Why firefox warns and IE doesnt't ?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Why firefox warns and IE doesnt't ?

  1. #1
    StOrM™
    Join Date
    Aug 2004
    Posts
    1,003

    Why firefox warns and IE doesnt't ?

    Greeting's


    I don't know how many of you have either had or currently do face this problem. Whenever you try to log-into some page's in Microsoft site's or even some time's hotmail using Firefox it gives you an unknown certificate error (security warning) but the same page loads without any problems in IE, no error's no warnings'. Most of us (or at least those who are paranoid) take all the actions possible to find out whats wrong in the PC or fear that they are 0wned anyway after all the online scan's, going through the log's checking for rootkits or even checking with previously taken MD5 or SHA1 of the all the files on the drive nothing comes up.....


    SO what wrong here ?

    I have been facing this problem a lot and here is the answer (its Microsoft again)


    Entire article is too big and has too many picture's to copy so i have given the links to the article's :


    But anyway the problem in short is that :

    So according to the above RFC, Internet Explorer is following a document that is on the Standards Track. Other browsers such as Mozilla have chosen not to implement this option due to some ambiguity in the RFC. You can see more discussion about this here in the Bugzilla entry created on this topic.

    Now since this page deals with security (specifically web browser) security, it is counterproductive to the mindset we are trying to train people to have to use an SSL certificate that they can't verify. If folks just think to them self "Hey this came from Microsoft's security folks, it should be ok" it sets up reinforcement of ignoring SSL certificate errors.
    While Internet Explorer is complying with an optional standard as defined by RFC2459, it seems to be the only major browser doing so. I am not saying that they are doing something wrong, just different. The de facto standard way to verify a certificate's authenticity seems to be to either provide the intermediate CA certs along with the server certificate or to require the end-user's web browser to have the required CA certs already installed.

    What I see as the potential problem with Microsoft's way of validating the certificate is that it only works for people using Internet Explorer. Anyone using a non-IE browser to go to such SSL-secured pages will get an alert that the certificate can not be verified.


    1. http://isc.sans.org/diary.php?storyid=1230&rss

    2. http://blogs.msdn.com/larryosterman/...04/148612.aspx

    3. https://bugzilla.mozilla.org/show_bug.cgi?id=245609

    4. https://bugzilla.mozilla.org/show_bug.cgi?id=245609
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    To be perfectly honest with you, I have never had any problems with IE, OK, I might have looked at the security options.............sort of...............but I have never had problems.

    Yes, I use Firefox and Opera...............just so that I can figure out if I am dealing with a browser problem? At the moment, I am quite happy with Firefox, because of the plug-ins that stop scripts and adverts...............but this does not make me reject IE.

    My main problem with IE lies in its embedded nature.............hell, I have supported that kind of software, and it is not a nice experience

    Obviously, I will be attacked by this site's know $%^%&^*&* alls..............I cut my first code in 1970..............I don't think they were even born then?



    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Junior Member
    Join Date
    Jan 2006
    Posts
    25
    nihil what do you mean by "embedded nature"? just that internet explorer is included with windows? that it is integrated well with other microsoft applications? when i think of embedded i think of an object within a dissimilar set but internet explorer does not meet this criteria.

    as you can guess by my user name i like internet explorer but i was born long after 1970!

  4. #4
    IE is a part of Windows. THis is it's greates advantage. It can be secured beyond any other browser.


    And nihil, I'm still working on the tutorial... having some odd technical difficulties...Be a few more days maybe a week.

  5. #5
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    What I was referring to is that IE is actually a part of the operating system, given how deeply it is entrenched, and the relationship with Windows Explorer.

    This is a rather old fashioned design approach, and I believe that MS are actually looking of going to a more modular and integrated approach. Given that both the OS and the browser are from the same source, I would expect them to be able to achieve that without losing the security features.

    Here is an article from another JupiterMedia site that discusses another aspect of the issue:

    http://www.microsoftmonitor.com/archives/002532.html

    The real problem with applications like IE and Media Player being embedded into the operating system is you can never be sure what they are actually doing, and they cannot be simply uninstalled like modular applications.

    This is not in MS's best interests as it makes enhancement and development more difficult.

    It also makes it more difficult to use the OS in other environments such as embedded systems (ATMs, EPOS etc)

    And it leaves them open to anti-trust legislation.

    Obviously, Microsoft have considerable experience with modular integrated systems, as this is how their Office suite has been developed for years. I strongly suspect that this is the way they will be trying to go.

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  6. #6
    Banned
    Join Date
    May 2003
    Posts
    1,004
    This is actually a misconception.

    IE is not a true part of the Windows.

    IE resides entirely within user space and uses only standard MSDN documented APIs.
    IE gives the impression of being embedded into Windows because it is seamlessly integrated with many other components like Explorer and the help systems.

    Media Player has been integrated in the same manner. both IE and MP can be removed but give the impression of being non-removable because there is no functional equivalent to replace them so alternative solutions fall short and cause errors.

    IE is just another application its integration does not make it more secure but easier to secure using Group Policy and its integration does not make it less accountable.

    cheers,

    catch

    edit: Still retired, just asked about this by MS Sec.

  7. #7
    Senior Member
    Join Date
    Feb 2002
    Posts
    856
    ////////////////////////////////quote////////////////////////////////
    This is actually a misconception.

    IE is not a true part of the Windows.

    IE resides entirely within user space and uses only standard MSDN documented APIs.
    IE gives the impression of being embedded into Windows because it is seamlessly integrated with many other components like Explorer and the help systems.

    Media Player has been integrated in the same manner. both IE and MP can be removed but give the impression of being non-removable because there is no functional equivalent to replace them so alternative solutions fall short....
    ///////////////////////////////////////////end of quote//////////////////////////
    Hi Catch,
    I wonder if you could clarify a bit the difference between "seemlessly integrated" and "embedded"? I'm not a computer/software person by training (except through self-study here and elsewhere). But it seems to me that the main point is removal of IE causes loss of functionality as you have said. Is the following a fair statement? I could say that the pistons in my engine were either "embedded" or "seamlessly integrated," but either way, if the pistons are removed the engine will not work as designed.

    Getting back to software, I can install Opera and then uninstall it from Windows without breaking any functionality.

    I'm not seeing the distinction you're making.
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  8. #8
    Banned
    Join Date
    May 2003
    Posts
    1,004
    I wonder if you could clarify a bit the difference between "seemlessly integrated" and "embedded"?
    My mouse is seamlessly integrated with my computer, but it is not embedded. It interfaces effectively through a standardized protocol and could be replaced with an other device that offered the same functionality over the same standard interface.

    But it seems to me that the main point is removal of IE causes loss of functionality as you have said.
    No, the reason that functionality is lost, to continue the mouse analogy is that IE is like the only two button mouse on the market. Anything you replace it with would a Mac style one button model. Clearly you will lose the capability to use the right click functionality without some sort of work around. The same is true for replacing IE with another browser, you lose functionality because those other browsers are simply less functional.

    I could say that the pistons in my engine were either "embedded" or "seamlessly integrated," but either way, if the pistons are removed the engine will not work as designed.
    The pistons are part of the core engine, more akin to kernel drivers (the block would be the kernel). The computer will still work without IE, it will just lose some functionality that is offered by IE.

    Getting back to software, I can install Opera and then uninstall it from Windows without breaking any functionality.
    If you don't have another browser, you lose the functionality of web browsing. If you replace it with a different browser, you lose any functionality unique to Opera. The issue is that Opera isn't that functional... it is just a web/email/torrent client, where IE offers the functionality of working with Explorer and help and Windows Update, etc.

    cheers,

    catch

  9. #9
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    The problem with IE is, to continue using the mouse analogy, you have to open up the case and pull the circuitry out of the motherboard that the mouse...and other seamlessly integrated devices...use to communicate with the various subsystems. That is what you have to do to equate the full removal of IE from the Windows OS.

    You can do it...and undo it...potentially, without damaging the system. But then again, you could win the lottery tonight and retire. That is not a realistic long-term-financial-plan, though, and neither is removing IE from it's position of "seamless integration". But if it quacks like a duck, walks like a duck, and has feathers, don't try to call it a pig.

    http://www.antionline.com/showthread...r=1#post897732
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  10. #10
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Computers are finite systems, it is not about what they are like, it is about what they are.

    Just because IE offers extensive functionality that is incorporated in what may be perceived as a sphegetti manner does not make it any more apart of the OS than any other application.

    The main reason people believe it is part of the OS is because no alternatives exist for some of the functionality it offers... I guess things no one saw much profit in a third party microsoft help system... I guess the firefox developers are too lazy to read MSDN to figure out how to enable it to respond to url requests from explorer... neither of these points change IE's relationship to Windows.

    This is a very arrogant approach too... just because you don't understand the full breadth of IE's functionality it must just be part of the OS. What an easy answer... rather than expanding tools like firefox to offer the same functionality, it is easier and cheaper to just blame MS for making it impossible to remove IE effectively.

    Opera does the same thing... they make up excuses like how ActiveX is insecure so that users don't mind giving up functionality... in the end the users are either duped or required to use two browsers... all because Opera is too lazy or stupid to realize that the failing is on their part. (or maybe they do realize and are just lying to their clients?)

    Your other thread has a laundry list of stuff that breaks when IE goes away... well yeah, that is what happens when you remove an application and don't replace it with anything. IE is so much more than just a web browser and many other components feed into it (in an entirely black-boxed manner mind you, which makes the competition's inablity to replace it all the more pathetic). Again, this doesn't make IE embedded.

    cheers,

    catch

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •