Main Area and Open Discussion > General Software Discussion

Is it finally time to abandon IE?

<< < (4/9) > >>

Dormouse:
To stay protected, it pays to be informed about risks as they occur, and to have options.

I use Opera, and FF, and increasingly Iron/Chrome and occasionally ie. I see few advantages to using ie, so I avoid it, partly for the benefits of the other browsers but also for the reduced risks of not using the  most prevalent programs. If I see a risk with one, I switch to using the others until it is sorted.

I use the same approach for most types of programs, though still use XP more than Linux.

f0dder:
I switched away from IE quiet a while ago, and I haven't looked back since - there's no features in IE that I miss in FireFox, and with IE7 and onwards the only advantage IE had over FF (faster loading speed) disappeared (in fact, it loads slower than FF with a bunch of extensions now, and tabs open slower as well). Sure, FireFox isn't bugfree, but I can't remember the last exploit it had that allowed code execution - most flaws have been relatively limited-scope stuff like cross-site scripting that require a fair amount of work to successfully exploit. Add noscript and adblockplus to the mix, and well... :)

Sure, there's applications that use the IE browser control internally (and I'd stay away from any email client doing this!), but you don't generally use those apps to browse the internet at random - the infection vector is pretty small with those.

And of course IE is going to be attacked more than other browsers because of it's market dominance, but it's not like there isn't security research going on targeting the other browsers... and the holes in IE have by far been the most severe. Moving to another browser is a good idea - or at least use Vista with UAC and IE8 in protected mode. Or if you insist on an administrative account or the likes, use something like DropMyRights to reduce the attack vectors.

40hz:
Corrective patch is now available from Microsoft 17-Dec-2008 via Windows Update or direct download.

Josh:
Pretty quick patch if you ask me

CWuestefeld:
As Josh said, people are quick to jump all over MS, but other parties have just as many problems. Perceptions aside, FF has had as many days vulnerable to critical exploits as IE (sorry, I don't have citation handy, but I have seen the actual numbers). Flash has had problems, and I believe that Adobe Acrobat Reader has had a critical exploit sitting unpatched for months.

A coworker sent me this quote this morning (emphasis mine):
“Microsoft (NSDQ:MSFT) said Tuesday that the company intends to release an out-of-band patch for a monster error affecting all versions of the Internet Explorer Web browser, which has caused hackers to launch malicious attacks to steal information and take over computers without any user intervention.”

http://www.crn.com/security/212500766

--- End quote ---
How can they say that the error actually causes the hackers to exploit it?

Anyway, app103 is going off the deep end. Even if you want to ditch IE because of this, there's no reason to eradicate it from your machine: the exploit can only be ... exploited when using IE to surf.

My own NANY 2009 entry, LifeSaver Diary, uses IE for the display and editing of diary entries. As long as you trust the developer not to inject exploitative code into the browser, there's absolutely nothing else to worry about. Surely you're not going to hack into your own system by entering malicious diary entries.

Navigation

[0] Message Index

[#] Next page

[*] Previous page