CERT recommends anything but IE - Page 2
Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: CERT recommends anything but IE

  1. #11
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    Maverick811, I know your pain
    I'm currently in the process of trying to switch all of my family members over to Mozilla products. I installed Mozilla on my mother's home computer about 8 months ago. She was initially resistent to it (I also installed Firefox on my sister's computer and she was initially resistent too) and my mother couldn't understand why she needed to use another browser when IE worked fine. I harped on her for months to stop using IE and she finally started warming up to Mozilla. The funny thing is, all it took for her to start liking it was a co-worker saying how good Mozilla products were. Here I am, Mr Family Tech Support (I didn't exactly choose to become that ), trying for months to push Mozilla on her...and a co-worker who knows jacksh*t about computer security tells her, it's great! and then she likes it. go figure that one.

    Anyways, I've come to the conclusion that your average user simply doesn't like change. any kind of change. It doesn't matter if it's faster, safer, and prettier...they don't like it because it involves *thinking*. Here's the funny part. Mozilla even has a skin template that can make Mozilla look just like IE. Even the people at Mozilla realize how stubborn users can be when it comes to switching products.
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  2. #12
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Mozilla even has a skin template that can make Mozilla look just like IE. Even the people at Mozilla realize how stubborn users can be when it comes to switching products.
    http://kodu.neti.ee/~tar/mozilla.html

    A helpdesk's nightmare!

    helpdesk: What browser are you using?
    luser: Internet Explorer
    helpdesk: OK, tools, internet options...
    luser: wait... its not there...
    helpdesk: Its not there?! What do you mean its not there... it has to be there...
    luser: I'm telling you, internet options is not under tools...
    helpdesk: Are you sure you're using Internet Explorer?
    luser: yes! It has the "BIG E" thats Internet Explorer... right?
    helpdesk: um... let me get back to you
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #13
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I could just sit here as a network admin and tell you that it is your job to provide the network users with what they want. Within reason, it's their "train set" and they can play with it any way they like. It's your job to make it work and secure it amongst other things. But I won't because it probably won't go down well.....

    I'll guarantee you that if you take a reasonable sized network and change the browser on everyone the cost of training/productivity will exceed the cost of cleanup should it all go to hell in a handbasket.

    This is why we stay "on top" of the threats, work out how to mitigate them and log everything so we can find out what is happening on the network after the fact. Failure to do those three things, IMO, means you aren't "completing" your job.

    Don't get me wrong, I have, in the past, just shut down the mail servers, for example. I mitigated the threat in the only way I then knew. Nowadays, I might be a bit more subtle but I'm still prepared to shut off internal to external http if I feel I have to. The issue might be explaining it to the "powers that be" but a big part of being _the_ network admin is handling the people that will complain and being able to put the threat in their terms, (cost is always a great one for people on a budget..... and don't forget the hidden costs of company reputation etc... they often exceed straight dollar cost by a significant amount if the threat affects the customers).

    'nuff said.....

    [Edit]

    Phish: You posted while I was scribbling....

    I have to spread them around before I can pos you again..... Good post.... Worth the AP's I would give you. If the alzheimers doesn't kick in I'll try to get you elsewhere.....

    [/Edit]
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #14
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    Yeah, I've had a similiar experience Shag, except Mozilla's pop-up blocker was the initial "convincer" to my mother.
    Space For Rent.. =]

  5. #15
    Senior Member
    Join Date
    Mar 2002
    Posts
    314
    Okay...I'm going to play devils advocate here and stick up for microsoft....I'm not saying that Microsoft is right or that microsoft products are the only option....I'm just trying to point out that there are two sides to every situation.

    We've all been hearing about and seeing these vulnerabilities for IE as long as I can remember.
    It stands to reason that the most widely used browser/OS is going to be the one that has the most issues....why would a virus writer or hacker waste their time focusing on the underdogs...in my opinion, if a different browser becomes more widely used then IE....focus will switch and vulnerabilities will be discovered for IE's replacement.

    Turning on auto-update....I hate to say it, but for the new home user, that is totally in the dark when it comes to security needs to do this....vulnerabilities are going to be found, and the only way that a new user is going to know that a patch exists is for auto update to inform them.

    They've got to come up with a better solution... like... Gates should provide a high speed internet connection for all users of the m$ OS so they can get updates in a quick and timely manner.
    Give credit where credit is due....they have been trying to find alternative means for dial-up users (for all users actually I suppose)
    http://www.microsoft.com/security/protect/cd/order.asp

    I ordered this security cd...free of charge (not even shipping and handling)....it's a wonderful thing.

    Once again, not saying anybody is wrong in their opinions about microsoft...not even saying I disagree.....just saying lets be fair and consider as many factors as possible before being to hard on Bill Gates/Microsoft.
    Faqt


    If you want to make God laugh....make plans.

  6. #16
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Faqt: I understand what you're saying. You know to do those things.

    How is your average user to know that they should turn on this feature? If they aren't updating in the first place... How are they supposed to know that they can order a CD with all the updates?

    I'm with you. I say get the users the CDs and get them to turn on Auto update... but how?

    When they find out that the auto-update is seriously lagging their connection... how do we expect them to keep it turned on? If they're just turning it on... there is bound to be at least a dozen patches that its going to download. If they don't even have the SP1... then that number goes close to 50. SP1 takes about 10 hrs to download without interuption on dial up. SP2 is going to take even longer... its got about 100MB more than SP1 had. (I'm going by network installs.) If they have broadband, great!

    If giving them credit is saying "good for m$, I can order a CD that I don't know exists" or "I should turn on that auto-update that I don't know exists and that will seriously lag my internet connection..." then they get plenty of credit from me.

    No, I don't have a better solution.

    How would you get the umpteen million clueless users to turn on their auto-update or order a CD?

    Maybe they should just be like AOHell and spam the hell out of snail mail.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #17
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    TigerShark, I understand what you're saying and on any large scale, implementing new software is always a nightmare (hell, even on small networks it's a pain in the ass). I have only put Mozilla products on personal PC's. The network I work with is still using IE and probably will continue to use IE. It's just not feasible nor practical to switch browsers at my company because the security we have, coupled with our user's security understanding/education will suffice just fine. We haven't had any major dilemmas as of yet.

    helpdesk: Are you sure you're using Internet Explorer?
    luser: yes! It has the "BIG E" thats Internet Explorer... right?
    (the ending to my movie is a tad bit different)
    helpdesk: Is there a Help button towards the top of your browser's screen right near where the Tools button is ?
    luser: yes
    helpdesk: click on it
    luser: ok
    helpdesk: does it say 'About Internet Explorer' anywhere?
    luser: no, It says About Plug-ins and About Mozilla
    helpdesk: Then you're not using Internet Explorer, you're using Mozilla.
    phishphreek80, there are always creative ways to solve an issue at hand.
    Don't get me wrong though, I do understand what you're saying
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  8. #18
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    ShagDevil: I know... lol. I just didn't take it out that far.
    Plus the fact that it says Mozilla in the top left corner...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  9. #19
    Senior Member
    Join Date
    Mar 2002
    Posts
    314
    Maybe Microsoft could work out a deal with AOL and send out update cd's with the aol cd's once every couple of months?
    Those cd's end up in every mailbox, newspaper, grocery store and school everywhere.
    Faqt


    If you want to make God laugh....make plans.

  10. #20
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Originally posted here by Faqt
    Maybe Microsoft could work out a deal with AOL and send out update cd's with the aol cd's once every couple of months?
    Those cd's end up in every mailbox, newspaper, grocery store and school everywhere.
    That'd probably be one of the best solutions I can think of... however... MSN and AOHell are the two biggest ISP competitors that I can think of... you know m$ would try to include a copy of MSN with their updates... even by "accident"... that deal would be over.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides