Internet Explorer 9 Report?

It has been a roller coaster for FF. It started off and grew with great speed on the [false] promise you would be safe if you moved away from IE6. I say false because while true IE6 was woefully insecure, simply keeping Windows updated, running a real-time AV and firewall and avoid clicking on and opening unsolicited attachments and downloads and you and your computer were safe. 100s of million of users running default Windows with an AV proved that for years.

If your ONLY security was what the browser provided, then yes FF was far superior to IE6. But everyone needs an AV and FW, and to keep their systems current anyway - so it was false to suggest someone was unsafe or would be infected if they continued to use IE6.

But then FF's popularity grew, MS got serious and IE got secure. As predicted, badguys started focusing on FF. But I am surprised this is the first you have heard of it. FF has been trailing in this area for some time now - it was big news a couple years ago - Firefox Tops Vulnerability List - Nov 2009 and the FF fanatics/IE bashers had to shut-up when it comes to security. You can subscribe to the CERT

Yes, there was too much time between IE8 and IE9, but so what? IE9 is here now. This is about IE9 - not past history. Give IE9 a chance. That's not 10 minutes! It takes a long time to get used to ANY major application, such as a browser when you are used to another.

No. It's a trade off. They leapfrog past each other all the time. Just like AMD and Intel. One will always be first, and the rest will trail behind. And there is not just one standard. There are many and no browser is first in every one every time. You can't single out one, but not the others. No! Sorry but that's not the case anymore. Forget the past. There is absolutely no reason a programmer today needs to write to anything but the commonly accepted WC3 standards that are in place today, unless he wants to single out a specific browser. Period. Exclamation point! Writing or tweaking to older IE6 standards to support IE6 users just coddles those users who have refused to stay current. Supporting legacy products over security is what caused securing XP to be such a pain. Microsoft has learned that and made changes across the board starting with IE7, free Windows Defender then MSE, Windows Vista then 7 and now IE9.

But again, thanks to badguys, if we use networking technologies, ALL of us must be "security aware", and stay current - at lease as much as their hardware and budget will allow.

So put the blame, and responsibility where it belongs. If the user is using a browser that has not caught up, shame on the user! It is time to be a responsible networked computer user and get current. If running XP, you should be at IE8. If running Windows 7, your should be at IE9 - even you use an alternative browser by default. Failure to be at those versions is failure to keep your system updated.

While you may not have intended it, and you are certainly not alone, it is clear your impression of the company, "Microsoft" affects your perception of the product, "Internet Explorer 9".

To be clear, IN NO WAY am I suggesting Microsoft has always been the perfect angel. Some of their past, including recent past, business decisions and marketing tactics left bitter tastes in my mouth too. But the fact remains, they make good software. And IE9 is worth setting aside prejudices for, and giving it honest try.

If not willing or don't have the time to give it an honest try, it is not fair to bash it based on past experiences with IE or Microsoft. It is not perfect. No browser is. Any criticism can be met with something similar in any other browser. Any glowing review can be met with a countering review. That's what happens when they are so close, it does not matter. It is a matter of personal taste. So pick your favorite flavor of browsers, they are all good. Well, most of them anyway.

Actually, it's not the first that I've heard of FF's vulnerabilities, but didn't realize how widespread it was.

FF is the default browser in many versions of Linux, and there's an ongoing thread that's been running since 2006 (that's right, 5 years) in regards to remote code execution threats with FF. I didn't begin to use Linux until the summer of '09, about a year later, on the forum that I used for help with Linux. I saw this topic, and w/o even realizing how long the thread had ran, or the page of it that I was on, I jumped in to FF's rescue, not realizing just how bad a threat it was.

In fact, up until that point, I had never heard of remote code execution. I was only going by my personal experience, and the many Windows users that uses FF w/no issues. The mistake that I made was in posting that this was impossible, that the No Script option keeps the user safe, and that no Windows user that I knew of had this type of attack.

In essence, with my single post, I made an assumption, and discredited over 4 years of posts on a still running thread over FF's security. Man, did I piss some people off. And yet, continued to defend my stand, until finally, one of the moderators stepped in and gave me a serious warning, at first suspending me, then after giving me some links as to what was going on, and told me to read the thread from the beginning, I began to see my wrongs.

After an apology to everyone, I was allowed back, but with a 3 month major strike against me. Meaning that during that time, the smallest offense, I was gone. Needless to say, I don't come to the rescue of web browsers any longer.

I suppose for the most part, the modern ones are all good, it depends on the user's taste, what options each offers the user, a lot of different things.

They're all good for the most part, no matter how "secure" a browser claims to be, we all must still use safe computing practices, or any of us can be burned on any given day.

That goes for all web browsers.

Cat

yeah I know, makes me hate it even more! LOL