General discussion

Locked

Is it worth switching browsers from IE to secure a network?

By jasonhiner Moderator ·
The Download.Ject flaw seems to have been the final straw for a few organizations in dealing with Internet Explorer and its many insecurities. New data shows that IE has actually lost some market share over the past month. Even CERT, the cybersecurity organization for the U.S. government, has basically recommended that organizations that want tight security switch from using IE.

Is it really worth the hassle of switching from IE? Has anyone out there already done this yet? What alternative browsers are suitable for a business environment? If you decide to keep IE, what steps can be taken to make it more secure?

Here are some link on this topic:
http://techrepublic.com.com/5100-6264-5259044.html
http://zdnet.com.com/2100-1105_2-5232993.html
http://news.com.com/2100-7355_3-5250697.html

This conversation is currently closed to new comments.

149 total posts (Page 2 of 15)   Prev   01 | 02 | 03 | 04 | 05   Next
Thread display: Collapse - | Expand +

All Comments

Collapse -

ultimately what major corps & fin institutions will support will reign

by UncleRob In reply to Why not?

I guess in the end it comes down to personal choice, firefox is nice and I've used it a little (my 1st experience with it was using it for the euro2004 soccer championship website) but downloading updates and plug-ins still leaves alot to be desired, it's a much easier process in ie (internet explorer). Also if firefox was the most widely used browser and ie was in firefox's position, we'd be having the same discussion, as we'd all be downloading patches for firefox or opera on a regular basis. Most of the planet currently uses ie5,5.5 or 6. Even though adoption of firefox & opera is growing, their total usage numbers compared to ie are relatively small. Hackers & virus writers attack the medium that gets used the most, which in this case is windows & ie. If this was a linux world, same problems would exist for them as well. Jumping ship to another platform doesn't solve the underlying problem which is that there are people out there looking to create security problems by writing viruses, spyware, malware and invent methods of hacking into pc's, servers, website, etc. The platform being attacked isn't the problem, even with winxp sp2 and ie's beefed up security, in a short while, there will be security patches needed again just because someone's found another way to get in and cause problems. I don't mind using firefox because of it's new look but I don't think you're going to get worldwide adoption of this new browser (or any other non-ie browser) and even if that happened, don't look for the security problems to go away - it's foolish to think that these security issues are that easy to solve - security will always be an issue. Instead of continually knocking MS for their products, try to acknowledge that it's difficult to keep pace with every new security threat out there and developing patches to secure a platform is difficult work when you have to support several generations of OS's that use this browsing platform. I'm not a huge fan of Microsoft but at least I'll admit that security isn't easy to tackle and at least they're trying. Just my 0.02 cents, you don't have to agree, opinions are free.

Collapse -

More than worth it

by TheChas In reply to Is it worth switching bro ...

For most of my browsing, I now use Mozilla Firefox.

The transition is nearly seamless.

The installation wizard can import your existing IE or Netscape favorites / bookmarks.

Firefox is a much smaller download than any other full function web browser. At 4.7MB, it is less than 1/5th the size of IE 6.

I keep IE for 2 reasons:

I have a web form spell check program that does not work in Firefox.

A few websites do not open properly with Firefox.

So yes, make the change.

My only fear is that after enough users change to alternate browsers, the mal-ware writers will start targeting more than IE.

Chas

Collapse -

How to disable IE

by Chadg In reply to More than worth it

I would consider switching, if I knew how to disable IE for the users in my company that don't need to access financial sites. I would switch the rest of them in a heartbeat, and disable IE. For the ones that do need financial institution functionality I would make Firefox the default browser, and leave IE for that purpose alone.

Is this possible in NT4, 2Kpro, and XP?

Collapse -

IERadicator

by TheChas In reply to How to disable IE

There are a few programs that will remove IE from most systems.

One is IEradicator

http://www.litepc.com/xplite.html

Sounds like the free IERadicator is only for Windows 9X, they have software that does allow full customization of W2K and XP.

Here is a thread at annoyances.org on disabling IE on XP systems.

http://www.annoyances.org/exec/forum/winxp/1027961141

Best Wishes,

Chas

Collapse -

Opera

by psyphir In reply to IERadicator

G'day, I've used Opera for years, and its integrated email component downloads from Yahoo for me automatically. My antivirus programme of course automatically screens them as they come as well. Sygate personal firewall is also standard on my XP machine. [The other one uses Opera on Mandrake Linux 10.0.] Then there is Ad-aware, and my ADSL modem/router with VPN. I think disabling IE on the XP machine may be all I need.

Does anyone know whether I can forget the Windows updates at that point?

Collapse -

disabling IE

by c93213 In reply to IERadicator

I find it much easier to write a dummy proxy address in IE as a way of disabling it.

That way when someone wants to browse with IE, it will simply not be allowed.

Collapse -

IE needed for Windows to run

by TidBits In reply to How to disable IE

Basically, removing IE from W2K and above will break Windows eg. Windows Update technology needs IE to function period. If web page needs ActiveX to render correctly - IE needed.

Answer :
1) Use alternate browser as default
2) Set IE such that ALL Security Zones except Trusted Site set to "High". Trusted Site set to "Medium" and then customize various ActiveX and other settings to "prompt" where appropriate. Enter each trusted site into the Sites table as authorized exceptions. Prompts are annoying I know, but what choice do you have for (slightly) better security? See note below.
3) Make sure antivirus, antispyware programs are running and updated.

Even with (2), some exploits still can bypass IE Security settings (giving users false sense of security). That's why the experts say dump IE! Got that? Be very careful when using IE - run at your own risk - browser hijack, drive-by download, cross domain zone cache mixed up etc...

I believe MS bet on the wrong technology when incorporating ActiveX into IE for general internet use. ActiveX should run in intranet environment, not internet - too much trust with too little customized restriction - that's the diff between Javascript and ActiveX.

MS better redesign ActiveX and IE right now.

Meanwhile, Good Luck.

Collapse -

IE & Windoze Explorer

by usaatca2001 In reply to IE needed for Windows to ...

Windoze Explorer requires IE to run properly or at all. I've had a problem, twice now, when installing the latest patches for IE. The left pane of WE will not display its contents, that is, the directory tree. I had to uninstall the patch or reset the security settings back to default to get WE working again.

I've been using Firefox/Firebird/Phoenix & Mozilla for more than 2 & a half years now. Before that I used Netscape. I only use IE for the sites written expressly for it.

It's sad that some web sites pander to Microsoft & won't support other browsers. It's also sad that the judge can't see or care what Microsoft is really like.

Collapse -

questionable management too!

by jobeard In reply to IE & Windoze Explorer

>It's sad that some web sites pander to Microsoft & won't support other browsers.

Worse yet is the management team that allows R&amp to corner the site with MS only architectures and products. POSIX and W3C compliance would have avoided this nightmare long ago, but as the say, "the horse is already out of the barn" :-{

Collapse -

IE Not needed for updates of Windows

by jf555 In reply to IE needed for Windows to ...

IE only needed for AUTOMATIC updates of Windows, however, if you are willing to go to the Microsoft website and download the batch files, unzip them and then click to install, any browser will work. During the old days of the war with Netscape, the Microsoft website was specifically tuned not to respond to any other brouswer but IE, this is no longer true.

Back to IT Employment Forum
149 total posts (Page 2 of 15)   Prev   01 | 02 | 03 | 04 | 05   Next

Related Discussions

Related Forums