Re: New IE flaw and exploit sites/migration to non-MS browser
- From: matthew patton <pattonme@xxxxxxxxx>
- Date: Sat, 1 Apr 2006 07:51:03 -0800 (PST)
--- "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]"
<sbradcpa@xxxxxxxxxxx> wrote:
Is it IE that's insecure?
yes and by design.
Or how the workstations are setup in the first place?
very much a yes.
IE is not a big security problem provided you:
1) disable all scripting
2) disable all installations
3) disable all unsigned Active X
4) disable all signed Active X except for those that have been
explicitly approved
5) never surf as 'admin'
But then you run into the problem of (l)users moaning about how sites
don't work anymore. personally I say "screw 'em". No webmaster has any
business putting a site together that depends on anything beyond W3.org
HTML and .gif/png/jpg. Javascript is nice but should be considered
irrelevant to correct operation.
If you want to have what used to be called a 'client' in the
client-server model, write it in Java.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- References:
- Re: New IE flaw and exploit sites/migration to non-MS browser
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Re: New IE flaw and exploit sites/migration to non-MS browser
- Prev by Date: Re: New IE flaw and exploit sites/migration to non-MS browser
- Next by Date: Re: New IE flaw and exploit sites/migration to non-MS browser
- Previous by thread: Re: New IE flaw and exploit sites/migration to non-MS browser
- Next by thread: Re: New IE flaw and exploit sites/migration to non-MS browser
- Index(es):
