[Linux-aus] _This_ is a bit of a jawdropper...

Brent Wallis (IS) brent at wallis.id.au
Wed Jul 7 14:08:01 UTC 2004 

Hi All,

You know, if one was to try and describe the nature of an "event" that would seriosly affect our MS friends business, this current IE problem comes very close.

The realities are:

- A significant portion of their own and ISV software relies on the little "breaks/shortcuts" in protocols that are causing grief at the moment.

- The MS "patch" released on the weekend was just a change to browser security settings no ACTUAL patch to address the issue.

- Applying the "patch" or for that matter changing the security settings "breaks" a hell of a lot of "function" in the IE/IIS intergated software space.

- It "seems" that the required fixes will break all those little shortcuts they took with 3rd party apps. 

A classic catch 22. At the moment, the exploit is not malicious, but if it were
I could go so far as to say that based on experiences the last few days, that a significant portion of the business community whose sole IT vendor is MS could suffer some very dramatic and extremely difficult to solve problems.

Believe it or not, I truly wish the MS boys would hurry up and get their act together because an IT sector that suddenly and unexpectedly loses the ability to use MS software because of a catch 22 like this would affect us ALL in very bad ways....


Leon Brooks <leon at cyberknights.com.au> wrote ..
> 
>     http://slate.msn.com/id/2103152/
> 
>     Are the Browser Wars Back?
>     How Mozilla's Firefox trumps Internet Explorer.
>     By Paul Boutin
>     Posted Wednesday, June 30, 2004, at 11:03 AM PT 
> 
>     I usually don't worry about PC viruses, but last week's Scob
>     attack snapped me awake. The clever multi-stage assault, carried
>     out by alleged Russian spam crime lords, infiltrated corporate
>     Web servers and then used them to infect home computers. The
>     software that Scob (also known as Download.ject) attempted to
>     install on its victims' machines included a keystroke logger.
> 
>     [...] CNET reporter Robert Lemos zeroed in on why the attack was
>     so scary. "This time," he wrote, "the flaws affect every user of
>     Internet Explorer." That's about 95 percent of all Net users. No
>     matter how well they had protected themselves against viruses,
>     spyware, and everything else in the past, they were still
>     vulnerable to yet another flaw in Microsoft's browser.
> 
>     Scob didn't get me, but it was enough to make me ditch Explorer
>     in favor of the much less vulnerable Firefox browser. Firefox is
>     built and distributed free by the Mozilla Organization, a small
>     nonprofit corporation spun off last year from the fast-fading
>     remnants of Netscape, which was absorbed by AOL in 1999. Firefox
>     development and testing are mostly done by about a dozen Mozilla
>     employees, plus a few dozen others at companies like IBM, Sun,
>     and Red Hat. I've been using it for a week now, and I've all but
>     forgotten about Explorer.
> 
>     You've probably been told to dump Internet Explorer for a
>     Mozilla browser before, by the same propeller-head geek who
>     wants you to delete Windows from your hard drive and install
>     Linux. [...] the U.S. Computer Emergency Readiness Team, a
>     partnership between the tech industry and Homeland Security,
>     recently took the unusual step of advising people to consider
>     switching browsers. Whether or not you do, US-CERT advises
>     increasing your Internet Explorer security settings, per
>     Microsoft's instructions. (Alas, the higher setting disables
>     parts of Slate's interface.) Even if you stop using Explorer,
>     other programs on your computer may still automatically launch
>     it to connect to sites. 
> 
>     [...] Mozilla also makes a free e-mail program called
>     Thunderbird and a calendar tool called Sunbird, if you want to
>     avoid using Outlook and Outlook Express, two other virus
>     carriers. They're nowhere near as feature-packed as Outlook,
>     but the e-mail client includes a spam filter that works pretty
>     well after you train it on four or five thousand messages—in
>     my case, one week's mail.
> 
> Slate?
> 
> My goodness, what's the world coming to when Microsoft's own magazine 
> not only recommends switching away from their products to FOSS 
> alternates, but has done so themselves and describes how satisfied they
> are with it?
> 
> Cheers; Leon
> 
> -- 
> http://cyberknights.com.au/     Modern tools; traditional dedication
> http://plug.linux.org.au/       Vice President, Perth Linux User Group
> http://slpwa.asn.au/            Committee Member, Linux Professionals WA
> http://linux.org.au/            Past Committee Member, Linux Australia
> http://osia.net.au/             Member, Open Source Industry Association
> _______________________________________________
> linux-aus mailing list
> linux-aus at lists.linux.org.au
> http://lists.linux.org.au/listinfo/linux-aus

More information about the linux-aus mailing list