[Vision2020] Major flaw revealed in Internet Explorer; users urged to switch

Dave tiedye at turbonet.com
Wed Dec 17 09:34:19 PST 2008 

When I build windows machines now (which is a pain the a-- compared to
Linux machines), I use a slipstream install in which I completely remove
some of Windows' worst vulnerabilities, mainly IE and Outlook. 

I learned about slipstream installs because since service pack 2 Windows
will overwrite the manufactures' drivers (the ones that work) with MS
ones (which often don't work), and a slipstream install is the only way
that I know of to override this behavior.

Also:

If you want to be safer on the net then you should also install the
Firefox plug-in called NoScript, which prevents sites from running
JavaScript programs on your computer unless you allow it.

I also routinely install AdBlockPlus, which simply removes most banner ads.

Of course if you really want to be safe then install Linux.  The only
way Malware could theoretically get in (so far) is if they trick you
into installing it with something like the Facebook worm.  Because
NOTHING gets installed unless you approve it!

You also get the bonus of being able to install any type of application
that you can think of with just a couple of clicks.  All this for the
whopping price of one CDR, thanks to the Open Source community.

If I were to offer a Linux workshop (for free, of course), would there
be any interest in attending it?

Dave


Kenneth Marcy wrote:
> Major flaw revealed in Internet Explorer; users urged to switch
>
> Tue Dec 16, 2008 11:49AM EST
>
> Here's the link to the article:
> http://tech.yahoo.com/blogs/null/111811
>
> Here's the link to the discussion page:
> http://buzz.yahoo.com/article/1:y_tech:e10b28ebd5ae33777e8dac9f065278e7
>
> The major press outlets are abuzz this morning with news of a major new 
> security flaw that affects all versions of Internet Explorer from IE5 to the 
> latest beta of IE8. The attack has serious and far-reaching ramifications -- 
> and they're not just theoretical attacks. In fact, the flaw is already in 
> wide use as a tool to steal online game passwords, with some 10,000 websites 
> infected with the code needed to take advantage of the hole in IE.
>
> Virtually all security experts (as well as myself) are counseling users to 
> switch to any other web browser -- none of the others are affected, including 
> Firefox, Chrome, and Opera -- at least for the time being, though Microsoft 
> has stubbornly said it "cannot recommend people switch due to this one flaw." 
> Microsoft adds that it is working on a fix but has offered no ETA on when 
> that might happen. Meanwhile it offers some suggestions for a temporary 
> patch, including setting your Internet security zone settings to "high" and 
> offering some complicated workarounds. (Some reports state, however, that the 
> fixes do not actually work.)
>
> Expedient patching or switching are essential. Security pros fear that the 
> attack will soon spread beyond the theft of gaming passwords and into more 
> criminal arenas, as the malicious code can be placed on any website and can 
> be adapted to steal any password stored or entered using the browser. It's 
> now down to the issue of time: Will Microsoft repair the problem and 
> distribute a patch quickly enough to head off the tsunami of fraud that's 
> about to hit or will it come too late to do any good?
>
> Meanwhile, I'll reiterate my recommendation: Switch from Internet Explorer as 
> soon as you can. You can always switch back once the threat is eliminated.
>
> Links for other browsers to try: Firefox Chrome Safari Opera 
>
> Firefox: http://www.mozilla.com/en-US/firefox/
>
> Chrome: http://www.google.com/chrome
>
> Safari: http://www.apple.com/safari/
>
> Opera: http://www.opera.com/
>
>
> Ken
>
> =======================================================
>  List services made available by First Step Internet, 
>  serving the communities of the Palouse since 1994.   
>                http://www.fsr.net                       
>           mailto:Vision2020 at moscow.com
> =======================================================
>
>
>   


-- 
Windows, OSX, or Linux is the same choice as:
McDonalds, Burger King, or a (real) Co-Op.

More information about the Vision2020 mailing list