by Stephen H. Wildstrom
Issue Date: July 12, 2004
Per the online agreement with BusinessWeek, I am not allowed to post the article mentioned above. I will give you a brief insight into Stephen H. Wildstrom's issues with Internet Explorer.
Here are a few points brought to light in the article:
The biggest security problem in IE -- one that has plagued Microsoft and its customers for at least four years and is at the heart of the recent exploit -- is a flaw that lets a Web site trick the browser into running an alien program in violation of its own security settings. In effect, an unknown program on a Web site is treated as though it were a trusted program on your computer. Compromised Web sites can covertly install programs ranging from nuisances that cause ad pop-ups to real threats that record your keystrokes to steal passwords and account information.
Because IE will remain an inescapable fact of life, I hope Microsoft succeeds in its current effort to come up with a secure version. Later this summer the company will release Windows XP Service Pack 2, a major overhaul of Windows that focuses almost entirely on improving security. One component of SP2, as it is known, is a reworked browser that may make a big difference -- but it will be many months before we know for sure.
Instead of making one more attempt to plug the hole, SP2 drastically restricts IE's ability to run any program without the explicit permission of the user. So even if the hole is still there, says Windows product manager Greg Sullivan, taking advantage of it "will be like breaking into jail." The hostile application would be blocked from doing any harm. This shouldn't cause problems during most browser use, but some custom corporate applications may fail. Other features of the new IE include changes that make it tougher for scammers to make phony bank Web sites look authentic. There will also a long-overdue pop-up blocker.
Those are the main points brought forth in the article.
What are your thoughts on IE?
