Interesting piece on IE vs Moz security ;) (1 Viewer)


Senior Member
Dec 31, 2000
Isn't Now the Time to Try a Linux Desktop?
By Steven J. Vaughan-Nichols
July 9, 2004,1759,1622086,00.asp

Opinion: The crackers currently have the whip hand over Windows, and Microsoft's assertion that Internet Explorer is now part of the operating system shows its flawed reasoning.

Worried sick about the latest rash of Internet Explorer security problems? I have the perfect solution for you, one that's even better than switching to Mozilla, Firefox or Opera. Switch operating systems: Go to Linux.

No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS.

The Microsoft apologists next cry about how if these alternative operating systems or open-source programs were as popular as Microsoft programs were, their users would be in just as much trouble.

Really? Let's look at the latest security news about Internet Explorer and Mozilla Firefox. Microsoft's fix for one of the latest Internet Explorer holes was to deactivate the broken part, ADODB.Stream. Some fix.

The folks in Redmond still don't have solutions to IE's other problems, and they can't even give users a straight answer on when you can expect a fix.

Yes, it appears that XP SP2 will take care of this set of problems, but what about people using other versions of Windows? Will there be a similar broad-ranging patch for them? They sure won't be getting an updated version of Internet Explorer, since Microsoft has made it clear that there will no future standalone versions of IE because IE is now part of the operating system.

That, of course, is part of the problem and an example of the kind of fundamentally flawed thinking that ensures that Windows will never be a truly secure operating system. A browser, which has no other purpose in life than to be a window to the world outside the local computer, should never be part of the operating system.

Now, let's look at the latest Mozilla bug. This bug affects the Mozilla suite, the Firefox browser and the Thunderbird e-mail client. Just like the IE ones, it enabled crackers to run remote programs on Windows computers—no others—and it had been described in theory long before anyone demonstrated an exploit for it.

PointerSecurity Center Editor Larry Seltzer takes a different view of the bug in Mozilla on Windows. Click here to read more.

In early July, a way was shown on how to exploit the problem. By July 7, it was fixed. IE bugs? Still unfixed.

You know there might be something to this whole notion that open source speeds up security development.

What I find especially funny about this, though, is that the problem really wasn't with Mozilla in the first place. Mozilla simply revealed an XP hole—that Web pages could invoke the "shell:" program, which in turn would let a cracker run pretty much any program they wanted. Not good.

Yes, other browsers wouldn't let you get at this hole, but my point is that while Mozilla did provide a key—since destroyed—Microsoft put the keyhole there in the first place. Heck, Microsoft knew there were problems with "shell:" a year ago and it's still not patched. Now, Microsoft plans to close this hole in SP2.

Hmmm ... let me see now. It took open-source programmers less than a day to fix it, Microsoft programmers still haven't fixed the real problem, and it's been more than a year. I know which record I'm more impressed by!

Want to stop the Windows security and patch management madness for good? It's simple: Get a good Linux desktop.

Some of the ones I like include Xandros Desktop OS Business Edition as a standalone desktop for SMBs (small to midsized businesses). Xandros' biggest virtue to someone looking for a drop-in replacement for a Windows PC is that it comes ready and able to work with both Windows 2000 Active Directory server and Windows NT PDC authentication.

Novell's SuSE Professional 9.1 is an excellent pure Linux or NetWare/Linux business desktop, and Red Hat Desktop is ideal if you're buying into the whole Red Hat Enterprise Linux approach.

If you want a Linux for the home, Linspire's eponymous operating system, formerly Lindows, is hard to beat.

None too sure about OpenOffice, StarOffice or Java Desktop System? Can't get along without your Microsoft Office or some other Windows application? You don't have to!

We recently kicked the wheels on CodeWeaver's CrossOver Office Professional, and it runs a ton of Windows applications. It won't run all of them—Office 2003 is a no-show—but for earlier versions of Office, it does just fine.

O, you could use my old favorite, NeTraverse's Win4Lin, and run Windows 98 or ME as a virtual machine under Linux, and then there's almost no business Windows application that you can't run.

Listen, I know jumping from one operating system to another isn't easy. It's just that we're now seeing security problems with Windows that are worse than the ones we've ever seen before. It used to be that if you took the time and effort, which could be considerable, to keep up with Microsoft's patches and your anti-viral updates, you'd be safe.

That's no longer true. Today, the crackers hold the whip hand over Windows. Going onto the Web with Internet Explorer is like walking onto a minefield blindfolded. If you want to be safer, switch to another browser. If you want to be safer still, now is the time to think about switching to Linux. Senior Editor Steven J. Vaughan-Nichols has been using and writing about operating systems since the late '80s and thinks he may just have learned something about them along the way.


Senior Member
Jan 24, 2003
++ [ originally posted by BigIzz ] ++
If you get everyone to switch to Mozilla Martin, then the hackers will start to attack that! So shhhh! :D
Yeah, but if their turn-around time on a security hole is aproximately 1 day, all you have to do is keep it up to date, and you're set!


Senior Member
Jan 24, 2003
++ [ originally posted by Martin ] ++
I'm not exactly sure what that means but in either case I have one. Have a whole house to myself actually.
Get a room: American slang. Means get a hotel room, where you and that lady (or piece of software?!!) can finish what you're clearly starting. :)


Senior Member
Dec 31, 2000
Yes I'm familiar with that expression, however I wanted to make it felt that I consider its application here quite out of context and frankly, rather meaningless.


Senior Member
Jul 28, 2003
thanx for the encouraging article Martin.. I was considering switching to another OS than Winlows.. but, as the article says.. it is not that easy..
Jul 19, 2003
Mozilla can get pretty annoying at much crap doesn't load up properly using it.....especially flash applications. I'm hoping they keep fixing these glitches as they release newer versions.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)