or discontinues a product... you're screwed. There won't be anyone around to fix things for you.

As an example... take Windows 95. Microsoft has End of Lifed it. They won't support it. If anything else is broken with it, you're screwed. They can do that as a closed source software vendor. Now, what about, say, a school in a poor school district that can't afford to update their computers or software. And a worm comes out that hits Windows 95. They're stuck right? Well, if Windows 95 were open source, they wouldn't be. Chances are, someone would be interested enough to start the project up again somewhere else. And if noone was, they could hire someone to fix it for them. With closed source, you only have one option, go back to the vendor... and beg them for a patch or pay to upgrade to a newer version of their product (if one exists).

Does all that rambling make some sense? :-)

digitalv




msg:573131
 2:52 am on Jul 16, 2004 (gmt 0)

As an example... take Windows 95. Microsoft has End of Lifed it. They won't support it. If anything else is broken with it, you're screwed. They can do that as a closed source software vendor. Now, what about, say, a school in a poor school district that can't afford to update their computers or software. And a worm comes out that hits Windows 95. They're stuck right? Well, if Windows 95 were open source, they wouldn't be.

That's like saying if an exploit came out that affected the Linux Kernel 1.0 that people would just pick up and start fixing old code. Of course they wouldn't - they would tell you to download a new Kernel just like Microsoft would tell you to buy Windows XP. Though we can all agree that most Linux releases require less CPU horsepower than Windows, have you tried to run say the latest version of Fedora on a Pentium 100? You won't get very far :)

All products have an end of life, it's nothing exclusive to Windows. It's not Microsoft's fault if you can't afford to update your software or if your hardware doesn't support it, it's yours.

Also, I believe that in the unlikely event Microsoft went bankrupt, their source code would either be released intentionally or released by one or more programmers. In either case I wouldn't be worried.

[edited by: tedster at 6:57 am (utc) on July 16, 2004]

CritterNYC




msg:573132
 3:59 am on Jul 16, 2004 (gmt 0)

As an example... take Windows 95. Microsoft has End of Lifed it. They won't support it. If anything else is broken with it, you're screwed. They can do that as a closed source software vendor. Now, what about, say, a school in a poor school district that can't afford to update their computers or software. And a worm comes out that hits Windows 95. They're stuck right? Well, if Windows 95 were open source, they wouldn't be.

That's like saying if an exploit came out that affected the Linux Kernel 1.0 that people would just pick up and start fixing old code. Of course they wouldn't - they would tell you to download a new Kernel just like Microsoft would tell you to buy Windows XP. Though we can all agree that most Linux releases require less CPU horsepower than Windows, have you tried to run say the latest version of Fedora on a Pentium 100? You won't get very far :)

Actually, no, it's about like saying if something happened with Linux kernel version 2.0 that someone would support it (it came out in the 1st 1/2 of 96, just a bit after Windows 95 time). Guess what. Someone does. It was just updated in February 2004. And it's available for download right from the kernel.org homepage. (Of course, everything going back to 0.1 released in 1991 is still available from their FTP server as well)

All products have an end of life, it's nothing exclusive to Windows. It's not Microsoft's fault if you can't afford to update your software or if your hardware doesn't support it, it's yours.

Commercial software has an EOL arbitrarily determined by the vendor. Open source software doesn't. It's alive as long as someone... anyone... decides to keep it alive (well, anyone that codes or decides to pay someone to). How many millions of people worldwide still use Windows 95? Heck, Microsoft tried to EOL Windows 98 despite the fact that 1/4 of the world still uses it.

Also, I believe that in the unlikely event Microsoft went bankrupt, their source code would either be released intentionally or released by one or more programmers. In either case I wouldn't be worried.

But guess what, it would be illegal to update it. It would even be illegal for you to look at it. Noone can legally update Windows but Microsoft. Of course, with umpteen billion in the bank, they'll probably be around longer than us, but this is far more applicable with smaller vendors. Heck, anyone that's worked in IT has gotten screwed at some point by a larger vender buying a smaller competing vendor just to shut them down. Then you're forced to switch to another product.

[edited by: tedster at 11:26 pm (utc) on July 17, 2004]

mep00




msg:573133
 10:56 pm on Jul 17, 2004 (gmt 0)

they would tell you to download a new Kernel just like Microsoft would tell you to buy Windows XP.
"Just like"? Surely you jest. How do you compare a free downloadable update with going to a store (or having it shipped) and spending ~$200, and then finding out it won't run on your machine without a new CPU and a lot more RAM? Also, 95 and XP, while related, aren't the same product--inside or out.
This 44 message thread spans 2 pages: < < 44 ( 1 [2]
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved