This article (http://redmondmag.com/features/article.asp?editorialsid=439) was written by a former MS developer. He speaks the truth on many of the aspects of the security holes, most of them were apparent by the members here. Still a good vindication of dropping an IE and using something like FireFox.

You know what's weird. I still have IE on my PC and still bring it up when I think FireFox can't handle something (which turns out to be false and the problem is usually with the server), but I get this weird feeling, not unlike if I am opening up my PC for script kiddies. Hmmmm, perhaps I am, just by merely using IE?

Now we're beset by increasingly common—and dangerous—security vulnerabilities. We knew IE was integrated with Windows, but we didn't have any idea how integrated it was. Even Microsoft doesn't seem to have a firm grasp on IE's internals, judging from the weeks it took to deliver an actual fix for the recent Download.Ject Trojan.

Not to say an integrated browser is all bad. To a developer, an integrated browser is cool because it gives you a built-in HTML rendering engine. You can then write apps that use HTML, knowing that the OS can render that HTML for you. IE can begin to take over the regular Windows Explorer shell and, in fact, has become so tightly integrated with Windows Explorer that it's a bit difficult to see where the shell ends and the browser begins.

The downside is a real downer. With a regular Web browser, a security vulnerability might let someone crash the browser. With an integrated Web browser they can crash the whole operating system. The tight ties to Windows means that the slightest IE security issue becomes an OS-wide panic. It's not just IE, either: Windows Media Player, Outlook Express, and even DirectX, are all, in my opinion, overly integrated and give hackers too much access to core PC functions.

But corporate users don't spend a lot of time playing with DirectX-based games, listening to Windows Media Player, or checking e-mail with Outlook Express. They do spend a lot of time in IE, and the more they surf the more they're vulnerable to its eccentricities. That's why more than a few corporations, not to mention individual users, are looking at alternatives—any alternative—to the built-in browser.

well a couple of things here....I am not quite sure I totally agreee with that article by the "former M$ developer"....especially since anytime you see the word "former" there is a possibility of bad feelings existing and some of the information written being blown out of proportion. And a perfect example would be where he says that .."Even Microsoft doesn't seem to have a firm grasp on IE's internals.."" I say that is complete BS. M$ has been for yrs fighting the fight to avoid having the integrated browser be non-integrated. So to say that they dont have a grasp is not true. How 'bout maybe the plan is that to keep the integration with "all the flaws"...keep patching..start charging at some point & if the user community wants non-integration; then charge $$ there too...and hey why not even charge to plug holes...maybe some of those holes were intentionally supposed to be there...??????

you think they call it M$ for nothing...heheheheh

they know EXACTLY what they are doing...

I've already left IE in favor of FF. In fact, I probably use FF now 99% of the time. However, as the popularity continues to grow for browsers like FF, it will only be a matter of time before the hackers set their sites on it.

It will probably always be a never ending battle.

they know EXACTLY what they are doing...

Not to defend Microsoft, but the development of Windows and IE isn't done by the same person. You have teams of individuals working on their own segment of code. Look how much the software has bloated over the years. Can you honestly say that when you take the work from all those teams and put it together, you're going to have a system that works perfectly and securely?

Part of the problem with IE is there's too many fingers in the development pie, and not enough testing to make sure the product is worthy of distribution. Which has been one of my complaints about software development for a very long time.

Absolutely I agreee with you Biker....But I would also say that I am 100% sure that there is someone at M$ who has the job responsibility of making sure all those pieces parts play nice together when they sit in a group we call that OS.

Looks like M$ is having the same issues as alot of other business today...cutbacks being done to control costs are having negative effect on final product quality...

The problem is, it isn't the developers who are driving the release of the software. It's marketing. And that is very wrong when it comes to software of this type.

How appropriate. :cool:

I've already left IE in favor of FF. In fact, I probably use FF now 99% of the time. However, as the popularity continues to grow for browsers like FF, it will only be a matter of time before the hackers set their sites on it.

It will probably always be a never ending battle.

I'm riding it out still with ie and took firefox off of my comp after a week of trying it out. I figured it's easier to stay on top of issues known to ie, then walk into the unknown with a browser that might be more open then ie ever was. It's just a matter of time until hackers figure out how to mess with firefox completely and the more people use it, the more it makes me want to stick with ie. At least I know what to expect from it. It's an uphill battle, but I seem to be handling it well. No spyware on my comp in months *knock on wood*

I use IE as my main browser still. However I have botched it up so hard with plug-ins, pop-up stoppers, ad blockers, and turning everything in the sun off it hardly works anymore. That’s why I keep firefox on every machine. If I really need to see something I turn to it, and I never customize it. This method will last me at least another month or two before I just give up and use it full time.

I'm riding it out still with ie and took firefox off of my comp after a week of trying it out. I figured it's easier to stay on top of issues known to ie, then walk into the unknown with a browser that might be more open then ie ever was. It's just a matter of time until hackers figure out how to mess with firefox completely and the more people use it, the more it makes me want to stick with ie. At least I know what to expect from it. It's an uphill battle, but I seem to be handling it well. No spyware on my comp in months *knock on wood*
My thoughts exactly ... Firefox/Mozilla may not necessarily be more secure (a vulnerability in 1.0PR has already been found and patched, hasn't it?) but owing to its heretofore minority status, it may have just been ignored. This could change as its popularity grows.

I use Firefox because I like the features that IE doesn't have, I am not scared of IE and I still use it for certain things. I have my wits about me and know how to secure my PC, no matter which browser I use. I graduated from AOL-land many years ago.