Better Off Without IE

 
 
By Matthew Hicks  |  Posted 2004-07-06 Print this article Print
 
 
 
 
 
 
 


In the meantime, Microsoft has rolled out a mixed bag of fixes for IE. In response to the Download.Ject attack, Microsoft last week issued a security update for making configuration changes to Windows. But the Redmond, Wash., company still is working on a comprehensive security patch for IE, Schare said. "We wanted to get something out rapidly to help make people safer while we work on a comprehensive fix," he said. "Its going to take us a few more weeks to get it done."
Microsofts Schare downplayed calls to move to non-IE browsers, saying that security advisories such as the recent one from CERT have included since last year the suggestion of using other browsers as one of many options for closing security holes.
He also said users need to look at more than security when deciding whether to use a different Web browser, such as whether the applications and Web sites they use will be compatible with non-IE browsers. Daniel Miessler, an IT security engineer with a financial services company in Georgia, said he suggests that individual users consider ditching IE both because of its security gaps and because of its lack of support for Web standards. Before IEs most recent security issues, the Microsoft Certified Systems Engineer wrote a story for the Lockergnome Web site outlining reasons to dump IE. "IE can be secured, [but] there are very few people who are not into security and who can do that," he said. "Ninety-nine percent of people using IE cannot secure it, and even if they could, theyre busy and they just want to use their browser." Downloading a new browser such as Firefox or Opera is often easier than following complicated configuration changes suggested by Microsoft and security researchers or downloading patches, he said. Security researchers and CERT have suggested that IE users turn off ActiveX and Active scripting, among other things. Click here to read Security Center Editor Larry Seltzers take on disabling IE scripting. "If you just use it as a browser, then its a hundred times more secure to do so with Mozilla or Opera," Miessler said. Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.

Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page



 
 
 
 
Matthew Hicks As an online reporter for eWEEK.com, Matt Hicks covers the fast-changing developments in Internet technologies. His coverage includes the growing field of Web conferencing software and services. With eight years as a business and technology journalist, Matt has gained insight into the market strategies of IT vendors as well as the needs of enterprise IT managers. He joined Ziff Davis in 1999 as a staff writer for the former Strategies section of eWEEK, where he wrote in-depth features about corporate strategies for e-business and enterprise software. In 2002, he moved to the News department at the magazine as a senior writer specializing in coverage of database software and enterprise networking. Later that year Matt started a yearlong fellowship in Washington, DC, after being awarded an American Political Science Association Congressional Fellowship for Journalist. As a fellow, he spent nine months working on policy issues, including technology policy, in for a Member of the U.S. House of Representatives. He rejoined Ziff Davis in August 2003 as a reporter dedicated to online coverage for eWEEK.com. Along with Web conferencing, he follows search engines, Web browsers, speech technology and the Internet domain-naming system.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel