Forgot Password
Pentax Camera Forums Home
 

Reply
Show Printable Version Search this Thread
12-16-2008, 11:14 PM   #1
Damn Brit
Guest




Security flaw in Internet Explorer

For anyone who hasn't heard about this, experts are recommending switching to another browser.
Here's the link; Major flaw revealed in Internet Explorer; users urged to switch : Christopher Null : Yahoo! Tech

12-17-2008, 12:02 AM   #2
Veteran Member
dazman's Avatar

Join Date: Jan 2008
Location: Melbourne, Australia
Posts: 1,950
Thanks for that Gary. I use (& recommend) Firefox on my home computers, but still use IE at work...time to switch to Firefox.
12-17-2008, 12:23 AM   #3
Pentaxian
jct us101's Avatar

Join Date: Jun 2008
Location: Rohnert Park, CA
Posts: 3,700
The only flaw with Internet Explorer is that IT'S INTERNET EXPLORER.
12-17-2008, 03:18 AM   #4
Veteran Member
MoiVous's Avatar

Join Date: Sep 2008
Location: Adelaide, South Australia
Photos: Gallery
Posts: 675
QuoteOriginally posted by sflights Quote
The only flaw with Internet Explorer is that IT'S INTERNET EXPLORER.
Precisley - and according to the article, its been there since IE5. What's more, M$ bought the original from NCSA and can't have revised the core app (typical). Their competitors have (FF3 is all new, Opera is unique, and Safari/Chrome are a new architecture)

I dumped IE years ago, and when they tried to stop us using it at work, I found a few workarounds to use FF and Opera

12-17-2008, 03:43 AM   #5
Banned




Join Date: Oct 2007
Location: Savannah, U.S./Baguio City, P.H.
Posts: 5,979
Firefox. seriously, just use Firefox and not worry about it. why doesn't everyone use Firefox anyway? if I'm not browsing with Firefox its Songbird (Mozilla). its completely beyond my comprehension , why people still use IE. Microsoft makes good products, and I still use Win XP, but IE is now and always has been trash.
12-17-2008, 03:45 AM   #6
Inactive Account




Join Date: Mar 2007
Photos: Gallery
Posts: 3,675
QuoteOriginally posted by MoiVous Quote
Precisley - and according to the article, its been there since IE5. What's more, M$ bought the original from NCSA and can't have revised the core app (typical). Their competitors have (FF3 is all new, Opera is unique, and Safari/Chrome are a new architecture)

I dumped IE years ago, and when they tried to stop us using it at work, I found a few workarounds to use FF and Opera
I use Mozilla Firefox on my personal computers. I was using it at work until I got a nasty email telling me to delete it from my laptop immediately as it was a security risk to the Company's assets! Oh well, it's their machine and their system and they will be the losers. Most of our work is done through a VPN so maybe they will be alright - I'm not sure.
12-17-2008, 04:02 AM   #7
Veteran Member
ftpaddict's Avatar

Join Date: Jan 2008
Location: Yurp
Photos: Gallery
Posts: 4,669
He who still lives in the stone age uses IE.
12-17-2008, 04:36 AM   #8
Veteran Member
MoiVous's Avatar

Join Date: Sep 2008
Location: Adelaide, South Australia
Photos: Gallery
Posts: 675
QuoteOriginally posted by J.Scott Quote
I use Mozilla Firefox on my personal computers. I was using it at work until I got a nasty email telling me to delete it from my laptop immediately as it was a security risk to the Company's assets! Oh well, it's their machine and their system and they will be the losers. Most of our work is done through a VPN so maybe they will be alright - I'm not sure.
I had this discussion with the IT people at my work, and the only real reason they wouldn't use FF was because the wet behind the ears IT people at head office didn't know about the deployment features of FF to secure the browser for corporat policy (ie content filters, bypassing proxies etc). I pointed it out to them (with URLs etc), but they ignored me. It was too hard for their tiny little corporate minds.

I actually use FF, Opera, IE (from 5.5 to 8beta), Safari and Chrome to test our dept web pages. Given that 27% of our traffic is FF. As their policy is stopping me effectively doing my work my boss and I feel that bypassing their ignorant policy is justified (IE is NOT standards compliant - still!). How else do I test web pages? And I frequently find differences between the browsers (IE being the worst offender).

On the other hand, if you read the SysAdmin SMS forums - we are the bad guys. Reminds me of the days of white coated acolytes in air conditioned computer rooms with 20 pens in their pockets who treated system users with contempt....

BTW, FF was probably detected by Microsoft System Management Server on your laptop - a dump app (from Microsoft of course) that looks at your Uninstall entries in registry. If you hide them (and there are apps to do it) you can continue with FF.

The other thing they tried was to remove the Javascript DLL with Potentially Unwanted Programs apps (as in McAffee) - but there are work arounds for that too.

So if you really want FF or Opera back, you can get them.

12-17-2008, 05:09 AM   #9
Pentaxian
newmikey's Avatar

Join Date: May 2007
Posts: 1,771
QuoteOriginally posted by MoiVous Quote
BTW, FF was probably detected by Microsoft System Management Server on your laptop - a dump app (from Microsoft of course) that looks at your Uninstall entries in registry. If you hide them (and there are apps to do it) you can continue with FF.
In a corporate environment as friendly as that: run Portable Firefox from a stick! See PortableApps.com - Portable software for USB drives
12-17-2008, 05:42 AM   #10
Veteran Member
ve2vfd's Avatar

Join Date: Aug 2007
Location: Montreal, Canada
Photos: Gallery
Posts: 2,433
I've been using Opera forever... who needs IE?!

Pat
12-17-2008, 04:40 PM   #11
Pentaxian
Arpe's Avatar

Join Date: Sep 2006
Location: New Zealand
Photos: Gallery | Albums
Posts: 4,350
My IE has been patched already. MS are onto it.
12-17-2008, 05:00 PM   #12
Site Supporter
Site Supporter
ChrisPlatt's Avatar

Join Date: Nov 2007
Location: Rockaway Beach NYC
Posts: 5,604
Yeah, no sweat. Just downloaded the patch...

Chris
12-17-2008, 05:25 PM   #13
Veteran Member




Join Date: Mar 2008
Location: Auckland
Posts: 553
Before I begin a giant rant, let me explain that while I'm not a sys admin, I have worked IT support before (I'm a software developer now).

For what it's worth, I also use Opera, except for specific job related things.

QuoteOriginally posted by séamuis Quote
Firefox. seriously, just use Firefox and not worry about it. why doesn't everyone use Firefox anyway?
I don't really want to get into a giant debate about it, but Firefox isn't perfect on the security front, either. All software has security issues, unfortunately.

QuoteOriginally posted by J.Scott Quote
I use Mozilla Firefox on my personal computers. I was using it at work until I got a nasty email telling me to delete it from my laptop immediately as it was a security risk to the Company's assets! Oh well, it's their machine and their system and they will be the losers. Most of our work is done through a VPN so maybe they will be alright - I'm not sure.
I don't understand why people have this strange idea that the computer their employer provides for them is their personal playground. Your employer pays for it, your work pays for the costs of its upkeep, and if your employer decides to restrict you from doing doing something, I don't understand why people take such umbrage to it.

The fact of the matter is that unauthorised, software IS a risk to the company one way, or another. For one, there is the licensing concern - if you pirate software onto a company machine, your company is typically legally liable for this. For another, consider this not entirely unrealistic scenario:

Say that your employer has a web based system in which employees can look up and change their HR records (e.g. bank account numbers for pay, etc). Suppose due to a screwup by the developers of the system, something doesn't work right in Firefox, and as a result, your bank account number gets garbled, and the company pays someone else instead of you. You're not going to be happy, and neither are they.

Now, you might say, "but it's the fault of the developers of the HR system", and you're sort of right, BUT cross browser compatible web applications cost more money than IE only ones, simple as that. They cost more to develop, and they cost more to test. Would you be happy for the extra costs to come off your paycheque?

QuoteOriginally posted by MoiVous Quote
I had this discussion with the IT people at my work, and the only real reason they wouldn't use FF was because the wet behind the ears IT people at head office didn't know about the deployment features of FF to secure the browser for corporat policy (ie content filters, bypassing proxies etc). I pointed it out to them (with URLs etc), but they ignored me. It was too hard for their tiny little corporate minds.
Which is great, except that last time I looked, the Group Policy features of Firefox STILL DIDN'T ACTUALLY WORK PROPERLY, and the user was still capable of overriding them. It's not a case of their tiny corporate minds anything... IT JUST PLAIN DOESN'T WORK.

QuoteOriginally posted by MoiVous Quote
On the other hand, if you read the SysAdmin SMS forums - we are the bad guys. Reminds me of the days of white coated acolytes in air conditioned computer rooms with 20 pens in their pockets who treated system users with contempt....
That's because you ARE the bad guys. For whatever reason, someone has set a corporate policy, and IT is instructed to enforce it. When you try to go around the policy, you waste everyone's time, and you waste company money. If the IT staff don't enforce the policy as they are required to do, then they put their jobs at risk. When they have to spend time trying to catch you, it's wasting time they could be spending actually validating third party software. This in turn is wasting company money. In fact, you're wasting even more company money with the time you spend trying to get around the policy...

I see that you do, in fact have a good reason to have these programs... So why aren't you following proper channels to get them approved so you can do your job? All you're really doing right now is generating a possible case for dismissal based on misconduct should some senior manager ever get upset about you violating the policy.

Having been on both sides of the IT / Users fence, I understand a lot of the frustrations of both sides. It helps if you accept that they have a job to do, and work with them to get what you want.

Oh, and for what it's worth, I have every browser you just named, and more on my work pc (for the same reason you do) WITH APPROVAL - I sought permission through the proper channels before installing them.
12-17-2008, 06:07 PM   #14
Banned




Join Date: Oct 2007
Location: Savannah, U.S./Baguio City, P.H.
Posts: 5,979
QuoteQuote:
I don't really want to get into a giant debate about it, but Firefox isn't perfect on the security front, either. All software has security issues, unfortunately.
I never said FF was perfect, do not make assumptions. I am very aware that FF like all software has flaws regarding security. but nobody can deny that FF is a far better browser regarding security, compatibility, user expandability & customization, ease of use, reliability, etc, etc, etc. so my point still stands. and since I do not work in an office in front of a PC all day I guess the rest doesn't apply to me.
12-17-2008, 06:42 PM   #15
Veteran Member
MoiVous's Avatar

Join Date: Sep 2008
Location: Adelaide, South Australia
Photos: Gallery
Posts: 675
QuoteOriginally posted by cpopham Quote
That's because you ARE the bad guys. For whatever reason, someone has set a corporate policy, and IT is instructed to enforce it. When you try to go around the policy, you waste everyone's time, and you waste company money. If the IT staff don't enforce the policy as they are required to do, then they put their jobs at risk. When they have to spend time trying to catch you, it's wasting time they could be spending actually validating third party software. This in turn is wasting company money. In fact, you're wasting even more company money with the time you spend trying to get around the policy...

I see that you do, in fact have a good reason to have these programs... So why aren't you following proper channels to get them approved so you can do your job? All you're really doing right now is generating a possible case for dismissal based on misconduct should some senior manager ever get upset about you violating the policy.
I knew a SysAdmin type would chastise me..... I regularly check out a few SysAdmin forums on the latest control freak buzz - so I know their problem. I also note that many of them regard users as fools - not a good attitude either IMHO.

But to answer your criticisms - I have tried to talk to them - repeatedly! (you should see my file on it....). I have written letters with all the justification, countersigned by my dept head. I've even spoken on the phone to the head of IT, but been told it is not policy. We don't do things of this nature lightly, but the policy makers think that one size fits all. It does not.

So as you can see, we try to use channels to get things done, but they don't have any real understanding and will not listen. The real joke is that ALL of the IT account managers are bypassing the policy too using apps like IceWeasel and Chrome.

And as for wasting money - they waste money too by not consulting with users about impacts of their policy. My bypassing of their ignorant policy increases productivity for a small expense of finding the solution.

I can understand the SysAdmins predicament in general (they are caught in the middle) but they administer poorly developed policy.

If policy makers set foot in a real work environment dealing with clients they might set policy more appropriately! It can happen - I've seen worksites with clever user policies that fit a workers needs! Guess I've offended a few policy makers too.....
Reply

Bookmarks
  • Submit Thread to Facebook Facebook
  • Submit Thread to Twitter Twitter
  • Submit Thread to Digg Digg
Tags - Make this thread easier to find by adding keywords to it!
explorer, flaw, internet
Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet Explorer 8, another Microsoft dissappointment. Pentaxor Digital Processing, Software, and Printing 4 07-10-2010 11:39 PM
X70 ADCSee 3.0 and Internet Explorer ShiKu Chishiki Pentax Compact Cameras 2 06-07-2009 10:19 AM
See RAW in Windows Explorer? HermanLee Digital Processing, Software, and Printing 9 06-25-2008 01:21 PM
See PSD thumbnails in Windows Explorer Arpe Digital Processing, Software, and Printing 1 06-02-2008 07:42 AM
D*mn Security brett Photographic Technique 12 02-25-2007 08:24 AM



All times are GMT -7. The time now is 01:40 AM. | See also: NikonForums.com, CanonForums.com part of our network of photo forums!
  • Red (Default)
  • Green
  • Gray
  • Dark
  • Dark Yellow
  • Dark Blue
  • Old Red
  • Old Green
  • Old Gray
  • Dial-Up Style
Hello! It's great to see you back on the forum! Have you considered joining the community?
register
Creating a FREE ACCOUNT takes under a minute, removes ads, and lets you post! [Dismiss]
Top