Slashdot Mirror
Get Rid of Internet Explorer - Browse Happy!
Matt writes "BrowseHappy not only tells us why IE is unsafe, but also provides "switcher" stories of people that stopped using IE and switched to a safer browser. This campaign is not so much against IE, but for the use of safer and more user-friendly browsers."
remove the horrible color scheme
Need I say more?
http://64.233.167.104/search?q=cache:eAw_5YZf-icJ: browsehappy.com/
The headline gives the impression that this is about how to actually rid windows of IE (Possible in 9x/me, but doesn't seem to be in 2k/xp). Sadly, in actuality it's just encouraging people to not use it.
Why is Internet Explorer unsafe?
See what people are saying about Internet Explorer, in the wake of its most recent security issues:
New York Times, In Search of a Browser That Banishes Clutter:
USA Today, Security risks swell for Microsofts Explorer:
The Inquirer, US Government warns against Internet Explorer:
Slate, Are the Browser Wars Back?:
The problem is that hackers continue to find and exploit security holes in Explorer
www.6502asm.com - Code 6502 assembly or.. DIE!!
I work for a decently sized bank data processing center. I know that our vendor we use for the core part of our applications and servers will only support Microsoft IE, mainly because they use a lot of .asp for their online compononents. A few banks have received word about the FCC declaring IE full of bugs, problems, and unsafe for most uses; these banks started asking about support for "other" browsers, and received word that there is no support planned anytime soon for any other browser other than IE.
YOU'RE WINNER !
Another lame blog
I got caught with a trojan while using Firefox with popup blocking enabled. I had switched to Firefox to prevent this exact occurence, and yet I still got nailed, even with a hardware firewall installed. Firefox is certainly not the 100% foolproof panacea most are touting it to be. Every day I'll get at least one popup (which doesn't get blocked) that has to be shut down via task manager and not clicked on for fear of it having a booby trapped 'close button' that really installs something.
If you don't like it, drop the "it." infront of slashdot.org instead of complaining in public.
I knwo for a fact we put my stepmom on Firefox and all of a sudden she quit getting spyware.
I wish we had a study showing how many microsoft programmers use Firefox.
http://www.theregister.com/2004/08/20/sp2_scriptin g_vuln/
Then install Firefox and the extension "Open link in IE". If the link doesn't display right, use the quick link and open it in IE. Then close IE, and keep moving in firefox. It is a shame that MS is trying to break the HTML standard. I even wrote a script to email a pre-written comment to the webmaster of a page the renders wrong in firefox. This wouldn't be an issue if it weren't for lazy authors and shortcuts.
Pornzilla!
No it's not against IE. It's against infiltration and popups, which IE happens to be synonymous with.
It must be something about my machine, but I find Firefox much more stable than IE. It also loads quicker, and renders quicker. I love tabs, programmable search bar, and the simplicity of its' extensions. No matter what features MS adds to IE, I won't switch back because I don't see them seperating the browser from the OS.
I write a lot of .asp, and I use both Mozilla and IE to check the code I write. Unless the person coding the ASP pages is an idiot, it doesn't make a diffrence, as everything is processed server side.
You run into problems because either a) the ASP coder uses vbscript for client side validation, and nothing but IE supports vbscript, or b) they don't bother to write cross-platform client side javascript code. I can't come down too hard when people don't do this, as the DOM differs from browser to browser.
The people responsable for this forking of the DOM need to be dragged nekkid across a cactus patch.
HA! I just wasted some of your bandwidth with a frivolous sig!
My biggest reason for switching is that IE seldom will increase the text size when commanded to. Mozzila always will increase the text size of a web page. I can't read the fine print on a lot of web sites.
Many a long talk since then I have had with the man in the moon; he had my confidence on the voyage. Joshua Slocum
You clearly have never used another browser.
I was like you about a year ago, I never wanted to try another browser, Opera was just for yuppies as far as I was concerned, oooh tabbed browsing, I couldn't see the point. Mouse gestures... well I still don't see the point. I didn't realy mind ads because I used a massive host file to block adservers, but this was still limited. I was constantly getting popups and requests to install plugins I knew I didn't want, in short the web was turning into crap.
Then I decided to try out phoenix, why not, everyone else here was using it. So I downloaded it and I have never looked back. Seriously with an adblock extension and a clean looking theme it was leaps and bounds ahead of Internet Explorer right there. People just don't have an understanding of how convenient it is to google something, go down the first page middle clicking and then have all the pages of interest loaded by the time your done. Browsing slashdot is exactly the same, where before I was opening around 20 windows to view the stories I was interested in, I now just go down the front page, middle click all the stories and read mores... and by the time I'm done the first one is loaded.
But there is just so much more, NO popups, google search. I know you can get google bar but that is a third party addon and sometimes it just doesnt gel. And then there is the type and find function, if for example your looking at a large page of links you can just start to type the text of the link and firefox will find it. Go to suprnova.org and click in the movies frame and start to type the name of the movie you want.
I don't think less of those who haven't used anything else but IE, but seriously you need to try it, you just can't begin to fathom how much the internet doesn't suck without all the crap that targets IE until you stop using it and try something better.
The only woe I have with firefox is that a recient Windows XP update has screwed up launching webpages from the run dialogue, firefox still works but windows pops up with an error annoying but not that bad. I believe Windows XP would be infinitly better if I could actualy get rid of IE for good, but until such a time I'll just ignore it and hope it goes away.
So what is this icon in the lower right corner that when I mouse over tells me "Update(s) available " mean? Well, it means Mozilla needs to get on the ball and fix it because I *am* running the latest version, but yes, that functionality is in there and is being fixed (hopefully) for the 1.0 (or sooner) release of Firefox.
Heh.. get yourself an account (if needed), login and switch to 'light' mode in your user preferences... you wont get bothered by colorschemes at all ;)
Firefox is very close to being prime time. The only bugs I found were using themes and upgrading to a newer version.
My bitch about Mozilla/Firefox is that both are memory hogs. Firefox is great with older computers in terms of loading time and cpu cycles but my computer will use hundreds of megs of ram when I do alot of browsing. After awhile I need to close all the windows and tabs and restart it to gain my memory back.
I also have 512 megs of ram so that should not be happening.
Firefox/Mozilla need to improve resource requirements before competing agaisnt the light IE.
http://saveie6.com/
Overrated, a matter of taste and preference, and in any case there are products that are IE-based that will give you that.
I hate the way IE handles downloads (seperate windows).
I guess you missed the Mozilla download manager then. And WTF is wrong with that? I usually want to do something with the thing I'm downloading.
I hate that when IE crases (every browser crashes), when I try to kill it, it'll take the taskbar with and all other file explorer with it.
Bullshit, IE crashing never takes down the shell. That's FUD.
I hate the way scrolling is handled. ("smooth scrolling" = parkinson like movement)
Turn it off.
Backspace = back in history is ANNOYING.
There are dozens of behaviors in Mozilla that I think are annoying. I just don't use them.
Writing a non url in the url bar goes to MSN.
Haven't seen that in ages. Probably because I turned it off.
And the list goes on...
Hasn't started would be my opinion.
Have you ever tried holding ctrl then scrolling the mouse-wheel up or down? That's the quickest way I know to increase/decrease font size, and it works in IE and FF for me.
you can choose the max amount of ram for mozilla firefox to use with browser.cache.memory.capacity
just goto about:config
I'm not so sure about that... I've had many problems with Firefox. They block port 1080 for some obscure reason based on a really old trojan that has absolutely nothing to do with Firefox, yet to get around this block, you have to make an obscure config file edit. I had to use IE to access a friend's server. There is also the bug where if you used .8 and upgraded to .9, clicking the "Add engines..." for the search toolbar does nothing. I had to manually go to the http://mycroft.mozdev.org/download.html site. It's not that bad for people who know what they are doing, but, when that feature is lacking, users can go straight back to IE and download their favourite toolbar and use it's dictionary, search, or whatever. (IE Does block popups now, along with things like, onmouseover and and a few other scripts)
Completely correct.
:)
However, some of ASP.Net's built-in features (like validators) don't work on non-ie browsers, simply because MS were to lazy to make things standards-compliant.
These problems can be worked around tho - drop in peter blum's validators, which have an identical API, but work in all browsers... very nice.
A bit off topic, can you reccommend any websites where I can learn how to do CSS properly? I'll admit I usually use lots of nested tables for things.... where can I learn how to do this with CSS
I think the problem with people giving up IE is that it is so integrated with the windows OS. When i had my mac there was the finder for files, and netscape for the internet. On windows, if i just want to casually hit up a web page, i can easily open a new explorer window and type in the address, as opposed to waiting for mozilla to load up(though mozilla has a much better web browsing environment). I think the layman feels the same way. I'd love for there to be a more efficient way to browse files so i could delete explorer from my computer altogether. Well, i'm sure there is, but i'd rather hold out until i get another mac:)
Slartibartfast:"Is that your robot?"
Marvin:"No, I'm mine."
How do I run it without Internet Explorer?
_________ Help me get a PSP!
When I first started experimenting with Firefox, I opened up tabs for each of the sites that I have open during the day, and compared the amount of memory used against Internet Explorer - Firefox won hands down. I could have all the sites normally open running in the same footprint that one or two copies of internet explorer used.
A fine is a tax you pay for doing wrong and a tax is a fine you pay for doing all right.
Apache is quite a different program than Windows or IE... In fact Apache can run on Windows, therefor invalidating your comparison.
And now to disolve the FUD. Apache will perform "silent" crashes, where a crash is detected and Apache re-loads itself from another process. These happen often and if the machine is fast enough you don't notice them. Pages running on Apache have also been defaced in many ways over the years.
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
"So you want windowsupdate to be broken for these people? It don't work with firefox, bub." It's not a native solution, but there's always the WindowsUpdate extension.
The roots of education are bitter, but the fruit is sweet.
--Aristotle
Yes, but do you know about Service Pack 2?
- Pop-up blocking
- Local machine lockdown
- Add-on Manager
- Information bar instead of Active-X installation dialogs
- a bunch of holes closed in Windows and its TCP/IP implementation
and more. Overall a significant improvement in security. A fair comparison of browsers should be with IE+SP2.
But Mozilla is still better, I'm addicted to tabbed browsing and the customizable search box.
Switch!
by Joe Barr
I was over at Tony's house for the big game when we needed to look something up online. As soon as he fired up his web browser I let out a laugh. 'Firefox? You use that?', I scoffed. He didn't seem to realize why this was a problem. I informed him of what a drain on resources it is, and asked why he'd want to waste his time searching through a pile of extensions to make it work. He thought it ran just fine for him, and I told him about all of the features of Opera he was missing out on. He said he didn't need the eMail or chat functions, and thought the other little niceties weren't worth switching for. Then I told him how much easier and more customizable the interface of Opera is. I installed it and showed him what I was talking about. His jaw dropped... litteraly. 'You mean I can do away with all the UI inconsistancies of Firefox?!', he asked. I told him not only that, he could make the interface like he wanted his browser to be. Before I could show him more of the cool stuff it offers, he had uninstalled FireFox. Good thing Opera has automatically imported his bookmarks.
(Posted as AC due to inevitable misinterpretation as troll)
My banking works fine with firefox.
The thing that changed me over from IE was a nasty trojen virus. For months I had been recieving emails telling me to login to validate my bank account at the "official" bank website (Westpac). I don't have a bank account with them, so I dismissed it as spam. One day Norton picked up a virus on my computer, the Norton virus definition had only been added two days prior and my weekly scan picked up this virus. It was a key logger that logged key strokes (acct/pwd) when the title of IE had a certain message in the title bar. It emailed these account/pw details off to somewhere where someone would be waiting...
I'm not real sure how I got the trojen, I'm usually very careful, but if I had been recieving these spam messages for months before Norton was on the case, then I guess the trojen had been in the wild for months as well... I'm just lucky my bank details haven't been compromised so far... passwords are all changed...
Does it go on forever?
Then most people could leave IE installed and blocked by their firewall.
What's wrong with the firewall rule "Process name in {explorer.exe|iexplore.exe} -> Allow connections only to *.microsoft.com and *.trendmicro.com"? (Trend Micro offers a free online virus scanner called HouseCall that works only on IE.)
1) Open edit, then preferences. Click on the privacy tab.
2) There's a plus sign next to history. Click on that. Change "Remember visited pages for the last 2 days" to something more like "Remember visited pages for the last 10 days."
3) ???
4) Profit!
I used group policies to force every user's web session through a filtering proxy server. The proxy drops pop-up windows, active X plugins, and nasty spyware and viruses. As far as I know, the only way to make IE secure, is to prevent the bad stuff from getting to it.
-ted
I think you're describing the same problem I had. I found a fix via Google that worked. Here's what I did (running XP):
Go to My Computer > Folder Options > File Types
Select URL:HyperText Transfer Protocol and click "Advanced"
Select "Actions: open" and click "Edit"
In the "DDE Message:" field you should see something like "%1",,-1,0,,,,
Delete all the text in the field and click "OK".
Repeat the above steps for the File Type "URL:HyperText Transfer Protocol with Security".
I think I read that unchecking the "Use DDE" box will work as well.
That is very interesting. To test your story, I created a new user account, 'Bogus' as only a member of the users group on my xpsp2 machine.
Using IE, I then went to yahoo.com and tried to install their toolbar. It told me that there was an error during installation and to click here to try again (clicking again didn't work).
I tried to install Google's toolbar; after a couple of warning dialogs (do you trust this file? it could be dangerous) it told me "You do not have sufficent access permissions to install the Google Toolbar onto this computer. Please log out, and log back in as an administrator. You can then install the toolbar."
Then I tried to install the gator wallet spyware thingy; it said "Setup cannot write to the registry. In order to install and run on Windows 2000 or XP, you must be a Standard User or an Administrator." Wrong. A standard user won't cut it.
So then I went to www.weatherbug.com. IE blocked a popup and a cookie (with an information screen telling me about what happened the first time). I then tried to install the program: it asked me my zipcode and then crashed while copying files telling me that it couldn't create some file in the \program files directory.
Maybe things have been beefed up since 2000? I created a similar account on a 2000sp3 computer. From IE, I tried to install the Yahoo and Google toolbars, Gator and Weatherbug. They all failed, giving me the same errors as XP did. The only thing different was that a popup from weatherbug.com got thru this time.
Do you have any other spyware/crapware/global programs for me to try?
Perhaps you misconfigured the accounts somehow or installed the junk yourself?
Don't get me wrong; I personally use Mozilla for the tabs and increased resilance.
IE may have its holes but the local security on NT doesn't. IE is just another user mode program; no hole in IE can cause the privledge escilation you describe.
If you are going to bash Windows, at least be fair.
Admins can deploy ZAP packages which can include settings, etc. You create them with a tool in the deployment utilities, as a component of RIS.
The ZAP packages may be published as GPOs the same way MSI's may, although I don't think they have the ability to be managed *after* the initial installation.
It's been a little while since I've done this so my knowledge is a bit rusty.
simply because MS were to lazy to make things standards-compliant
I suspect it has more to do with MS trying to force lock-in to Internet Explorer (and thus windows) than lazyness.
I am NaN
But until the risk increases (or manifests itself to me personally) or Mozilla/FireBird get easier to use from install to every-day usage, I ain't switching.
1) Run Ad-Aware and/or Spybot Search & Destroy -- you're probably already infected and don't know it.
2) Go to this site and download the latest version for your OS.
3) Find wherever you saved the file to, double click it & follow the prompts. Bam, installed.
4) Upgrade? Download new version, rename the mozilla folder to mozilla_old, install the new one, move any plug-ins from the old plug-in folder to the new one (when it says something about overwriting the one file that's in both, say 'no'), and delete the mozilla_old folder as soon as you know it all works.
It's nowhere near as hard as you might think. If you can manage WINS, you can move/delete a few files.
It's also better than having all the information on your computer exported to Nigeria, or having your PC used like a proxy while someone hacks into someplace important enough to get the Feds to knock on your door, or having your PC used to store child pornography. Don't laugh, both of these have actually happened to people; check the news...
Now then, if you need it personally demonstrated to you, I'm sure that I could find a few malware websites which are typosquatters, etc.
- ABM AMRO
- AIG
- American Express
- CapitolOne
- Charles Schwaab
- First Savings Bank of NJ
- GMAC
- PennStar
- Wachovia
- Wayne Bank
There's probably several more that I can't immediately remember. Perhaps it would be more accurate if you listed the banks that gave you trouble.--- A man with a briefcase can steal more money, than any man with a gun. [Don Henley]
Customize 2k before installing files and instuctions
Uninstall IE and OE, etc from a 2k machine that already has them
Customize Win2k, 2k3, XP before installing
Don't forget that you can get around some of those user's complains. For example the long load time of Mozilla (not so much of a problem with Firefox) can be sorted by installing with the "Keep loaded" option, where the bulk of the app is loaded at boot time, and only the window itself is rendered when you launch Mozilla. That is what IE does in order to appear to load up quickly (so if you don't use IE on Windows, you're losing the use of some RAM!). Secondly, you can disable the lizard logo with a command-line option, if your users don't like it!
I am fairly sure that ActiveX security is SO broken that IE is not only unsafe but irreparably so.
Actually, you can make a good generalization: Allowing a browser to execute downloaded code isn't safe. In particular, you should turn off any and all "scripting" in any browser.
It's true that ActiveX is worse than most. But none of them are safe.
Part of the problem with IE is that, in most releases, the controls for scripting don't seem to be accessible from the browser. They are system-level controls, and when you turn scripting off, lots of local things will fail. So IE users typically can't figure out how to turn off scripting (and it's different on different releases). If they do, they're punished by all the things in their system that stop working, so they turn the scripting back on.
It's poor engineering design. Most of the other browsers give a way that you can turn off scripting for the browser. Knowledgeable users do this, and turn it back on briefly for selected pages.
Well-engineered browsers will have all such execution of downloaded files disabled by default, and will make it easy to turn this one briefly and back off. IE does the opposite, making it more of a problem than others.
But it's a problem with all browsers (unless there are still some that don't do any sort of scripting).
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
I don't have a problem with scripting which is confined to the user interface. This is relatively safe, provided that you do impliment some anti-spoofing measures.
The larger issue is that we have to compare Java and ActiveX. Java in most browsers has MUCH better security, because Java is in a sandbox while ActiveX relies on the Evil Bit not being set, and if it is not set (i.e. if it is signed from a trusted source), it has full access to the system!
This means that if a version of a trusted activeX control (say, one from Microsoft) has a buffer overrun or some other exploit, I can force it to do all manner of bad things to the system. If such a problem is exploitable in Java, you upgrade the JVM to fix the problem. With ActiveX *there is no fix.* Sites can *always* force you to download the unsafe version and use it to break into your system. This is the difference between being insecure by implimentation (Java) and fundamentally secure (ActiveX).
LedgerSMB: Open source Accounting/ERP
Internet Explorer runs entirely in user mode, in the security context of the current user. The only way to get more privledges from there is to exploit a local vulnerability in the kernel or some privledged service. Any user mode program can make use of a local vuln; IE and ActiveX are not special. Many operating systems have had local vulns; Linux patched one involving mremap() not too long ago. The local vuln in the article you linked to has been fixed since NT4sp4; it isn't going to work on 2k or XP. Besides, all the problems listed either exist on UNIXes too or have been fixed for 5+ years.
Wells Fargo works fine for me.
Please don't humanize the morons around me. It makes me very uncomfortable.
I use and have used Mozilla with:
1) Citibank
2) US Bank
3) Washington Mutual
4) Direct Merchant's Bank
5) Bank of America
6) Fidelity
7) Ameritrade
8) Household Bank
I actually haven't come across one that hasn't worked yet. Actually, the Washington State Department of Licensing site was the only business-critical site that tried to lock me out!
LedgerSMB: Open source Accounting/ERP
I do not see the Bank of America on your list.
Well, with Windows XP you can completely remove access to Internet Explorer, except when using Windows Update. It's in the Add/Remove Windows Components dialog.
Not ASP, but if you use ASP.NET you might have problems.
If you rely on the HTML emitted by many built-in controls (and of course, many do, because that is a large part of the attraction to the tools), then you will often have that problem. It is not a fundamental problem with ASP.NET -- the default configuration of some tools often sniff for IE or Netscape, and do not know what to do with Mozilla/Firefox/Opera.
Other times, the controls will rely on document.all for not just DHTML, but form postbacks. document.all was IE 4/5's DOM, and it was rejected by the W3C, so Mozilla and the others do not support them. (Firefox might be adding this support, I am not sure.)
At any rate, there is nothing fundamentally wrong with ASP.NET that would prevent ASP.NET generated pages from working flawlessly in any browser -- like the original poster said, it all ends up as HTML. Unfortunately, the tools tend to generate that HTML along the above lines, which work best (tm) under IE and Netscape.
A developer with a good eye will be able to develop for any browser, but, sadly, too many people rely too heavily upon the tools to do the job. It is often not even a developer skillset issue -- when a certain tool lets you hit 96% of the market in 5 days, versus hitting 100% in 9 days, many businesses will tell their developers to take the 5 days. While that is the case, and while those tools default towards non-standard HTML, the problem will persist.
Gentlemen, start your tinfoil hats...
"and of course you wouldn't believe any that you did see."
:-/
Sorry. Mod me troll, someone.
Obscure Aquateenhungerforce references obviously don't count as funny.
In the free world the media isn't government run; the government is media run.
You can remove ACCESS to it.. you can't remove the program itself, it will still be there clogging up your disk and wasting your ram, and is likely to get invoked or embedded into third party programs so your still not safe from it's many flaws.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
You can still get that independence!
Use Firefox to build and align your bookmarks in the way you desire, and then export it to an HTML file.
Then, set the homepage of ALL of your browsers to that file!
Problem solved.
SCREW THE ADS! http://adblock.mozdev.org/ Proud user of teh Fox of Fire - Registered Linux User #289618
The Greek domain is filled with lame sites that work properly only with IE. As much as we want, we can't get rid of IE totally. :-(
Surely, you can say to this people "you are lame, I don't do business with you, I don't buy from you, I don't visit your site". But this decision here in Greece means forget web bankikg (all banks have lame web developers who never heard the word "mozilla") and some of the major news sites. Not even the olympic games site works as good as in IE (although it is not serioysly misrendered like other sites).
I am sure that this applies to other countries as well where linux users are a minority. Most companies consider the cost of testing (or even worse planning) their site to work with all browsers an effort not worthy...
Ah, but if you use the hack that I found in a /. discussion (see my journal for a writeup on it), it won't make it.slashdot.org into just plain slashdot.org - it'll make it hireadesigner.slashdot.org, which isn't valid, and therefore behaves as just plain /., but shows up in their logs.
The next release of Firefox will have under the Help menu:
Tell and Friend
and
Promote Firefox.
But there is nothing there yet.
Phillip