Slashdot Mirror
BBC says "Avoid Explorer"
twitter writes "Citing security flaws that lead to ads and spys on Microsoft infested computers the BBC in this article recomends avoiding Internet Explorer." Ain't it the truth? Mostly its about adware & spyware and other wretched bits of software that make the internet suck a little
more each day.
Phoenix and it fookin rocks.
They should recommend avoiding Windows if their problem is security.
BTW, being Explorer unseparable from Windows, avoiding Explorer is avoiding Windows. Am I right, Bill?
It would be one step in the right direction...
Still too many webdesigners want to make sites that look flashy and work only in Explorer...
They never figured out they can make the same stuff work in many browsers if they would only try and learn something about web design itself instead of designer tools...
So till that's solved a lot of people will use Explorer because their favorite site is badly designed.
Working as a web developer I know that getting users to update their browsers is hard, let alone switch browser alltogether...
Unfortunately I doubt the problem as a whole can be solved by switching browsers. Rather I'd see stricter legislation tackle privacy issues.
.: Max Romantschuk
its a known fact. They're also trying to do with the customer's knowledge with messenger version 5. hell.. users are calling it a "downgrade". when is microsoft gonna learn that its all about empowering the user... not crippling him i don't say their products aren't good.. after all u can;t survive with 100% marketing, 0% product. what are they gonna lose if they declare Internet Explorer as an open source project? They aren't selling it as a seperate product anyways
|/________
|\A|ALYS|
Well, no it isn't actually. The BBC is reporting what Mr Clover said. Not at all the same thing as "the BBC recommends".
Sigh.
instead of abandoning IE, which is a decent web browser, be careful (not paranoid, but like anyone who's been on /. for more than ...5 minutes won't click on a goatse.cx link) about where you actually browse.
Looking for people to chat about multicopters, coding, music. skype: gtsiros
Subject says it all. Get it here.
Wasnt there a story about the bbc website using spyware to see what you were looking at on slashdot recently.
epicstruggle
"Im drowning here, and you're describing the water!"
"Avoid the BBC"
Rubbish. The Internet is getting better everyday. Pop-ups are becoming less common (especially using Moz), businesses are using better business models and delivering things on time, email filters are working more effectively, and the world is speeding towards most home users having broadband (and therefore more sites providing more content).
Life is good as a netizen.
--------
where is the beef? its mouldy at the bottom of the fridge. mmmmmmmmm beef mould
And although you can't really remove Explorer from windows, as long as you don't use it and have another browser as default, it can't be opened without user intervention or having certain software installed (like spyware).
And yes, with all the security flaws that are known (or unknown) in Explorer, I can't recommend it to anyone who values privacy and stability.
If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
The easiest way to avoid parasite programs, he says, is to stop using Internet Explorer because it is targeted by many of the adware and spyware companies.
I've never ran accross a site that "forced" its software on me. I've ran accross "gator" a few times which tries to install without my permission, but I still have to hit OK. This article has a hint of FUD.
As with anything, if people used common sense probably 95% of problems could be avoided. By common sense I mean NOT going to suspicious sites (you can usually tell by the URL.. something that has "geocities" or ends with ".cz" is probably going to be more dangerous than amazon.com for instance). Let's face it, there is always going to be some security holes in the most popular and widely used browser. Even if that browser ever becomes Mozilla (which I doubt will happen any time soon- I run Mozilla but speed wise it just doesn't compare with IE).
Unfortunately, we can't rely on common sense because it really isn't all that common. It would be nice to have a "sandbox browser setting" for people who don't trust themselves to practice safe browsing. Here's an idea- they could click on a little icon of ralph wiggam playing in his sandbox (remember, he doesn't go into the deep end). This automatically forces the most stringent security settings (disabling activeX, scripting, etc.) and double prompts each time you go to download something "Are you sure? Are you really sure?". This probably wouldn't be too hard to add to IE.
"Never, ever click 'Yes' to a 'Do you want to download and install?' prompt unless you 100% sure the people who made it are trustworthy," he warns.
More importantly: unless you are 100% sure who made it. This is at least as much of a problem as whether the person you think made it is trustworthy...
Apart from the known issues with IE, outlook, and IIS, what is insecure in Windows?
And as far as IIS goes, Apache hasn't had a spotless security record.
Some people decide they'll be on the safe side by "Condoming Up" and turning security all the way up.
But when they get rashes of popup ads, and sore security holes, they realize that IE is a tired lay that not only lacks the finesse and technique of younger variants, but leaves you wanting your money back.
Even though you didn't pay anything... Bastards. You just wanted to surf the net with IE, and BANG!!! Next thing you know you have a Windows infection.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
The BBC isn't actually saying to avoid explorer, it's the Mr. Clover they interviewed. There is a differance, you know ...
---
"The chances of a demonic possession spreading are remote -- relax."
I understand that this security/usability patch will correct virtually all the problems with IE to which the BBS objects. Of course, it's a pretty complete patch...
Are we calling for a return to Lynx? Or should we grow up and learn to live peacefully?
The worst thing is where they haven't even tested for other browsers. I've seen several major sites that will work with Netscape 6, but not Mozilla.
And I've just had an email back from one of the companies I complained to about this telling me that their site will only work with Netscape 5 and below.
So people stop using IE, then another browser (say, opera) takes over as the dominant browser, so spy/adware starts to be targetted at opera users.
Do we then avoid opera?
The problem is that there are morons out there developing spy / ad / malware, not which browser someone happens to use.
Sometimes they come attached to software you download from the web - the details are often included in the license agreement small print that most users click through without reading.
Which means you caused the problem not IE or windows.
And sometimes they don't even need your permission to download, but just hop on your hard drive, totally unannounced, because you are browsing the wrong webpage.
Too bad they don't go into more detail here about whether this is a general issue with malicious websites for most browsers, or actually expoloiting some hole in IE.
A few companies are now exploiting holes in Windows messenger to sneak adverts on to the screens of unsuspecting users.
Windows messenger _IS NOT_ part of IE. It is a seperate component that is unfortunatly automatically turned on. I do wish MS was better about what services were on by default, though I usually go in and turn off most services when I install windows, which I recommend. This is not a "hole" in the sense of a bug though, you _CAN_ turn it off.
While this article may have some basis, it really seems to be pointing at user stupidity. Don't browse some site, Read the EULA's and don't just click OK on a popup.
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
I remember back when I was in school. No one but academics and a few others had ever really heard of the internet.
Then I remember reading an article about some BBSes that were offering internet access via some sort of gateway technology. At first I thought this was a grand idea, and wanted in on it, mainly because I was no longer at school, and wanted to be able to email friends still in school and use usenet and gopher.
Mosaic had just hit the emerged as a fledgling proof of concept, and as I read more about the internet in even the trade press, I started to get that quezzy feeling that you get everytime something good comes to an end.
I knew it was all over for the internet when my roommate came home and told me all about this great new technology called the internet, and how it was the latest craze.
I wasn't around for the dawn of the internet, but I wonder when it started to suck, the first real indication it was going to become some commercialized, overused, underutilized resource for the masses.
I also, coincidently, remember the first person to show me mosaic, that barely stayed running (early, early version). He was sitting in my dorm room, so excited, telling me how he was going to make money designing these sites. "How is this any better than Gopher?" was my foolish question.
Cheers,
Ian
Well, actually, nothing really *sucks* since it's all pressure related. Just like when you breathe in you aren't really *sucking* but you're increasing the volume in your lungs (which in turn decreases the amount of air molecules/volume) and since there is greater air molecules/volume outside of your lungs - well that's just movement of a gas from a high concentration to a low concentration, isn't it? In a sense, the air is actually being *pushed* into your mouth...
So please, next time announce that slashdot creates a low concentration/volume which in turn causes users in high concentration/volume areas to move to slashdot for equilibrium.
sig: There are two mistaakes in this sig.
Whole article: -1 (Common Sense)
-braxton
Why is this under the "Microsoft" topic? There is an "Internet Explorer" topic as well.
Oh boy, the MS FUD team is working hard this morning. It is not a decent web browser. The only reason most people use it is because of Microsoft's absuse of monopoly power. IE is a rather poor browser, for many reasons including the fact that it doesn't really browse the web. It is primary geared towards mark-up that Microsoft created without public review on the process. Therefore, not Web. As for people who want to browse the Web, they should get a browser that adheres to Web standards. You'll find Opera and Mozilla to be excellent choices on virtually any platform.
... ...
Aside from that, IE is chock full of rendering errors on even simple elements, has very poor JavaScript, comes bundled with 8-year-old Java technology, is loaded with security holes, has nothing by the way of tabbed browsing, no built-in pop-up blocking, a horrid caching mechanism, slow as hell and hogs memory,
Why bother.
'Know what happens if you block cookies from ads.x10.com? They just keep opening windows on you. I've had 8 of 'em up before I closed some once (I normally use Pow)... Funnier - they have two ads, I had 4 of each.
;-)
Maybe we could have a contest to see who can have the most simultaneously open X10.com popup ads.
Oh, and the babes in the ads are almost sort of a type of soft pr0n...
Mark
these peope are NOT websesigners... they are Posers and wannabe's who really are no-talent hacks that csnt use anything but frontpage to create a website.
If they dont use a text editor AND adhere to W3C standars... then they are posers... pure and simple.
It is good to see that more and more major parties are realizing the serious problems with certain MicroSoft software. It's buggy, so it should be fixed. There are serious bugs, so they should be fixed ASAP. MicroSoft is known to not always do this. Worse, many MicroSoft programs have bugs with serious security implications, and your average luser doesn't know, much less care about those. This is a real threat to everything on the Internet.
However, I can't help but wonder who's next. MicroSoft operating systems are unsurpassed in the number of virii they support, and MicroSoft's software has traditionally been qualitatively inferior to competing products in many cases. However, this does not mean that this is a MicroSoft-only issue. I know that MicroSoft's Windows, Internet Explorer, Office, and the whole ActiveX system are full of holes, but how do they compare to, say, the GNU system, Linux, Xfree86, Mozilla, Koffice, and Java? Many of those seem to be more securely designed, but I don't think any of them have had the extensive testing from crackers that MicroSoft's products have. How can we recommend avoiding one product, if we don't have a better alternative?
Please correct me if I got my facts wrong.
...The folks who write spyware and other programs tracking your Internet access haven't yet discovered Mozilla 1.x and Netscape 7.0 yet. Given that many web browsers need cookies to operate in certain sites, it won't be long before you see spyware running in Mozilla and Netscape 7.0 without you knowing it.
Besides, if you apply all appropriate patches from Windows Update, configure Outlook Express' Security functions NOT to allow downloading of attachments and install McAfee VirusScan 7.x, you can surf the Internet pretty securely with Internet Explorer 6.0 SP1.
Listen, a lot of people on this site and some IT old-timers are about the only people that are not using IE unfortunately.
_ __
The vast majority of people are stuck with Windows and IE because that is what comes on their $999 box they bought from Best Buy and all the warnings in the world will not change that.
If AOL had the balls to use their own freakin' browser instead of IE then maybe the web designers would wake up after being hit with that clue-by-four. Until then...IE will be dominant.
_______________________________________________
ACK
I've been wanting to switch to a new browser anyway... I need to find one for windows (I wish I was using Linux)... Anyone have any recommendations???
-Magiluke
Earl Grey, Hot.
Considering the BBCs site doesn't or didn't display right in Netscape how can they recommend avoiding IE?
I forget how many times I've complained about that.
Then, you install Phoenix or Opera, or whatever you want and be all happy.
Dawn of the Dead
the only downside is that I often have to do a manual reload of a page since there appears to be no way to tell it to check for an updated page.
-Cnik
Apparently not all the moderators are intelligent and good-looking (you know who you are)
Sorry, but my karma just ran over your dogma.
I hear so many great things about Phoenix here on the dot of slash. Are these accolades warranted? Even though Pheonix is only at 0.4 or something?
I fail to see what Internet Explorer has to do with the latest rash of Messenger Service spam coming in from the Internet. Instead, it is just a general Windows problem that will affect you no matter which browser you use. The only solutions are to disable the messenger service and/or block incoming connections to udp/tcp 135, 137, 139, and 445. I think that even XP has this service turned on by default if you have a network adapter. But, maybe I am way off base and they are talking about some other kind of spam??
Isn't the online tax service in Britain M$-IE only?
Is it my imagination or hasn't the British Gov't been behaving in a very pro M$ fashion for a while now?
things such as Litestep allow you to dump the explorer shell. then you can simply use other browsers and file managers instead of explorer. I prefer to use cygwin and mc along with phoenix.
-Cnik
The mozilla patch still leaves many problems (viruses / slowdown / MSN popup ads / VBS script emails / BSODs).
A far more complete patch can be found here.
and rightfully so.
Active X was pegged from the start as the dangerious hole that it is, and now IE is so tied in with the base OS that people like my mother are screwed over time and time again by these people and programs[1].
MS in make our lives so much easier has forgotten that not everyone is altruistic as they are. Or maybe everyone is....
[1]Don't say give her Linux. Trust me, if I could I would have already, just not practial for her or me.
III.IIVIVIXIIVIVIIIVVIIIIXVIIIXIIIIIIIIVIIIIVVIII
Your home computer is a pretty dumb device...
Hey! I use Linux.
What the hell version of Netscape are you using? I just had a quick glance at the source and there doesn't appear to be anything that should bring any worries to a decent browser. Though admittedly early NS' had all sorts of problems with anything related to a table.
*** Stop using Windows ***
When I finally dropped Windows years ago I stopped worrying about viruses, trojans, adware, spyware and the like.
All the spam I still receive comes -surprise!- when I release my mail address to somebody who puts it into an Outlook address book.
Besides games and/or some vertical applications there's no reason for the average Joe User to keep using that piece of crap. Do the Internet a favour and stop using it, at least when you're networked.
Software becomes trustworthy when, and only when, everybody is allowed to examine what the software does.
The thing is, Explorer's no "worse" than anything else out there. It's just incredibly more popular, and not just because it comes with Windows, as IE is the leader on the Mac as well. It's the same phenomenon we see with Windows virii: people who write spyware and virii target the most popular platforms. If >90% of Internet users ran Mozilla then we'd see the same things written for that browser. It's not due to any special vulnerability in the browser. Getting people to switch to something else is only a temporary solution, a band-aid that doesn't treat the underlying illness. The BBC should instead be educating people as to what is safe web behavior, as that transcends issues of operating system and browser.
Karma: Good (despite my invention of the Karma: sig)
Some time ago there was a story about the IE only UK government gateway size. Fortunately, this is no longer the case.
Fastest on any platform. still in beta. But no security issues to note yet.
---
Thank you for your e-mail. In reply to your queries both Mygo and go mobile's website are designed for IE5 and upwards and this is Company policy.
We are aware that not everyone uses IE. However, IE offers certain features which other browsers do not. Using these, we are able to use a greater array of features which allow us to design better interfaces. 84.3 per cent of the internet population uses Internet Explorer. More than 98 percent of the hits on go mobile's website originate from IE.
---
I mailed them again telling them it's nonsense (browsers reporting themselves as being IE etc) and that there are alternatives to make it work for both but surprise surprise! no reply. Bugzilla contains a number of other websites suffering from this condition (inc. Microsoft, no surprises here).
Therefore Mozilla follow standards so page X won't work and page X authors follow market so they won't fix it. What does BBC recommend I do in this case?
---
It seems to work only on IE.
The owls are not what they seem
Unfortunately a lot of people don't actually read the EULA. They just click through until the software is installed. Even if you do read it it's full of dense obscure legal language that mostly doesn't apply to you. Advertising software if implemented correctly can allow developers to make money from their software without requiring the end user to pay.
The problem is it's often not done properly. There are spyware apps like aureate that operate in stealth mode by passing themselves off as Windows system processes and making sure that they don't even show up the task list or binding themselves to winsock so that you delete or uninstall them your Internet connection stops working. Microsoft should be made to fix these holes in IE but I think some pressure should also be applied to the people that write these programs.
Not only does MS 'phone home' with your private information, it is arrogant in the extreme to declare in its EULAs that they, NOT you, should determine what should or should not be on your own PC and IF you want to patch a security hole in media player 6.4 you have to agree to such nonsense.
It's no wonder WinXX users are abandoning MS emass in favor of true security and freedom from oppressive EULAs and license fees.
Running with Linux for over 20 years!
Have you downloaded any java plug-ins for your browser,or even enabled Java? Works fine if you do.
Don't download the video at 11! It's a trojan!!
One line blog. I hear that they're called Twitters now.
I say: Avoid cmdrtaco. If you have to be near him, write on your ass "exit only".
Criticising the BBCs use of Real is actually bad for their use of Ogg. Within the BBC, using Real is a 'Not Microsoft' option. They don't want to be forced to use WM[A|V] and all the Microsoft streaming software. Management feel more comfortable with a commercial offering at the moment. If it comes to their attention that there are many complaints about Real, they will try to replace it with Microsoft. Ogg needs to prove itself alongside Real first.
wfm.
Status: Closed. Unreproducable.
If you can't see this, click here to enable sigs.
This site works just fine.
The owls are not what they seem
just install the java plugin and it works fine. and the site is perfectly usable without the newsticker...
For anyone who remembers, the internet used to be about content and freedom of information. Now it is about serving up some ads for wallstreet. The hope for an uncluttered, uncommercial internet is more than likely lost forever.
Damn, your not using SUSE then are you?
The internet is a big enough place -- I can avoid (much like a pretty girl with a bad sexual disease) any site that is to ignorant to ensure that it functions with the latest versions of all major browsers.
If only 10% of the people used browsers other than IE -- could you imagine a storefront locking out that many "perspective" customers? (And if they do -- well then they are to ignorant to deserve survival.)
(+1 Funny) only if I laugh out loud.
Still too many webdesigners want to make sites that look flashy and work only in Explorer...
I know a lot of people say this, but is it actually true. I use both Mozilla and IE and very rarely notice any differences.
It works in Opera, at least for me on windows. TBH theres not much point having that ticker anyway since the entire page is full of news ;-)
The rest of the page/site works in every browser i've tried.
no sig.
It's a case of "if it aint broke, don't fix it". From Joe's point of view, it isn't broke - so he won't do anything about it. He's not experienced all this stuff that people talk about, so why change?
Until something nasty comes along, wipes his "My Documents" folder and then totals his operating system - he'll happily use Internet Explorer.
People don't protect their home until they've been burgled, the don't protect their car until it's been stolen. It's all reactive - not proactive.
Until these 1001 security issues stop becoming potential exploits and become actual exploits hitting hundreds and thousands of users a day - then no-one is going to change.
(disclaimer: I know Code Red could be put into this category, but then again, it didn't wipe anyones personal files did it?)
(another disclaimer: This is a combination of mine and other comments from my original thread here ... ignoring the AC who obviously didn't get my point)
Avantslash - View Slashdot cleanly on your mobile phone.
"So people stop using IE, then another browser (say, opera) takes over as the dominant browser, so spy/adware starts to be targetted at opera users.
Do we then avoid opera?
The problem is that there are morons out there developing spy / ad / malware, not which browser someone happens to use."
Not really true. The design of Windows and IE allow for such malicious alteration. This type of compromise is a lot more difficult to achieve in any Unix environment. Mozilla, for example, can be configured so that the malicious program will not have the ability or permissions to execute whatever it wants. And in Unix, even if the user is horrendously stupid, it is still extremely difficult to bring down the system as that would require much more than even all the user's permissions, but also root access.
As long as Internet Exploder is the ONLY browser to come with that shiney new PC everyones getting, then recommending that people DON'T use it is a total waste of time. People look at the prospect of tying up their modem for a 8-10MB file, and they basically think 'It won't effect me'.
I have enough trouble convincing my Mom and sister to update their AV software weekly, and that's only a few hundred kbytes.
-- You can't idiot-proof anything, because they're always coming out with better idiots.
Considering the BBCs site doesn't or didn't display right in Netscape how can they recommend avoiding IE?
If you're using NS4 then personally I believe you should expect problems. I'm all for cross-browser compliance, but there really is no reason to be using a 5-6 year old browser with substandard (to put it mildly) CSS support.
I design for standards compliant browsers, NS4 is not, therefore visitors who insist upon using this take their chances. Even Redhat have removed it now, which is a good thing - if only Netscape would remove the download link...
Code, Hardware, stuff like that.
I can't be the only one who noticed that the BBC article never actually "cites security flaws" in IE as the reason they suggest avoiding it. They suggest avoiding it because it is the most popular browser, and as such guerilla marketing is mostly targetted towards it. But it's my own fault for even mentioning it; it would have taken some measure of journalistic integrity to report that accurately instead of crafting baseless prpoganda, and we all know which is more characteristic of slashdot today.
I'm using mozilla with the internet explorer skin. It works great, though there's a little hack you have to do to get the home button back into the main toolbar.
:-).
Mozilla is a better browser than i.e. in a lot of ways (tabs, standards compliance, etc.), but the big one for me is that i.e. is essentially an ad delivery systerm. So there's not much we can do to selectively block cookies, or graphics from specific servers, or pop-ups, etc. And I don't like the prospect of being at the mercy of unscrupulous companies who wish to make changes without my knowledge or consent. (Actually, what I'd really like is a way to get rid of i.e. entirely on w2k/xp.)
That explains mozilla, but why the i.e. skin? Well, the default mozilla skins are not exactly beautiful. And my wife is highly resistant to change of any kind when it comes to her computer, and with the i.e. skin I was able to switch her w2k machine to mozilla without even a word of protest. Of course, at this point she's so used to tabbed browsing and the pop-up blocker that she wouldn't switch back anyway. And me, I don't have to worry about some exploit using i.e. to take her computer down.
Actually, I even use the i.e. skin on my linux box. Just for the perverse fun of it, I guess. I also have a nice wallpaper from w2k of a diver against a blue sky. It's very spiffy, though naturally I GIMPed out the little windows logo first
Hmmm, that's an expert opinion and it was strong. The author, Mark Ward, quoted Mr. Clover as a computer expert, someone who knows what they are talking about. The overall opinion was that Windoze was an easy to take over piece of junk and IE should be avoided. Note the lack of comforting words from M$ shills and other whores who would simply blame the user. The article concludes:
Fears about adware and spyware are not just for privacy fetishists and cyber-libertarians. Much of this surreptitious software is badly written and can crash your computer, others simply slow down your machine and make web use a chore. But the real danger is the fact that many of the loopholes in Windows that these programs exploit are being increasingly used by virus writers. If you do nothing to close these holes then one day you may lose much more than information about your online habits.
Can there be a stronger general denunciation than that? It ammounts to, "keep using this slow painful junk with and you will lose your work." That's an amazing article to see in the mainstream press.
Friends don't help friends install M$ junk.
I do, Guess I go to different places.
Those of us who are in software development, particularly internet based, need to consistently support customers who use IE. This means we need to run IE ourselves for purposes of testing. And speaking of testing, another thing I dislike about IE is it appears to not expose errors in HTML (tables for example). This makes testing HTML generated by our systems even more difficult.
Of course, switching back and forth between browsers is easy enough, but I do admit to being lazy sometimes and just using IE instead of firing up good old Mozilla at work.
M$ - counting on our laziness ...
This coming from the site that runs spyware on your machine.
-------http://www.bbc.co.uk/privacy/--------- RedSheriff, an independent measurement and research company, gathers non-personal data regarding the visitors to our site on our behalf using cookies and code which is embedded in the site. Both the cookies and the embedded code provide non-personal statistical information about visits to pages on the site, the duration of individual page view, paths taken by visitors through the site, data on visitors' screen settings and other general information. The BBC uses this type of information, as with that obtained from other cookies used on the site, to help it improve the services to its users.
Actually, if you want to ensure you're being safe, you have to educate yourself. This goes with all things in life, not just computers. Expecting someone to do the work for you leaves you open to exploitation. I absolutely abhor this attitude:
"I don't know much about computers, but I don't want to get a virus or have something bad happen to me, EVER. And if something does, well, it's YOUR fault, because you didn't make it safe enough."
Tough shit. Anyone who's been using computers since before the 90's usually has an inherit, built-in mistrust of them. They've dealt with system crashes, computer viruses, and the like, and know the reality is that you're dealing with a very complicated machine, and there are a hundred things that could go wrong at any moment. It's this new-fangled entitlement that the Internet-age has brought upon us that really pisses me off. Entitlement without responsibility.
To use your analogy, if your Mom never learned how to drive, or was a bad driver, she should probably avoid roads at the very least, avoiding cars altogether might be better. Yes, Internet Explorer has loads of security holes. And some cars are more dangerous than others. Not everyone on the road is your friend. Make system backups. At least we have that luxury in the computer world.
........unless you behind a proxy that uses windows authentication.
.net authentication.
You'll have the safest browser possible, since it won't be able to connect through the proxy server.
The bug's only been in mozilla for ohh 3 years, lets hope m$ doesn't make
thank God the internet isn't a human right.
I'll tell you what happened: nothing. Lazy Web designers have always been so concerned with making a site look "just right", that they need to use some little trick that only works in one browser or another... then to make the site look "just right" in some other browser requires a whole lot of replacement markup and probably a some swapping javascript, if not a completely different set of pages.
I'm even lazier. I could care less about "just right". I use style sheets, my site looks fine in Lynx. Admittedly, I am not using lots of sliced up graphics and javascript, but that's because I am not very sophisticated: I code by hand.
Personally, I think designers should make up their minds and either use Flash for complete presentation control or style sheets and vanilla (X)HTML to reach as wide an audience as possible. All the crap I see in "View/Source" makes me cringe.
I've got a bad attitude and karma to burn. Go ahead. Mod me down.
In the UK we have to buy a licence (about $200) to watch TV, if you didn'y have one, you could be fined about $2000. When I was a student, there was loads of hype about "TV Detector Vans".
Basically they drive round in a van with an arial on the top that can detect if you are watching TV.
They would run adverts like "TV Detector Vans are Operating in YOUR area, and actually have these green vans with arials on the top that thay would drive round.
It turns out this was all FUD. They did have the technology to do this, but it was impracticle to implement, so they just used empty vans.
The technology worked by detecting the CRT emissions form the TV set, so I guess Microsoft could build one to check for windows licences.
"XP Detector Vans are operating in YOUR area!! You have been warned..."
Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated up.
Nothing new to see, really; move along.
The direct link to the home button hack is here
If the installer didn't crash on my XP box :P
It would be nice to have a "sandbox browser setting" for people who don't trust themselves to practice safe browsing.
It's not that origninal a wish but it's competing with other wishes. I'm sure that you, like M$, know about the java "sandbox" concept and unprivalidged user accounts and all that. The problem is that M$ intends not follow good design practices so that they can sell your desktop as advertising real estate. That's why IE and Outlook run as root and the new M$ EULAs all demand that M$ be alowed to view the contents of your computer and put whatever they please there. That's why M$ worms are so easy to write and cost the rest of us so much money in workarounds, "security" patches, and what not that never works. That's why the BBC author recomends avoiding IE and hints at all of the above.
Friends don't help friends install M$ junk.
The quote from the British Broadcasting Corporation as reported by slashdot is incomplete. The actual quote is not "Avoid Explorer," it is "Avoid Internet Explorer as if it were toothpaste."
They are British, after all.
Your suggestion is ludicrous, "be careful where you browse"?
That is NOT a solution. People can't be careful where they browse because of the nature of how the web works. Suppose you are doing some research on something obscure, so you are googling along trying to find info on it. How the fuck are you to know whether you should trust any of the sites linked to by google? You can't! Your browser simply has to be secure and not do things it shouldn't do.
Duh!
Sticking feathers up your butt does not make you a chicken - Tyler Durden
I've been building pcs for many people on the side, and here's the biggest complaint i get when i try to push mozilla on them:
"Why doesn't the back button on my intellimouse work with it? It works with explorer."
And just like that, 20 or 30 people have turned off mozilla for just THAT reason. To them, it's just some browser that takes longer to load, puts an icon in the taskbar, and in which the back and forward buttons don't work. And it's no use trying to convince them of all the benefits.
BBC actually only quotes a guy who says don't use IE. There's a slight difference.
Don't get me wrong though, IE sucks. I only use it from work to read books on safari.oreilly.com. Believe it or not their site doesn't render correctly in Mozilla. I've emailed them and they say that they're working on it, so hopefully it won't be long.
My Karma was at 49, then they switched to words. All that work for nothing!
If companies create their websites based on the usage statistics, stop making non-IE browsers identify themselves as such. The site may not work, but at least their statistics will be more accurate. They may do something about it if it's significant.
maybe true, but I bet they can use a fucking spell checker
It works for me (mozilla 20021120 on OS X 10.2.2)
or has the entire world just forsaken any pretense of proper English?
This man is writing for the BBC, as a journalist, and he couldn't even take the time to review his article and remove the nasty grammar and spelling mistakes?
Because downloading Phoenix takes all of five minute
Will I retire or break 10K?
I did. With IE. Here is what happened:
1. Your IP address
It picked up my IP address. Fair enough. I'm not running through an anonymous proxy.
2. Hidden tracking files (cookies)
It couldn't list any of my cookies.
3. Exposed Clipboard
This was a little scary. It picked up what was in my clipboard and displayed it.
4. Hack and Exploit Vulnerability
Sophos immediately popped up a message telling me it had detected 'Troj/Codebase-A' in my temporary internet files. A window appeared with some HTML telling me that file:///c:/winnt/win.ini had moved. But nothing else.
I couldn't open the click here links, the links below that didn't work and MSN wasn't giving out my contacts.
5. Browser and Operating System
Big deal. It got them from the HTTP_USERAGENT. I'm not totally paranoid - I don't mind people knowing what browser I use.
6. Geographical location
Middlesex, England, GBR. Well, 2 out of 3 isn't bad but not exactly something to get worried about. Wonder why it thought Middlesex though?
7. Your network
This took the piss. It's just a traceroute from them to the IP address that they determined in the first test. It's not much of a big deal.
I run Internet Explorer 5.50.4919.2200. Sure, I don't doubt that IE has it's problems - but the stuff that Anonymiser is shreaking about is generally not that big a deal and flagged only so they can sell their products.
(mind you the clipboard one was a little spooky)
Avantslash - View Slashdot cleanly on your mobile phone.
What expert? Who is Andrew Clover and where is his web site? I've never heard of him. If his only claim to fame is writing anti-spyware software then that isn't saying much. Not what I would call an "expert". And his opinion is not particularly strong against IE. He gives several tips for avoiding spyware, one of which is "The easiest way to avoid parasite programs, he says, is to stop using Internet Explorer because it is targeted by many of the adware and spyware companies." That's like saying that a real good way to avoid hackers is to never use a computer.
Can there be a stronger general denunciation than that? It ammounts to, "keep using this slow painful junk with and you will lose your work." That's an amazing article to see in the mainstream press.
No. It amounts to you mischaracterizing what was said. The writer is referring to the spyware as being junk and suggests that users keep their systems updated with the latest patches.
biological systems point the way here...monoculture, not morons, is the problem
monoculture of any crop (be it corn, pigs, or internet browsers) leads to a situation in which disease can easily propagate across the entire population.
One of the fundamental principles of organic farming is to cultivate a genetically diverse population, thereby limiting the scope and potential damage of any particular disease vector. Consumers of software would be well advised to practice the same concept
I know it's offtopic, and that seems silly to ask and all, but I'm actually being quite serious. :) I see the term used and I was wondering what it means.
Thanks in advance!
"I'm a leaf on the wind. Watch how I soar."
-Hoban Washburn
And in Unix, even if the user is horrendously stupid, it is still extremely difficult to bring down the system
A program running as a user can do worse things than bringing down the system, such as disclose trade secrets stored in the user's account. The SirCam worm for Windows used this approach.
Will I retire or break 10K?
That's how I've always seen it used...
Your monitor is staring at you.
Besides, if you apply all appropriate patches from Windows Update
How do you download patches from Windows Update? By going to windowsupdate.microsoft.com... with IE. And if it's a fresh install, you have to download the patches with unpatched IE.
Will I retire or break 10K?
I finally made the switch from IE to Phoenix, via Mozilla. Phoenix is good, except I've had several crashes and a couple of time it seems to get rather bloated and crash. It's also crashed a couple of times on exit as well. I think the latest Mozilla crashed a few times for me as well, so this is no big deal.
How do I stop Phoenix from deleting my cookies after so many days? Every so often, I have to re-login into all the sites that I visit again. This is really annoying.
God that's awful
But I snatched it for the Sick Poets Society Page
Anonymous Coward, step up and claim your prize!
(Posting as AC cuz I'm too lazy to create an account)
when people say "Ok, I'll bite". As you can see, that phrase is so overused that someone else responding to the same thing just below you has "Ok, I'll bite" as well. Not only is it overused, but it is also really annoying. If you think it is just a troll or flamebait you are replying to (implied by that phrase), then you shouldn't bother to respond. And if you don't truly think it is trolling, then you shouldn't preface your comment with a line that implies this.
It's like those people who label their own post with "I'm probably going to get modded to hell for this". Your words should be able to stand on their own with moderator manipulation tactics.
Let's say everyone stops using IE and starts using another browser. What do you think the bad guys are going to do, find another hobby? No, they'll target that browser. Just as nobody burglarizes an empty house, no one targets a browser with miniscule market share. Increasing the market share of another browser will just turn attention to that browser.
The other question is this: is IE inherently insecure? More than Lynx, yes. But users want features (yes, it's true...not all the bells and whistles in a "modern" browser are forced upon us) and features add complexity which increases the potential for holes.
For true security, just telnet to port 80.
I reported a compliance bug with a web page whereby the authors used some proprietory tags which are not W3C compliant. I filed the bug under Mozilla too but the official reply was: "It's not a bug, we're following the standard and not accepting propr. tags".
The usual bugzilla.mozilla.org practice in this case is to morph the bug into a Tech Evangelism bug and reopen it.
Will I retire or break 10K?
If opera is crashing, try (if you're not already) the statically linked qt version. Stability problems are often caused by interactions between the installed qt on your machine and the one that opera was compiled against. The statically linked one does not suffer from this problem. If you are using the statically linked version, then I got nothin' for ya.
A great many people think they are thinking when they are merely rearranging their prejudices. -- William James
I've been a web developer and designer for over 5 years, and I code and test for nothing but Internet Explorer. To code for other browsers as well would take at least 2-3 times as long. My clients generally are willing to accept the tradeoff that 1% of the web population will be unable to see their site, and most of those users are using IE3.
It's simply a matter of maximizing their investment.
$50k for 99% of the users
$100k for 99.7% of the users
You pick.
Ha, you think Mozilla is better than IE. That's pretty funny.
Agreed. I can't remember the last time a web site I visited looked funny under Mozilla (well, discounting the fact that I don't have Flash installed in Moz). Pretty much everything I've come across in Moz looking just as good as it did in IE. The only annoyance I have is web "developers" using ALT tags instead of or not in addition to TITLE tags for tooltip information on images. It's not that tough to include them both, people!
Of course, what they don't tell you is that news.bbc.uk has a nasty bit of Java from Red Sheriff that tracks clicks, and sometimes even tracks clicks to sites other than the Beeb's. Don't accept .js or .jar files from the Beeb. Ever. They're not to be trusted, and two-faced.
That's what I say too!
It's the quoted opinion of the interviewee, not that of the corporation.
Especially when there are still quite a few bugs preventing Mozilla from loading BBC web sites properly.
Will I retire or break 10K?
I like the attitude that since everyone else uses it I have to use it too. Keep that up and you'll be able to change a lot in this world. Excuse the sarcasm, I know it doesn't always show up when written. I will admit MS does give great sales presentations to the companies who are willing to spend the money. I work in education and we can't afford to pay microsoft 8 times over for each user we have on a server.
That kinda of makes sense I think even though there is cohesive point. Nah, I'm just a ranting fool.
How soon before the Bush Administatration labels the BBC as terrorists against USA?
and not 98lite.com
I was, like, starting to read the article using Internet Explorer. And then my computer went like beep, beep, beep. And then I got redirected to msn.com. Seemed like a really good article. Bummer.
DRM measures and .NET will fix all of this... honest... mmm... pfffft... heh... ha... BWAHAHAHAHAHAHAAAAA!
That's a very bold statement.
Mozilla, the big one
Phoenix, it's smaller brother
K-Meleon, the smallest of them all
Mozilla comes with nice mail program too.
J.
I wonder if it could be possible to write a spyware in XUL? Just build a sidebar applet that stays hidden, perhaps? I actually have no idea, but could XUL be just as bad security breach as ActiveX? (Or whatever it is called this week)
J.
According to ZDNet in late June:
IE: 95.3%
Netscape: 3.4%
Mozilla: 0.4%
Opera: 0.7%
Other: 0.2%
You did the right thing for a first step, but you didn't say if you left the service or not.
I don't know what "Mygo" is, but I assume it is some kind of wireless content provider (too lazy to Google). Regardless, if there is an alternative service, quit Mygo (and make sure you contact them to let them know you did and why). Even if there is not an alternative, quit anyways and sign up again if you can. The statistic that someone quit because of their web page will still be there.
Sure, you are a drop in the bucket, but the bucket doesn't have to be very big to get a company's attention. An upper-level management guy is probably responsible for tracking the reasons for people leaving their service. Even a few can probably get him thinking that maybe "Company Policy" needs to be changed.
The guy who responded to you is a low-level support guy who probably knows that it wouldn't be that hard to standards-compliant with their site. But he/she has been told "we don't lose any money by being IE-only (assumption), supporting other browsers would cost more (fact), so we are IE-only!" Only by proving that it *is* costing them money will they change.
Look at the tomato! Isn't it sad? He can't dance! Poor tomato!
Your blind assumptions about the security of Mozilla are putting your wife in danger. Just a few weeks ago, Mozilla has disclosed six serious security flaws ranging from nondisclosure of SSL failure to a buffer overflow DoS that has yet to be prozen unexploitable on Windows platforms. That means that anyone running Mozilla is exposing themselves to remote takeover by a hostile site.
The worst part of all this is that there are currently no fixes for any of these problems available from Mozilla. Running IE is far from a "solution", but keep in mind that 99% of attacks against IE are against people who fail to apply the security patches and turn their "Internet Zone" security to "High". Browsing through a transparent proxy such as JunkBuster improve security even more.
The point of all this is that both browsers are huge codebases being developed at breakneck speed, and no implicit assumption of security should be made. Security is a process, and those failing to undergo the process will become victims.
Even Mozilla users.
If guns kill people, then CmdrTaco's keyboard misspells words.
Avoid Internet Explorer because people are targeting it. Use something else because it's more obscure.
Now tell me. Does that make sense? Are you actually safe, or do you just feel safe?
If you designed for standards rather than browsers, you wouldn't have to differentiate. Also, I fail to see how you're achieving 99% compatibility designing around IE. A quick check at the Global Stats at The Counter shows me you're only reaching 92%-93% using this methodology. Following sound methods such as adherence to web standards set forth by the W3C is the only way you'll ever get to 100% of the browsers out there, and I see many designers doing it each and every day without having to take a significant amount of extra time to accomodate NS6 and Mozilla. Hell, I've done it several times on accelerated deadlines using XHTML/CSS/JS, just as quickly as if I were just coding the site purely for IE. Granted, older technologies (i.e., IE3, NS4) are now by the wayside or are on their way, but if you aren't developing for a "Mozilla, NS6+, IE5+" baseline, your audience is getting the shaft and your employer isn't getting exactly what you're claiming to give them. Just in case I get a few people complaining "What about Netscape 4.x?!" Get a new browser that actually includes standards compliance. I'll develop for it if I need to, but 4.x is so old hat that it's merely a relic from the dot-com boom nowadays and needs desperately to be put down like the dying horse it is.
SNACKS ARE AWESOME
It takes about 30 seconds to test in another browser. Just follow these steps:
1. Open NS/Moz/Opera
2. Open the web page
3. Look to see if it is displaying okay
4. ???
5. Profit!
As long as you're using good HTML, it shouldn't be that big of a deal.
"Giving money and power to government is like giving whiskey and car keys to teenage boys" P. J. O'Rourke
Everyone knows IE blows. There are plenty of good choices for browsers. Opera and Mozilla/Mozilla-based browsers. Lets face it, IE is old rusty technology, even with addons and frontends like MyIE.
. . . This post is a Mac commercial waiting to happen. Way to go, you bastards!
Lots of people have access to the Windows source code, albeit under non-disclosure. See the various licenses at http://www.microsoft.com/licensing/sharedsource/
http://home.earthlink.net/~vorck/
Read this : http://msdn.microsoft.com/downloads/default.asp?ur l=/downloads/sample.asp?url=/msdn-files/027/002/10 4/msdncompositedoc.xml .NET Alerts is a message and notification routing service that makes delivering customer communications easy. Content providers can send messages to customers who choose to receive them. Alerts are routed to Microsoft Windows® desktops, cellular phones, wireless personal digital assistants (PDAs), or any e-mail addressâ"all based on the customer's delivery preferences.
Microsoft®
Read this : http://msdn.microsoft.com/downloads/default.asp?ur l=/downloads/sample.asp?url=/msdn-files/027/002/10 4/msdncompositedoc.xml
.NET Alerts is a message and notification routing service that makes delivering customer communications easy. Content providers can send messages to customers who choose to receive them. Alerts are routed to Microsoft Windows® desktops, cellular phones, wireless personal digital assistants (PDAs), or any e-mail addressâ"all based on the customer's delivery preferences.
Microsoft®
/. seems to be filled with people that LOVE to bash Microsoft and harp on how *nix and it supporting software is so much more secure. What you fail to take into account is that these &^%$^#$ writing ad-ware and spy-ware are going to target the community with the largest user base. Are you surprised to hear that it is Microsoft??? Hence the largest amount of time in the hacker community is spent on Windows, Explorer and Office. If even HALF the amount of time was spent on hacks for your beloved *nix systems and supporting software that is spent hacking MS your glass walls would come crashing down because MAJOR security holes would be found and exploited. I need only point to recent hacks in Apache.... So BEWARE your tower is not quite as secure as you think it is. You are simply being ignored.
Yes, Mozilla is very very nice. Modern theme works for me, though I don't know why Classic theme is default, it is the worst theme. There is also a tiny theme that is nice, it gives you a bit more browsing space.
I am waiting impatiently for 1.2 to be released (1.2b is too buggy, downloading didn't work correct). Type-ahead find is simply the coolest feature ever. Being a keyboard control freak, this will be good for me.
Think about it: Say you're going through a set of pages that require you to click a "Next" link to advance through the pages. You can click using the mouse, but it probably won't be in the same place everytime, and may go out of reach when you scroll through the page. With type-ahead find, you just start typing N... E... X..., until the Next link has been selected and hit enter. You may even make a macro that does this for you, say make the left and right arrow do Previous and Next respectively. Personally, I'm excited about these possibilities.
This article basically says to avoid spyware and adware in general. No shit. This isn't news.
They recommended that you don't use IE because that's what most of this nasty software is targeting, not because it's a buggy piece of MS shit. It stands to reason that the most popular browser is going to attract the most amount of attacks. Again. No shit. This isn't news.
Enough of the anti-MS propaganda, it's truly getting ridiculous.
The "dektop machine in single-user mode" is a false problem. A machine who runs like this may get compromised at the system level and then ? And then at worst you have lost all you files on it. If it runs with a proper privilege separation, the system won't get corrupted, but all your files are lost. And that's the problem: what's important is the files the users put on a pc, not the system. You can always reinstall the system easily.
I'm only speaking about personal computers of course, not true multiusers ones.
The one that annoys me is my bank. Their site does browser detection, and refuses to serve anything but IE 5+ or Netscape 4.x
...who are intentionally using spyware on their web site.
vk.
Here's a link: http://lynx.browser.org/. There's a win32 version. I used to use it, back when I did a significant amount of browsing on that platform.
-- $SIGNATURE
Overall, in terms of smoothness and trouble-free browsing, Internet Explorer is the best option there is. Having to switch to Mozilla or Opera is just painful.
(BTW, the proper name of the browser is "Internet Explorer." "Explorer" is the name of the Windows file manager.)
Where in the article did the BBC say "Avoid Explorer"?
The BBC was just quoting some guy, "Andrew Clover, who runs a site that tests your computer for installed spy- and adware..."
Who's Andrew Clover? The voice of the BBC?
If you guys want to make Microsoft look bad don't act so desperate. Blatant misquotes make you look fanatical, stupid and untrustworthy. I was going to send this headline to a couple MS devotees I know -- now I just hope they don't find it themselves.
News for Nerds... What a joke. Other than your sci-tech links, most of this is Propaganda for Whiny Little Babies.
"Mommie!!! Billy Gates keeps picking on me!!!"
Maynard
heh, that's funny...a slashcommie comparing microsoft to russia...
feh..
but there really is no reason to be using a 5-6 year old browser with substandard (to put it mildly) CSS support.
I use NS4.79 at work because thats the only browser we are allowed to have. The company chose not to upgrade to NS6 when it came out as it was buggy - looks like we are now moving to IE!
Take a look as the google zeitgeist page NS4 is still a small though significant proportion of their hits.
"I deny nothing, but doubt everything." Lord Byron
DavinciII's comment is modded insightful, but, as others have pointed out, he uses bogus statistics to make his case. This is so wrong.
He cheats his clients and he cheats his clients' potential customers.
Look at the stats from Upsdell's Browser News. He compares several sources, and it is a stretch to say MSIE commands 95% of the browser market, especially if one excludes older versions. Even an estimate of 90% for IE 5 and above would be discounting reliable evidence to the contrary. And that's not even accounting for the way text mode browsers are systematically undercounted.
If davinciII were honest, he would tell his employers something like
$50k for between 88% and 95% of users
$100k for any w3c standards-compliant browser, or just about anybody
But really, what are the real numbers? How many people are 4% of internet users? or 7%? or 10%? Right now that's about 25 million, 45 million and 62 million, respectively. Are those numbers that matter to davinciII's clients? I should think so, but davinciII's arguments are more insidious. He suggests that people not using the latest offerings from MSIE are using old technology. The implication is that they are poor and will not buy anything. They represent "junk traffic," and excluding them from the clients' websites is being touted as an added value.
Ick.
Considering the BBCs site doesn't or didn't display right in Netscape how can they recommend avoiding IE?
They didn't - they just quoted someone else saying it.
"I deny nothing, but doubt everything." Lord Byron
Given that IE is part of the corporate desktop build of the whole of the BBC I find the impllied advocation of IE is bad lacking, though we all know its true. Also a good proxy config and firewall and registry settings makes for a good stable productive product - like all software the devil is in the detail.
Internet Explorer for Mac OS X (and Mac OS 9) doesn't suffer from the same problems as its Windows counterpart since it's not an "integrated" component of the OS; it's just an app. Doesn't mean it's not crap, sometimes.
Many Windows technologies that cause the vulnerabilities in IE/Windows are very limited or don't exist with IE/Mac. In particular, ActiveX control support is there, but appears mostly broken. Java support is strongest in this browser (it seems), but many Java pages don't render things properly since MS doesn't appear to tie their browser properly in OS X's strong Java implementation (1.3.1).
IE/Mac is just as annoying with pop-ups, but that's why I use OmniWeb, where I can disable JavaScript that generates pop-ups with one preference settings.
IE is still the most compatible browser, but only because many webmasters are drones to Microsoft's web tools--and shouldn't be. The pages they create work best--and in some cases, ONLY--with IE.
Vos teneo officium eram periculosus ut vos recipero is.
As many people have already stated, IE uses proprietary tags that are not part of the W3C standard. Mozilla simply doesn't want to promote MS's code or any other sh1tty code. If you're going to code a page, either code it right or don't bother bitching about how Mozilla doesn't support your fscked up code.
I wonder about the accuracy of those numbers. I run Linux at home, and a Windows/Linux mix at work, on about six machines, but all of them run Mozilla, which reports itself as IE6 on WinXP. Even the P133 with Win98 and IE4.x(?) because I spoof the user agent string with Proximitron. (Mainly because of idiot web designers like you're replying to.)
How accurate are these numbers really likely to be?
Tell me something i DON'T know!!
-D
... to say "all browsers have bugs! Therefore IE is no worse than other browsers!"
People seem to keep chanting that like a mantra. That's as stupid as saying "some old grannys are murderers, so young men are no more dangerous than old grannys!"
Once the warm feeling of tolerence and equality has worn off, you gain nothing. Oh well, all browsers are equally insecure, so I'll just use any old browser. Which is stupid; clearly IE is more insecure. It has more bugs and more security holes. Saying warm fuzzy sounding things gives you no tools for choosing which browser to use.
Joe Sixpack: "Hey! I've installed Redhat on my box"
LUG People: "Cool."
Sixpack: "I've found all these daemons running, and I hear that to secure my box I have to turn off any unneeded services. What does each daemon do, and which ones do I need?"
sound of crickets chirping...
Why is it most people confuse Internet with web? The www is simply one facet of the Internet even though most folks only use the www and email but even so, the dstinction still should be recognised or the Internet *will* stagnate as feared.
Resistance is futile. Reactance buggers it up.
I've had to work at the beeb before, and their NOC requires that you have a "proper" network login - meaning that you're subject to their SMS rules regardless of you being an outside contractor or not... first day there with my lovely shiny laptop full of OS goodness... NT4 Server, IE5, Netscape and Opera... prompt comes up to tell me that I'm running an illegal operating system and Browser - and tries to downgrade me to IE 4! The horror, the horror! Bearing in mind that we were demoing the latest build of our newsroom software to beeb execs (which did of course require them to upgrade to IE5!)
Actually, what I'd really like is a way to get rid of i.e. entirely
Nice.
So you'll basically never be able to update that box then?
Update your machines, people!
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
Unix have firewalls to prevent programs getting into the system.
Windows have firewalls to prevent programs getting out of the system.
Ciryon
try the lo-fi theme, my absolute favourite. extremely simple, but does the job
if (!signature) { throw std::runtime_error("No sig!"); }
This got me thinking... It should be quite easy to program a small process to query the system, get the names of the services you're running and then, with a cron job, visit predefined security sites, grep them for mentions of said services and warn you when a new vulnerability you may have is discovered (when a service you have running is mentioned on the front page of a site). Perhaps make an html page with links to the news articles that mention the service. There may be something out there that does this... I'll search for it, and if there isn't I will program something myself.
--
Overcaffeinated. Angry geeks.
I really like the skypilot theme. it just looks so good..
A Good Troll is better than a Bad Human.
The people making the decisions about browser usage in your company are not only seriously underqualified, but misinformed. How on earth would they choose NS 4.79 over IE 5.5 or greater, I don't know. Furthermore, now that Netscape 7/Mozilla 1.2 is out, you should be using one of those (or a derivative).
Netscape 4 is a dead technology, and has been for 3 years.
"Politicians find new names for institutions which under old names have become odious to the people."
You made all the points I was going to make about your parent poster's (IMNSHO (not so humble)) misguided comment. I can't understand why your post isn't modded up +19 Insightful (except that I don't have mod points). One minor detail:
Coding for standards does not necessarily make your page work as intended in all browsers. There are various CSS properties that MSIE 5.x does not support, promptimg me to use some ugly hacks on my website to make it work with those (after I had asked a friend to make a screenshot for me, which made me find out that it didn't look right in his browser). According to the source you quote, 44% of users use IE 5.x, so there certainly is a point in testing with it.
Please correct me if I got my facts wrong.
I do not trust Microsoft to use Windows Update responsibly. Neither should you. They have a nasty habit of bundling critical security updates with invasive software such as the DRM system built into Media Player 9, and/or demanding the right to root access to your computer, such as the EULA in w2k sp3. Personally I think coercing people in this way should be against the law. Hell, it probably is. Not that that ever stops Microsoft.
Soon they'll kill off manual updates altogether to protect this channel into peoples' computers. Anyone who finds this as disagreeable as I do is encouraged to investigate linux. It has undergone massive improvements in the last couple of years and it rapidly becoming a viable alternative for most ordinary computer users.
With IE 3 that comes with NT4?
(yes, some companys still use and do fresh installs of thier retail NT4 licenses and have no plans to upgrade)
Very correct. Testing is always integral to getting it all right, but just like I mentioned earlier, it never has to be as hard as taking 2-3x the amount you'd normally take. You have a great point.
SNACKS ARE AWESOME
if only Netscape would remove the download link
I hoep they don't. My company is bidding on a contract that requires we are NS4.0 and IE4.0 compatible. It's be pretty hard to develop without being able to download it.
-no broken link
Due to the way user permissions are setup it can be quite possible that many of the exploits will not work on your system. Not to mention that if you have locked down you system, allowing only the services you need access to the internet and blocking any others, you need only be mindfull of security threats for the handfull of services that could be comprimised.
And you can take steps to ensure that even if a security flaw is exposed the service in question has as little chance of damaging the system as possible(eg not running with root permissions).
I agree with you completely. I'm not a commercial web designer and I have no intention of becoming one specifically for the reason that I don't like sacrificing good design for crappy products.
I have designed a couple of websites for voluntary organisations, though, and they both degrade nicely to Netscape 4. Although NS4 has horrendous CSS support, I found that one of the many NS4 bugs causes it to ignore style sheets if several different media are specified. eg.
<link rel="stylesheet" type="text/css" media="screen,print" href="stylesheet.css"A real problem with this article is that is says "avoid IE" but doesn't give an alternative. I know to use Mozilla (and am in fact doing so right now), but many people reading this article are going to wonder what the alternatives are (of course many people are going to think they are ok because they use "Windows" to access the internet, and "not IE, whatever that is"). Without presenting the safer alternatives, most people who read this are going to go "oh well, I'm not going to stop going to eBay, so I'm going to have to continue using IE".
-no broken link
besides the obvious and very effective ability to block unrequested windows, you can add your own css to all the pages you view.
u bleclick."] *,
[ width="468"][height="60"]," 600"] /* i find this a bit much, but someone might like it.
8 "]:hover,d th="120"][height="600"]:hover
l ay: none !important;
/home/john/.mozilla/default/9zo2x54t.slt/chrome
:)
This is great as it allows you to make a banner add blocker.
This is what i use(i didn't come up with it but i can't remember who did so i can't give them credit for it, even though they deserve some):
create a txt file call it userContent.css
add the following to it:
[src*="ads."], [src*="ads/"],
[src*="doubleclick"],
[href*="do
[href*="rd.yahoo.com"] [src*="yimg.com"],
[width="60"][height="468"],
[width="120"][height=
{
-moz-outline: medium dotted red;
-moz-opacity: 10%;
}
[src*="ads."]:hover, [src*="ads/"]:hover,
[src*="doubleclick"]:hover,
[href*=".doubleclick."] *:hover,
[href*="rd.yahoo.com"] [src*="yimg.com"]:hover,
[width="60"][height="46
[width="468"][height="60"]:hover,
[wi
{
-moz-outline: medium dashed red;
-moz-opacity: 100%;
}
*/
[type="application/x-shockwave-flash"]
{
disp
}
Ok this should make your browsing more enjoyable.
place the userContent.css into you user chrome directory.
for linux it will be in your home directory, on my system(obviously yours will vary for the username etc..)
for windows(sucks to be you
It will be in your windows\profiles\i_forget_the_path\chrome directory.
It's incredibly popular because of windows. It's the leader on the mac because it's the leader on windows, which is what the majority of web surfers use.
Yes, people who want to exploit things target the most popular platforms.
It helps to realise that looking at things in a purely technical sense is quite meaningless in reality.
Even if Outlook & Outlook Express have the same number of security problems as less popular mail clients, that doesn't change the fact that there is far less risk in using something less popular.
IE is a risk. Using Opera instead, FOR NOW, negates a lot of that risk. IF everyone used Opera, yeah, we'd be in the same boat... but we aren't.
As a web programmer I support both IE and Mozilla, and try to avoid stuff that won't work on either of them (or at least degrade gracefully). I don't support N6 directly because what works on Mozilla *should* work on N6 giving that they use the same engine (Geeko). I surely don't support N4 anymore, it's greetly outdated, if you use that don't complain my sites don't work. Mozilla being complient a lot I assume my sites should be compatible with all compliant browsers (IE is not compliant but should display compliant sites ok). And giving that I write all HTML by hand (sure I started with Front Page when I was a beginner like everyone else, but used it for like 3-4 months before I started to write HTML by hand) I know what I am doing, I know what is standard complient and what is not, and I know what non-complient features are safe enough to be used.
Please get Flash working the same on both IE and Mozilla and I will be happy... for the rest make your site compliant and I will visit it. I just hate IE enough to not launched it unless I *really* want to view the site.
There *is* a difference. ALT tags are a boon to making websites ready for Lynx and text-only browsers for the disabled. So if you have a graphic button that says "Home", consider these two variants:
<img src="home.png" width="100" height="20" border="0" alt="This button takes you to the homepage">
and
<img src="home.png" width="100" height="20" border="0" alt="Home">
and
<img src="home.png" width="100" height="20" border="0" alt="Home" title="This button takes you to the homepage">
The first tag (which is what you suggest) would be a little awkward in a text browser, since "This button takes you to the homepage" would show up (when "Home" would do).
The second would look idiotic in Mozilla, since the tooltip would just say "Home" (well, duh), but it would work in Lynx and other text browsers.
The third is ideal, because everyone gets what they need -- Mozilla's tooltip would say "This button takes you to the homepage", but the text browsers see just "Home".
Cheers,
Ethelred
Everyone wants to be Ethelred. Even I want to be Ethelred.
Not on 0.4 on Windows2K they don't.
Works fine in Mozilla, doesn't work at all in Phoenix.
Found it - the Tabbrowser Extensions is screwing with it. Removed that and requested popups work fine.
Too bad, I liked that extension...
Opera is just as fanatical about the title attribute as Mozilla.;)
Is this a sigs-optional kind of place? 'Cause I am totally down with that if you know what I mean.
1. IP
:)
You have established a connection, so they sure have an IP where they can send the data back to you. Don't understand why some people reported they had no IP here.
Use a firewall. Or like me use a router so that the IP is not pointed to your computer but to the router.
2. Cookies
Nothing for me. I admit there was a whole about that in old version of IE, but no more.
3. Clipboard
I admit this one is freaking. I'm not sure it it's just displayed or if they can get that data. Never heard of such a 'bug' before.
Doesn't seem to be possible with other browsers since it doesn't even attempt to get the clipboard data with Mozilla.
4. Hacks and exploits
That is why I don't use IE
5. Browser and OS
I don't really care about people knowing what browser or OS I am using... should I ?
6. Geographical location
It's based on my host addresse. For example for me it said Montreal, Quebec, Canada, and now look at my host:
HSE-Montreal-ppp140008.sympatico.ca
I don't live in Montreal, I live about 90 minutes from there.
7. Network
That isn't my network, it's a traceroute. Nothing alarming. In my case it stopped after the first 16 hops (the remaining are ***) so can't tell what they would have found. However I am pretty sure that the best they can go is up to my router, which is actually the device with the IP. Everything behind my router, from the Net, is seen as a single machine, there is no way to tell there are 3 machines connected on the network. How you can see is a really good firewall.
Conclusion (my opinion):
Those test suck, they are there to affray beginners and get them to buy their product.
That's a known bug which appeared in the Windows version.
o zilla1.2b/#brows er
d =171441
Workaround:
Delete the file \components\compreg.dat
Information:
http://www.mozilla.org/releases/m
(scroll down to Download problems)
Bug page:
http://bugzilla.mozilla.org/show_bug.cgi?i
Hope this helps
If you can't download fixes in a package form from your vendor and run them at your discretion then your vendor is fucking you in the ass sans lubricant and you are a fucking moron to do any business with them.
Oh, I forgot you are a Windows advocate -- none of this will make sense to you. Forget I mentioned it.
They didn't choose it over IE5.5 - we went with NS4.79 about 3 years ago and just haven't upgraded for a variety of reasons. Like I said we are going to IE in the next few months.
I had no involvement in either decision. I work in a UK goverment agency and I think you would be surprised how difficult it is to get burecracies like this to keep up with technology - we are still on Word 6.0!
"I deny nothing, but doubt everything." Lord Byron
So use Opera, and have it tell your bank that you're using 'IE'. Surely there's an option to do something similar in Moz?
If not, why not? Clearly you've got to be able to get past these rejects who think 'Mozilla' couldn't possibly render their shitty site.
hahahaha, geeko.
That's gecko (you misspelled it twice, so maybe you have a reading or memory disorder...)
I have a weird problem with Mozilla on my home machine that no one has been able to give me a reason for. I've installed and uninstalled it a few times just to make sure nothing broke during the install (everything looked smooth) and whenever I start Mozilla or Mozilla mail half of the buttoms are blurred over, the address bar is a bunch of rainbow colored lines, the screen for it doesn't redraw properly... It's crazy broken.
Other browsers work ok (Except that with Opera all of the text is broken, odd sizing that doesn't work on most websites and continually breaks things) and Mozilla mail has the same set of problems as the browser. It works fine on my box at work which is the exact same OS configuration (RH 8.0 fully patched) so I can't figure out WHY mozilla won't run properly... Sigh, maybe I can upgrade when a new version comes out...
Kintanon
Check out JoshJitsu.info for Brazilian Ji
And I pick a competent web designer, which clearly excludes you.
To code for other browsers as well would take at least 2-3 times as long.
What a load of crap! I can only hope that making such an idiotic claim leads you to a job more suited to your talents, such as one that involves asking your clients, "would you like fries with that?"
The problem with Windows isn't single-user mode, it's the fact that it's vastly over-spec'd and everything is on by default.
If e-mail readers just read text messages and let you write them back, and web browsers just displayed HTML instead of automagically downloading and installing stuff, and you didn't default to running with any TCP/IP port you like available, and so on, then any single-user OS could still be secure.
The problem is the way power has spread without adequate control. They invented ActiveX, based it around a non-secure model, and then let web browsers use it, instead of just rendering HTML. Then they made the e-mail client accept HTML mails, using the same rendering engine, so now someone just has to send you a mail, rather than you actively visiting a site. They gave the e-mail client a preview pane, and switched it on by default, so now the software has a chance to do its damage not only if I actively do something like visit a particular web site, but even if I fail to actively switch it off.
The same story happens all over the place in Windows, and is behind nearly major security cock-up out of Redmond in the last several years. You'd think they'd have learned, but then they'd have had to unbundle IE.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
You are a liar. I dare you to post a link to your company and three websites you have worked on. Waiting...
We respectfully disagree.
Love and hugs,
Steve and Bill.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
The only updates that ever seemed to show up there were IE or Windows Media Player updates. Granted, they've started showing device driver updates and such, but it's still marginal at best.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
I've never used IE. I had always used Netscape until I started using Mozilla around M18. I've also only on rare occasions seen something that didn't work right, and it was usually something stupid anyways.
--
"Karma can only be portioned out by the cosmos." - Homer Simpson [1F10]
Keeping up with the Jones is using your cellphone to browse the web.
Keeping up with the Jones is using you in-car audio browser to listen to the web.
Keeping up with the Jones is using your new IBM monitor with 10,000 x 8,000 pixel resolution to view the web.
Keeping up with the Jones is using browsers like Mozilla and Opera that have a better feature set than IE.
Writing web pages that work only on a narrow set of user conditions is not keeping up with the Jones - it's floundering along on the trailing edge.
Mozilla and Linux are open source and built by the common man. I believe even Jesus would use line and mozilla.
www.webassociates.com
They crashed Mozilla on my Mac (OS X). The irony is that they're a web hosting and web design company, and their corporate website is evil incarnate.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
I've never ran accross a site that "forced" its software on me. I've ran accross "gator" a few times which tries to install without my permission, but I still have to hit OK. This article has a hint of FUD.
There are two examples that come to mind, although I cannot remember their URLs (so I'm hoping someone else will follow me up). One installs software that adds special effects to your cursor. It runs as a daemon and you can see an icon for it in your tray. It appears in the Add/Removes Program dialogue, but it is a hassle ot remove nonetheless. Another similar piece of software adds skins to Internet Explorer itself (Slashdot has even carried ads for this very product). Both install automatically and without any user interaction (although you may get a trust message for the first of these). This, by the way, is with default security settings in IE.
IE is horribly fully of security holes, even to the point where some (stupid) companies offer products that depend on them! They can do this because they know Microsoft cannot patch these wholes without horribly crippling Internet Explorer (without ActiveX, it's nothing -- and even then, it's still stupid).
Let's face it, there is always going to be some security holes in the most popular and widely used browser. Even if that browser ever becomes Mozilla
These types of security holes are not possible. Mozilla has no more priveledges than the user herself. The typical user logged into most any box cannot, without exploiting some vulnerability in the operating system, run a piece of software that trashes the entire disk, and have the operation completed successfully. Why? Because the user and the software the user runs do not have the same privs as the operating system. Mozilla runs 100% in user-space. It is not part of the operating system and it is not trusted by the operating system. Internet Explorer on the otherhand, is part of the operating system, ergo is fully trusted.
If you find an exploit in Mozilla, you can only harm the user's data. If you find an exploit in Internet Explorer, you can delete the hard disk. Big difference.
(which I doubt will happen any time soon- I run Mozilla but speed wise it just doesn't compare with IE).
You were making accusations of FUD?
Why bother.
But, many others hypertext protocol implementators missed a big feature to add. The right step is to put all hypertext activity received into, at least, one account seperate from the user account. That account, the remote-site account, is denied access to read and write privledges to the hard drive; and, the user account still has the convience to access the hard drive. The remote-site account has the feature of a virtual sandbox on the local computer. The process of user account uses interprocess communication to the process of the remote-site account for interaction. That type of setup seperates the need for the process of the user account, that may have more access rights, to compute remote requests that need access supervision. That kind of setup is easy to implement on the systems like UNIX; yet, Microsoft Windows has not had an easy way to dynamically allocate seperate process accounts.
In otherwords, it is not the fault of the webdesigners that want more features. It is not the fault of the systems implementators that have added dynamic access to multiple process accounts. It is a features that is not fully implemented. Either, they, whom say "avoid", can avoid computer systems until the systems implementators and software designers finally get dynamic multiple process accounts to work; or, they can ask for priority of that feature implementation.
I have seen various types of malware that may not cause damage other files but they can stop IE from working properly (lots of crashes). The trouble is that spyware from company A may not work correctly if spyware from company B is present. Both probably have to close a relationship with IE so changes there can cause problems.
If you quoted me those costs for guranteeing compliance with standards, I will hire somebody else. If you are making a living as a web designer count yourslef lucky, you don't deserve your salary.
If you would put those patently untrue stats I will fire you for lying to me.
Finally smart boy, what is your excuse going to be when AOL switches to a gecko based browser, when corporate clients now evaluating Linux move to it in the desktop and can't access your site with Mozilla or when your employer gets the bad press they deserve if browsers favored by visualy impared people crash in your site?
IANAL but write like a drunk one.
Anyway, if it haven't dawned to you already, MS product == POS and that's official. Defending them won't do any good, it only generates flames, hate and wastes everyone's time. We here at slashdot concentrate on bashing MS and that's fun, belive it or not, until along comes trolls like you acting like they'd really really just love all things MS! OR if you're for real, MSN is more appropriate place for your rants, go there, shoo shoo!
Preserve old classics: copy your collection onto all hard drives.
A friend recently had her computer die suddenly. She also has a laptop (much newer than the desktop).
...
I looked the desktop over and I think the power supply is dead, but didn't have a spare. I suggested to her that I could set the laptop up in place of the desktop and then she could get the desktop fixed at her convinience instead of "in a rush" (her desktop was her main machine).
After spending a few minutes setting up her docking station, plugging in the monitor, printer and scanner, she two things:
"wow! Its like having my desktop without my desktop" which was of course the idea and I was glad she saw it. And
"Now all I need to do is install Gator" which just made me cringe.
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
works fine on moz 1.2
The world is your exercise-book, the pages on which you do your sums.
It is not reality, although you can express reality there if you wish.
You are also free to write nonsense, or lies, or to tear the pages.
-- Messiah's Handbook : Reminders for the Advanced Soul
- this post brought to you by the Automated Last Post Generator...