Re: A more rational approach to Browsers - Microsoft please read this
From: news.microsoft.com (nobody_at_nowhere.abc)
Date: 09/10/04
- Next message: Lanwench [MVP - Exchange]: "Re: secure sights"
- Previous message: ddub84: "secure sights"
- In reply to: Karl Levinson [x y] mvp: "Re: A more rational approach to Browsers - Microsoft please read this"
- Next in thread: Karl Levinson [x y] mvp: "Re: A more rational approach to Browsers - Microsoft please read this"
- Reply: Karl Levinson [x y] mvp: "Re: A more rational approach to Browsers - Microsoft please read this"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 9 Sep 2004 16:24:24 -0700
I have been using IE's more secure settings for the past two months. Every
time I need to use a new site, I have to put the domain name in the list of
trusted sites. I have gotten accustomed to doing that.
News Flash! Many sites use multiple domains/ip addresses to conduct
business. Not all of these domains are readily visible. This is especially
true with Windows Media Player. I am forever getting an error message about
not having permissions. The domain name is never displayed with this
message.
Setting security in IE is a lot closer to ALL or NONE than it should be.
The mechanism does not allow the degree of control which the Internet
requires today. To use a familiar example, I need the power and flexibility
of NTFS, but what I have are the limitations of FAT.
Even if Microsoft builds more fine-grained permissions into IE and exposes a
simple, easy to use administrative interface, the problems will continue to
mount.
When you attempt to meet the needs of diverging communities, you are
covering a growing space with new functionality and new security
restrictions. BUSINESS NEEDS STABILITY WHILE INNOVATORS THRIVE ON
INSTABILITY.
Every new feature has the potential to interact with existing features. You
need some way of PARTITIONING FEATURES TO LIMIT INTERACTIONS UNTIL THOSE
INTERACTIONS ARE DETERMINED TO BE SAFE.
The security restrictions that are being put in place are also hampering
innovation. In spite of this, the security is far less than what is
actually needed. We are dealing with many half-measures that do as much harm
as good.
We need security. We need innovation. I don't believe we actually need
them in the same package.
-G
www.gerardvignes.com
"Karl Levinson [x y] mvp" <levinson_k@despammed.com> wrote in message
news:eKIwV6plEHA.536@TK2MSFTNGP11.phx.gbl...
> We do need a secure browser, but that can be done with one browser, and is
> better done with one browser. In fact, it can largely be done with the
> current version of IE. The main problem with IE is insecure default
> settings. Most of the recent IE security vulnerabilities such as drag and
> drop can / could have been solved by disabling the underlying
technologies.
> Go to www.microsoft.com/security, click on the Download.Ject link, and
click
> on the link on how to harden the hidden Local Computer zone. This will do
a
> lot. [Or, if you prefer, download an alternative or open source browser,
> although those have serious vulnerabilities as well, including a Mozilla
> vulnerability that hasn't been patched in five years. If a brand new open
> source browser that doesn't integrate with the OS has major
vulnerabilities,
> then IE that is three+ years old and was programmed during less secure
times
> actually looks pretty good by comparison.]
>
> One big problem is that Microsoft already has too many browsers to
support.
> One IE security patch is actually several patches that has to be tested on
> hundreds of language and service pack configurations. That's why IE is
> behind the times.
>
>
> "news.microsoft.com" <nobody@nowhere.abc> wrote in message
> news:OHA5ZwllEHA.3356@TK2MSFTNGP14.phx.gbl...
> > I disagree, Svyatoslav,
> >
> > The needs of high-security internet access are not cutting edge. We need
> > STABLE, RELIABLE BROWSERS that DO NOT OFFER ANY FEATURES BEYOND THE
> > SPECIFICATION. These armored browsers must be 100% predictable and
> provide
> > STANDARDIZED FUNCTIONALITY. Adding cool new features, and retaining
> existing
> > unnecessary features is destabilizing and creates the potential for more
> > security problems. Ship and patch will not work. Get it right first and
> then
> > ship.
> >
> > The needs of gamers and innovators are cutting edge. They need POWERFUL,
> > FLEXIBLE BROWSERS that EASILY INCORPORATE NEW FEATURES. These souped-up
> > browsers must allow enterprising developers and users the maximum
headroom
> > to grow their ideas on the Internet. This would be akin to an OPEN
SOURCE
> > ENVIRONMENT for new products and technologies to emerge with the least
> > possible resistance. This would be global laboratory.
> >
> > These are extremes of Internet Browsing. THESE REQUIREMENTS ARE MUTUALLY
> > EXCLUSIVE.
> >
> > Interestingly enough, the Armored Browsers can borrow and incorporate
> ideas
> > from the Souped-Up Browsers---AFTER THOSE IDEAS HAVE MATURED and been
> > CODIFIED IN STANDARDS.
> >
> > Microsoft has the resources and the opportunity to break away from the
> Gecko
> > Pack and forge a new direction in Internet Browsing.
> >
> > -G
> > www.gerardvignes.com
> >
> >
> > "S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
> > news:eQA8BNllEHA.2968@TK2MSFTNGP14.phx.gbl...
> > > I strongly disagree with proposed approach and urge Microsoft to keep
> one
> > > quality product.
> > >
> > > G, your approach isn't very practical. Remember, Microsoft is a
software
> > > development company, and they must eliminate security vulnerabilities
> and
> > > other software bugs. To allow compromises means not only maintaining
> three
> > > code bases (in your proposal), but also is encouraging developers not
to
> > pay
> > > attention to bugs. Too bad, especially when the practice will apply to
> > > Windows.
> > >
> > > Two more things. Firstly, there are at least two more versions of
> internet
> > > Explorer that are different from IE6: Pocket internet Explorer for
> Pocket
> > PC
> > > and the smartphone IE. Both don't have widely known vulnerabilities -
> make
> > > an armored race car. Secondly, your plan doesn't provide seamless
> > migration
> > > path from awesome dude to the suit. Too bad.
> > >
> > > --
> > > Svyatoslav Pidgorny, MVP, MCSE
> > > -= F1 is the key =-
> > >
> > > "news.microsoft.com" <nobody@nowhere.abc> wrote in message
> > > news:uar2CmklEHA.3612@TK2MSFTNGP12.phx.gbl...
> > > > I would like to propose a more rational approach to browsers.
> > > >
> > > > There are three basic classes of browsing, with three very different
> > > needs.
> > > >
> > > > 1. Secure (critical work and online purchases)
> > > > security and reliability are a premium---can you say LAW SUIT
> > > > this browser should follow ecommerce/secure standards to the
> letter
> > > > under pain of death
> > > > this is the "Armored Car" of browsers
> > > >
> > > > 2. Cutting-Edge (gamers and other innovators)
> > > > performance and new features are a premium---can you say AWESOME
> > DUDE
> > > > this browser should allow anything and everything
> > > > this is the "Race Car" of browsers
> > > >
> > > > 3. Newbies (learners and less demanding users)
> > > > ease of use and simplicity are a premium---can you say DUHHHHHHH
> > > > this browser should support commonly needed functions
> > > > this is the Minivan of browsers
> > > >
> > > > Now Microsoft already has a broswer that morphs back and forth
between
> > > > Internet Explorer and Windows Explorer seamlessly (sometimes when
you
> > > don't
> > > > even really want it to).
> > > >
> > > > Why can't Microsoft make THREE DIFFERENT INTERNET BROWSERS that
morph
> > > > between themselves depending on the specific application.
> > > >
> > > > I know that the ppl at Microsoft are smart enough to figure out how
to
> > > share
> > > > cookies, caches and sessions between all three versions of browsers.
I
> > > know
> > > > they can make this idea work. I know they can probably come with an
> even
> > > > better idea than this one.
> > > >
> > > > I can't figure out why Internet Explorer is three years behind the
> times
> > > and
> > > > unsafe at any speed.
> > > >
> > > > I can be reached at www.gerardvignes.com (certified genuis)
> > > >
> > > > -G
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Lanwench [MVP - Exchange]: "Re: secure sights"
- Previous message: ddub84: "secure sights"
- In reply to: Karl Levinson [x y] mvp: "Re: A more rational approach to Browsers - Microsoft please read this"
- Next in thread: Karl Levinson [x y] mvp: "Re: A more rational approach to Browsers - Microsoft please read this"
- Reply: Karl Levinson [x y] mvp: "Re: A more rational approach to Browsers - Microsoft please read this"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
