Why don't people listen - Not to use IE?

Discussion in 'other security issues & news' started by chew, Sep 18, 2005.

Thread Status:
Not open for further replies.
  1. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Folks

    This is really frustrating for me having spent so much time trying to educate others to keep their systems clean by not using IE when they don't have any idea about what malwares mean. Particularly my gf. I have explained to her so many times ...

    You see I have been keeping my gf laptop malwares cleaned for such a long time now. Everything was fine until few days ago when her father started to use her laptop. I explained to her in the past, many times, that she could let her friends use her laptop for surfing the net so long as they used Firefox or Opera browser that I had installed for her. She has Win2K without firewall by the way as I had not installed one for her yet (I am still learnig about firewall rules and both of us are using Univ. network and firewall so just buying time until I get a decent firewall for her). So the last malware that infected her system was VX2 which messed up her system pretty badly but I managed to sort that out and her system was running very smoothly since ... until her father and friend started to use IE on her system...

    Guess what ? Too late! When I found out they were using IE I immediately did a scan using Ad-aware, MSAS, Ewido and McAfee (she got SpywareBlaster, SpywareGuard by the way) ... All scans came up clean until half way through Ewido scan ... McAfee detected " Adware-DFC " and said "Cleaned(failed)" ...

    Then I entered Safe Mode to scan again using all available tools but everything was cleaned. I then searched the net for " Adware-DFC " and found out it is a rather nasty Trojan ... I am very frustrated because I know it will take ages for me to get rid of it and I need to learn everything to sort it out and time is no on my side at the moment. I am also working part-time to survive.

    The moral of the story.

    You can only help those who are willing to help themselves first.

    In my gf's case I guess I will let the nature takes its cause ... I am going to let her system be. Whatever happens ... Happens. So far later scans found nothing but I am sure the trojan is lurking somewhere in her system.

    :mad:
     
  2. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Well, I don't actually use IE, but a shell called NetCaptor. I use it because I like it, and I have never been burned. Of course there is always a first. But then again I am using the latest and greatest security software on the planet; I practice safe-surfing; I have it configured as suggested by Markus Jansson. So I guess I feel I am a low risk. ;)
     
  3. big ed

    big ed Registered Member

    Joined:
    Aug 12, 2003
    Posts:
    3,137
    Location:
    Ye Olde New England
    Well Chewey,

    I assume you are saying that if everyone dumped IE and used Fox or Opera all problems woud be solved! WoW!! Makes sense to me!!

    Jumping for joy in Juarez, el big ed
     
  4. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    I use IE and all is great!! Just stay away from the Porn Sites!!

    Cheers,
     
  5. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    There are always going to be those who for lack of better words "Like to tempt fate" by continuing to use IE with all of it's security holes when much better and safer alternatives are available for free. To each his own I guess. :rolleyes:
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Iv'e used IE since 1999 without a problem. Norton and then NOD have caught everything. Iv'e also had Zonealarm installed until recently along with Spybot and Adaware. Dumped ZoneAlarm and added BOClean plus a router and have always been clean as a whistle. :D
     
    Last edited: Sep 18, 2005
  7. bigbuck

    bigbuck Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    4,877
    Location:
    Qld, Aus
    I would say that the overwhelmingly vast majority of users still use IE.
    I was talking to a colleague at work the other day about it. She uses IE and told me "We've never had a problem.... We've got antivirus, and it's never found anything"......
    Interestingly, her family computer was in the shop getting fixed because it had "slowed to a crawl"! ;) ;)
     
  8. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    theres nothing wrong with IE, it just needs a tighter config. and as much id like all people 'round the world to use Firefox, most ppl will continue to use IE as thats all they know (along with windows, norton, etc...) and many sites are made with IE compatibility in mind.
     
  9. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    FireFox is my first choice but there are times in which IE seems to fit the situation a little better.

    Hammer has a good set up just to name one, no I will name two, dagolag has a good idea too. :D

    Good Secuirty apps. a well patched system an extra measure of common sense and one should be fine using IE.

    But I recommend always a backup or two. You never know when a break down will occur like with a CAR. One is broke you can get out on the highway with the other one. :)
     
  10. Under0ath

    Under0ath Registered Member

    Joined:
    Dec 5, 2004
    Posts:
    284
    Location:
    Slippin' into the Twilight Zone
    I only use IE to gain access to certain emails/websites that sometimes firefox wont let me get to, or displays it in a different way.

    IE has many security issues, enough to make people cry
     
  11. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Keep your IE updated along with the OS..without procrastination..and all ya'll will be just fine..for me IE never was a problem...no matter how fun it was to target all those vulnerabilities.. ;)


    Firefox and Mac security sanctuaries 'under attack'

    By John Leyden (john.leyden at theregister.co.uk)
    Published Monday 19th September 2005 12:19 GMT
    Symantec has attacked the perceived security advantages of Firefox and Apple Macs by drawing unfavourable comparisons with Microsoft's software and describing Mac fans as living in a "false paradise". According to the latest edition of Symantec's Internet Security Threat Report, 25 vulnerabilities were disclosed for Mozilla browsers and 13 for Microsoft Internet Explorer in the first half of 2005.

    Graham Pinkney, head of threat intelligence EMEA at Symantec, said that switching from IE to Firefox as a way of minimising security risks was no longer valid advice. "Cross-site scripting attacks have been used to attack more vulnerabilities in Mozilla browsers over the last six months than IE," Pinkney told an IDC security conference last week ahead of the publication of Symantec's threat report today. John Cheney, chief executive of email filtering firm BlackSpider, replied that the release of Firefox had "helped Microsoft to raise its game" in terms of browser security.


    As well as making comments that will doubtless irk Firefox fans, Symantec has renewed its assault of the perceived security advantages of Apple Macs. "Mac users may be operating under a false sense of security as a noteworthy number of vulnerabilities and attacks were detected against Apple Mac’s operating system, OS X," Symantec said, reflecting comments in the previous edition of its threat report that OS X was an emerging target for attack.

    "While the number of vendor-confirmed vulnerabilities in OS X has remained relatively constant during the last two reporting periods [12 months], Symantec predicts this could change in the future. Symantec’s analysis on a rootkit (OSX/Weapox) reveals it is designed to take advantage of OS X. This particular trojan demonstrates that as OS X increases in popularity, so too will the scrutiny it receives from potential attackers."

    Away from the desktop, Microsoft enterprise applications remain the top hacker target. For the fourth consecutive reporting period, the Microsoft SQL Server Resolution Service Stack Overflow Attack was the most common attack, accounting for 33 per cent of all attacks monitored by Symantec.

    Malware authors go modular
    Malicious code threats to privacy and confidentiality increased rapidly in the first six months of 2005 - up 48 per cent on the back half of 2004. Virus writers upped their production lines to release 10,866 new Windows virus and worm variants in the first six months of this year, Symantec reports.

    For the second period in succession, NetSky-P was the most reported malicious code sample. Gaobot and Spybot - both linked to the creation of zombie networks of compromised Windows PCs - were the second and third most reported.

    Malware that exposes confidential user information represented three-quarters (74 per cent) of the top 50 malicious code samples received by Symantec. Seven of the top 50 were linked to the creation of botnets. Websites that specialise in distributing source code and tools for malicious bots and botnets helped fuel the creation of multiple copies of Spybot with 6,361 new variants of the malware created in the first half of 2005, a 48 per cent increase over the 4,288 new variants documented in the second half of 2004.

    Instead of releasing a wide range of functions in one program or file, virus writers are beginning to create modular code to avoid detection. Once installed, modular malware first tries to disable antivirus software and firewall protection and then trieas to download other pieces (or modules) of code from compromised computers across the internet.

    A patch in time...
    Symantec chronicled 1,862 new vulnerabilities during 1H2005 - an average of 10 new flaws a day – 73 per cent of which it categorises as easily exploitable. The time between the disclosure of a vulnerability and the release of an associated exploit was just six days. Half (59 per cent) of vulnerabilities were associated with web application technologies.

    Along with computer viruses and vulnerabilities, spam remains a leading security concern. Spam accounted for 61 per cent of all email traffic in the first half of 2005, according to Symantec, with over half (51 per cent) of all junk mail received worldwide originated in the US. ®
    http://www.theregister.co.uk/2005/09/19/symantec_threat_report/
     
  12. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    After some talking to yesterday they are now using Opera and Firefox. Let's see how they cope with all this new changes. Apparently the friend laptop is infested by spyware etc that keep shuting down the system. I just told the friend to reformat ...

    :)
     
  13. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Ive used myie (now maxthon) for years without any problems.The trouble with getting your g/f and her dad to use firefox or opera , is that they may get more frustrated by not being able to open certain sites that are IE orientated , and end up altering settings to try and get things to work , thereby causing more problems.
    ellison
     
  14. rawr

    rawr Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    128
    Location:
    Illinois, U.S.A
    .. as long as you surf safely and watch what sites you go to, IE will do just fine.
     
  15. hadi

    hadi Guest

    I use IE almost since its day 1. Every thing is fine and no problems or spywares at all. My reason for using IE only: is that other browsers wont display my language the way it should look, spell and read.
     
  16. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    I don't think this will change the mind of anyone using Firefox.
     
  17. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743

    http://blogs.zdnet.com/Ou/index.php?p=103

    As we move into the next few months..according to my sources..the target is now the fox in the Hen House.. ;)
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Nicely said LOL.
    Once I said at SWI, that Firefox would become as vulnerable as MSIE and that Firefox wasn't compromised yet, because it wasn't an interesting target.
    I got nothing but negative replies and they assured me that Firefox would never become that vulnerable, because Firefox wasn't integrated in Windows like MSIE.
    What is happening now with FF is just the beginning. They seem to underestimate the brain power of the bad guys.

    Opera is at this moment the safest browser, but that won't last forever. I'm 100% sure about that.
     
  19. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    If you want to be truly secure, on any browser, disable Java, Javascript and ActiveX (Well, ActiveX is for IE...).

    Or use Proxomitron and make a filter and a whitelist allowing only select sites to have javascript/java enabled :)
     
  20. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Agreed. Started using it a few days ago. Love it! :)
     
  21. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    I'm using it with Opera ^_^

    Very fast and no complaints here ;)
     
  22. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743

    Yup..well I like all those other brands of browser out there and the creativity of the groups and good people who are working on them..it is nice to have choices..but now it is in vogue for the dark side to take a whack at the others..just because they are there.. :mad:
     
  23. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Actually, there is a lot wrong with IE, even if you don't consider its security (or lack thereof). For one thing, it ignores many HTML and CSS standards. The so-called IE 'compatibility' you're talking about is nothing but laziness by web site developers who feel they have no time for multiple browser testing, and by people don't want to study the standards by W3C. These standards greatly enhance sites, both visually and in a practical way; CSS (which is utterly broken in Internet Explorer) give the power of creating dynamic html pages without resorting to less secure languages like JavaScript. Microsoft has often introduced its own, very limited "enhancements" to HTML, breaking standards and giving much less control and power over web pages content than they would have by following the rules defined by the W3C. That's facts.
     
  24. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743

    That's an old argument..I never did like that fact that a webmaster has control over my browsing...I am the customer..not a client to be abused. All that said..if they want the business..they will make sure the page displays correctly..even if it be the "unconventional" IE :)

    Webmasters certainly are not all created equal..and many do not have a clue how to protect their clients..heck..most of them don't even keep their server software updated and most cases they are full of holes..waiting for the unwary traveler it get bed bugs.
     
  25. wildman

    wildman Registered Member

    Joined:
    Feb 18, 2004
    Posts:
    2,179
    Location:
    Home on the range.
    :D Knowing nothing about these things, the situation is simple for me. I want something that is simple, reliable and gets me to the place I would like to go. The security stuff is why I try and use the protection products that I do. I would have switched to FireFox, but they did not have an easy to install spell checker like I.E. does, and I am lost without one. Notice I said "easy" to install. If they ever do develop one, I would give them a try.

    Thanks
    Wildman
    :) :eek: :p
     
Loading...
Thread Status:
Not open for further replies.