Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE7 Toolbar Mayhem

Posted by ryuzaki0 on from the bad-ideas-are-fun dept.

nikostheater writes "A user called anyweb tried to infect IE7 with as many toolbars as possible and it's interesting to see what happens and how secure IE7 is.." This is funny if only for the screenshot of a browser window with like 80% of the screen covered with toolbars.

17 of 296 comments (clear)

  1. Is it really an infection if... by Anonymous Coward · · Score: 5, Insightful

    You go to the website, and click multiple times to install something on purpose? Sometimes even downloading and running something? I'm not an IE apologist, or even an IE users, but it seems like infection is a bit strong.

    1. Re:Is it really an infection if... by Omnifarious · · Score: 5, Insightful

      It's only FUD to people who decide what it says based on their own biases and an unwillingness to read the article. I clicked through to the article, and even though it renders very badly on my browser for some reason, the parts I could read told me the IE was getting a lot better.

      Someone clicking 'yes' to everything is not that far off from a typical user's behavior. Most people have no idea what any of that stuff means and not much of a desire to learn. They just want the computer to do what they think they told it to.

      --
      Need a Python, C++, Unix, Linux develop
  2. Um... by jb.hl.com · · Score: 4, Insightful

    If you're actively trying to install lots and lots of toolbars on your own computer, which you have admin access too, there's a very large chance you're going to succeed.

    This is news?

    --
    By summer it was all gone...now shesmovedon. --
    1. Re:Um... by ziggyzig · · Score: 5, Insightful

      I think the better point is that at the end, even after screwing up IE 7 so badly, the author was able to remove all the toolbars with relative ease (save the Yahoo toolbar). The better question is why was the Yahoo toolbar allowed to stay? Can just anyone buy those rights?

    2. Re:Um... by meringuoid · · Score: 5, Insightful
      If you're actively trying to install lots and lots of toolbars on your own computer, which you have admin access too, there's a very large chance you're going to succeed. This is news?

      He got repeatedly warned about what he was doing, had to click through an awful lot of 'Yes, I'm sure'-type dialogue boxes to do it, and at the end was able to wipe out pretty much all of the toolbars very easily.

      This is indeed news. It looks like Microsoft are actually getting something right this time!

      --
      Real Daleks don't climb stairs - they level the building.
    3. Re:Um... by antifoidulus · · Score: 5, Funny

      Yes, but that still isn't allowed to be stated in a slashdot summary... I mean think of the group think, won't someone PLEASE think of the groupthink!

      --
      Monstar L
    4. Re:Um... by alanjstr · · Score: 4, Insightful

      It isn't that IE let him install toolbars. Of course it will if you click yes. The good news is that IE makes it more difficult.

      The bad news is "once you accept ONE UAC prompt in IE7 it disables the protection for subsequent browsing until you completely restart IE7"

    5. Re:Um... by whoever57 · · Score: 5, Interesting
      I think the better point is that at the end, even after screwing up IE 7 so badly, the author was able to remove all the toolbars with relative ease (save the Yahoo toolbar
      This does look like MS has improved security in IE. IE7 made some of the installations sufficiently difficult that a naiive user would not be able to complete them.

      The real question is how long will this situation persist? Will spyware vendors find means to disable the security features of IE7, or will IE7 continue to be resistant?

      --
      The real "Libtards" are the Libertarians!
    6. Re:Um... by digidave · · Score: 5, Informative

      Windows and IE security may be getting better, but there are two glaring holes evident from this article.

      1. Vista Ultimate Edition's default user has administrative rights.

      2. If you choose to accept to install something from the web, IE7's protected mode turns off until you restart the program. This could leave you vulnerable if you install a legitimate program (Google toolbar) and continue to browse the web.

      --
      The global economy is a great thing until you feel it locally.
  3. Reminds me of... by celardore · · Score: 5, Funny

    The screenshot reminds me of my mother or my sisters computer every time I go over there. They're always ending up with crap like "mycoolsearch", I did an adaware search and got something like 600 items the first time I tried it. I got fed up, and installed firefox and made IE less obvious on the computers.

    I go back two weeks later, and now firefox has a mycoolsearch toolbar! Arrg.

  4. SlashDotted by Anonymous Coward · · Score: 5, Informative

    Mirror

  5. Re:Security? by nine-times · · Score: 4, Insightful

    You're right to criticize. On the other hand, hitting "yes/allow/next/install no matter what it says" sounds like an accurate approximation of what 90% of users will do. So I guess it still asks the question, if "increased security" means that there are a couple more pop-ups that I have to click "yes" on, how effective will that "increased security" be?

  6. Re:"Failing by design" Is Proper? by the.Ceph · · Score: 5, Insightful

    Now we just aren't being reasonable. If Microsoft didn't allow people to install these things every post here would be calling it anticompetitive and complain about how they don't give the user choices. I'm pretty sure I could make a "Log all credit card numbers and email them to me" extension for Firefox and if someone really wanted to install it I bet it would let them.

    The fact of the matter is it isn't always obvious if something is going to break functionality, making a user aware that it might and giving them the choice is IMHO better than telling them they can only run signed software on their computer.

  7. The world is going to end! by Jon.Laslow · · Score: 5, Funny

    Holy crap! I never thought I'd see the day when nearly all of the posts in a thread about a Microsoft product would be *defensive*! Time to clean out the fallout shelter!

  8. Mirror. by Janek+Kozicki · · Score: 4, Informative

    Ok, I managed to wget the final screenshot, enjoy: http://cosurgi.googlepages.com/iemess2.jpg

    --
    #
    #\ @ ? Colonize Mars
    #
  9. Re:Missed point ... by jalefkowit · · Score: 4, Insightful
    the point that was COMPLETELY MISSED that was in the article, was that the "IE Reset" function actually worked, sans Yahoo.

    If Yahoo has already figured out a way to defeat the "IE Reset" function, isn't it logical to expect that within a year of IE7/Vista's release, this knowledge will be common to all spyware/malware authors?

    A function like "reset browser settings" either works, or it doesn't. There is no middle ground. If there is a way to get it to do anything other than roll back all changes, it doesn't work.

    --

    Read my blog.

  10. Restore to default state by HalAtWork · · Score: 4, Insightful

    I think it's useful as it shows whether or not IE7 can be restored to a default state after you hose your system with a bunch of crap. A typical IE7 situation may not be like this, but for admins and those repairing PCs, or even if -- heaven forbid -- IE7 has a flaw that is taken advantage of by spyware, if a user can restore it to full functionality.

    --
    Twinstiq, game news