Browser Alternatives Are No Guarantee of Security

Yeah, game play must be hard on your "hoofs" as well.

 

That's funny, Randy, I was kind of thinking the same thing.

Microsoft should just change their slogan:

"Microsoft....we provide you with products for you to bash us with"

I'm not a big Microsoft fan myself.....but I still don't see any need to bash them simply because they were the "AT&T" of their profession. For a long time, AT&T held basically a "monopoly" in the telecommunications field....but that was before the FCC ruling that Ma Bell had to be broken up so that competitors could compete in the marketplace. Same thing with Microsoft....they're being attacked as having a monopoly of sorts, and not just by Congress but by the people who use their products. The percentage of marketshare that the Mozilla Firefox browser has achieved in such a relatively short time shows that consumers ARE looking for alternatives. If Microsoft puts out crap products, THEY will be the ones that suffer these days. But simply because they have a web browser, and Media player, and other little goodies that they "bundle" with their software isn't a valid reason to bash them IMO. Too many companies these days try to get away with providing customers with as little as possible....but Microsoft even offers products like their "Anti-Spyware" for free, while other companies are charging for similar models and apps.

So while Microsoft does have it's share of problems, and it has become fashionable to bash them these days....I'm not really ready to jump on board. Just because they're a large corporation and innovators that offered products and services before others had a chance to catch up is not a good reason. Besides, I'm sure several people who bash them probably have mutual fund type investment plans that have a large share of MSN stock. I don't know about others, but I don't want to see the stock that I have in Microsoft bottom out anytime soon.....

 

Hi

Well, thanks for the link.

I think this article is misleading.

Although it does talk about secunia, it doesn't talk about the conclusions one can draw from this site, e.g. the speed at which some companies (especially Opera) do patch whatever has to be.

The number and regularity and frequency of flaws per browser is not mentioned, nor the history of the different companies's philosophy as far as security is concerned.

The link to the direct dwnld of the JRE for Windows doesn't point to the very latest JRE available, although that one has been released many weeks before the article's date of publication.

In other words, the article puts the various mentioned browsers in the same bag, which clearly is misleading. Opera stands at number one as far as browser security is concerned, this fact none can contest. Mozilla et al. at number two.

As far as exploiting IE's vulnerabilities by first exploiting another browser's before actually getting to IE, I never patch IExplorer on my XP system, for the excellent and simple reason that it has been eradicated a long time ago. See www.litepc.com for more on greatly improving XP's stability and security.

Although not everyone may be interested in such a (wonderful) product as LitePC, I think a so-called "specialized" article should mention this kind of possibility. Instead, the article voluntarily limits itself to saying what IE's afficionados (or actionaries) want to hear.

I'm afraid the reign of IExplorer is far from over, though. The only real danger to it short- and long-term would be Opera going banner-free. That would be the real browser-market revolution.

Cheers

 

Did anyone see this? She sure got flamed and some of it was funny. IE 7: so much for Firefox

 

We weren't bashing on Microsoft!!

Is it that Black and White?

hmm the last one who sang this song...

 

Uuugghh....please don't go there

I just finished eating......

 

SORRY .. not intended!!

I was trying to say that it's not all that bad with microsoft.

 

Good article, lynchknot.....it will be interesting to see what happens with Firefox once IE7 is released. I don't share the author's views, because I have a feeling that Firefox is here to stay.....but perhaps the rapid growth that it's seen in useage over the past 6 months or so will begin to top off or take a slight hit at worse.

 

well, although this is a security forum, IE6 apart from secuirty has other pit falls.
( I use XP and love it , i hate IE , but i am not a M$ basher )
Ask web developers, who like IE? No stadard, ugly funny code?

I post this in a lot of places, but if it wasn't firefox , IE7 would properly never come out with those features that they said it will have.

There is still so many bugs that M$ knows about it and not fixing it ( rendering issues )
And how slow it fixes the security bug. ( i know they have to test it, but in some cases they didn't fix it until something has happened attitude really pisses me off )

And firefox 1.1 looks very good, and will hopefully bring them past the double figure in Global usage.

 

How stupid is stupid? For anyone anywhere to even slightly suggest that microsoft is somehow the knight in shinning armor doing good things for the public is so outrageously ignorant that it can only be the by product of the emotional disturbed.
IE 7 will only work FULLY on the Longhorn operating system. IE 7 is NOT fully functional on any other operating system. Tabs......the poster making the comment about Tabs has lost his/her way to the OutHouse where that comment belonged. A TOOLBAR is a toolbar know what a toolbar is before making such a statement.
billy gates @ss kissing wont improve the microsoft operating system one tad bit. But on the bright side. Because microsoft is such insure garbage a whole generation of third part products had to be produced to offer marginal security to the User. Many software vendors have become wealthy due to the insecurity of the microsoft system an no doubt wont want to give up the gravetrain easily. Forums just like this one has its share of microsoft Implants offering up a defense of microsoft. An ever script kiddie around the world must burst into laughter reading such garbage. Speak truefully cowards! Just don’t have the gull to suggest that microsoft offers a good product. Go to any forum that cleans the HiJack logs to see how secure the microsoft system really is.

One poster was very insulting with that comment about TERMITES" an it was completely un-called for. This post is it response to that. In a forum its normal to express points of view an insults are not neccesary.

 

OutHouseGoing, there is a cure to you having problems with Microsoft products. Just don't use them. If you have a better operating system put it on the market, but bashing MS as you are doesn't accomplish one single thing. If there was a better OS out there it would already be taking over the market. And the linux offerings out there are not ready for prime time. So it is better to use and secure what we have than it is to just rant about how bad it is.

 

It is very sad, but This is not true and a very big mistake to think so!,
1) If there is a better one,this DOES NOT mean everybody
is going to buy it.
FreeBSD for example, every OS-guru/teacher knows that this is a much better OS.
But the problem is, that since there are not enough people who use it
(Instead of the huge licenses of Microsoft this one is for free),
2) there is too litlle software available for the average user.
And of course they have to drop all the Windows Software.
That is another problem.
3) NOBODY in the world,not a company of group of persons,
can pay that much for marketing etc. as MS can do.
4) People are used the work with Microsoft SW,
so switching is not that simple.


Building a better OS or building a better application, means in some cases, that you have to rebuilt the software completely.
This makes it sometimes not downwards compatible anymore.
And Microsoft doesn't like that from a marketing point of view.
All MS software is built in modules,
this makes it easy to add or change modules, but difficult to change the whole structure of the program (read impossible)
This is why software is getting so huge,
a new version means nothing else then ,adding extra modules and changing a few.
That is also why the performance is that bad, if you look at the latest OS or MS office version (greater then 1 GB) this is of course sad and funny at the same time.

This force you to buy another computer, with faster cpu, more ram etc.
Just to run an OS and office software etc. ?

Also this modular way of programming makes it impossible to solve some security-problems.

Another thing you musn't forget, is that there are a lot of places where
other OS-es are used.
In de Graphic designers etc. Work with the MAC.
ISP's work with Unix for their mailservers Webservers etc.
And the top500 companies work with Unix variants as well.
This is the only way to built high availabilty clusters,
and have systems with > 1000 users running.
Or on locations where uptime is very important, like banks, hospitals,
airfields (traffic control) etc.
Here the companies you see are:
Sun Microsystems,Hewlett Packard, IBM, Cray etc. etc.
And of course there is a very large group of Linux users.

I've been working for 30 years with MS sw and OS-es,
and more then 20 years with Unix but i have to see the first spyware,
trojan etc. for Solaris yet.

That fact that an OS is the best sold one, doesn't mean that it is the best.

In fact it is not.

 

To get back to the parent article, from what i understood getting to IE through Firefox is a Java exploit. I view Java as a major security risk and always have it disabled, as well as the AllowWebsitesToInstallPrograms option. Without ActiveX and stupid OS integration i consider this setup very safe.

 

tuatara,

Correct me if I'm wrong, but the reason this thread exists is because people are angry at the vulnerabilities of Microsoft, and the ability for hackers to write malicious code to exploit those vulnerabilities.

You mentioned "and more then 20 years with Unix but i have to see the first spyware, trojan etc. for Solaris yet", so using this analogy, wouldn't it just make sense that hackers aren't going to "waste time" writing code for Unix, etc., when Microsoft has such a dominant lead and marketshare in the industry?

You also gave several examples where people are using OS's other than Microsoft:

"FreeBSD for example, every OS-guru/teacher knows that this is a much better OS"

"In de Graphic designers etc. Work with the MAC"

"ISP's work with Unix for their mailservers Webservers etc"

"top500 companies work with Unix variants as well"

"And of course there is a very large group of Linux users"

...so there are several users who have experience with other OS's out there, and since Linux and others don't have the capital to compete with Microsoft from a marketing standpoint, it is currently up to the users to spread the word, and for the "uninformed" to read up on and educate themselves.

We see several people in this forum that seem to change AV/AT/AS applications as often as many people change their underwear! If the quality of Microsoft's product continues to slip where the performance is so noticeable that customers look for alternatives, the alternatives are out there and Microsoft will be the ones who suffer. For example, just look at Norton/Symantec. It wasn't that long ago that they practically held a monopoly of sorts in the AV department, but most people have noticed a drop in the quality of their product lately, their competition has increased marketshare, and Symantec isn't near as strong or as prevalent as it once was.

I agree 100%, totally and completely with your comment that "That fact that an OS is the best sold one, doesn't mean that it is the best", that is hard to argue with, given Microsoft's huge lead in the industry. Microsoft was established before the others even got their foot in the door....but that really isn't a reason to bash Microsoft. It's much easier to complain and try to destroy the competition than to be positive and provide details as to why something is better. But just as people have turned to blogs, alternative web sites, talk radio, etc. for their news and political information, people will look to other sources for their information concerning computer technology as well. These forums exist for that exact reason (concerning computer related security).

So while I acknowledge that Microsoft has it's share of problems, to me they aren't that extreme to the point where I am ready to say the Hell with them. IF...that day comes, then I (and several others) will leave Microsoft and look for alternatives. I think the reason others haven't gained marketshare as of yet is simply public demand. When the public starts demanding that other OS's are included in their stores as an alternative, that's when Microsoft will suffer.....so it's really up to Microsoft to stay up on things, or else.

 

No it isn't - but when they make their products mandatory (ever seen an option to uninstall Internet Explorer, Outlook Express or Media Player?) then it becomes a restriction of consumer choice (Media Player may even disable other audio programs, see Microsoft's DRM FAQ for more details). For that matter, just try purchasing a new PC without a copy of Windows preinstalled and getting an appropriate discount for it.

Microsoft Anti-Spyware may well become chargeable in some form - the "free" version is a beta test (see Microsoft to charge for security service). As for Internet Explorer and Media Player, there were specific business reasons for offering them which had (and still have) little to do with benefitting Joe Consumer in the long term.

Care to name an example of where Microsoft has genuinely innovated? Aside from the Windows Start button, pretty much everything else has come from elsewhere - such as Apple (much of the Windows UI), UNIX/GNU/Linux (TCP/IP networking, windows themes, various command line utilities), Novell (Active Directory) or IBM. While MS has put their own spin on many things, very little in terms of genuine innovation has come from Redmond and what has, has tended to be for other things like hardware and some games/simulations (and many of those were written by third parties).

What Microsoft has been good at is leveraging monopolies - whether to displace competitors (e.g. Windows 3.1 was designed to break Digital Research's DR-DOS, Windows 95 to break OS/2, Internet Explorer was pushed to break Netscape) or to gain unfair leverage in new markets (e.g. MSN Passport for online shopping, Media Player for music/video downloads). While this may be good news for MS shareholders, it does not benefit the market generally and harms consumers in the long term (the spyware epidemic would not be anywhere near current levels if more people used different browsers and MS felt obliged to do a better job of "fixing" IE).

Windows XP does appear to offer a lot (given that its price has increased threefold compared to previous versions, it should do!) so it is understandable that those less familiar with Microsoft's history and past dealings may mistake this for some benevolence on Redmond's part.

Things are hardly that simple - it is not security or architecture or technology that sells an OS, it is applications. Any new OS therefore has a seriously uphill struggle to accumulate a codebase large enough to attract popular support and this is what befell the likes of GEOS, BeOS and DESQView-DESQView/X. Even OS/2 with IBM's marketing behind it eventually failed (though you can argue that there were other reasons too).

Well some Linux distros are good enough in many cases - the issue then, for home users, is that most games are released for Windows only (this is my only reason for not switching myself, though I intend Windows 2000 to be my last Microsoft purchase). As for ranting, would keeping quiet really make things any better?

 

And when exactly will there be a public demand? When people like you and me get concerned about their online security. For all the utilities Microsoft is offering are better utilities for...defrag, mediaplayer, burners, games , email, ... the list is endless ..

I truely like xp's shell very much, the support for games and the fact I have to secure it so much, I became very interested and it's like a hobby now ..

But it's time the others can show on an honest way that their products are maybe better without loosing the first battle (first install)...

so it's really up to Microsoft to stay up on things, or else.

True, but they wouldn't even move if it wasn't for the growing "FFX/Opera" marketshare...and when you look at FFX/Opera you'll see it's more secure, it has more options and does it better the IE...

Like I said, I do like windows for my own reasons but that doesn't mean all is well, just like you said!!...

and I certainly am not bashing on Microsoft..
.. But things can be said for the better or for the worse ..

 

You raise some valid questions and concerns, Paranoid, and that is why I have said many times now that "I AM NOT A BIG MICROSOFT FAN MYSELF" (maybe that will be understood now that I've said it for the third time and all in caps and quotes - LOL). I am simply playing "Devil's Advocate" here, because I've heard an aweful lot of bashing, but few examples of exactly WHY Microsoft is the Devil. You said yourself, Paranoid, that many of the services or products that Microsoft offers " were written by third parties"....and that means someone was employed by that third party, and was being paid for the service and/or prduct that THEY sold to Microsoft (who in turn, distributes it on behalf of the third party).

I don't think there's a need to worry.....if anything, Microsoft's position in the market is not getting stronger, it's being weakened by competition and now government intervention. In twenty years, Microsoft will likely be no more than what AT&T is today. Will that make Microsoft a better company? Hopefully.....because the alternative can't be good for the people that have invested money in Microsoft (via mutual fund, IRA, etc. type accounts). But also, competition helps make companies better.....it serves to keep them on their toes. If Microsoft provides good products, they will flourish. If they don't, they will suffer. So if a company puts out a better operation system with easier to use and better features, is less constrictive and offers more value to the consumer, Microsoft will feel the adverse effects. When that product is made well known to the public (like the media did with the Firefox web browser), unsatisfied customers will leave Microsoft and turn to that alternative.

As for when that will happen, Infinity, I really don't know. My guess is as soon as a competitor comes along with an OS that blows Microsoft away. And it will likely happen sooner rather than later. Microsoft isn't exactly the "darling" of the media or public attention's eye right now. I also agree with you that "things can be said for the better or for the worse" in regards to Microsoft....I currently like the product OK, but I agree that it could be better. I just see a ton of criticism towards it....and even though much of the criticism is warranted, where is the alternative that blows Microsoft away? And why aren't people demanding such a system? Once those questions are answered, my feeling is we'll finally see that day.

 

Yes, you're right but in the meantime we'll just tighten our systems

"Just hang on!!!"

 

Which is exactly the reason I still run Windows at home, for games. When the time comes that Linux is stronger in this arena, I will use Linux as my main OS.

I did not post the link to this article for ppl to bash M$, but cmon, how can you not?

In any event, M$ and there products keep me employed and pay me a nice salary. Even tho there security glitches are a PITA, it keeps ppl like me employed by running around implementing proactive measures and also reacting when some slip on by.

I think M$ has a long way to go before it can be considered a secure and safe OS, but hey, that is what forums like this are for and all the security apps they we love to tweak and play around with.

 

AAAHHHH.

P2K like fine wine; great succint post.

>>> leveraged monopolies <<< absolutely

There are better OSs but market penetration at the consumer level

I try to be sensible but still just above average home user trying to find useful apps without drowning.

The PCLite tools, for example, look good but I probably could not use them. Do noy have time.

I cannot easily make heads or tails of various linux distros: still really for greater comp expertise than mine.

My expertise is elsewhere, therefore try and follow you guys here.
You have all helped me immensely.

If/when Linux or even bettr to dream of true Unix home consumer product available I would swap over.

Still occasionally looking longingly at Apple but as discussed before somewhat alarming convergence seems to be happening.

Regards.

 

Yes, it might change the opinions of those that might not have made up their mind. I would prefer to see someone come out with evidence about why Microsoft provides a better solution rather than hearing from people saying it does not make a difference.

I like hearing both sides of a discussion. So far, I have not heard very much evidence that MS provides a superior solution.



?What?

 

More popular does not mean better. The Betamax was a superior technology to the VHS VCR but VHS won out as the standard because they had better marketing department. More popular does not necesarrily mean better technology. More popular can sometimes mean better product but more popular relies more on better marketing rather than being a better product.

The best product does not always win....most of the time what determines the winner is who is first to the market, who has the best marketing department, who has the best management team to develop what Morningstar would call a "wide moat business" (Wide moat means significant barriers for new players to enter the market)

Microsoft was one of the first software companies to market with a extremely astute management team. Over time they have created significant barriers to entry for other players trying to develop alternative operating systems. People like sticking to what they know. If someone came up with a vastly superior solution to Microsoft over night, Microsoft would still have the advantage due to the fact people like sticking to what they know well. Microsoft's management team would then proceed to stifle the competition.....they may have less tools to do that since the anti-trust trials but they are still formidable opposition to ant new player. The reason they are so formidable is that most 3rd party applications are designed to work on windows only. People would be reluctant to switch to a alternative OS in which they are unable to use their favorite third party application.

In short bigger does not always mean better but it can mean that the management team of the company is extremely good.



Nlp