No matter which Internet service provider you use, such as America Online or MSN or EarthLink, or whether you connect at dial-up speeds or broadband speeds, chances are your browser–the software that lets you interact with the World Wide Web–is Internet Explorer.
And along with IE, chances are you use Outlook or Outlook Express to handle your e-mail on the Internet.
Why such popularity for IE and OE? Mainly because they’re what comes free with computers running Windows software.
IE started as a pretty poor program, not nearly as capable as the leading Netscape browser. But Microsoft kept improving IE, and giving it away with Windows, while also working to keep Netscape off new computers. Now most people use IE.
If you’re one of those people, it’s time to upgrade.
Week after week Internet Explorer, even the latest version, shows more and more flaws. These can let hackers attack your computer and steal your information.
For example, IE was recently shown to have a programming flaw that lets it lie to you about which Web site you’re visiting. Called a “spoofing” bug, your address bar and status bar might show “www.officialwebsite.com” while you’re actually at “www.crookedripoffsite.com.”
Identity thieves and “phishers” who try to trick you into giving up personal information–such as credit card numbers and passwords–will be busy in coming weeks taking advantage of this feature. (There’s a test you can use at http://www.secunia.com/internet(underscore) explorer(underscore)address(underscore)bar(underscore)spoofing (underscore)test/ to see if your version of IE is vulnerable to this threat.)
Microsoft does not yet have a “patch” (a small piece of fixing software you can get online) for this flaw. And that’s a shame because one of the best ways of knowing you’re being “phished” is to notice the long and squirrelly Web site address. Now, with a spoofed address, that clue is gone.
A couple of weeks back, IE was shown to be flawed in a way that would let attackers run their software on your computer.
That software could do pretty much anything, including prying into your information, sending your private information to anyone else, or changing or erasing numbers and words in your documents and records.
Pretty scary, and again no patch from Microsoft to fix it.
The only thing you could do was “disable active scripting.” (Use the Tools menu, choose Internet Options, click the Security tab, click the Custom button, then click the Disable choice for each of the ActiveX scripting choices.)
Unfortunately, disabling all scripting will make some Web sites unviewable: They won’t show up entirely or correctly in your browser.
And throughout the past year there have been reports of other flaws such as these.
Outlook Express has also been a frustration, with similar “scripting” and other flaws that let received e-mails infect my computer with viruses, spyware, and other dangers.
Sometimes Microsoft does come up with a “patch” to fix the problems in IE.
Sometimes the fixing patch had already been around for a while, but IE users had not known or bothered to get the patch.
And that doesn’t surprise me. When my PC crashed recently and I reinstalled Windows from scratch, I then went to the Windows update site to get the patches from the past year-and-a-half (since my PC’s Windows CD was pressed).
There were 41 of them. 41. Some were little, but some were huge and so required hours and hours of downloading through my dial-up Internet connection.
I tried to work through them all, but some patches didn’t seem to play well with other patches. (I think all the Microsoft folks must have superfast connections, so they forget that most of us still have dial-up.)
Finally I gave up.
After all, I don’t depend on IE and OE anyway. I like having them on hand so I can know what other people are using and suffering, but they’re not my main tools.
That’s because I know they’re created with a focus on “scripting” (so big companies can customize their operation) instead of on security (so individuals can compute in comfort, security, and privacy).
Not that all of the IE and OE vulnerabilities are Microsoft’s fault. Most are, because security wasn’t valued enough.
But some of the vulnerabilities come from IE and OE’s monopoly on new computers. When it’s very common and very easy to break in, naturally the crooks aim for it.
Which is a good reason you should not be there waiting for them.
If you read that one type of car is the easiest to break into and the most popular with thieves, you might prefer another kind of car.
If you discovered that every house made by a particular builder could be opened by a single type of key, and that thieves knew this and were busy burgling, you might choose to live somewhere else.
And in computers it’s a lot easier than switching to another car or house.
Because you can get a superior browser for free at Mozilla.org. And that browser comes with a superior e-mail program, with the latest anti-spam tools built in.
And Mozilla is immune to nearly all of the IE and OE problems, without any patching or worrying or keeping up on bug news.
Go to http://mozilla.org/download.html and click on the Mozilla 1.5 for Windows to download. That’s your best upgrade from Internet Explorer. Especially since Microsoft has announced that it won’t be offering any new versions of IE, just patches.
And you can start smirking when you read about the latest IE flaw or patch.
