Another reason to ditch Internet Explorer

Started Sep 18, 2012 | Discussions
Shop cameras & lenses ▾
AxelR Senior Member • Posts: 1,147
Re: Another reason to ditch Internet Explorer

kelpdiver wrote:

tocar wrote:

Of course the most widely used browser has the most problems because it's a bigger target. Other browsers have weak spots too and those are being exploited also. No browser is immune to hacks. Same goes for Windows which is the most widely used OS. Macs gets hacked too.. no one is safe.

http://en.wikipedia.org/wiki/File:Usage_share_of_web_browsers_%28Source_StatCounter%29.svg

It's easy to find sources saying otherwise:

It's not the most widely used browser and has had a minority share for a while now.

http://marketshare.hitslink.com/browser-market-share.aspx?qprid=0&qpcustomd=0

(IE=54%, 2.7x more users than FF and by far the largest share)

It does remain the least secure browser, however.

Not according to those sources. IE is by far the most secure it seems:

http://www.infoworld.com/t/anti-spyware/internet-explorer-dominates-browser-security-google-faces-accusations-185938

http://blog.seattlepi.com/microsoft/2011/08/17/internet-explorer-is-most-secure-browser-for-malware-study-shows/

-- hide signature --
Deleted1929 OP Forum Pro • Posts: 13,050
Re: Another reason to ditch Internet Explorer

The test referred to are out of date ( a serious issue in security terms ) and seem to refer to "social engineering attacks". These type of attacks rely on users, in effect, helping. The problem is that the most recent vulnerability, which is extremely serious, can exploit IE without the user's intervention. IE has proven to be more vulnerable to these types of attacks over the years.

Users need to be aware that highly sophisticated attacks are becoming the preferred weapon for hackers.

People should also note that attacks on smartphones and other types of internet browsing systems are now a major problem. Unfortunately these mobile devices have poor security by desktop standards.

-- hide signature --

StephenG

Durm Regular Member • Posts: 152
Re: German gov't says avoid IE

John Marsh wrote:

Interesting; what version of Windows are you running. I'm using Win XP and when I've tried to access the MS Windows update site with either Firefox or Chrome I get an error message stating that I must use IE.

John

Desktops:

Im running Windows 7 Home Premium on one system with Windows 7 Pro on another system and Windows 7 Ultimate on yet another system.

Laptops:

Two Laptops running Windows 7 pro, one laptop running Windows 7 Home Premium.

All six systems are running without the benefit of Internet Explorer.

If you run into a web-site you need to use, and it demands IE, you can just reverse the process, use IE, then remove it again.

-- hide signature --

Durm

I always know what I mean to say, but I dont always manage to say it clearly.

Owner & user of a bunch of E-series and m43 cameras.

CAcreeks
CAcreeks Veteran Member • Posts: 8,965
Chrome can keep bookmarks on-Web

For people who use different computers, rather than a single laptop or office PC, the feature to put your bookmarks "in the cloud" might be helpful.

Have not seen this feature in Firefox or IE.

Pictus
Pictus Veteran Member • Posts: 5,572
Re: Another reason to ditch Internet Explorer

IE= HELL

The worst piece of software ever made...

faterikcartman Contributing Member • Posts: 530
Re: German gov't says avoid IE

John Marsh wrote:

CAcreeks wrote:

Really, IE is no longer required for updates?

I believe it is required. If you give up IE you will need to either give up Windows or risk forgoing all the security patches. MS is under enormous pressure to get this issue fixed quickly.

John

Are you saying the vulnerability exists simply from having IE9 on your system, even if you visit the bad site from browsing in Firefox and IE is closed?

Deleted1929 OP Forum Pro • Posts: 13,050
Re: Chrome can keep bookmarks on-Web

I don't use this, but it sounds like what you're describing :

https://addons.mozilla.org/en-us/firefox/addon/online-bookmark-manager-starta/

-- hide signature --

StephenG

AxelR Senior Member • Posts: 1,147
Re: Another reason to ditch Internet Explorer

sjgcit wrote:

The test referred to are out of date ( a serious issue in security terms ) and seem to refer to "social engineering attacks". These type of attacks rely on users, in effect, helping. The problem is that the most recent vulnerability, which is extremely serious, can exploit IE without the user's intervention. IE has proven to be more vulnerable to these types of attacks over the years.

Users need to be aware that highly sophisticated attacks are becoming the preferred weapon for hackers.

People should also note that attacks on smartphones and other types of internet browsing systems are now a major problem. Unfortunately these mobile devices have poor security by desktop standards.

Hmm yes, but again, no. Microsoft is only number 9 in the top 20 companies sorted by vulnerabilities in 2011, with 321 issues, behind Google (324), Apple (360), Oracle (497), Gentoo (523), Debian (563), Canonical (625), Red Hat (982) and the overall winner, Novell, with more than 1100 acknowledged issues in 2011 alone (see page 10 in the document linked below)

http://secunia.com/?action=fetch&filename=Secunia_Yearly_Report_2011.pdf

Staying with Microsoft operating systems and software, including web browsers, seems to be - by far - the safest bet regarding security.

-- hide signature --
John Marsh Regular Member • Posts: 343
Re: German gov't says avoid IE

faterikcartman wrote:

Are you saying the vulnerability exists simply from having IE9 on your system, even > if you visit the bad site from browsing in Firefox and IE is closed?

No, apparently only IE is vulnerable to this security exploit. However, if you are using Windows XP (as I do) you must use IE to access the MS Windows Update site as neither Chrome or FireFox will do so. Windows 7 apparently does not have that restriction. See posts by Durm just below.

John Marsh

Deleted1929 OP Forum Pro • Posts: 13,050
Re: Another reason to ditch Internet Explorer

A note about Secunia's reporting and use of figures :

http://appleinsider.com/articles/10/07/22/secunia_issues_contradictory_vulnerability_report_assailing_apple.html

In short - at best, not clear, and at worst deliberately misleading.

In particular note that CVE counts are practically meaningless.

One significant issue with MS is that they patch at too low a frequency and most of the IE versions in use are out of date ( which is why they're being moved to unsupported by major web providers ). The slowness to patch results in a larger window for exploitation. There's hardly a day goes by when my Linux system doesn't get a patch fixing a vulnerability, whereas MS users have to wait until MS send put a super-patch. Delays like this increase the risk to users.

MS aren't the only organization with this fault. Oracle leap to mind as their failure to rapidly address and fully fix the most recent Java zero-day issue has left everyone running Java 1.7 browser plug-ins vulnerable ( reminder to users - if you use Java 1.7 on your browser disable it now ).

-- hide signature --

StephenG

faterikcartman Contributing Member • Posts: 530
Re: German gov't says avoid IE

John Marsh wrote:

faterikcartman wrote:

Are you saying the vulnerability exists simply from having IE9 on your system, even > if you visit the bad site from browsing in Firefox and IE is closed?

No, apparently only IE is vulnerable to this security exploit. However, if you are using Windows XP (as I do) you must use IE to access the MS Windows Update site as neither Chrome or FireFox will do so. Windows 7 apparently does not have that restriction. See posts by Durm just below.

John Marsh

John, I thought you had to visit a bad site -- are you saying just having IE9 open whilist you visit a safe site makes you vulnerable?

John Marsh Regular Member • Posts: 343
Re: German gov't says avoid IE

faterikcartman wrote:

John, I thought you had to visit a bad site -- are you saying just having IE9 open whilist you visit a safe site makes you vulnerable?

If you use IE to visit a bad site then you are vulnerable; visiting that same bad site with either Chrome or FireFox is apparently safe. If you use IE to visit trusted sites, for instance the MS Windows Update site, you should not have a problem.

John

AxelR Senior Member • Posts: 1,147
Re: Another reason to ditch Internet Explorer

sjgcit wrote:

A note about Secunia's reporting and use of figures :

Classic: if you don't like the data, try to discredit the source

-- hide signature --
faterikcartman Contributing Member • Posts: 530
Re: German gov't says avoid IE

John Marsh wrote:

If you use IE to visit trusted sites, for instance the MS Windows Update site, you should not have a problem.

John

Thanks John, that's what I was getting at. It seemed you, and/or others, might have been suggesting something else which really had me worried. I think I am A-OK. I run Firefox (even latest version still not as stable as IE9 on my system) but still have IE9 loaded (though I don't use it). My wife has IE9 only and I told her when this issue first popped up to not buy anything on Amazon or pay bills online, etc. out of an overabundance of caution (she does not download files or visit Russian gay Asian midget porn sites). I will load Firefox on her system too, however.

kelpdiver Senior Member • Posts: 2,626
Re: Another reason to ditch Internet Explorer

AxelR wrote:

sjgcit wrote:

A note about Secunia's reporting and use of figures :

Classic: if you don't like the data, try to discredit the source

So what should one do when the source is terrible....just accept it?

Secunia themselves say not to compare numbers in such a simplistic fashion. Anyone with common sense would do the same....bug counts that treat all levels of severity equally are foolish...though very useful for propaganda.

The sheer number of ads on TV for IE9 are a pretty good indication of their current (diminished) market share.

Deleted1929 OP Forum Pro • Posts: 13,050
Re: Another reason to ditch Internet Explorer

You're free to disagree. I'm merely presenting a information for people to make an informed choice. I have the right to respond, surely ?

I've read an enormous number of security reports by firms and you can literally prove any argument you want by cherry-picking them. Remember that those reports are not written for everyone's benefit, but for the firms benefit. Every firm, I regret to say, publishes reports that flatter whichever major customer they're trying to be nice to this week.

You really need to be very skeptical of reports made by firms. You have to take a very broad view to form a useful opinion.

All I can tell you is that I would never recommend IE as a browser to a client. Of course I wouldn't recommend MS Windoze either. Don't worry you be able to find reports telling you MS Windoze is the most secure OS, as well as reports telling you it's the worst.

-- hide signature --

StephenG

Archer66 Senior Member • Posts: 2,925
Re: I didn't need another reason...

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

Sorry to burst your bubble but that does not remove IE, you still have it and probably use it a lot.

Durm Regular Member • Posts: 152
Re: I didn't need another reason...

Archer66 wrote:

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

Sorry to burst your bubble but that does not remove IE, you still have it and probably use it a lot.

It removes it from the available software listing, and it removes it from play as far as user choice is concerned.

Its still sitting there on the disk, but not available for use.

You really cant be any more "Rid of it" than that using the operating system to remove it from play.

You cant "browse the web" with it, so effectively you have no chance of hitting a site that can cause trouble with IE.

You can, and will get warnings from some websites that will tell you they only work properly in IE. Im also sure that some parts of the OS use it, but not anything that "browses the web".

Windows Explorer is separate from IE, if thats what you are referring to.

-- hide signature --

Durm

I always know what I mean to say, but I dont always manage to say it clearly.

Owner & user of a bunch of E-series and m43 cameras.

Archer66 Senior Member • Posts: 2,925
Re: I didn't need another reason...

Durm wrote:

Archer66 wrote:

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

Sorry to burst your bubble but that does not remove IE, you still have it and probably use it a lot.

It removes it from the available software listing, and it removes it from play as far as user choice is concerned.

Its still sitting there on the disk, but not available for use.

Lots of 3rd party software use IE bc it's part of Windows thus always available.

Only thing removed is shortcut to launch IE.

selwynbr Senior Member • Posts: 1,462
Re: I didn't need another reason...

Durm wrote:

I started removing IE as soon as the Windows "Add Remove Software" started allowing it. (Windows 7 I think, I dont remember it sooner).

With all the browsers we have available to us, it made no sense to keep kludging away trying to "fix" IE.

Please advise how to remove. My control panel/add-remove software does not show explorer.

Keyboard shortcuts:
FForum MMy threads