iGeneration

Charlie Osborne
Home / News & Blogs / iGeneration

Has Internet Explorer ever been safe?

By | December 17, 2008, 5:08am PST

Summary: Well yes, but not strictly for the reasons people think. It was once safe back in the day where there were little vulnerabilities to play havoc with the software; back in a time where Internet usage was innocent, and people wanted to create websites about interpreting the mindset of a cat called Jimbo. [...]

Well yes, but not strictly for the reasons people think. It was once safe back in the day where there were little vulnerabilities to play havoc with the software; back in a time where Internet usage was innocent, and people wanted to create websites about interpreting the mindset of a cat called Jimbo.

I’ve written about the student browser war before, and let’s face it, I got some harsh criticism for it. I wasn’t wrong though. I’m well aware within recent findings; those reported on the ZDNet Zero Day blog, that Firefox is one of the most vulnerable applications for Windows, although it doesn’t say anywhere that the actual application is insecure. It may well be perfectly fine on other platforms, which would say more about the Windows platform than the browser itself.

This morning, I put forward the claim that Internet Explorer, in recent times (this decade) has not been secure, and shouldn’t be used unless absolutely necessary.

Back in the day when Internet Explorer was more of an experiment than a viable browser, the iexplore.exe application was heavily tied into Windows, the explorer.exe application. If one faltered, more likely to be the former, the other would almost automatically screw up too. This meant, you got a bug or fault with Internet Explorer, that same bug would be replicated in Windows Explorer. This caused serious issues, hence why Internet Explorer 7 was entirely separate from Windows and could be easily updateable and removable.

big-boom.png

When a doctor of computing engineering tells the world not to watch or download porn through Internet Explorer, a world class and highly respected writer, that’s when you know a browser has a problem. This new-ish threat which came to light about a severe vulnerability in the browser, when reported by the BBC live on the BBC News channel, said:

“…people should stop using the Internet Explorer web browser, and revert to a rival browser. Internet Explorer, of course being known around the world, and having the dominant marketshare of browsers, should not be used because of a reported zero-day attack.” [Tuesday 16th, around 3pm GMT]

Rory Cellan-Jones, well known to those who watch the BBC News or follow the content on the BBC blogs/websites, explained this in lay-man terms. The current zero-day flaw (which means the exploit has been found before the security boffs, and has been used for bad things already) can have such an effect as to:

  • exploit the computer in question, by giving the attacker the same access rights as the person currently using the computer;
  • it is only spread via malicious websites, so providing you have an anti-virus and use Firefox (or another browser, but use Firefox), you should be relatively safe. Jones disagrees, as Firefox has vulnerabilities also, but…
  • providing you’re not stupid and don’t visit porn, hacking, cracking, serials and key-gen websites, you should be alright.

Whilst the current threat only affects 0.02%, tens of millions of people are more than likely already infected, which just brings down Internet Explorer and Windows even more.

There are two galleries showing how to secure both Internet Explorer and Mozilla Firefox, courtesy of the Zero Day blog.

Internet Explorer continues to “flaunt the security rules” by not patching things quickly enough. Whilst an emergency patch will have been issued by 6pm London time (1pm New York, 10pm San Francisco) and will presumably be part of Windows Update once it is of a quality deemed properly suitable for installation.

But don’t just take my word for it; take the word of a world renown panel of security experts, Secunia. This is Firefox vs. Internet Explorer in the security arena, proving my point entirely.

Firefox, of course, hasn’t been free of problems over the years. Every browser will suffer a blow from time to time, maybe some more than others as I’ve shown. Matt Asay agrees that open source material enables us all to be better off, whilst other articles show Internet Explorer being more and more insecure, leaving it slowly behind in the browser war.

For a next generation experience on a next generation browser, I’d go for Firefox. But then again, it’s hardly free of its problems. Just avoid anything to do with Internet Explorer; I most certainly have and my anti-virus says “zero”.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “iGeneration”

Topics

Mozilla Firefox, Microsoft Windows, Microsoft Internet Explorer, Web Browser, Jones, Matt Asay, Web Browsers, Internet, Zack Whittaker

Zack Whittaker, a criminologist who studied at the University of Kent, Canterbury, is a journalist, writer and broadcaster.

Disclosure

Zack Whittaker

I worked briefly with Microsoft UK in 2006 but no longer have any connection with the company. Regardless, I remain impartial and unbiased in my views.

I don't hold any stock or shares, investments or industrial secrets in any company, but have signed confidentiality agreements with a number of UK and U.S. organisations, whose names I am not at liberty to disclose.

I was involved with Kent Union, the University of Kent's student union, undertaking voluntary, non-salaried, elected positions between early 2009 and mid-2010.

No other company, body, government department, non-governmental organisation or third sector organisation employs me or pays me a salary in any capacity whatsoever.

As a freelance journalist, whenever expenses are given and taken by a company that is not CBS Interactive, these will be disclosed in each relevant post to ensure transparency.

I currently work with a UK law enforcement unit, but this is an entirely separate position which bears no connection to other work.

(Updated: 23rd October 2011)

Biography

Zack Whittaker

Zack Whittaker, criminologist who studied at the University of Kent, UK, is a journalist, writer and broadcaster.

After studying criminology at university, though still in his early-20's, he has already had a series unconventional work and voluntary positions. He has worked with researchers studying neurological illnesses like Tourette's syndrome (which he suffers from), has given lectures on the nature of disabilities in the public community, and occasionally ends up speaking on television and radio discussing the events of the day.

He first had academic work published at the age of 22, then still an undergraduate, and has been cited by a wide range of publications: from the Huffington Post, Business Insider, AllThingsDigital, The Atlantic Wire and CBS News.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
100
Comments
Add Your Opinion

Join the conversation!

Just In

I have switched from Firefox
soonerproud Updated - 4th May 2010
To Google chrome now that they have extension
support. The extensions I use are Flashblock,
Disable Text Ads and IE tab
for those pesky IE only websites I must
sometimes use as a
HIV testing volunteer. Chrome is very fast,
minimalistic, has sandboxing unlike Firefox and
does a bang up job of rendering web pages.

I still have FF installed, but I rarely use it
any more.
View in thread
0 Votes
+ -
The recommendation to use an alternative browser is based on...
ye 17th Dec 2008
...the existence of an exploit for which a patch is not available (as of the time I write this). It is not being given because IE is insecure. I would hope this same advice were given to those using FireFox, Opera, Safari, etc if there was an exploit targetting them for which a patch is not yet available.

Furthermore IE 7 on Vista, while susceptible, significantly minimizes the issue making the exploit essentially a non-issue. In addition to recommending the use of an alternative browser perhaps people could start recommending the use of IE7 and Vista.
0 Votes
+ -
IE7 and Vista Recommendation
anthony@... 17th Dec 2008
One needs to consider that, in recommending IE7 and
Vista, you would be recommending not only a terribly
bloated and complicated, (mostly) useless operating
system and a browser with roughly half the sense of a
mentally-challenged chimp.
0 Votes
+ -
Complicated??
Mam00th 17th Dec 2008
LOL! Vista complicated!! I sure hope it was sarcasm,
because if not, you just made yourself look horribly
stupid!
0 Votes
+ -
Complicated!
Wizdar 17th Dec 2008
Yes, to one who has been using (essentially) the same OS for a decade, complicated. As in, having to learn where they put things that had no business being moved.

I do a lot of file management and Windows Explorer is my main tool. For each function in XP, I find at least one more mouse click is required in Vista, fer instance. What happened to Add or Remove Programs? They renamed it. Why?? Fer instance.

And don't get me started about the travesty that is Office 2007.

If you don't use Vista other than to launch programs, you look horribly stupid running an OS that consumes so much computer resources.
0 Votes
+ -
Tell me more. I am listening.
micks_tricks 17th Dec 2008
"I do a lot of file management and Windows Explorer is my main tool."

What do you do that involves windows explorer as the main tool to click and move files???

"And don't get me started about the travesty that is Office 2007."
Please do get started so that I can pan you since Office 2007 turns out to be the best reviewed Office versions in a long long time even by usual critics of MS products. So please go ahead and let me rip your ignorance apart and show you the light.

"If you don't use Vista other than to launch programs, you look horribly stupid running an OS that consumes so much computer resources."
Isnt that what an OS is supposed to do, to run programs that you use. Hint. Mutimedia editing, software engineering, productivity office software, internet browsing, listening to music, watching movies, checking email.

I would love to hear how does Vista make you look horribly stupid. Seriously I am all ears.
0 Votes
+ -
Not sure complicated would be the right word
sullivanjc 17th Dec 2008
Annoying. The moving around of things just to make things different is annoying, especially when it requires more clicks to get things done. In Vista's defense, Microsoft seems to like to do this with every relase of Windows, it just seems especially annoying this time. UAC is annoying (yes, I know I can turn it off but if I do that what was the point to begin with?)

My wife's laptop has twice the memory and a faster CPU compared to my desktop which is four years old and yet performance between the two seems almost indistinguishable. This is especially bad considering I run I lot more stuff on my machine.

Vista may scream on high end hardware but what do I get for that? I've yet to see any programs for Vista that don't run just fine in XP. All the features that were supposed to be in Vista that might have made it a product worth upgrading to (going ac a few years to what MS was promising) were dropped from what was finally released.

There appears to be no compelling reason to switch to Vista. Indeed, if certain websites and a small handful of applications I use supported Linux, I'd switch to Ubuntu today. It's already on some of my machines.

I cannot speak to 64-bit version though. Does it really help that much and what about application/drivers? Are they issues with these and 64 bit Vista?
0 Votes
+ -
2007 vs. all previous versions of Office
MGP2 17th Dec 2008
Please do get started so that I can pan you since Office 2007 turns out to be the best reviewed Office versions in a long long time even by usual critics of MS products. So please go ahead and let me rip your ignorance apart and show you the light.

Is it really ignorant to expect that a product you've been using for 15 years shouldn't change so drastically that it alters virtually every way you're used to when using that application? Me thinks the ignorance was on Microsoft's part in not at least providing a fallback measure for users to use the menus they've been using for a long, long time.

We have new laptops and desktops come with 2007 pre-installed. And all the users are excited about it until I call them down and tell them to try it out before I deploy their machine for them. Every single user has told me to take it off and install 2003. The point is, changing a product so dramatically like was done to 2007 degrades productivity for people who are used to doing things a certain way for many years. Sure, give the ribbon a shot. But give us the option of using the ribbon, or going back to the old menus.
0 Votes
+ -
Microso
BeethovenJr 20th Dec 2008
I have been a user of Microsoft Word and Excel (on the Macintosh) since version 1.0 of each program. I recently upgraded from Office X for Mac to Office 2008 for Mac. After using it for a few weeks, I am so frustrated with it that I am going back to Office X. It is not the new features and new ways of using it that I have a problem with. It's that Word and Excel are so flaky that they are almost unusable. They screw up my documents far more than any previous versions of Word and Excel that I have used, in many ways that the previous versions never did. I have never used the Windows versions of Office (in fact, I have never used Windows). But from my experience with Office 2008 and what I've read about Windows Vista and Internet Explorer, it appears that the Microsoft programmers have developed a severe case of incompetence.
0 Votes
+ -
Not sarcasm
brian ansorge 17th Dec 2008
Just a healthy dose of daylight (at least somebody's head is not up their arse!) and fresh, non-Redmond infected air.

Think about it. Somebody calls the average (non-"smart") cell phone "complicated." Somebody responds, "I hope that's sarcasm" and implies that they are "stupid" for calling that average cell phone "complicated."

It's all about perspective --- something the Windows zealots and shills seem to "horribly" lack.

Compare that "average" and non-complicated cell phone to my grandma's attached-to-the-wall, corded, rotary phone that she used up until the day she died in the late nineties.

Think she had to use a manual to figure out all of it's "functionality" [can you say, "UAC, WGA, BSOD, re-intalls, AV updates, SPx, yada yada"], let alone have to take a college class (or "seminar") or three to know how to use it?

Now, who's looking "horribly stupid?"

I'd say you are the pot calling the kettle black.

To the average Windows user (the ones I rub shoulders with --- in the trenches --- and who comprise about 90 percent of the "95%" so frequently quoted as using some Doze variant) who never visit forums such as this where clueless geek apologists for Redmond's slop hang out, Vista *is* complicated. Period.1`

Deal with it. Or risk being exposed as "horribly stupid" by calling those who know better "stupid."

You don't think Vista is complicated. Good for you. We're all impressed. Not. So, tell us, if you have the gonads: what's *your* training and background in computers and IT?

Just as I thought. Power user. Techie. Geek. Whatever. You have no clue. No clue whatsoever.

Either wake up or go back to sleep. But PUHLEEAASSE accept the fact that others *know* you are the one who is less than smart in asserting that Vista is *not* complicated.

To tens (at least) of millions of miserable souls who literally don't know a registry from a ROM and who are stuck with Vista ... guess what?

IT'S COMPLICATED.

Thanks for playing. Please try again.
0 Votes
+ -
Vista is not complicated...
dimmy05 18th Dec 2008
Unless you are used to using a commodore 64. You ARE stupid if you think vista is complicated. It is not complicated it is just different, my dad can figure it out without any training whatsoever. He likes his better than my machine running XP, and he has 1/3 of the system resources that I have. I don't use vista because it is not any better so why spent the money, but for that matter it is not any worse either. So, If my 50 year old father can figure it out and you can't, you need to get away from whatever computer you are using before you hurt yourself.
0 Votes
+ -
@dimmy90
Axsimulate Updated - 19th Dec 2008
dimmy90 you completely missed brian's point. You ARE
one of the techies that he is referring to and can't see the
forest thru the trees. So yippie skippy, your 50 year old
dad can figure Vista out, so what, my 75 year dad can too,
it still don't change the fact that to a lot of computer users,
Vista or even XP or any computer for that matter IS
complicated. I see it day in and day out.
Most people know how to get around to get their work
done, but when it comes to changing settings, installing
software or facing some sort of software/hardware glitch,
they are totally, utterly, completely, entirely lost!
This does not mean under any circumstance they are
stupid. Their are some very, very intelligent people who
use computers, but don't know the first thing about them.
Grow up and stop calling people stupid just because they
don't think Windows is easy.
0 Votes
+ -
Lies based on personal bias
micks_tricks 17th Dec 2008
"...you would be recommending not only a terribly
bloated and complicated, (mostly) useless operating..."
Why? Because you didnt use Vista? I was very unsure of buying Vista because of similar reviews. I am 100% satisfied with the OS and would definitely recommend it to everybody with atleast a budget of $650 and up. My laptop has decent specs(core 2 duo 2.0 ghz 800mhz fsb 2mb L2, 3gb ram, intel 3100 gr) and I had no problems with Vista since I bought it 4 months ago. It runs perfectly. No crashes, no annoying pop ups(I have turned UAC off), no viruses. It runs at lightning speeds. So with the right specs(which you can get at a decent budget of 650 and up) Vista would offer a great experience.
I am sick of people like you posting garbage just because of personal bias.
0 Votes
+ -
same here
shellcodes_coder 17th Dec 2008
I am using Vista ultimate x64 sp1 and it rocks. It's faster, better and more secure than it's x86 (32-bit) version. Hope you are aware of it wink
0 Votes
+ -
Vista x64 rocks
micks_tricks 17th Dec 2008
I am aware of that and have been planning to make the upgrade. I am just too lazy I guess.
0 Votes
+ -
try personal experience
Mistified 17th Dec 2008
I have an XP SP2 laptop and a Vista SP1 laptop. The Vista platform is a monster. Before the battery fully drained on my XP, it would run for about 2.5 hours. My Vista, with a heavy duty battery, runs out of power in about 40 minutes. Not very useful when working away from a power source for extended periods. Additionally, the Vista platform takes twice as long as XP to boot-up. Slow to start but good once it is up. I do not have any virus' in either because I don't run IE. If I do have to run IE for any reason, I turn around and run AVG to flush it out.
0 Votes
+ -
Read my post
micks_tricks 17th Dec 2008
Seriously man. What kind of sad machine do you have that runs out battery in 40 minutes. My laptopn runs Vista for around 2.5 hrs after a full change before needing to be plugged back in. And in fact that is what I've seen with a lot of other laptops owned by my friends anc colleagues. Slow startup? As I said you need a budget of 650 and up to get the Vista experience. I do not recommend it for laptops with inferior specs. My dell with Vista boots up much faster than my old Lenovo with XP.
Seriously did you read my post before replying to it.
I use both IE 7 and Firefox 3. Ilike both and have had no problems yet. I hate Chrome for various reasons.
0 Votes
+ -
Lies?
rdhalsteatzd 18th Dec 2008
I'm running 5 computers on a network. These are either dual or quad core machines with all but one running fairly good video cards including a 3780 X2 1 Gig. I have them all set up running Fedora dual boot with XP Pro. I use them for a lot of photography and multimedia. I installed Vista Ultimate to try. It was slower than XP on my applications and DRM was a problem with the high resolution graphics. After two weeks I went back to XP Pro. I had 3 XP Pro packages that came with free upgrades to Vista ultimate. I never bothered to even get them. As for IE7, it is more secure than 6 "relatively speaking", but I really dislike IE7 so, yes I use an alternate browser. Yes, I have had some problems finding good drivers for the graphics cards including an older 8800GTS740 and X1950XT
0 Votes
+ -
Vista does suck
jdyl 17th Nov 2009
Vista may run well on more recent hardware but that does not mean the OS itself is not fraught with stability problems. On average, at my desk I have seen more students bring in buggy Vista systems than any other OS. XP and Macintosh give us the least problems by comparison.

And when Vista isn't being buggy or otherwise resulting in massive sudden user data losses, it is still annoying. Take, for instance, the long UAC dialogue delays which darken the screen and delay user actions until the system decides to pop up the proper authorization request. Couple that with the banal frequency of the damn things and it makes an otherwise useful security feature into an obnoxious hindrance to productivity.

Vista had a lot of good ideas but the OS as a whole was not implemented very well at all. Windows 7 is where it's at.

But since this thread is supposed to be about IE, I will just throw in my 2 cents: IE ain't got nuttin' on the Fox.
0 Votes
+ -
It seems Vista has one up on you.
ye Updated - 17th Dec 2008
"...useless operating system and a browser with roughly half the sense of a mentally-challenged chimp."
0 Votes
+ -
If you're going to suggest IE/Vista...
itguy08 17th Dec 2008
You may as well also suggest Mac or Linux.

After all you will need to relearn things so it may be a good time to look at better OS's
0 Votes
+ -
Lies again. What relearning?
micks_tricks 17th Dec 2008
Why do people(note fanboys) keep repeating relearn things?? 90% of things are the same between XP and Vista.
I will tell you what learning is. Running 855resolution to get you widescreen working. Running modprobe and ndiswrapper with windows drivers to get wireless working. Fiddling with ALSA to finally get HD Audion to NOT WORK. Compiling and builiding stuff to install drivers and softwares. Editing obscure config files to fix/personalize things. A completely new directory structure. Old programs that wont be available on the new OS. Finally getting an OS that wont run as fast as the people promoting it claimed.
Face it Linux(Ubuntu/Fedora/etc) are not ready for everyone yet. Blame it on the driver manufacturers or technical ignorance of people. It doesnt matter.
0 Votes
+ -
Your argument falls flat if the user purchases a PC with Linux pre-loaded
Riskable 17th Dec 2008
All of the examples of Linux difficulties you gave would not be experienced by a user that purchases a PC with Linux pre-loaded. You obviously tried to make Linux run on a laptop that was designed only to run Windows. Linux has made incredible strides in this area but your mileage may vary.

Buy a machine that is pre-loaded with Linux and supported by the vendor and the user experience will be nothing short of stunning compared to the complications and security problems users experience in Windows. I don't need to enumerate the significant advantages of using Linux over Windows (especially in regards to security) but I will mention a few things that a non-expert user will enjoy:

1) A much larger array of software to choose from. Most distributions come with a software package manager with tens of thousands of packages to choose from with two-click installation (or one-click if you're using Linspire's web-based software browser).

2) No registry to grow to inordinate sizes slowing your PC down over time.

3) Vastly superior file system(s).

4) More and better backup solutions that can actually back up in-use files and applications.

...and so much more.

-Riskable
http://riskable.com
"I have a license to kill -9"
0 Votes
+ -
failed arguement
mburton325 17th Dec 2008
I think you need to go back and look at your statements again. Linux will run on a box designed for Windows just as easy as Windows does as long as there is support for the hardware, or you know how to write drivers which takes knowing assembly code at bare minimium.

Now most home users do not know how to write this code and could careless as all they want to do is check their email, play games or some other mundane computer task.

To put it simply to the fan boys out there LINUX IS NOT FOR EVERYONE. It also isn't a better OS then windows or OS X. On the other side do some research and find out which OS fell first in the Hacking contest. If I remember correctly it was Apple's OS X. Funny how that works.
0 Votes
+ -
You're kidding, right?
Michael Kelly 17th Dec 2008
Please don't tell me that you really consider his argument a failure because users can't write drivers. This kind of statement suggests you haven't used Linux since around 1994 (or ever).
0 Votes
+ -
Nope!
micks_tricks 17th Dec 2008
I dont think he is kidding. Read my response o the post and then respond.
0 Votes
+ -
@micks_tricks
Michael Kelly 17th Dec 2008
At least your argument is only about four years outdated and doesn't talk about assembly code.

The newest Xorg does not require 855 or 915resolution. And all the other stuff you mention is not an issue on OEM installed Linux, though it may or may not be an issue with people who have Windows preinstalled (usually not, but not never). And I haven't touched a config file in Ubuntu at all after about 6 months of use.
0 Votes
+ -
The "other reply" about failed argument
micks_tricks 17th Dec 2008
Reposting for your convinience. Maybe you can elaborate without throwing around weasel words.

"All of the examples of Linux difficulties you gave would not be experienced by a user that purchases a PC with Linux pre-loaded."

So basically the Linux community should stop telling people to switch to Linux. If you actually mean buy another laptop with Linux pre loaded, so always say that.

"You obviously tried to make Linux run on a laptop that was designed only to run Windows."

What kind of laptops are designed to run only Windows????? Seriously what are you talking about?

"Buy a machine that is pre-loaded with Linux and supported by the vendor and the user experience will be nothing short of stunning compared to the complications and security problems users experience in Windows. I don't need to enumerate the significant advantages of using Linux over Windows (especially in regards to security)"

Weasel words are all I hear. Please substantiate.

"1) A much larger array of software to choose from. Most distributions come with a software package manager with tens of thousands of packages to choose from with two-click installation (or one-click if you're using Linspire's web-based software browser)."

This is the joke of the year in terms of OS wars. Linux has a much larger array of software to choose from as compared to Windows. Are you kidding me???? And please for Open Source's sake do not mention that joke of distro called Linspire in your posts.

"No registry to grow to inordinate sizes slowing your PC down over time."
Another myth created by Open Source. Does Linux not store information and settings for all the hardware, operating system software, most non-operating system software, users, preferences.
Under Linux system-wide configuration files (information which would appear in HKEY_LOCAL_MACHINE on Windows) are traditionally stored in files in /etc/ and its subdirectories, or sometimes in /usr/local/etc. Per-user information (information that would be in HKEY_CURRENT_USER) is stored in hidden directories and files (that start with a period) within the user's home directory. The GNOME desktop environment uses a registry-like interface called GConf for storing configuration settings for the desktop and applications. All this does the same AND GROWS OVER TIME JUST LIKE REGISTRY except it is much more inconvinient than registry. Does Elektra Initiative ring a bell to you?

"Vastly superior file system(s)."

Seriosuly how? Please elaborate.

"More and better backup solutions that can actually back up in-use files and applications."

And more random unsubstantiated weasel words from the Open source community.

If you want to post something back it up.
0 Votes
+ -
Hack contest
itguy08 17th Dec 2008
On the other side do some research and find out which OS fell first in the Hacking contest. If I remember correctly it was Apple's OS X. Funny how that works.

Only AFTER they opened the system up to console access did OS X fall. And then Vista fell in short order. IIRC the only one left standing was Linux.

Anyway it's pointless to argue - OS X is more secure than Windows. If nothing else than the fact that installing software requires your intervention where on Windows it can be done automagically.
0 Votes
+ -
You mean in much the same way as all malware on Windows...
ye 17th Dec 2008
Only AFTER they opened the system up to console access did OS X fall.

...compromises a Windows system these days? I can't think of any recent (i.e. over four years now) malware that has compromised a Windows system sitting there without user interaction.

And then Vista fell in short order.

Vista fell after the rules were "relaxed" even more.
0 Votes
+ -
Last Laptop Standing...
Wolfie2K3 17th Dec 2008
Only AFTER they opened the system up to console access did OS X fall. And then Vista fell in short order. IIRC the only one left standing was Linux.

The only reason the Linux laptop didn't fall in the PWN2OWN contest was the fact that the guy doing the hacking liked the Vista Laptop (a Sony VAIO, I think) better than the Linux unit (a Lenovo ThinkPad). AND he could only use the exploit ONCE. The exploit, he said, would have worked just as well on Linux as it did on Vista. Why? Because it was a vulnerability in Adobe Flash - not in the basic OS - that gave him access.

The Mac, btw, was compromised by a vulnerability in SAFARI itself. DOH!

So much for OSX being more secure...
0 Votes
+ -
Lies and Weasel words
micks_tricks 17th Dec 2008
"All of the examples of Linux difficulties you gave would not be experienced by a user that purchases a PC with Linux pre-loaded."

So basically the Linux community should stop telling people to switch to Linux. If you actually mean buy another laptop with Linux pre loaded, so always say that.

"You obviously tried to make Linux run on a laptop that was designed only to run Windows."

What kind of laptops are designed to run only Windows????? Seriously what are you talking about?

"Buy a machine that is pre-loaded with Linux and supported by the vendor and the user experience will be nothing short of stunning compared to the complications and security problems users experience in Windows. I don't need to enumerate the significant advantages of using Linux over Windows (especially in regards to security)"

Weasel words are all I hear. Please substantiate.

"1) A much larger array of software to choose from. Most distributions come with a software package manager with tens of thousands of packages to choose from with two-click installation (or one-click if you're using Linspire's web-based software browser)."

This is the joke of the year in terms of OS wars. Linux has a much larger array of software to choose from as compared to Windows. Are you kidding me???? And please for Open Source's sake do not mention that joke of distro called Linspire in your posts.

"No registry to grow to inordinate sizes slowing your PC down over time."
Another myth created by Open Source. Does Linux not store information and settings for all the hardware, operating system software, most non-operating system software, users, preferences.
Under Linux system-wide configuration files (information which would appear in HKEY_LOCAL_MACHINE on Windows) are traditionally stored in files in /etc/ and its subdirectories, or sometimes in /usr/local/etc. Per-user information (information that would be in HKEY_CURRENT_USER) is stored in hidden directories and files (that start with a period) within the user's home directory. The GNOME desktop environment uses a registry-like interface called GConf for storing configuration settings for the desktop and applications. All this does the same AND GROWS OVER TIME JUST LIKE REGISTRY except it is much more inconvinient than registry. Does Elektra Initiative ring a bell to you?

"Vastly superior file system(s)."

Seriosuly how? Please elaborate.

"More and better backup solutions that can actually back up in-use files and applications."

And more random unsubstantiated weasel words from the Open source community.

If you want to post something back it up.
0 Votes
+ -
I'm not sure exactly what a weasel word is
Michael Kelly 17th Dec 2008
"So basically the Linux community should stop telling people to switch to Linux. If you actually mean buy another laptop with Linux pre loaded, so always say that."

Depends on the situation. First of all I personally would never encourage an OS switch to be taken lightly when you have a lot invested on existing software and data. I would encourage those who are capable of upgrading a Windows OS to a Linux OS if their software investments are in commodity programs like office files, e-mail and multimedia/graphics. Those who have never upgraded an OS I would either offer my assistance or recommend a good preinstalled system. And I would never suggest anyone switch without taking a test drive. If you do not have full use of your PC when running a LiveCD, then you know that distro will not work out of the box.

"What kind of laptops are designed to run only Windows????? Seriously what are you talking about?"

This means that the OEM is not necessarily looking to make sure the popular Linux distros will work out of the box. It may, or you may need to manually install a driver. In either case there is no Windows lock-in as the wording of the previous poster may suggest.

"Weasel words are all I hear. Please substantiate."

Unfortunately I cannot substantiate, I can only offer my own experiences. I use Linux more because of the quality and quantity of the free desktop software that I get that is directly supported by the distro that I would normally have to purchase as third party software if I used a proprietary OS. Security was never a reason for my Linux usage, although I can say I've never seen a Linux desktop system compromised while I've seen many Windows desktop systems compromised. I apologize that I cannot substantiate my position on security better than this, but if you've seen more desktop Linux systems compromised than I have I'd like to hear about it.

"Another myth created by Open Source. Does Linux not store information and settings for all the hardware, operating system software, most non-operating system software, users, preferences.
Under Linux system-wide configuration files (information which would appear in HKEY_LOCAL_MACHINE on Windows) are traditionally stored in files in /etc/ and its subdirectories, or sometimes in /usr/local/etc. Per-user information (information that would be in HKEY_CURRENT_USER) is stored in hidden directories and files (that start with a period) within the user's home directory."

All true. I prefer the Linux method however, because all of these configurations are human readable and not hidden betwixt obscure folders with hexadecimal names and hexadecimal values. Also the centralized Linux installer programs (particularly the RPM and DEB based ones) tend to manage these files and log the changes better than the third party proprietary installers and uninstallers that you get in the Windows world, so if a mess is left behind (and the centralized installers tend to make sure they aren't) it's obvious to at least people who take an interest in such things.

"The GNOME desktop environment uses a registry-like interface called GConf for storing configuration settings for the desktop and applications. All this does the same AND GROWS OVER TIME JUST LIKE REGISTRY except it is much more inconvinient than registry."

Agreed. I am not a fan of Gnome and this is one of many reasons why.

"'Vastly superior file system(s).' Seriosuly how? Please elaborate."

Fragmentation (or lack thereof) is the biggest difference to normal users. A scheduled defrag on NTFS limits this difference, however you're not going to be very productive while the defrag is occurring.

"More and better backup solutions that can actually back up in-use files and applications."

Can't back that one up. Linux does have such solutions, but I am not familiar enough with recent Windows solutions to compare.

I think it's fair to say this: If you aren't up to managing a Windows system without outside assistance (either due to a lack of expertise, interest or time), odds are you aren't up to doing it for a Linux system either. Whether Windows or Linux is better for these people is an individual question. For some it's Windows, for others it's Linux. But you have to give the other a try, and a LiveCD will give you the best answer if you want to "switch" as you say, otherwise a test drive of an OEM Linux machine would do the trick.
0 Votes
+ -
Simple...
itguy08 17th Dec 2008
Add/Remove programs is now Add/remove Features
Wireless networking is completely different
Figuring the new Start (err, Windows) menu.
Fighting with UAC to do simple things.

There's a lot of relearning in Vista.

Office 07 is even worse but I won't go there now.
0 Votes
+ -
Just goes to show some of us are smarter than others.
ye Updated - 17th Dec 2008
Add/Remove programs is now Add/remove Features
Wireless networking is completely different
Figuring the new Start (err, Windows) menu.
Fighting with UAC to do simple things.

If this is your idea of relearning then you've got bigger problems.
0 Votes
+ -
Exactly!
micks_tricks 17th Dec 2008
I burst out laughing after reading that post. happy
0 Votes
+ -
That's just it though
Michael Kelly 17th Dec 2008
For some people's intellects that IS a big hurdle.

I forget who said this (I think it was George Carlin), but a person can be smart, but people are dumb.
0 Votes
+ -
Et tu Brute...
jasonp@... 17th Dec 2008
I think the same things when I read from morons who think that Linux or OS X or any other modern OS is difficult to learn. And yet they still come out in droves any time the discussion comes up about any other OS besides Windows. You even hear arguments trotted out that haven't been valid in a decade. For every ABMer out there talking down a Microsoft offering you'll find two NBMers talking down EVERYTHING else. All it proves is that sheep will be sheep.
0 Votes
+ -
Supporting evidence?
ye 17th Dec 2008
For every ABMer out there talking down a Microsoft offering you'll find two NBMers talking down EVERYTHING else. All it proves is that sheep will be sheep.

Sorry but my gut feeling is there are overwhelming numbers of clueless ABMers posting FUD about Windows.
0 Votes
+ -
You ask for supporting evidence, but only offer a "gut feeling" in return?
Zogg 18th Dec 2008
That's called a "double standard".
0 Votes
+ -
You're kidding, Right?
Badgered 17th Dec 2008
Add/Remove programs is now Add/remove Features

You're kidding right? Please tell me you're kidding.

Wireless networking is completely different

It is different, yes.

Figuring the new Start (err, Windows) menu.

It's the same, except it doesn't say "Start"... So I ask again.. You're kidding, right?

Fighting with UAC to do simple things.

I know, clicking "Allow" is huge! [/sarcasm]

There's a lot of relearning in Vista.

I hate repeating myself but... You're kidding, right?

Office 07 is even worse but I won't go there now.

You'd have had a much better case if you'd stuck to the Office 2007 vs 2003 changes.
0 Votes
+ -
Stop arguing. Let him enjoy his blissful ignorance.
micks_tricks 17th Dec 2008
His sheer ignorace of comparing learning curve from XP to Vista with XP to Linux and then having the audacity to present a slight name change of add remove programs is laughable. happy
0 Votes
+ -
no it is not
sjbinaz 18th Dec 2008
I do not even have Vista but I was helping someone on theirs. Add/remove programs is programs filed alphabetically right where you would look. Hasn't anyone ever heard of using "help"? It took just a few seconds to type uninstall into help.
0 Votes
+ -
Wut?
todbran@... 17th Dec 2008
Never have had any of those issues. And yes, Ubuntu runs as fast as advertised. Ubuntu runs circles around Windows. The compiling statement proves that you don't have a clue. Come back when you have actually used Ubuntu.
0 Votes
+ -
micks_tricks is a troll
~doolittle~ 18th Dec 2008
It's pretty obvious he is grasping at things to put down linux, some of it poorly defended, don't feed the trolls.
0 Votes
+ -
WTF?
Capt Obvious 18th Dec 2008
What the hell are you talking about? The article makes
no attempt to slagg off Linux at all, in fact it does
the complete opposite and says windows is insecure.
However it would be just as easy to same the same
about Linux, Linux Lovers are the worst for making up
false facts, they just wrongly claim that linux is
secure and doesn't get hacked, doesn't need AV yada
yada, which is simply not true, it is simply not as
common knowledge because the general public does not
use Linux.On the Server side Linux get hacked plenty.
0 Votes
+ -
oh yea, the article...
~doolittle~ 18th Dec 2008
I didn't read anything about linux in the article, but since it is about windows running IE vs. FireFox I guess it was inevitable.

As far as linux or whatever OS being more secure, it is only as secure as it's configuration. A pooly coded web server with no patches is insecure no matter what platform it is running on.

as far as micks_trix goes after I read this:

--------
"More and better backup solutions that can actually back up in-use files and applications."

And more random unsubstantiated weasel words from the Open source community.

If you want to post something back it up.
----------

If he is as fluent in linux as he brags, he should know you can take a complete clone of any linux host with a simple "rsync" command, it is how I do my backups and clone servers - and yes, I can clone a live running server to another physical / virtual host, reinstall the bootloader and it is up and running. I think he does know and, he is just trolling just because it's his shtick.
0 Votes
+ -
Firefox is FREE, Vista isn't.
Zogg 18th Dec 2008
In addition to recommending the use of an alternative browser perhaps people could start recommending the use of IE7 and Vista.

How can you recommend that people use IE7 and Vista if they only own XP, unless you are also tacitly recommending that they buy brand new PCs at the same time? That's a ridiculously expensive recommendation when Firefox is FREE to download, easier to switch to than an entire new OS, and is a better browser than IE7 will ever be anyway.
0 Votes
+ -
however the article clearly states that FF is also
sjbinaz 18th Dec 2008
insecure as IE on XP.
0 Votes
+ -
...far more secure than IE, when combined with noscript
~doolittle~ 18th Dec 2008
I had to correct you, the article said no such thing

but don't take my word for it

http://hackademix.net/2008/12/17/opera-firefox-and-ie-security-updates-all-together-all-the-same/
"Firefox will be automatically updated for its users before bad guys can analyze and exploit the patched vulnerabilities. That?s effective patching. Opera is in a slightly worse shape, since its update mechanism is not fully automated (it requires user to manually download and install the new version). Microsoft already failed this time, because the vulnerability has been already known and exploited for more than one week.
Right, zero day situations can happen to any software product, and Opera and Firefox might face a similar shitstorm tomorrow. But, even so, there are some interesting differences:

1. Patching policies: Microsoft implements a predictable monthly patching cycle. This is probably good for corporate IT departments, which can carefully plan the so called ?black Tuesday? to minimize their troubles, but it?s also good for evildoers and security attention-*******, who can carefully plan their exploits or disclosures to maximize their impact. Zero day critical vulnerabilities in three different Microsoft products have been disclosed immediately after last ?black Tuesday?: is this really a coincidence?
Firefox and Opera, on the other hand, issue security updates whenever they?re ready and tested.
2. Agility: as everybody knows, Internet Explorer is tightly coupled with the underlying Windows OS platform, and this makes both mitigation and fixing more difficult. In this case, for instance, the suggested work-around required not just hardening the browser itself by blocking scripts and plugins, but also disabling a system-wide data access component (OLEDB): this affected not just surfing the web, with many sites inaccessible or malfunctioning, but also most Windows applications relying upon databases.
3. Viable ad-interim mitigation: even if a browser vulnerability doesn?t involve system-wide components, mitigation until a patch is available almost always requires disabling JavaScript and/or plugin content (the latter is often used to circumvent security features like Vista?s DEP). On IE, such a work-around is hardly acceptable, since ?Security Zones?, the mechanism available to selectively change the security level of certain pages, is very obtrusive and almost unusable (yes, way worse than UAC). Opera is friendlier, thanks to its ?Site Preferences? which let user quickly change site permissions for JavaScript, Java, Flash and so on. Of course, only a minority of Opera users actually configure a default-deny policy, to selectively allow active content on trusted sites only. However, even those savvy users are suddenly out of luck, if they grant permissions to a site which is vulnerable to XSS: an attacker could circumvent script and plugin blocking by injecting his malicious code there, where it?s allowed to run. But if you use Firefox and you install NoScript, you get a safe default-deny policy configured out of the box and your trusted whitelist is effectively enforced notwithstanding site flaws, thanks to Anti-XSS Protection: JavaScript and other active content will run only where you want it to run.

To summarize: all the browsers can have vulnerabilities and equally need timely patching, but not all the users are equally vulnerable."
0 Votes
+ -
RE: Has Internet Explorer ever been safe?
kluca@... 17th Dec 2008
Qa
0 Votes
+ -
I have switched from Firefox
soonerproud Updated - 4th May 2010
To Google chrome now that they have extension
support. The extensions I use are Flashblock,
Disable Text Ads and IE tab
for those pesky IE only websites I must
sometimes use as a
HIV testing volunteer. Chrome is very fast,
minimalistic, has sandboxing unlike Firefox and
does a bang up job of rendering web pages.

I still have FF installed, but I rarely use it
any more.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix