Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Gov't Says "No Evidence" IE Is Less Secure

Posted by timothy on from the maxwell-smart-elocution dept.

aliebrah writes "Lord Avebury tabled a parliamentary question in the UK regarding the security of Internet Explorer and whether the UK government would reconsider its use. He got an answer from the UK Home Office that's unlikely to please most Slashdot readers. The UK government contends that 'there is no evidence that moving from the latest fully patched versions of Internet Explorer to other browsers will make users more secure.'"

4 of 342 comments (clear)

  1. Lord Avebury..... by oldmeddler · · Score: 0, Troll

    ... is an idiot.

  2. Re:Probably true, even. by Malc · · Score: 0, Troll

    Of course, with its backwards monolithic architecture that has been so popular for almost two decades with Netscape and then Mozilla, it's now become almost unusable. I have to restart it every half day or so because its memory footprint creeps up to 1.5GB on all my computers (Windows and OS X), from 230MB when restarted. As soon as Chrome + Xmarks is available on my Mac, I'll be saying goodbye to FF.

  3. Re:Probably true, even. by GIL_Dude · · Score: 0, Troll

    Actually no - in the plugin space like Flash and PDF IE is superior due to its model of running different zones in different access levels. For example the "Internet Zone" runs with less privilege than a "standard user" account and cannot write to the file system outside of Temporary Internet Files and cannot write to the registry outside of a specific non-trusted area. This is with IE already running as standard user - even if the user is running as administrator. You can read up on it here http://msdn.microsoft.com/en-us/library/bb250462(VS.85).aspx. For well controlled (corporate) systems, users cannot willy-nilly add sites to the "Trusted Sites" zone which would enable those plugins to now run as standard user (basically move from the low integrity level to the medium level). Home users, of course, can often be tricked into raising the security level of a site - making integrity levels less effective in helping to prevent successful exploit, but even here it prevents most original "drive bys" and requires the user to take an action (indicating trust of the site) before anything bad could happen. Remember that most of these exploits that folks have recently been seeing a lot in the press are IE6 / Windows XP only. With Windows XP of course the whole integrity level and running sites as lower than standard user doesn't exist.

  4. Re:Probably true, even. by drsmithy · · Score: 0, Troll

    Proof of even one flaw due directly to unique ties between IE and the Windows OS is proof that it is less secure because the others do not have those ties.

    What are these "unique ties" ?