Are You Exploring the Internet or Are Attackers Exploring Your Computer? Why You Need to Ditch IE Now Part I
It’s the 4th Friday of the month and you know it’s time for your favorite A Gentle Introduction to Linux for Non-Geeks again! As promised, we’re going to tell you why Internet Explorer (IE), the browser inflicted on every Windows system by Bill Gate, is bad news. You’ve heard security advisers all over the world asking people to dump IE and use alternative browsers, such as Firefox or Opera, but you’re still clicking that IE icon out of habit. You’re probably wondering: why is IE dangerous? Are there fundamental differences between different browsers besides cosmetic ones?Well keep reading. Internet Explorer might sound better than Firefox or Opera – it does invoke that bravado,daredevil in us doesn’t it, but by using IE you’re not just exploring the Internet, you’re probably letting attackers explore your computer too.
As you type an URL, or an Web address, into the address bar of your browser and hit the Enter key to “go to” a website, you’re simultaneously receiving and sending a lot of information: information about your IP address (think of it as a unique ID, or as a telephone number), the browser you use, etc. is transmitted from your browser through the Cyberspace to a remote computer, whereas the content, as well as instructions on how to display it, is sent from the other side of the Cyberspace to your computer. These invisible instructions tell your browser, for example, to “show this YouTube video clip on the browser”, or “show the current date on top of the page”. We have these behind-the -scenes instructions to thank for the multimedia or interactive experience we get from surfing the Internet. While these “good” instructions enrich our online experience, “bad” instructions can also be written and sent to your browser to do really nasty things, such as “secretly transmit all the passwords saved on the browser to another computer” or “dig through the file directories on the hard disc and see if there’s anything interesting” or “install this program to spy on this person”. These bad instructions are even more secretive than the good ones that you have no ideas that they’ve been carried out.
IE is dangerous because it attracts more bad instructions than other browsers. Why? Because it’s easy to attack IE. Utilizing Microsoft-developed features that work exclusively on IE, such as ActiveX, attackers can write and send bad instructions that IE automatically executes without asking your permission. With the promiscuous ActiveX executing on your PC, personal information such as credit card numbers or passwords can be stolen. Your computer can be hijacked to attack other computers without your knowledge. In fact, attackers can do whatever they want just like they’re sitting right in front of your computer. If you haven’t done so yet, do download and install an anti-spyware program, such as Spybot-S&D!, and do a scan to see how much Adware or Spyware is secretly installed on your machine. You see, Internet Explorer is just like a rookie traveler venturing into a tropical jungle under-equipped, unprepared and unvaccinated, who’s bound to return home sick and ridden with contagious diseases.
Although Microsoft has finally learned its lesson and stopped the automatic execution of instructions, ActiveX is still highly flawed technology that attackers exploit every day. Even with a monthly security update, there are still many security problems, known or unknown to Microsoft, waiting to be fixed.
Does that mean other browsers are immune to attackers? No. Cyberspace is a wild jungle. As long as you’re connected to the Internet, there’s always a risk. So what makes, say Firefox, less susceptible to attacks? First, it doesn’t run ActiveX. Instructions written in Active Scripting cannot be executed on Firefox. Second it’s open source: since the source code is available for anyone to see, the whole world is constantly testing the browser and on the look out for potential flaws. When a flaw is found, anyone can try and fix it. With a proprietary program like IE, only Microsoft has access to the source code and only people working for Microsoft can fix it. Unfortunately Microsoft’s “No Hack Don’t Tell” policy often means security holes are conveniently swept under the carpet unfixed until their existence get exposed and become public knowledge. It’s anybody’s guess just how many security holes on IE are being actively exploited now!
Insecurity. That’s the number one reason why you should stop using Internet Explorer. If it’s not good enough of a reason to convert, we’ll give you another one next month!
Popularity: 40%