Discussion Forums > Technology
Wow - Germany & France say MSIE is a security risk!
Xiong Chiamiov:
--- Quote from: kyanwan on January 18, 2010, 09:50:49 PM ---...
--- End quote ---
Oh yes, just what we need - another discussion of whether or not the insecurity of Microsoft's products is from their popularity.
kyanwan:
--- Quote from: Xiong Chiamiov on January 19, 2010, 05:42:26 AM ---
--- Quote from: kyanwan on January 18, 2010, 09:50:49 PM ---...
--- End quote ---
Oh yes, just what we need - another discussion of whether or not the insecurity of Microsoft's products is from their popularity.
--- End quote ---
It's not "popularity". The architecture is bad. This microkernel/driver/backwards compatibility stuff is just poor design.
ATM machines are popular. Are they insecure? Car door locks are popular - are they insecure?
Computers are machines. They have guts just like other things. Reliable security is out there - just as I said, woo ... like 12 years ago now ... that Javascript was one of the most insecure technologies ever ( hey! I was right. I guess I deserved my sweet A in the network security course I took way back then. ) ---- well ---- right about this too.
I know my stuff when it comes to this kind of garbage. :P
I wouldn't be working in the field otherwise. ( Hey! Even in a bad economy. So I guess I'm worth my weight eh? )
DaggerLite:
ATMs have proved to be insecure time and time again when targeted by criminal gangs. They install card readers, or hack the terminals to deliver details about cards and codes. The fact that many of them use Windows XP doesn't really play much of a role here. The newer chip systems are more secure, though. Car door locks can be broken if you learn the system, or even forcefully circumvented if you don't.
However, you can't really compare those in my opinion. It's not like whatever system is behind those devices is openly connecting to random computers around the world, or compromising themselves by others being able to find them and connect to them from the outside. It has happened at times, sort of like how Google was recently targeted by some skilled Chinese hackers. Another point is that these systems operate with high security prioritized, even after implementation. They are surveyed and controlled by a large group of people who earn money for doing just that. They (generally) operate on a low level, which further decreases vulnerability.
An OS is huge. I don't think OSX or Linux is much better than Windows. They're decent alternatives - I'm not trying to say anything is worse than Windows. Linux specifically is just not worth targeting yet because of the level of users who generally use it. The programs are also not as advanced as some of the Windows programs you see, thus a lot less prone to security holes.
In short: I agree with you when you say IE users are more prone to attacks at the moment, but I don't think it's simply because the program is so insanely insecure. It is simply tried on a much larger scale than other browsers.
geoffreak:
The people who say that market share is the determining factor as to which browser gets attacked don't know what they are talking about. In actuality, this theory would only hold true if all browsers were equally easy to crack. The truth is that whatever is the easiest to crack will be cracked, so long as it has at least one person with money using it.
Case and point: A look back into history will show that Mac OS 9, with less than a 10% market share of the computing market, had far more viruses written for it than Windows at the time.
Microsoft has invested quite a bit in Internet Explorer and won't change the inner workings, likely ever. They focus more on backwards-compatibility than security. Other browsers are constantly rethinking what it means to be a browser and coming out with great features, speed, and security. The only element that IE takes from them is the features, because these are what most users notice. Microsoft's idea of security is warning messages, most all of which are ignored by the user (I bet even you don't read them).
A good analogy is that IE is a top of the line 1995 car that completely outclassed all the other cars in the day. Now, it may have a new paint job and some body work to look like today's cars, but the insides haven't changed. It still gets 1 mpg, rapes the environment and kills babies, but hey, it's a classic.
It is scary to think about the number of viruses that get on to a computer through Internet Explorer. Not using IE can prevent upwards of 90% of viruses.
kyanwan:
--- Quote from: geoffreak on January 20, 2010, 10:54:54 PM ---Microsoft has invested quite a bit in Internet Explorer and won't change the inner workings, likely ever. They focus more on backwards-compatibility than security. Other browsers are constantly rethinking what it means to be a browser and coming out with great features, speed, and security. The only element that IE takes from them is the features, because these are what most users notice. Microsoft's idea of security is warning messages, most all of which are ignored by the user (I bet even you don't read them).
--- End quote ---
Not only that - but you can make completely fake system messages using vbscript, jscript, and javascript. You shouldn't be able to mimic the operating system completely with the browser & in-page scripts - that's madness.
So you don't know which are legit or fake with MSIE.
This is why I use software restriction policies & guest-type accounts to protect my systems now.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version