Slashdot Mirror
Penn State Tells Students To Ditch IE
Hoyceman writes "About 80,000 students and staff are being told to use an alternate browser. The Penn State ITS department sent the alert 'because the threats are real and alternatives exist to mitigate Web browser vulnerabilities.' InformationWeek is carrying the story."
The students finally get an education.
Why UNIX?
AC karma whore post:
Penn State Tells 80,000 Students To Chuck IE Dec. 10, 2004
A public university with an enrollment of over 80,000 puts the kibosh on Microsoft's Internet Explorer.
A public university with an enrollment of over 80,000 put the kibosh this week on Microsoft's Internet Explorer, and urged its students to switch to alternative browsers such as Firefox, Mozilla, Opera, or Safari.
Penn State University on Wednesday issued an alert to students and staff recommending that they dump IE and use a different browser.
The university's Information Technology Services (ITS) gave the advice "because the threats are real and alternatives exist to mitigate Web browser vulnerabilities," ITS said in a statement. It cited the security problems in IE that have been the focus of both media reports and recommendations from such organizations as the US-CERT, the federally-funded computer response team housed at Carnegie Mellon University.
"The University computing community [should] use standards-based Web browsers other than Internet Explorer to help minimize exposure to attacks that occur through browser vulnerabilities," added ITS.
Penn State's advice is the latest negative news about Microsoft's popular browser. Security problems continue to plague IE -- some patched, some not -- while rivals like Firefox slowly nibble away at its still-dominating market share.
Will this ITS department support issues with other browsers. Each browser has its quirks, and work arounds for certain things. If they recommend using other browsers, they must be able to support them, especially if they run proxies.
Kudos to Penn State for not falling into the "it's built into the OS so we'll use it as a standard!" trap.
Many Bothans died to bring you this sig.
At Brown we get a CD with all the latest security patches and a copy of Firefox every year. Prevents trouble, methinks.
Since when has this country used intellectual elite as a pejorative term?
Looks like IE get burned by the very same 'feature' that allowed it to get 95% market share : integration with Windows and total access to stuff it shouldn't. Lesson learned, Microsoft?
But even without security, FireFox is just plain better. Tabbed browsing is huge, Bookmark toolbar, extensions, find-as-you-type (HUGE improvement over CTRL+F search)... Now I look at IE (the rare time I need to open it for windowsupdate) and it just feels...dirty.
Eureka Science News - automatically updated
At my college the first thing I did on every computer I touched was to install Firefox. I also put Winamp on a few open lab computers for listening to Internet radio while I worked.
Recently I became unable to login to my student account, with a message "Your account has been disabled, please speak to your network administrator."
Well I went and found my network administrator to ask about what was up. Apparently it is against school policy to install programs on their computers. This is totally understandable and reasonable, and I apologized. But he decided I needed to be chewed out and he had a killer fact that he just knew would crush me.
Looking me in the eyes he proceeded to tell me that due to me installing Firefox and Winamp on two of the open lab computers they no longer function and had to be totally reformatted. This man, who is in charge of keeping the school network secure, seriously thinks that Firefox and Winamp could possibly be the root of a computer's DEATH. I did not argue the matter no matter how ridiculous it is; I just wanted my account back.
How is it they let people become the network administrator for an entire technical college, a college that hands out degrees in technical fields, that are just that ignorant. How can any competent network admin possibly think Firefox and Winamp are causing a computer to not boot?
So now under threat of permanently losing my student account I am forced to use IE. It is excruciating, because I am not the only person installing software on the open lab computers, just the only one knowledgeable enough to install useful non adware-infested programs. Just opening Internet Explorer results in about 3 minutes of closing popups.
--- "End Of Line" - MCP
6) They'll cut the price.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Although Penn State has issued this warning, it is far from true. All Penn State Computer Lab Machines have IE set as the default, and group policy is set such that you cannot switch even to the installed version of Firefox. In addition the Firefox user settings are stored in Application Data which has a 20 meg quota. This means whenever a user tries to log out after browsing, it refuses saying there is too much data. IE on the otherhand, gets cleaned of cookies and cache automatically so that when you log out there is never a problem with the quotas. If Penn State wants to actually get people to switch, they should do something about it on their own machines.
6) They'll donate to the school - either kiosk computers with just IE, some web system that only works with IE, or enough general funds for new computers or a Steven Ballmer Building so that they'll retract their statement or never do something like that again.
At this point, Microsoft needs to pay for market share and mindshare. IE can't compete at its current price (free/bundled), so they'll lower it.
You are dealing with a Windows admin. For many of them, the common reason for everything is that the problem is someone else's fault. That someone else being a combination of Microsoft, Firefox, Winamp, the computer's mood that day, some virus, "an act of God," or hackers that don't really exist. Don't take it personally.
Open Source Sushi
I'm sorry, but that is FUD. Opera will be the first browser to patch the latest, cross-browser, issue.
A fixed 7.54u1 is being distributed at this moment. See the Opera advisory.
And as far as solutions go: why expect perfect safety online, when we don't have it offline either? Software should improve, online systems should be more secure (it is stupid if money can change hands online only secured by a single login), and most people will smarten up in time. Perfection will not be reached.
MSIE has a track record of leaving critical holes open for a while, but most reported holes are not critical. And MSIE is much more informative about it issues than either Opera, which only recently started publishing advisories, and Firefox (what advisories?) Selling Firefox purely on the safety issue will come back to bite it in the long run.
If you don't like having choices made for you, you should start making your own. - Neal Stephenson
IT staff doing their job will both recommend the safest path as well as try to prevent damage. It's wonderful that the university took such steps, but to say that IE isn't the problem is very, very incorrect.
I see PCs all the time which have IE up to date as well as have up to date anti-virus software that are *still* plagued with problems. Why? IE vulnerabilities.
Even for a patched system, IE presents a vulnerability for computers that are used for "general" web surfing. Firefox is a perfectly valid recommendation, even for those with up-to-date systems.
They've recently been merged with/taken over by a larger college in a nearby town, and the surviving IT department is in the process of converting the site from
Common Sense doesn't always win.
Penn State's IT department is definitely NOT inept. I was there from 1999-2003 and I was always impressed with their implementations, policies, security, and interest in encouraging new technologies. Hell, all Computer Science grad students are given Apple Powerbooks with VirtualPC and Windows. Penn State was one of the first to give their students free Napster service in order to circumvent the RIAA bullshit. Even as a Mechanical Engineering student, I had access to Windows, Macs, Suns, and Linux boxes. I had FTP-able storage that I could access from Lab computers and from my apartment. They may not be the best, but from comparisons I've made between them and other Tier 1 schools that I've visited or attended, they are above average.
[insert lame joke here]
The CIO called a meeting on security, brought in all the CIO's and CS managers from the University branchess for the state, and among other things, we talked about what to do about the slew of problems with student machines.
I pointed out that students get zero education on computer security, and that if they really wanted to fix the problem, they would create a 1 credit required gen-ed course on personal computer security. Students would thus be required to learn how to keep junk off their desktops one hour a week for a semester (plus it would be an excuse to give remedial computer usage insruction to some of the freshmen that come from living-under-a-rock high school.)
That idea raised some eyebrows. They said "now, THAT's thinking out of the box." They diligently noted it in their notepads and pointless PDA gizmos.
And then, did absolutely nothing.
But that's about what I was expecting, that just because they had the wherewithal to recognize a good idea when they heard it, didn't mean they would remember it for more than a week. That's not how it works. If it doesn't reach crisis proportions, these types of people don't do crap about it.
Someone had to do it.
When I was in school, I remember using Netscape 3 to view webpages (after all, we were using Unix).
I'd rather say that universities are going back to their roots. IE was designed for home computers and the Joe User, not for universities.