Gebruik geen Internet Explorer…

Ik ben altijd op zoek naar meer kennis en op een gegeven moment kom ik dan op een website waar je met Internet Explorer (IE) helemaal niets kan zien. Hij vindt het zo’n onveilige browser dat ie niet accepteert dat je zijn pagina’s met IE bekijkt. Niet omdat hij bang is voor z’n veiligheid, maar om een punt te maken. Ik vond het een interessant verhaal en hieronder kan je zijn uitleg lezen;

You were probably looking for something else, but you are seeing this because you are using Internet Explorer.

I’ve been telling people for years not to use Internet Explorer because it is not secure. It works as a vector for distributing viruses, but more often it gets used to install spyware and other malicious software on your machine- to the point where remote hackers could have full control of your machine right now, and you would never know it (unless you happen to notice that your machine is running very very slowly, where it used to be really fast.)

In fact, it is impossible for anybody except Microsoft to make it secure- and even though they have the source code, the original programmers who wrote it in the first place, and a vested interest in the goodwill it would give them to make a secure version, they seem to have decided they don’t really want to do it. Maybe if it were truly secure they wouldn’t be able to keep their own record of your web page visits anymore?

Others have been saying the same thing as well- here are several articles which more or less say the same thing…

eWeek says “Internet Explorer is too dangerous to keep using”.
ZDNet AnchorDesk goes so far as to say “Bail on Internet Explorer–now”.
Another ZDNet article offers a reason WHY there’s so much malware (malicious software) floating around- because hackers are trying to take over as many machines as possible, and then SELL the use of these hacked machines to whoever wants to use them- especially spammers.
MSN’s “Slate” web site is even getting into the game… while they don’t go so far as to explicitly say “stop using IE” (they are owned by Microsoft, after all) they do give a pretty fair treatment of why somebody would want to stop using it.

One more new addition, now that Firefox 1.0 has been released…
Firefox Leaves No Reason to Endure Internet Explorer , listed on Yahoo news, and written by a die-hard Microsoft fan. I love how it starts- “Internet Explorer, you’re fired.”

And to top it off, even the US Government is now saying it! The US Department of Homeland Security is telling people not to use Internet Explorer . You might even say it’s your patriotic duty to use a different browser…

So I have decided to help make people aware of this situation by not allowing Internet Explorer to look at any pages on my web site, except for the page you’re reading right now. Any MSIE users who try to visit my site will end up reading this page (the one you’re reading right now) instead.

Other Browsers

So what are your options? What other programs are out there which will do the same things you’re currently using Internet Explorer for?

Mozilla Firefox is the browser I use myself, and which is my primary recommendation to everybody. It’s free, and by “free” I mean in both ways- “free beer”, meaning a zero pricetag, and “free speech” meaning you can get the source code and modify it yourself if you are so inclined.

It’s available for Windows, Mac OS X, Linux, and Solaris (both SPARC and x86) and it’s been called “the fastest browser on the planet”. It also supports several features for blocking ads and popups, and it supports tabbed browsing- once you use it the first time you’ll wonder how you ever got along without it. (I know I find it painful to have to use a browser without tabs…)

Mozilla is another good choice. It’s the open source version of what used to be known as Netscape. It has the same browser engine as Firefox, but it also includes a mail/news reader, a web page composer (think Frontpage without all of Microsoft’s goop) and an IRC (chat) program built in. It has the same ad-blocking, popup-blocking, and tab features as Firefox, and is even more configurable.

Both Firefox and Mozilla have “extensions” available which add even more features to the browser. My favourite is Adblock , which allows you to block ads and other undesirable content by specifying a portion of the URL. For example, if you (like me) don’t want to see anything which has ” /RealMedia/ ” as part of its URL because it’s probably an advertisement, Adblock lets you block just those items while viewing the rest of the page.

Opera is another good browser, but I don’t use it because it’s not really free. You can get a “free” version which comes with an advertising engine bundled into it (everybody loves adware, don’t we?) or you can pay $39.00 for the commercial version without their built-in advertisements. (See below for more information about Opera.)

There are many other browsers out there, feel free to drop me a line (my email address is below) if you’d like to see your favourite browser listed here (unless your favourite browser is Internet Explorer, in which case you probably need to READ some of the articles listed at the beginning of this page.)

Dit soort websites roept vragen op…
En die antwoord hij ook blij;

What’s so wrong with Internet Explorer anyway?
Many programs- viruses, spyware, adware, and other types of “malware”- use the security holes in IE to take control of your machine. These programs could be doing anything- they could be mailing copies of themselves to everybody in your address book, they could be installing a program to let hackers and spammers remotely control your machine, they could be keeping a log of the web pages you view and the people you send and receive email with, they could be searching your hard drive for your private files and sending them off to who knows where…

I have spent almost ten years now working in the ISP industry, and I have seen first hand the level of headaches which are caused by IE and its many bugs and security holes. I’ve even had users at ISPs where I was working go so far as to blame ME and the ISP for “allowing their machine to become infected” in the first place. I simply refuse to deal with it any more.

The point is that IE is one of the easiest ways for malicious code to get into your machine in the first place. If you stop using IE, your computer becomes that much less a target for these kinds of attacks. Internet Explorer is riddled with bugs and security holes. When Microsoft wrote it, they were more concerned with getting it installed on every single computer in the world than they were with security. Now the fact that their software is systematically insecure is coming back to haunt them.

Didn’t Windows XP Service Pack 2 fix all this?
Two answers for this one.
First, XP Service Pack 2 was a PARTIAL fix for SOME of the security holes. It hasn’t changed the fact that new vulnerabilities continue to be discovered several times a week. I have also not yet found anybody who actually likes the changes that SP2 makes to IE6… their pop-up blocker is a pain to have to deal with- the concept of “security zones” probably looked good on paper, and in terms of allowing corporate IT people to pre-set their users’ browsers to run ActiveX and other dangerous items when they’re being served from an internal server it’s not a BAD idea… but tying the pop-up blocker into it, and now allowing any way for users to customize the list of which servers are and are not allowed to use pop-up windows without adding them to a “trusted zone” is absolutely the wrong idea. Maybe there are servers out there for which I want to allow pop-up windows but not ActiveX controls…

Second, not everybody is able to use Service Pack 2. Some corporations won’t allow it to be installed because it breaks other programs they use, or just makes the machines unstable. Some people aren’t running Windows XP in the first place, and don’t want to pay the ransom and take the time to upgrade when what they already have works for their needs.

Here’s an idea… IE6 can be downloaded separately without having to install Windows XP, right? It must be, I downloaded it for a client’s Windows 2000 machine last month… How about making the IE6 security fixes, such as they are, available as a separate download from Windows XP Service Pack 2? Oh yeah, that might serve to illustrate that Internet Explorer and Windows are indeed separate programs, contrary to what Microsoft tried to tell the court in their anti-trust trial…

So this is some kind of anti-Microsoft thing? You’re probably one of those “Linux people”, aren’t you?!

It’s not really anti-Microsoft… just anti-Internet Explorer.
And while I am a Linux enthusiast , I don’t scream it from the rooftops and try to force everybody in the world to use Linux. It’s not for everybody- but I do think it’s high time people started to realize that there are alternatives out there, that Microsoft Windows and Internet Explorer are not the only game in town. I think people should at least look into the alternatives. Linux is a good alternative for “standard” PC hardware, and Apple’s OS X is an excellent alternative (if you can afford the Apple hardware to run it on.)

After all, it is YOUR machine, not Microsoft’s, right? (Obviously this wouldn’t apply to Microsoft employees who may be reading this page from a company-owned machine, but I’m sure you get the idea.) Shouldn’t YOU be the one who decides what YOUR machine will and will not do, rather than some “security chip” embedded on your motherboard which will be controlled by Microsoft ?

What do you have against Microsoft, anyway?

I think my biggest complaint would have to be their history of using anti-competitive practices to gain and keep a monopoly position in the computer software market, and to force their competition out of business. Microsoft’s history is full of companies whose technology they have copied or stolen, and then forced out of business.

They also have a history of forcing people to upgrade by making newer versions of their software not compatible with their older versions. Case in point- Microsoft Office. Each new version deliberately removes compatibility with another older version. This forces customers who may be happy with the features of their Office 95 to upgrade because “everybody else” is running Office XP and can’t read files from their clients.

They also have a history of their hiding information about how their software works, in order to prevent other companies or people from writing software to work with their file formats.

In a way I can’t fault them for this… they are, after all, a corporation, and the number one job of any corporation is to increase the value of their stock in order to make money for their stockholders. It’s just too bad that most corporations today, Microsoft included, are taking the position that increasing profits are more important than any shred of common human decency- although that problem is not limited to Microsoft by any means…

And lest we forget, Microsoft has a history of not writing their sofware with security in mind (which is why you’re reading this page right now, instead of whatever else you were looking for.) Think about it- how many security-related problems have been found and fixed, just in the last year, with Microsoft’s programs? How many more have been found, but not reported to Microsoft? Or reported, but not fixed yet?

In the interest of fairness, I should point out that I’m not totally “against” Microsoft. There are some things they do well- Microsoft Streets is one of the better consumer-level mapping programs out there (although it’s not the most accurate, in terms of streets missing and in terms of the GPS accuracy of what they do have) and “Pandora’s Box” is one of the best games I’ve ever played, hands down. I bought and paid for both programs years ago, and I have one laptop which runs Windows 2000 Professional (dual booting with Linux, of course) in order to use these programs.

And yes, I do have a valid license for the copy of Windows 2000 on the laptop.

So what if a virus gets into my machine? That’s my business, not yours!
Actually, when the virus in your machine starts sending garbage all over the Internet, using up all of the available bandwidth, and making it difficult for me to do what I want or need to do, it is my business .
And when your virus-infected machine sends me spam, it is my business .
And when a million virus-infected machines out there start slamming my server at the same time, preventing it from serving web pages as I intended it to do, it is my business .
And when I have to go in to work on my day off to clean up some virus outbreak which could have been prevented if IE didn’t have more holes than a block of swiss cheese, it is my business .

And when I have to go in to work at 3:30 on a Sunday morning because 10,000 virus-infected “spam zombie” machines around the world have flooded my mail server and filled the hard disk, causing it to crash, it is my business .

See the pattern here?

All it takes is one virus to make the entire Internet unusable. It has happened before (remember “Slammer”?) and it can happen again… but if enough people were using browsers other than IE, it would be that much harder to make it happen again.

You have no right to force me to read this page! I demand to see the original page I was looking for!

(This exact line was actually in an email that I got from somebody before setting up this redirector page, when I was redirecting MSIE users straight to a Yahoo News page about the Homeland Security thing.)

You are correct, I don’t have the right to force you to read this page. You are welcome to stop reading it at any time.
So stop reading it.
Right now.
Okay, stop.
.
.
.
.
Oh, you’re still reading? That’s what I thought.

As for demanding to see the original page you were looking for… obviously that page is on MY server, or you wouldn’t be reading this page right now.

And guess what? Regardless of what you, or Microsoft, or anybody else may think, I DO have the right to decide what MY SERVER will or will not do. I have decided that I don’t want my web pages (except for this one) viewed by Internet Explorer. If you can figure a way to view whatever it was you wanted, without my server being involved in the process, more power to you.

If you don’t like it, go find somebody else’s server to look at… or even better, use a different browser and you’ll be able to view any publicly-accessible page on my site.

Here’s another way to think about it… how many pages out there won’t work if you’re not using IE? How many lazy web developers write pages that force you to use IE, because they don’t work with any other browser? If it’s okay for them to try and force people to use IE, then it’s just as much okay for me to try and prevent people from using IE. It’s the same thing, only in reverse.