Slashdot Mirror

← Back to Stories (view on slashdot.org)

German Government Advises Public To Stop Using IE

Posted by Soulskill on from the enough-is-enough dept.

An anonymous reader writes "After McAfee's disclosure of an IE 0-day vulnerability this week that had been used in Operation Aurora, the hack and stealing of data from Google, Adobe and about 3 dozen other major companies, the German government has advised the public to switch to alternative browsers (untranslated statement). Given that the exploit has now been made public and the patch from Microsoft is still nowhere to be seen, how long will it be before other governments follow suit?"

15 of 320 comments (clear)

  1. Yeah sure by SmallFurryCreature · · Score: 5, Informative

    It could happen to any browser to have the same security flaw in 3 different versions DESPITE claimed complete rewrites of the code.

    MS apologists, you got to admire their dedication. The Iraqi minister of information used windows as well.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

    1. Re:Yeah sure by Maxo-Texas · · Score: 3, Informative

      He's probably thinking of articles like this:
      http://www.itwriting.com/blog/541-mshtml-layout-engine-completely-rewritten-for-internet-explorer-8.html

      Interesting article here: http://www.joelonsoftware.com/articles/fog0000000069.html

      "[netscape killed themselves by rewriting]
      Well, yes. They did. They did it by making the single worst strategic mistake that any software company can make:
      They decided to rewrite the code from scratch."

      Joel's argument is "code doesn't go bad. it is better to sand it and polish it because a given code base has already had a lot of bugs found and removed. writing a new codebase brings you back to bug rich code".

      --
      She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
  2. Re:To be fair to Microsoft by sakdoctor · · Score: 5, Informative

    Why be fair to Microsoft in this case? Bashing where bashing is due;
    IE is a highly dangerous lump of toxic/radioactive waste, with a half life of over 20 years.

    Microsoft did everything wrong. Wrote the piece of shit in the first place. Tightly integrated it into windows, for leveraging purposes. Didn't even try to keep on top of updates letting it stagnate.
    It will have a damaging effect on the web, web standards, and general computing, long after Microsoft drops support for any given version.

  3. It's not the "government" by kill-1 · · Score: 4, Informative

    It's a German federal agency, not the German government. And they warn users about IE every time there is a major unpatched security hole.

  4. Re:Shouldn't they be upgrading before complaining? by Anonymous Coward · · Score: 1, Informative

    "Our investigation has shown that Internet explorer is vulnerable on all of Microsoft's most recent operating system releases, including Windows 7."

    But Kurtz warned the vulnerability exists in all versions of IE except for IE 5.01, service pack 4, and that it would be possible for attackers to work around the protection.

    http://www.theregister.co.uk/2010/01/14/cyber_assault_followup/

  5. Re:To be fair to Microsoft by McGiraf · · Score: 4, Informative

    "Wrote the piece of shit in the first place"

    No, they bought/stole the Microsoft way from Spyglass.

    http://en.wikipedia.org/wiki/Spyglass,_Inc.

    (the link ends with a dot slashdot moves it after "[wikipedia.org]". bug! )

  6. Re:Right Decision? by amiga3D · · Score: 1, Informative

    You may be correct, I can't say since I haven't used Windoze for anything to do with the internet in a long time. I do wonder though, why don't they just patch the damn thing? I mean really. They know a lot of people are getting infected, don't they give a shit? Ah...my bad. This is Micro$oft we're talking about here.

  7. Re:A stinging lesson by maxume · · Score: 2, Informative

    Firefox gives you the option of disabling plugins without uninstalling them (as does IE8, those are the only 2 browsers I have installed).

    Adobe Reader also gives you the option of not loading pdfs in the browser (the browser simply prompts you to save the file).

    --
    Nerd rage is the funniest rage.
  8. Not the German Government by prefec2 · · Score: 3, Informative

    The "Bundesamt für Sicherheit in der Informationstechnik" (BSI), engl. Federal Bureau for Security in Information Technology, is not a governmental, but a state institution. It is not strictly driven by the government. And it is controlled by the parliament. Even though it works in the domain of the ministry of the interior. So no minister was involved in the "do not use IE" speech.

    BTW: IE has not the biggest market share in Germany.

  9. Re:Friends don't let friends.... by Anonymous Coward · · Score: 2, Informative

    Maybe the summary shouldn't have let out the most important word: temporary. Here a translation of the headlines:

    original:
    Kritische Sicherheitslücke im Internet Explorer
    BSI empfiehlt die vorübergehende Nutzung alternativer Browser

    translation:
    Critical securiy hole in Internet Explorer
    BSI recommends to temporarily use alternative browsers

  10. Re:Firefox doesn't even ship official MSI by Ysangkok · · Score: 2, Informative

    JFGI

    http://www.frontmotion.com/Firefox/

  11. Re:Not a bit late? It is like a spy platform alrea by Bert64 · · Score: 2, Informative

    The problem at least as far as PDF readers go, is that most users don't realise PDF is a standard and that there are multiple implementations... They think Adobe make the only pdf reader available.
    I would never install acrobat reader, the default pdf readers in macos and linux work much better, far less bloated, and there are plenty of alternatives available for other platforms too.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  12. Re:A stinging lesson by CyclistOne · · Score: 3, Informative

    This happened to a friend of mine. His system was totally hijacked. Couldn't run any .exe. I finally got into the registry and disabled the malware, and things were seemingly back to normal. But we re-imaged the machine and restored his backed-up data. It was a pain, but it didn't take that long. But it was a similar thing, I think. Firefox crashing - go try IE, and bang.

  13. Re:Mozilla is working on an MSI package by Culture20 · · Score: 2, Informative

    Mozilla is working on an MSI package. There's a bug in bugzilla for that. Vote for it and/or help with coding testing.

    You're funny.
    Bug 52052 was opened in 2000.
    Bug 231062 was opened in 2004 when 52052 was closed with "WONTFIX"
    Sure, there's been recent activity, but it's been TEN years. Until MSI becomes a blocker for 3.6 or 3.7, they'll drop it for the new shiny like they've always done.

  14. Re:Before anyone starts throwing stones... by ilguido · · Score: 3, Informative

    Mozilla Firefox 3.5.x: unpatched 0 of 6 Secunia advisories.

    MS Internet Explorer 8.x: unpatched 4 of 8 Secunia advisories.

    MS Internet Explorer 7.x: unpatched 11 of 42 Secunia advisories.

    Opera 10.x: unpatched 0 of 3 Secunia advisories.

    I can't see your point, are you trolling?