Experts recommend you don't use Internet Explorer anymore...

Not that I'm one to gloat, but following hard on the heels of a discussion with our good friend Lurgid Bee (Lachlan) and another about web browsers and which to use, was the news that US authorities had recommended against using Internet Explorer for security reasons.

Microsoft's own online journal, Slate, showed amazing courage when it ran an article itself recommending a switch to Firefox (4.7Mb download) partly for neat features like tabbed browsing (which allows you to look at multiple websites at the same time without getting lost in a blizzard of windows) but also because of the latest Internet Explorer security scare nick-named Download.Ject or download.scob, which has still not been fixed.

Compare this to reports of a security flaw in Firefox. The article went to print two days ago (July 8) and has already been updated with links to the fix, another news source ran the headline "Patched in 60 seconds".



Ah, but you will say "Who cares about security? How bad can it really be?". Well the thing that got the Slate author to shift was the fact that the virus installed a keylogger which is a piece of software that records everything you type before it can be encrypted by a secure website. Which is to say, if you take anything away from this article at all, never use internet banking with Internet Explorer unless you have good reason to think you aren't infected.

Given that the distributors of the current virus were Russian spammers, you might want to avoid reading your email with Internet Explorer as well (or we'll all hear about it when our emails get stolen from your address book). If that's not enough for you, think about spy/adware such as this popup-adware that spreads through Internet Explorer security flaws. My brother has a computer so hopelessly ridden with spyware that it's pretty much ground to a halt.

In comparison to the Firefox 60 second fix Microsoft has released a "configuration change" which it talks about like it's a fix.

It basically amounts to you setting your security setting to "high" which switches off Javascript a web page technology that basically makes a lot of sites go. In Microsoft's words this "may cause some Web sites to work improperly". But don't worry, you can add each of those websites by hand to your settings so that Javascript is enabled for them, say Microsoft.

Suggesting this is a fix is not quite honest since the virus was spread by a flaw in Microsoft's widely used webserver software, IIS. Thus you might be infected by a completely legitimate website that you use regularly because their webservers have been compromised and you lowered your security settings on their website.

They even have the temerity to suggest you go find a popup ad blocker and install it (for safety reasons) when every major web browser other than Internet Explorer has one built in.

Now, the people spreading the virus have had their website - and presumably their whole operation - shutdown, but that is not to suggest that someone else won't figure out how the virus worked and reuse it - in fact that is almost a certainty.

In their discussion of the virus Microsoft comforts users with the knowledge that those who have installed the incompletely tested beta version of service pack 2 for Windows XP are safe. If you haven't, or you don't have windows XP, well... switch to Firefox.

Related Link