The last week has seen another drama unfold and has had some interesting fallout as a result. The drama is that of Google and and China. I don’t wish to get into any kind of political diatribe here, so I will refrain from offering opinion about Google’s so-called ‘threat’ to pull up stakes and leave China. Nor will I comment on China and its policies. There are lots of other site that are a better fit than this one.
No, instead, I’m going to talk about the alleged attack on Google, Adobe and other companies that have come to light as a result of the Google story.
Google and company were attacked via a hole in Microsoft’s now ancient browser, Internet Explorer 6. The hole allowed the attackers to use IE 6 as a conduit to steal sensitive information. The hole, still there, is expected to be closed by Microsoft in short order. The damage, however, is done and the collateral damage could be a serious blow for Microsoft and Internet Explorer.
Already maligned and under attack by Internet Explorer haters, which is pretty much every geek with a blog or other ‘voice.’ These people, for the most part, tend to be smug and arrogant and are also typical anti-Microsoft loud mouths. OK, I may be over generalizing here as well as offensive. So be it. I’m a bit tired of this song.
OK, now lets talk a few facts about the browser, in general. First, there isn’t one browser that is 100% safe or perfect. Even the beloved Google Chrome is not perfect, though it is one of the more safer browsers in use. Mozilla’s Firefox has almost as many holes as Internet Explorer and Safari, it is worse. That IE 6 was used as the conduit was just a smart move on the attackers part, but they probably could have just as well have used Safari or Firefox.
Internet Explorer 6 IS an antiquated pile of bits. Even Microsoft thinks so and have just as much admitted that. In fact, they have issued a warning that people should abandon it for IE 8. The German government has taken that sentiment further and have even urged its citizens to stop using ANY version of IE. While this flaw exists in all flavors of IE, urging people to stop using the newer versions is just ludicrous. I’m no longer a huge fan of IE, but, c’mon…the flaw is rendered rather useless in IE 7 and IE8. In fact, running under Vista or Windows 7 renders it harmless and on XP SP3, the same.
It gets even simpler: Enable Data Execution Prevention and running IE 7 or IE 8 and the flaw is neutered. Period. The alarmist view that the browser is just bad is just stupid. Taking care when browsing, no matter what browser you use, will go much further than running Firefox carefree. Going out on a limb, I’m going to predict that within a year, you’ll see something just as bad hit one of the other major browsers, probably Firefox since its share is bigger than the others.
Microsoft is right here: upgrade to a modern browser now. If possible, upgrade from XP too. XP is old and its usefulness is waning. The combination of IE 6 and XP is just bad. It is time to move on.
Related articles by Zemanta
- Microsoft Says Upgrade To IE8, Even Though It’s Vulnerable (it.Slashdot.org)
- Germany warns against using Internet Explorer (seattlepi.com)