Forum Moderators: open
1) i don't feel like switching, frankly i love IE and as long as i keep my virus software and windows updated, what do i have to worry about ... yes, they discover new exploits every month, but are any of these really practical exploits that could happen in real world scenarios .. AND what are the odds of me being one of the first few thousand in the world who are 'exploited' before there is a patch available for it? almost as likely as me winning the lottery?
2) consistently every month, 95% of my sites' visitors use one version or the other of IE ... i don't even bother to worry about how they look to other browser users any more but is mozilla (or any other) likely to be a real alternative in the near future? i say "real alternative" meaning, don't say you use mozilla, firefox, whatever ... the people on here are not the average user, the average user wants it simple and dumb proof, just the way microsoft makes most of its products it seems.
nerds keep crying about IE this and IE that but some of the alternatives will never be true alternatives to anyone but the nerds (insignificant minority) because they are not dead simple to set up and/or use
I did some work for a company and since I was there I did some computer support. They trust me and call me pretty often even though that is not what I do.
Last month I was in there the owner brought me to his computer because something was wrong with it. He clicked on a something, now his homepage is not right.
These are not the most technical guys.
Just about 2 weeks ago I sent them an email like I normally do if there is something that they should patch and in the bottom of it I gave them a link to firefox and said if they want an alternative they could give that a try.
This week I had to go in and see them and I was surprised that almost everyone in the office was now using firefox.
I was surprised because I didn't think that many of them would use it, and that I never even got a call about it!
p.s. I did show someone the firefox extensions when I was in, then "fixed" a palm that wouldn't connect with the reset button on the back, for the second time in about 3 months. :)
1. Viruses are the least of it today. How many times would you be willing to have a hidden dialer installed that makes you libel for a couple thousand dollars in phone charges?
2. Anti-virus companies usually build protection for viruses that were already discovered "in the wild." That means a bunch of poor blokes must already be infected before your A-V application can be updated. Some day, you may be one of those poor blokes at the cutting edge of virus discovery.
3. Many security patches for FireFox, Opera are created to fix problems that were found by developers and are not already in the wild.
Installation? I'm a late comer to nerd-dom. I am far from a techno-geek. I've had more trouble installing and fixing IE than I've ever had with Opera or FireFox.
My current IE6 has been buggy for over a year - it stops showing images or finding any external files at all right in the middle of a session. Those bugs have survived delicate registry tweaks and two full reformats.
It does things like this often and not just with Java, but with other web programs. Maybe your chances of getting hit is slim, but there is still a chance you will get hit by a virus or hacker and are you ready to take a chance like that?
Are the other browsers ever going to be used by most people? No, unless they start really marketing it and even if they do that they can out due Microsoft when it comes to money nor products. Microsoft don't even need to spend anymore money on marketing IE because comes with any computer that uses windows and most people use windows. How can someone compete with that?
Most of my friends have never heard of Firefox or other browsers and I think most Internet users are the same. The problem is that IE has no one to complete with anymore, so why make it any better? And I think if Microsoft does not see this now it will be the down fall of IE.
What makes anyone assume there aren't an equal or greater number of holes in all other browsers?
The people that attempt to exploit holes in IE are cyber terrorists. They have to aim at big targets. What would be the point in targeting a browser that only a tiny percentage of the population used?
The chances are that IE is safer than most other browsers, simply because it gets tested regularly by these cyber terrorists.
If we all switched to another browser tomorrow does anyone really believe that browser wouldn't become the target and be shown to be full of holes?
And IE started with a peashooter and a gormless grin.
Others set out better prepared.
How do you know that?
Pea shooters that are attacked start to develop better defenses as the "arms race" escalates. IE is under constant attack, the others are not.
Those that are never attacked, never have a reason to develop better defenses.
I love Switzerland, but do you really think it stands a chance against the superpowers of the USA or China if attacked? QED!
But nation states are trying to defend Internet sources, [us-cert.gov...] for example:
...a partnership between the Department of Homeland Security and the public and private sectors. Established to protect the nation's Internet infrastructure...
And then several of their recent advisories, eg::
[kb.cert.org...]
Their advice includes "use a different web browser" (that is, anything but IE).
Why do they suggest that? Ask them! But don't blame them if you don't follow their advice and if backfires on you.
Homeland Security endorse the non-use of use IE! That's gotta be worth listening too.
i've always seen the news reports and the hulabalu about IE browser being full of holes and people scared of this and that ... but should i really be worried enough to switch to mozilla or some other browser?
If you want to use Windows and IE, you should, as a minimum, run:
1) A virus scanner, using on-access scanning, updating twice-daily.
2) A firewall, configured correctly
3) Windows update, set to automatic
4) Tight security settings on all internet-facing software.
5) A sandbox around Internet Explorer and Outlook/Express OR a use low-privilege account.
If you maintain your box effectively, you are unlikely to catch anything. Unfortunately, the vast majority of users do not understand the technical workings of the latest blended threats, and will omit one of the above five steps. Do you?
Here's how each step helps:
1) A virus scanner catches some known WORMS, and most known viruses and trojans. Unfortunately, it usually takes several days for effective signatures to be propagated, so a virus scanner will not protect an internet-facing machine against worms.
2) A firewall is great, but even the best firewalls will not protect against some trojans once installed (ZoneAlarm is currently the leader, FYI). Most software firewalls are not correctly configured, and as such are useless. Why not spend 30 mins reviewing your configuration now?
3) Windows Update is great. However, patches are frequently issued up to a month after an exploit is known. That's an awfully long time to be vulnerable. Moreover, a new or reinstalled machine is immediately vulnerable again. WU must be paired with a firewall.
4) No Active-X controls, scripting or installation rights means that your browser is more tightly secured. You can't get a trojan BHO if it can't be installed.
5) Running as administrator or power-user is never recommended -- how can a virus or trojan permanently affect your machine if it can't touch your system files or registry? It can't even set itself to start next time, so all you need to do is reboot if there's a problem. A sandbox is a more limited solution; any program run from IE or O(E) is restricted to a limited part of the hard-disk and registry. That's fine, so long as the code isn't being run from another part of the OS.
If you're missing any of these, it might be step 4, and almost certainly step 5; most people find these two a hassle.
...the average user wants it simple and dumb proof
Which is exactly the point. Which of the following is easier?
a) Lock down IE and OE so one of the many unpatched exploits can't be used against your machine. Run the programs in a low-privilege account to limit their access if the browser's inbuilt controls are flawed (as they tend to be). Make sure you're using the latest browser patches and service packs. Copy and paste links, so you can't be caught out by phishing scams.
-- or --
b) Install a less vulnerable browser.
People use IE because it's there and because they're used to it. That market share makes it a more attractive target for virus writers and scammers. Since you're posting here, I assume you're reasonably smart; you can make up your own mind.
Personally, I do all of steps 1 - 5, and run Firefox. It's just a better browser -- the security aspect is incidental.
Besides, Opera and Mozilla ARE easier to use than IE. I point to things like mouse gestures, spellchecking and right-click "Google search for___" and stuff. I don't need to go through a long and complicated procedure to open links in new windows or whatever.
