Another reason to ditch Internet Explorer

Started Sep 18, 2012 | Discussions
AxelR
Senior MemberPosts: 1,013
Like?
Re: Another reason to ditch Internet Explorer
In reply to kelpdiver, Sep 19, 2012

kelpdiver wrote:

tocar wrote:

Of course the most widely used browser has the most problems because it's a bigger target. Other browsers have weak spots too and those are being exploited also. No browser is immune to hacks. Same goes for Windows which is the most widely used OS. Macs gets hacked too.. no one is safe.

http://en.wikipedia.org/wiki/File:Usage_share_of_web_browsers_%28Source_StatCounter%29.svg

It's easy to find sources saying otherwise:

It's not the most widely used browser and has had a minority share for a while now.

http://marketshare.hitslink.com/browser-market-share.aspx?qprid=0&qpcustomd=0

(IE=54%, 2.7x more users than FF and by far the largest share)

It does remain the least secure browser, however.

Not according to those sources. IE is by far the most secure it seems:

http://www.infoworld.com/t/anti-spyware/internet-explorer-dominates-browser-security-google-faces-accusations-185938

http://blog.seattlepi.com/microsoft/2011/08/17/internet-explorer-is-most-secure-browser-for-malware-study-shows/

-- hide signature --
Reply   Reply with quote   Complain
Deleted1929
Forum ProPosts: 13,050
Like?
Re: Another reason to ditch Internet Explorer
In reply to AxelR, Sep 19, 2012

The test referred to are out of date ( a serious issue in security terms ) and seem to refer to "social engineering attacks". These type of attacks rely on users, in effect, helping. The problem is that the most recent vulnerability, which is extremely serious, can exploit IE without the user's intervention. IE has proven to be more vulnerable to these types of attacks over the years.

Users need to be aware that highly sophisticated attacks are becoming the preferred weapon for hackers.

People should also note that attacks on smartphones and other types of internet browsing systems are now a major problem. Unfortunately these mobile devices have poor security by desktop standards.

-- hide signature --

StephenG

Reply   Reply with quote   Complain
Durm
Regular MemberPosts: 152
Like?
Re: German gov't says avoid IE
In reply to John Marsh, Sep 19, 2012

John Marsh wrote:

Interesting; what version of Windows are you running. I'm using Win XP and when I've tried to access the MS Windows update site with either Firefox or Chrome I get an error message stating that I must use IE.

John

Desktops:

Im running Windows 7 Home Premium on one system with Windows 7 Pro on another system and Windows 7 Ultimate on yet another system.

Laptops:

Two Laptops running Windows 7 pro, one laptop running Windows 7 Home Premium.

All six systems are running without the benefit of Internet Explorer.

If you run into a web-site you need to use, and it demands IE, you can just reverse the process, use IE, then remove it again.

-- hide signature --

Durm

I always know what I mean to say, but I dont always manage to say it clearly.

Owner & user of a bunch of E-series and m43 cameras.

Reply   Reply with quote   Complain
CAcreeks
Senior MemberPosts: 6,281
Like?
Chrome can keep bookmarks on-Web
In reply to Deleted1929, Sep 19, 2012

For people who use different computers, rather than a single laptop or office PC, the feature to put your bookmarks "in the cloud" might be helpful.

Have not seen this feature in Firefox or IE.

Reply   Reply with quote   Complain
Pictus
Veteran MemberPosts: 4,649
Like?
Re: Another reason to ditch Internet Explorer
In reply to Deleted1929, Sep 19, 2012

IE= HELL

The worst piece of software ever made...

Reply   Reply with quote   Complain
faterikcartman
Contributing MemberPosts: 506
Like?
Re: German gov't says avoid IE
In reply to John Marsh, Sep 19, 2012

John Marsh wrote:

CAcreeks wrote:

Really, IE is no longer required for updates?

I believe it is required. If you give up IE you will need to either give up Windows or risk forgoing all the security patches. MS is under enormous pressure to get this issue fixed quickly.

John

Are you saying the vulnerability exists simply from having IE9 on your system, even if you visit the bad site from browsing in Firefox and IE is closed?

Reply   Reply with quote   Complain
Deleted1929
Forum ProPosts: 13,050
Like?
Re: Chrome can keep bookmarks on-Web
In reply to CAcreeks, Sep 19, 2012

I don't use this, but it sounds like what you're describing :

https://addons.mozilla.org/en-us/firefox/addon/online-bookmark-manager-starta/

-- hide signature --

StephenG

Reply   Reply with quote   Complain
AxelR
Senior MemberPosts: 1,013
Like?
Re: Another reason to ditch Internet Explorer
In reply to Deleted1929, Sep 19, 2012

sjgcit wrote:

The test referred to are out of date ( a serious issue in security terms ) and seem to refer to "social engineering attacks". These type of attacks rely on users, in effect, helping. The problem is that the most recent vulnerability, which is extremely serious, can exploit IE without the user's intervention. IE has proven to be more vulnerable to these types of attacks over the years.

Users need to be aware that highly sophisticated attacks are becoming the preferred weapon for hackers.

People should also note that attacks on smartphones and other types of internet browsing systems are now a major problem. Unfortunately these mobile devices have poor security by desktop standards.

Hmm yes, but again, no. Microsoft is only number 9 in the top 20 companies sorted by vulnerabilities in 2011, with 321 issues, behind Google (324), Apple (360), Oracle (497), Gentoo (523), Debian (563), Canonical (625), Red Hat (982) and the overall winner, Novell, with more than 1100 acknowledged issues in 2011 alone (see page 10 in the document linked below)

http://secunia.com/?action=fetch&filename=Secunia_Yearly_Report_2011.pdf

Staying with Microsoft operating systems and software, including web browsers, seems to be - by far - the safest bet regarding security.

-- hide signature --
Reply   Reply with quote   Complain
John Marsh
Regular MemberPosts: 324Gear list
Like?
Re: German gov't says avoid IE
In reply to faterikcartman, Sep 19, 2012

faterikcartman wrote:

Are you saying the vulnerability exists simply from having IE9 on your system, even > if you visit the bad site from browsing in Firefox and IE is closed?

No, apparently only IE is vulnerable to this security exploit. However, if you are using Windows XP (as I do) you must use IE to access the MS Windows Update site as neither Chrome or FireFox will do so. Windows 7 apparently does not have that restriction. See posts by Durm just below.

John Marsh

Reply   Reply with quote   Complain
Deleted1929
Forum ProPosts: 13,050
Like?
Re: Another reason to ditch Internet Explorer
In reply to AxelR, Sep 19, 2012

A note about Secunia's reporting and use of figures :

http://appleinsider.com/articles/10/07/22/secunia_issues_contradictory_vulnerability_report_assailing_apple.html

In short - at best, not clear, and at worst deliberately misleading.

In particular note that CVE counts are practically meaningless.

One significant issue with MS is that they patch at too low a frequency and most of the IE versions in use are out of date ( which is why they're being moved to unsupported by major web providers ). The slowness to patch results in a larger window for exploitation. There's hardly a day goes by when my Linux system doesn't get a patch fixing a vulnerability, whereas MS users have to wait until MS send put a super-patch. Delays like this increase the risk to users.

MS aren't the only organization with this fault. Oracle leap to mind as their failure to rapidly address and fully fix the most recent Java zero-day issue has left everyone running Java 1.7 browser plug-ins vulnerable ( reminder to users - if you use Java 1.7 on your browser disable it now ).

-- hide signature --

StephenG

Reply   Reply with quote   Complain
faterikcartman
Contributing MemberPosts: 506
Like?
Re: German gov't says avoid IE
In reply to John Marsh, Sep 19, 2012

John Marsh wrote:

faterikcartman wrote:

Are you saying the vulnerability exists simply from having IE9 on your system, even > if you visit the bad site from browsing in Firefox and IE is closed?

No, apparently only IE is vulnerable to this security exploit. However, if you are using Windows XP (as I do) you must use IE to access the MS Windows Update site as neither Chrome or FireFox will do so. Windows 7 apparently does not have that restriction. See posts by Durm just below.

John Marsh

John, I thought you had to visit a bad site -- are you saying just having IE9 open whilist you visit a safe site makes you vulnerable?

Reply   Reply with quote   Complain
John Marsh
Regular MemberPosts: 324Gear list
Like?
Re: German gov't says avoid IE
In reply to faterikcartman, Sep 20, 2012

faterikcartman wrote:

John, I thought you had to visit a bad site -- are you saying just having IE9 open whilist you visit a safe site makes you vulnerable?

If you use IE to visit a bad site then you are vulnerable; visiting that same bad site with either Chrome or FireFox is apparently safe. If you use IE to visit trusted sites, for instance the MS Windows Update site, you should not have a problem.

John

Reply   Reply with quote   Complain
AxelR
Senior MemberPosts: 1,013
Like?
Re: Another reason to ditch Internet Explorer
In reply to Deleted1929, Sep 20, 2012

sjgcit wrote:

A note about Secunia's reporting and use of figures :

Classic: if you don't like the data, try to discredit the source

-- hide signature --
Reply   Reply with quote   Complain
faterikcartman
Contributing MemberPosts: 506
Like?
Re: German gov't says avoid IE
In reply to John Marsh, Sep 20, 2012

John Marsh wrote:

If you use IE to visit trusted sites, for instance the MS Windows Update site, you should not have a problem.

John

Thanks John, that's what I was getting at. It seemed you, and/or others, might have been suggesting something else which really had me worried. I think I am A-OK. I run Firefox (even latest version still not as stable as IE9 on my system) but still have IE9 loaded (though I don't use it). My wife has IE9 only and I told her when this issue first popped up to not buy anything on Amazon or pay bills online, etc. out of an overabundance of caution (she does not download files or visit Russian gay Asian midget porn sites). I will load Firefox on her system too, however.

Reply   Reply with quote   Complain
kelpdiver
Senior MemberPosts: 1,894
Like?
Re: Another reason to ditch Internet Explorer
In reply to AxelR, Sep 20, 2012

AxelR wrote:

sjgcit wrote:

A note about Secunia's reporting and use of figures :

Classic: if you don't like the data, try to discredit the source

So what should one do when the source is terrible....just accept it?

Secunia themselves say not to compare numbers in such a simplistic fashion. Anyone with common sense would do the same....bug counts that treat all levels of severity equally are foolish...though very useful for propaganda.

The sheer number of ads on TV for IE9 are a pretty good indication of their current (diminished) market share.

Reply   Reply with quote   Complain
Deleted1929
Forum ProPosts: 13,050
Like?
Re: Another reason to ditch Internet Explorer
In reply to AxelR, Sep 20, 2012

You're free to disagree. I'm merely presenting a information for people to make an informed choice. I have the right to respond, surely ?

I've read an enormous number of security reports by firms and you can literally prove any argument you want by cherry-picking them. Remember that those reports are not written for everyone's benefit, but for the firms benefit. Every firm, I regret to say, publishes reports that flatter whichever major customer they're trying to be nice to this week.

You really need to be very skeptical of reports made by firms. You have to take a very broad view to form a useful opinion.

All I can tell you is that I would never recommend IE as a browser to a client. Of course I wouldn't recommend MS Windoze either. Don't worry you be able to find reports telling you MS Windoze is the most secure OS, as well as reports telling you it's the worst.

-- hide signature --

StephenG

Reply   Reply with quote   Complain
Archer66
Senior MemberPosts: 2,294
Like?
Re: I didn't need another reason...
In reply to Durm, Sep 22, 2012

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

Sorry to burst your bubble but that does not remove IE, you still have it and probably use it a lot.

Reply   Reply with quote   Complain
Durm
Regular MemberPosts: 152
Like?
Re: I didn't need another reason...
In reply to Archer66, Sep 22, 2012

Archer66 wrote:

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

Sorry to burst your bubble but that does not remove IE, you still have it and probably use it a lot.

It removes it from the available software listing, and it removes it from play as far as user choice is concerned.

Its still sitting there on the disk, but not available for use.

You really cant be any more "Rid of it" than that using the operating system to remove it from play.

You cant "browse the web" with it, so effectively you have no chance of hitting a site that can cause trouble with IE.

You can, and will get warnings from some websites that will tell you they only work properly in IE. Im also sure that some parts of the OS use it, but not anything that "browses the web".

Windows Explorer is separate from IE, if thats what you are referring to.

-- hide signature --

Durm

I always know what I mean to say, but I dont always manage to say it clearly.

Owner & user of a bunch of E-series and m43 cameras.

Reply   Reply with quote   Complain
Archer66
Senior MemberPosts: 2,294
Like?
Re: I didn't need another reason...
In reply to Durm, Sep 22, 2012

Durm wrote:

Archer66 wrote:

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

Sorry to burst your bubble but that does not remove IE, you still have it and probably use it a lot.

It removes it from the available software listing, and it removes it from play as far as user choice is concerned.

Its still sitting there on the disk, but not available for use.

Lots of 3rd party software use IE bc it's part of Windows thus always available.

Only thing removed is shortcut to launch IE.

Reply   Reply with quote   Complain
selwynbr
Senior MemberPosts: 1,447
Like?
Re: I didn't need another reason...
In reply to Durm, Sep 24, 2012

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

With all the browsers we have available to us, it made no sense to keep kludging away trying to "fix" IE.

Please advise how to remove. My control panel/add-remove software does not show explorer.

Reply   Reply with quote   Complain
Keyboard shortcuts:
FForum MMy threads