Why don't people listen - Not to use IE?

Folks

This is really frustrating for me having spent so much time trying to educate others to keep their systems clean by not using IE when they don't have any idea about what malwares mean. Particularly my gf. I have explained to her so many times ...

You see I have been keeping my gf laptop malwares cleaned for such a long time now. Everything was fine until few days ago when her father started to use her laptop. I explained to her in the past, many times, that she could let her friends use her laptop for surfing the net so long as they used Firefox or Opera browser that I had installed for her. She has Win2K without firewall by the way as I had not installed one for her yet (I am still learnig about firewall rules and both of us are using Univ. network and firewall so just buying time until I get a decent firewall for her). So the last malware that infected her system was VX2 which messed up her system pretty badly but I managed to sort that out and her system was running very smoothly since ... until her father and friend started to use IE on her system...

Guess what ? Too late! When I found out they were using IE I immediately did a scan using Ad-aware, MSAS, Ewido and McAfee (she got SpywareBlaster, SpywareGuard by the way) ... All scans came up clean until half way through Ewido scan ... McAfee detected " Adware-DFC " and said "Cleaned(failed)" ...

Then I entered Safe Mode to scan again using all available tools but everything was cleaned. I then searched the net for " Adware-DFC " and found out it is a rather nasty Trojan ... I am very frustrated because I know it will take ages for me to get rid of it and I need to learn everything to sort it out and time is no on my side at the moment. I am also working part-time to survive.

The moral of the story.

You can only help those who are willing to help themselves first.

In my gf's case I guess I will let the nature takes its cause ... I am going to let her system be. Whatever happens ... Happens. So far later scans found nothing but I am sure the trojan is lurking somewhere in her system.

 

Well, I don't actually use IE, but a shell called NetCaptor. I use it because I like it, and I have never been burned. Of course there is always a first. But then again I am using the latest and greatest security software on the planet; I practice safe-surfing; I have it configured as suggested by Markus Jansson. So I guess I feel I am a low risk.

 

Well Chewey,

I assume you are saying that if everyone dumped IE and used Fox or Opera all problems woud be solved! WoW!! Makes sense to me!!

Jumping for joy in Juarez, el big ed

 

I use IE and all is great!! Just stay away from the Porn Sites!!

Cheers,

 

There are always going to be those who for lack of better words "Like to tempt fate" by continuing to use IE with all of it's security holes when much better and safer alternatives are available for free. To each his own I guess.

 

Iv'e used IE since 1999 without a problem. Norton and then NOD have caught everything. Iv'e also had Zonealarm installed until recently along with Spybot and Adaware. Dumped ZoneAlarm and added BOClean plus a router and have always been clean as a whistle.

 

I would say that the overwhelmingly vast majority of users still use IE.
I was talking to a colleague at work the other day about it. She uses IE and told me "We've never had a problem.... We've got antivirus, and it's never found anything"......
Interestingly, her family computer was in the shop getting fixed because it had "slowed to a crawl"!

 

theres nothing wrong with IE, it just needs a tighter config. and as much id like all people 'round the world to use Firefox, most ppl will continue to use IE as thats all they know (along with windows, norton, etc...) and many sites are made with IE compatibility in mind.

 

FireFox is my first choice but there are times in which IE seems to fit the situation a little better.

Hammer has a good set up just to name one, no I will name two, dagolag has a good idea too.

Good Secuirty apps. a well patched system an extra measure of common sense and one should be fine using IE.

But I recommend always a backup or two. You never know when a break down will occur like with a CAR. One is broke you can get out on the highway with the other one.

 

I only use IE to gain access to certain emails/websites that sometimes firefox wont let me get to, or displays it in a different way.

IE has many security issues, enough to make people cry

 

Keep your IE updated along with the OS..without procrastination..and all ya'll will be just fine..for me IE never was a problem...no matter how fun it was to target all those vulnerabilities..


Firefox and Mac security sanctuaries 'under attack'

By John Leyden (john.leyden at theregister.co.uk)
Published Monday 19th September 2005 12:19 GMT
Symantec has attacked the perceived security advantages of Firefox and Apple Macs by drawing unfavourable comparisons with Microsoft's software and describing Mac fans as living in a "false paradise". According to the latest edition of Symantec's Internet Security Threat Report, 25 vulnerabilities were disclosed for Mozilla browsers and 13 for Microsoft Internet Explorer in the first half of 2005.

Graham Pinkney, head of threat intelligence EMEA at Symantec, said that switching from IE to Firefox as a way of minimising security risks was no longer valid advice. "Cross-site scripting attacks have been used to attack more vulnerabilities in Mozilla browsers over the last six months than IE," Pinkney told an IDC security conference last week ahead of the publication of Symantec's threat report today. John Cheney, chief executive of email filtering firm BlackSpider, replied that the release of Firefox had "helped Microsoft to raise its game" in terms of browser security.


As well as making comments that will doubtless irk Firefox fans, Symantec has renewed its assault of the perceived security advantages of Apple Macs. "Mac users may be operating under a false sense of security as a noteworthy number of vulnerabilities and attacks were detected against Apple Mac’s operating system, OS X," Symantec said, reflecting comments in the previous edition of its threat report that OS X was an emerging target for attack.

"While the number of vendor-confirmed vulnerabilities in OS X has remained relatively constant during the last two reporting periods [12 months], Symantec predicts this could change in the future. Symantec’s analysis on a rootkit (OSX/Weapox) reveals it is designed to take advantage of OS X. This particular trojan demonstrates that as OS X increases in popularity, so too will the scrutiny it receives from potential attackers."

Away from the desktop, Microsoft enterprise applications remain the top hacker target. For the fourth consecutive reporting period, the Microsoft SQL Server Resolution Service Stack Overflow Attack was the most common attack, accounting for 33 per cent of all attacks monitored by Symantec.

Malware authors go modular
Malicious code threats to privacy and confidentiality increased rapidly in the first six months of 2005 - up 48 per cent on the back half of 2004. Virus writers upped their production lines to release 10,866 new Windows virus and worm variants in the first six months of this year, Symantec reports.

For the second period in succession, NetSky-P was the most reported malicious code sample. Gaobot and Spybot - both linked to the creation of zombie networks of compromised Windows PCs - were the second and third most reported.

Malware that exposes confidential user information represented three-quarters (74 per cent) of the top 50 malicious code samples received by Symantec. Seven of the top 50 were linked to the creation of botnets. Websites that specialise in distributing source code and tools for malicious bots and botnets helped fuel the creation of multiple copies of Spybot with 6,361 new variants of the malware created in the first half of 2005, a 48 per cent increase over the 4,288 new variants documented in the second half of 2004.

Instead of releasing a wide range of functions in one program or file, virus writers are beginning to create modular code to avoid detection. Once installed, modular malware first tries to disable antivirus software and firewall protection and then trieas to download other pieces (or modules) of code from compromised computers across the internet.

A patch in time...
Symantec chronicled 1,862 new vulnerabilities during 1H2005 - an average of 10 new flaws a day – 73 per cent of which it categorises as easily exploitable. The time between the disclosure of a vulnerability and the release of an associated exploit was just six days. Half (59 per cent) of vulnerabilities were associated with web application technologies.

Along with computer viruses and vulnerabilities, spam remains a leading security concern. Spam accounted for 61 per cent of all email traffic in the first half of 2005, according to Symantec, with over half (51 per cent) of all junk mail received worldwide originated in the US. ®
http://www.theregister.co.uk/2005/09/19/symantec_threat_report/

 

After some talking to yesterday they are now using Opera and Firefox. Let's see how they cope with all this new changes. Apparently the friend laptop is infested by spyware etc that keep shuting down the system. I just told the friend to reformat ...

 

Ive used myie (now maxthon) for years without any problems.The trouble with getting your g/f and her dad to use firefox or opera , is that they may get more frustrated by not being able to open certain sites that are IE orientated , and end up altering settings to try and get things to work , thereby causing more problems.
ellison

 

.. as long as you surf safely and watch what sites you go to, IE will do just fine.

 

I use IE almost since its day 1. Every thing is fine and no problems or spywares at all. My reason for using IE only: is that other browsers wont display my language the way it should look, spell and read.

 

I don't think this will change the mind of anyone using Firefox.

 

http://blogs.zdnet.com/Ou/index.php?p=103

As we move into the next few months..according to my sources..the target is now the fox in the Hen House..

 

Nicely said LOL.
Once I said at SWI, that Firefox would become as vulnerable as MSIE and that Firefox wasn't compromised yet, because it wasn't an interesting target.
I got nothing but negative replies and they assured me that Firefox would never become that vulnerable, because Firefox wasn't integrated in Windows like MSIE.
What is happening now with FF is just the beginning. They seem to underestimate the brain power of the bad guys.

Opera is at this moment the safest browser, but that won't last forever. I'm 100% sure about that.

 

If you want to be truly secure, on any browser, disable Java, Javascript and ActiveX (Well, ActiveX is for IE...).

Or use Proxomitron and make a filter and a whitelist allowing only select sites to have javascript/java enabled

 

Agreed. Started using it a few days ago. Love it!

 

I'm using it with Opera ^_^

Very fast and no complaints here

 

Yup..well I like all those other brands of browser out there and the creativity of the groups and good people who are working on them..it is nice to have choices..but now it is in vogue for the dark side to take a whack at the others..just because they are there..

 

Actually, there is a lot wrong with IE, even if you don't consider its security (or lack thereof). For one thing, it ignores many HTML and CSS standards. The so-called IE 'compatibility' you're talking about is nothing but laziness by web site developers who feel they have no time for multiple browser testing, and by people don't want to study the standards by W3C. These standards greatly enhance sites, both visually and in a practical way; CSS (which is utterly broken in Internet Explorer) give the power of creating dynamic html pages without resorting to less secure languages like JavaScript. Microsoft has often introduced its own, very limited "enhancements" to HTML, breaking standards and giving much less control and power over web pages content than they would have by following the rules defined by the W3C. That's facts.

 

That's an old argument..I never did like that fact that a webmaster has control over my browsing...I am the customer..not a client to be abused. All that said..if they want the business..they will make sure the page displays correctly..even if it be the "unconventional" IE

Webmasters certainly are not all created equal..and many do not have a clue how to protect their clients..heck..most of them don't even keep their server software updated and most cases they are full of holes..waiting for the unwary traveler it get bed bugs.

 

Knowing nothing about these things, the situation is simple for me. I want something that is simple, reliable and gets me to the place I would like to go. The security stuff is why I try and use the protection products that I do. I would have switched to FireFox, but they did not have an easy to install spell checker like I.E. does, and I am lost without one. Notice I said "easy" to install. If they ever do develop one, I would give them a try.

Thanks
Wildman