Microsoft Unveils Windows Phone 8

Did you note the prices of those phones? The cheapest is like $550!

 

Tiles in a phone.
Now Microsoft is all about colorful tiles . . .

 

I think that has been the going trend for a bit. Tiles - buttons - same difference.

 

Stunning phones and OS. So many nice new features.

 

Yeah, but can you make a phone call with them?

 

Well you can make Skype calls, and I do those more often than phone calls

 

Sorry but that accusation is totally bull crap. Doesn't even deserve media attention.

 

Microsoft seems to be hitting all the right buttons recently.

 

I prefer icons over the colorful tiles.

 

I agree, despite minor complaints from some old-fashioned nerds, cultists and cheerleaders of other companies.

 

People like me? Hahahaha

 

Not recently, but beginning in 2004 when MS bought Giant Anti-spyware (at the time, a leading anti-spyware program) re-branded it to Windows Defender and gave it away for free.

But it was because of the all the constant bashing by those biased "old-fashioned nerds, cultists and cheerleaders of other companies" - many of whom called themselves "professional journalists" - that continues to fuel the MS bashing. This in spite of the fact it was the badguys, and the anti-malware industry's failure to contain malware who put us in this security situation we are in today, not Microsoft.

These constant bashings, biases, and misinformation is why there are STILL so many Internet Explorer haters - even though for the past 3 years (since the release of Internet Explorer 8 ) IE has continually been rated the most secure browser out there while FF and Chrome continue to rack up the most newly discovered vulnerabilities. That's not me saying that, but the Department of Homeland Security's US-CERT Cyber Security Bulletin Vulnerability Summaries (which I recommend all concerned with security subscribe to). And Windows 7 is, by far, the most secure OS yet.

NO DOUBT, Microsoft's strong-armed marketing tactics of the past has hurt its image, but the fact remains, Microsoft makes quality and secure software.

 

I would use Internet Explorer if there was a NoScript-equivalent for it.

 

IE has NoScript functionality built in, it also has ad/tracking blocking built in, as well as anti malware/phishing built in... Come to think of it, the only thing they really need to build in now is HTTPS Everywhere!

 

Then start using it! As elapsed noted,

Well, it does not really have anti-malware built in - but the rest is true.

That said, the noscript issue is really a non-issue. If it really were a problem, the nearly 1/2 billion IE users would be infected as the vast majority never change the defaults. So that was just more marketing fluff and scare tactics by alternative browser fanatics, MS/IE bashers, and the biased IT media.

 

It's true that you could surf the web without NoScript and be perfectly fine. However, script-based attacks are a delivery vector for malware and I'd like to be protected against them. Plus -- and this is the biggest issue -- scripts annoy me to no end. There's nothing more annoying than loading up a page and being caught in a deluge of Web 2.0. So NoScript is very often a matter of convenience for me.

When you say that IE has NoScript functionality, what do you mean exactly? I know you can turn of all scripts. Is that what you mean?

 

It seems clear you are not familiar browsing with IE9, or with the advancements in security MS has taken with IE9 (and IE8 and now IE10). I suggest you read up on it before being critical of IE9's security. As noted, I suggest you subscribe to the US-CERTs bulletins mentioned earlier. See Ed Bott's IE9 vs Chrome, and NSS Labs Browser Security Reports.

Caught in a deluge of Web 2.0? Not here.

Bottom line - you cannot discount IE due to security.

Like using many things, it is all a matter of what you are used to, or familiar with that determines your perceptions. You can judge on the look and feel, but that's about it. If you are basing your impressions on older versions of IE, then you are stuck in the past and misinformed.

I have provided links to some major sources, but there is plenty more documentation out there on IE9 security and how it compares with other browsers. To be sure, any of the popular browsers are safe, IF the computer is otherwise kept current, protected with a suitable anti-malware solution and firewall, and the user avoids risky behavior - all the same things required regardless the browser of choice.

In other words, the user is still, was, and always will be the weakest link.

 

Due to its evolution, NoScript has become a strange amalgamation of features that can be used to protect against threats targeting the browser/platform, protect against various privacy threats, protect against various cross-site exploits, etc. I find it hard to believe base IE fully duplicates NoScript's functionality, which would include the likes of ABE, surrogates, and the HTTPS options.

I don't think I've ever seen a good comparison of browsers where 1) an appropriate set of addons were configured, and 2) all aspects of security/privacy were tested. That is, I think, something that users must estimate based on their knowledge of how the different available features work.

 

Bill, don't get me wrong: I'm not stuck in the past, believing that IE9/10 is as insecure and unstable as IE5. In fact, I would consider it to be one of the most secure browsers overall. Certainly more secure than Firefox, and on par with Chrome-based browsers.

However, I've really grown accustomed to NoScript. And not just for the granular control of scripts, but for ABE and XSS protection as TheWindBringeth points out.

If I could have some reasonably convenient granular script control in IE10, I'd move to it in a heartbeat. ABE and XSS protection would be nice too.

 

Well, if you read through the links I provided, I would say Google agrees with you - but not independent labs, respected IT journalists, or the US Government's Cybersecurity Team. That is NOT to say the others are insecure. I am not in any way saying that - nor are they.

Again, and please don't take this as any sort of personal affront, but it is clear you are not really familiar with IE9 and are stuck in the past. It takes time to get used to any browser if you have been using another. Note that NoScript is an add-on for Firefox. It is not an inherent feature of the browser. AdBlockIE is an add-on and it works great for blocking pop-ups, banner ads and whatnot. It and Speckie are the two add-ons for IE8/9 I recommend.

Note I am not defending IE because I think it is better. I am defending it here because you are suggesting, or appear to believe it is less safe or not as good because the add-on "NoScript" is not available for it. It is not less safe and while there is no version of NoScript available for IE, there are comparable IE programs.

I agree that is a problem for consumers. The problem is, to cover "all aspects of security/privacy" requires tremendous efforts and lots of resources ($$$, people, facilities, $$$, hardware, OS licenses, $$$, time). And did I mention lots of money?

That's EXACTLY why I posted to the US Govt. They have the resources. Most review sites have only the resources to focus on one or two areas of concern (and may not be staffed by a real, formally educated/trained/equipped security experts either.

And the other problem is biases - and the marketing behind them. It is common to see reviews that focus on the strengths of the sponsor's product. You can punch into Google and find reports saying just about any browser is the most secure. But full disclosures show they are not necessarily independent, and certainly do not cover all aspects of security, but just a "select" few.

It is generally accepted among security circles that Socially Engineered Methods of Malware Distribution are the most common, and effective. And so I recommend reviewing NSSLabs' reports because (1) they are independent and (2) they focus on protection from malware distributed via social engineering.

Note for last 3 years, IE8 and IE9 have blown away (like 95% vs 10% or less) Chrome and Firefox, but the most recent report shows Chrome has made HUGE advances in that area. That is interesting as Google initially (and for nearly 3 years) dismissed the findings - that is until the significance of social engineering became irrefutable. Sadly, FF, once touted (to the extreme in some cases) as the most secure, has fallen to last among the big 3.

If security is your main concern, and IMO security trumps all, you should be using IE9 (IE8 with XP), or at least the latest version of Chrome. If you use Chrome (or any alternative) as your default, remember to keep IE9 updated too.

Available features? What features? A browser has two jobs - display downloaded webpages safely and correctly, and upload user data safely and correctly. That's it. Any extra features are options, like navi or a moonroof on your next car.

Reviews of those extras are fine, but if I don't want a moonroof, I don't care if Ford's is better than Chevy's - as long as both cars work safely and correctly.

All the browsers have tabs, they all do good at crash recovery, they all have favorites, they all have good add-on support, and they are all pretty quick. Not one is the best in all areas, so frankly, I like the blue one - though green's my favorite color!

So I totally disagree with your comment, "appropriate set of addons". No browser should need ANY add-on to become secure. Nor should ANY add-on be added to test the security of any browser. Why? Because the vast majority of the 1 Billion Windows users out there don't mess with add-ons or changing default settings. So a browser needs to be secure right out the box. And that's how they should be tested too.

Who's going to determine what is an appropriate set of add-ons? You? Me?

Beyond all that soapboxing, the "weakest link" still needs to "practice safe computing" by keeping their systems patched, updated, scanned and blocked, and stay on this side of the tracks.

 

Bill: Granular control of scripts on a per-page basis is important to me. You said that IE has comparable addons to Firefox/Chrome. Is there something that compares to NoScript?

 

You are getting out of (or too deep for) my areas now. Add-ons are not my thing and I prefer to use as few as possible. From here, AdBlockIE compares to NoScript.

That said, I don't know what you mean by granular control on a per-page basis and add-ons. And my friend Bing Google is not helping, but not scaring me either.

IE prevents cross-scripting errors and potential malicious cross-scripting attempts, but as far as me choosing that on a per-page basis via an add-on, that is nothing I tried, or needed to do - so I don't know if there is an IE add-on for that.

But I can and have set the privacy settings for individual webpages, but that is a function of IE, not an add-on. And of course, granular control has been available via Group Policy for a long time and greatly enhanced (for the few that need those features) in IE8, and I believe more so in IE9.

But for me, and most users, I see no reason necessary for that level of involvement to keep any properly updated Windows XP SP3, Vista SP2, Windows 7 SP1 system protected. If the user is doing something extreme or risky, then it may be necessary. But again, that would not be "normal" and consequently not necessary for most users - that is, assuming FF is otherwise protected, and sadly - that may not be the case.

We have to remember the vast majority of Windows users in the world use Windows and IE in their default settings - with NO problems. If we spend much of our time in the trenches, it may seem like a bigger problem than it is. I think of the Honda mechanic who sees nothing but broken down Hondas all day. It is easy to see how he may think Hondas are lousy cars.

 

I think you made the assumption that I was knocking IE when I wasn't. I just like to do things a certain way.

Anyway, all major browsers let you disable scripts entirely or enable them entirely. NoScript (and its clones) disable scripts by default and place an icon in your browser that, when clicked, shows the source of the scripts used on that page and gives you an option to whitelist them. It's granular in that you can choose to whitelist some and not others, and per page in that each page has its own customized settings instead of a global on/off switch.

Adblock doesn't do the same job. It sort of does, and if there's adblock, it stands to reason that perhaps someone (possibly myself!) could add NoScript functionality.

Again, IE is a very secure browser and it's possible that NoScript is overkill. Regardless, I think having per page control of scripts is neat. I don't like the idea of letting every page I meet run whatever scripts they want to on my computer. Both for aesthetic reasons (I hate script heavy sites) and security reasons (scripting is one vector for malware.)

This wasn't designed to be some kind of "my browser is better than yours" internet war. I'd actually switch to IE10 in a heartbeat if I had a plugin that did what I want it to do.