Forgot Password
Pentax Camera Forums Home
 

Reply
Show Printable Version Search this Thread
12-18-2008, 09:24 PM   #31
Pentaxian
SpecialK's Avatar

Join Date: Dec 2006
Location: So California
Photos: Gallery
Posts: 15,511
I use my IE browser for...browsing web pages. Never had a problem with the "crappy" software. What are the issues?

12-19-2008, 05:14 AM   #32
Pentaxian
dave kitson's Avatar

Join Date: Sep 2006
Location: Lichfield, UK
Photos: Gallery | Albums
Posts: 483
Tho' I am a FF fan myself, it's worth noting that the fix for IE is available via w2k, xp & vista updates.

dave
12-19-2008, 05:55 AM   #33
Site Supporter
Site Supporter
Tom S.'s Avatar

Join Date: May 2008
Location: S.E. Michigan
Photos: Albums
Posts: 4,290
QuoteOriginally posted by SpecialK Quote
I use my IE browser for...browsing web pages. Never had a problem with the "crappy" software. What are the issues?
The issues are unscrupulous people writing java scripts that run when you visit a web page. The script can do anything from uploading a virus, adding a key counter, or installing mal-ware. The sites that were notorious for these kind of problems were porn sites, but over the past year, it has spread to many other legitimate appearing sites.

IE isn't a bad browser (despite what some people claim). The problem lies in the fact that since it is by far the most commonly used browser, it's the one hackers write the most attack-ware for. As some of the other browsers become more popular, they too have come under attack.
12-19-2008, 07:46 PM   #34
Veteran Member
stewart_photo's Avatar

Join Date: Apr 2007
Location: Heidelberg, Germany
Posts: 1,864
QuoteOriginally posted by Spyder Quote
It would still be a flaw even if it had no security implications. To quote from the security advisory (Microsoft Security Bulletin MS08-078 - Critical: Security Update for Internet Explorer (960714)):

Ignoring the remote code execution, this still causes IE to crash and is therefore a flaw, bug, defect, whatever you want to call it. Nobody deliberately writes code with use-after-free bugs in it.
While I agree with Microsoft's use of of the word "vulnerability," I still must insist this wasn't a flaw or bug. For this vulnerability to be exploited, a total of seven highly unusual events (from the initial infection to IE crashing in an exploitable manner) had to occur first, while actually exploiting the vulnerability afterwards required a number of additional steps. Since it was virtually impossible for Microsoft's programmers to foresee that string of highly unusual events, those programmers cannot be fairly accused of writing buggy programming code and/or Microsoft fairly accused of distributing a flawed product.

stewart

12-19-2008, 08:40 PM   #35
Veteran Member
stewart_photo's Avatar

Join Date: Apr 2007
Location: Heidelberg, Germany
Posts: 1,864
QuoteOriginally posted by MoiVous Quote
<RANT MODE>

(snip) And BTW the term half baked is emotive - the non-MS browser and office products are not half baked! (snip)

Oh, please. There are at least 80-90 web browsers listed on this Wikipedia page alone. Do you honestly claim none of them are half-baked? Any one of them could be installed by employees as I described.


QuoteQuote:
(snip) we are changing the way we use computers. (snip)

Who is this "we" you're talking about? I see only one person replying in your message.


QuoteQuote:
Originally Posted by stewart_photo
By the way, this (standardization & widespread support) is exactly why I have only one browser (Internet Explorer) installed on the three computers (business, personal, and wife's) at home.



So according to your model, we should all drive one make of car, all eat the same cereal, all use one camera brand and all have one name. Doesn't work for me. I won't be changing my name.....

</RANT MODE>

Okay, my turn to rant in response to yours. Perhaps you didn't notice the "I" in the words, "I have only one browser (Internet Explorer) installed." I don't presume to speak for "we," so didn't say anything whatsoever about what "we" should do. Nor did I suggest anyone else use Internet Explorer. Instead, I gave the reasons for why "I" use that particular browser. Why aren't you satisfied with that? What does it matter to you which browser I use and why must you (and others like you) endlessly trash my browser choice in an effort to convince me (and others) to use only the browsers you feel we should use.

In your sentence above, you imply I'm suggesting "we" should all do one thing, when you're the one actually doing that. I'm not trashing Foxfire or Opera here (your browser choices), listing each of their faults and limitations, in an effort to promote my browser and convince you (and others) to switch. You did (repeatedly) when it comes to Internet Explorer and your browser choices. And I won't even get into how one-sided and incomplete your comments are - especially when it comes to discussing the limitations and deficiencies of those alternatives you so clearly favor.

Anyway, I'm quite satisfied with Internet Explorer. I realize it isn't perfect, but neither are the alternatives (and that's a fact). I've also played the alternative browser game many times over the years and am now throughly bored with it. Internet Explorer serves my needs quite well, so that's what I use. Now, why aren't you satisfied enough with that to leave it alone without a rant (your word) in reply?

stewart
12-20-2008, 12:11 PM   #36
Forum Member




Join Date: Dec 2008
Location: West Sussex, UK
Posts: 62
QuoteOriginally posted by stewart_photo Quote
While I agree with Microsoft's use of of the word "vulnerability," I still must insist this wasn't a flaw or bug. For this vulnerability to be exploited, a total of seven highly unusual events (from the initial infection to IE crashing in an exploitable manner) had to occur first, while actually exploiting the vulnerability afterwards required a number of additional steps.

stewart
I'm going to assume from that comment you're not a programmer. I am however. This exploit is easily repeatable - if you care to examine the CVE entry for the vulnerability you can even have a look at proof-of-concept code that triggers it. There's a very good reason why all the organisations that track this sort of thing have given it their highest rating, especially since it was a 0-day (i.e. it was detected because it was being actively exploited).

QuoteQuote:
Since it was virtually impossible for Microsoft's programmers to foresee that string of highly unusual events, those programmers cannot be fairly accused of writing buggy programming code and/or Microsoft fairly accused of distributing a flawed product.
Distributing a flawed product, no. Buggy code, yes. In essence it's no different than me writing the following:

char *str = malloc(20);
strncpy( str, "a string", 20 );
free( str );
printf( "%s\n", str );

Without access to the IE source code it's impossible to say how obvious it would have been to spot that this could happen, but unless the area in question is a spaghetti mess then whoever introduced the bug should be feeling rather sheepish.

Don't get me wrong, bugs in code are a fact of life since people aren't perfect and this sort of thing will always continue to happen. It just doesn't make any sense to downplay it as less serious than it actually is, in the same way you wouldn't for the last similar vulnerability in Firefox (MSFA 2008-55, fixed in Firefox 3.0.4) or Opera (921, fixed in Opera 9.63).
12-21-2008, 08:40 PM   #37
Veteran Member
MoiVous's Avatar

Join Date: Sep 2008
Location: Adelaide, South Australia
Photos: Gallery
Posts: 675
QuoteOriginally posted by stewart_photo Quote
Oh, please. There are at least 80-90 web browsers listed on this Wikipedia page alone. Do you honestly claim none of them are half-baked? Any one of them could be installed by employees as I described.
Thankyou - but most of them are based on the same engines (Trident/IE, Gecko, KHTML etc) and often ported to different platforms (not always successfuly). The point I was trying to make was that just because its non-MS it is not necessarily bad. As Spyder points out (IMHO) poorly designed code is not limited to one company or one programmer.

QuoteOriginally posted by stewart_photo Quote
Who is this "we" you're talking about? I see only one person replying in your message.
I was referring to Cloud computing - please read the following Wiki article for a few references, and there are many more....I've just been reading about MS going down the same path with Azure in one of my PC magazines. Cloud computing will change the way we do things.....

QuoteOriginally posted by stewart_photo Quote
Okay, my turn to rant in response to yours. Perhaps you didn't notice the "I" in the words, "I have only one browser (Internet Explorer) installed." I don't presume to speak for "we," so didn't say anything whatsoever about what "we" should do. Nor did I suggest anyone else use Internet Explorer. Instead, I gave the reasons for why "I" use that particular browser. Why aren't you satisfied with that? What does it matter to you which browser I use and why must you (and others like you) endlessly trash my browser choice in an effort to convince me (and others) to use only the browsers you feel we should use.
My sincere apologies for that - I got carried away and should have read your reply more carefully. Your personal choice is no concern of mine.

I did however wish to point out that there are other choices which in my opinion do the job of rendering HTML better. In my work this is important, and IE frustrates me enormously.

QuoteOriginally posted by stewart_photo Quote
In your sentence above, you imply I'm suggesting "we" should all do one thing, when you're the one actually doing that. I'm not trashing Foxfire or Opera here (your browser choices), listing each of their faults and limitations, in an effort to promote my browser and convince you (and others) to switch. You did (repeatedly) when it comes to Internet Explorer and your browser choices. And I won't even get into how one-sided and incomplete your comments are - especially when it comes to discussing the limitations and deficiencies of those alternatives you so clearly favor.
My point here was to illustrate that the dominant software vendors are not necessarilly innovators. This may be one of the reasons that they often buy up other companies with better tools (MS, Adobe, Sun are all guilty of this). All software has features we don't like - as you correctly point out.

BTW, not using IE alone is not the same as using/doing only one thing. My criticism of IE is relevant to what I do. Ask any web developer (including SOEs) what they spend a lot of time on - working around IE bugs - that is not productive. If all browsers met the W3C standard it would be far better for all - users and developers. Please look at the ACID tests I mentioned to see what I mean about rendering accuracy.


QuoteOriginally posted by stewart_photo Quote
Anyway, I'm quite satisfied with Internet Explorer. I realize it isn't perfect, but neither are the alternatives (and that's a fact). I've also played the alternative browser game many times over the years and am now throughly bored with it. Internet Explorer serves my needs quite well, so that's what I use. Now, why aren't you satisfied enough with that to leave it alone without a rant (your word) in reply?
As I stated above, your personal choice was not the issue - and my apology on that stands.

I wished to point in the original reply out that the excessive control of IT departments limits what a worker can do. IT departments should be there to serve the needs of the worker to innovate - not stifle them with policy. In my own work our IT department head has again declared that IT will be locked down like a bank. That is a sad thing when you work in my (non-banking) industry.

I wish you well in whatever choice you make.
Reply

Bookmarks
  • Submit Thread to Facebook Facebook
  • Submit Thread to Twitter Twitter
  • Submit Thread to Digg Digg
Tags - Make this thread easier to find by adding keywords to it!
explorer, flaw, internet
Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet Explorer 8, another Microsoft dissappointment. Pentaxor Digital Processing, Software, and Printing 4 07-10-2010 11:39 PM
X70 ADCSee 3.0 and Internet Explorer ShiKu Chishiki Pentax Compact Cameras 2 06-07-2009 10:19 AM
See RAW in Windows Explorer? HermanLee Digital Processing, Software, and Printing 9 06-25-2008 01:21 PM
See PSD thumbnails in Windows Explorer Arpe Digital Processing, Software, and Printing 1 06-02-2008 07:42 AM
D*mn Security brett Photographic Technique 12 02-25-2007 08:24 AM



All times are GMT -7. The time now is 10:58 PM. | See also: NikonForums.com, CanonForums.com part of our network of photo forums!
  • Red (Default)
  • Green
  • Gray
  • Dark
  • Dark Yellow
  • Dark Blue
  • Old Red
  • Old Green
  • Old Gray
  • Dial-Up Style
Hello! It's great to see you back on the forum! Have you considered joining the community?
register
Creating a FREE ACCOUNT takes under a minute, removes ads, and lets you post! [Dismiss]
Top