Linked by Thom Holwerda on Mon 18th Jan 2010 17:03 UTC
Internet Explorer France has echoed calls by the German government for web users to find an alternative to Microsoft's Internet Explorer to protect security. Certa, a government agency that oversees cyber threats, warned against using all versions of the web browser.
Thread beginning with comment 404666
To read all comments associated with this story, please click here.
Comment by Kroc
by Kroc on Mon 18th Jan 2010 18:25 UTC
Kroc
Member since:
2005-11-10

Video of Microsoft’s head of security and privacy weaselling out of the issue. http://news.bbc.co.uk/1/hi/technology/8466366.stm Pathetic, absolutely pathetic. This is just a PR blip to Microsoft, that’s all. They couldn’t give a damn about actual security.

Reply Score: 4

RE: Comment by Kroc
by Nelson on Mon 18th Jan 2010 19:43 in reply to "Comment by Kroc"
Nelson Member since:
2005-11-29

People running a 10 year old operating system with a 10 year old browser and then having this huge dilemma when they get burned by an exploit.

What other company is expected to maintain updates to programs and operating systems released a decade ago? Mozilla sure as hell hasn't done anything of the sort.

IE8 and IE7 both collectively have more market share than IE6, and are also coincidentally significantly harder to exploit.

This should embarrass Google if anyone, and people need to get with the program.

Reply Parent Score: 3

RE[2]: Comment by Kroc
by Delgarde on Mon 18th Jan 2010 19:50 in reply to "RE: Comment by Kroc"
Delgarde Member since:
2008-08-19

What other company is expected to maintain updates to programs and operating systems released a decade ago? Mozilla sure as hell hasn't done anything of the sort.


A company that reaps what it sows? A company that encouraged developers to target IE6 rather than standards - and then found themselves in the position where large numbers of people couldn't upgrade because their applications didn't work with anything but IE6?

Reply Parent Score: 6

RE[2]: Comment by Kroc
by boldingd on Tue 19th Jan 2010 19:43 in reply to "RE: Comment by Kroc"
boldingd Member since:
2009-02-19

Need I mention that Microsoft committed themselves to long-term support for the platform, or that businesses being able to target IE6 and then just sit on that code for ten years was part of the sales pitch?

Reply Parent Score: 3

RE: Comment by Kroc
by Bryan on Mon 18th Jan 2010 20:00 in reply to "Comment by Kroc"
Bryan Member since:
2005-07-11

That manager certainly isn't very convincing--it's painfully clear he's a PR flack and not someone who's at all informed on the issue. (Microsoft's UK managers seem to have demonstrated an above average ability for putting there foot in their mouths. There was that thing about comparing Win7 to the Mac a few months ago, and I vaguely recall something else earlier last year that I can't quite place.)

Still I think it's overreaching to say Microsoft doesn't give a damn about security. The vulnerability does exist in all major versions, but DEP and Protected Mode do neutralize any attacks at this point, and it's going to be far harder to contruct an effective exploit against browsers in which those are enabled. That's not spin, but simply the defense in depth strategy doing what it's supposed to do: provide additional layers of protection when one fails.

http://blogs.technet.com/srd/archive/2010/01/15/assessing-risk-of-i...

Clearly this is a serious issue, and IE6 users (as well as IE7 users on XP) need to take immediate action, whether that's upgrading, switching, or implementing the suggesting mitigations (enable DEP, and/or disable Javascript). But a blanket statement from governments that all IE users need to switch just seems like needless fearmongering, akin to when the US government told everyone to go out and buy plastic tarp and duct tape. The BSI, in particular, seems to be prone to kneejerk reactions:

http://mashable.com/2008/09/07/germany-google/

Reply Parent Score: 4

RE[2]: Comment by Kroc
by Nelson on Mon 18th Jan 2010 20:11 in reply to "RE: Comment by Kroc"
Nelson Member since:
2005-11-29

I think a lot can be attributed to overall technological ignorance on behalf of the Governments (not an excuse, just some context behind their irresponsibility).

It's a bug, software has bugs, but it's Microsoft and IE, so it is instantly a sensationalist headline and used as a crutch for those who generally scream their heads off about alternative browsers to finally have something which resembling an audible whisper.

Reply Parent Score: 3