Internet Explorer/Archive 1 |
= Market Dominance of IE =
On the other hand, the dominance of Internet Explorer in the web browser market has led some web developers to design their sites with IE in mind as the target browser. This means that browsing with Internet Explorer can often be freer of irritation due to other browsers inability to run IE-specific code.
I m not sure if this information is accurate. Most web developers write their sites with all the major web browsers in mind. Very few make it IE-specific. Perhaps delete or re-write this --
:Oh, I wish you were right - but I m afraid people do end up designing based entirely on IE. There are a number of major commercial websites that are in some way broken on other browsers, and the maintainers can simply claim it works for more than 90% of users . It should be noted that this was once the case for 22:00, 28 Mar 2004 (UTC)
::Can you give me an example of these commercial sites I use Mozilla Firefox and have not found any sites like that except for a couple free web hosting sites that I probably won t want to look at anyway. Like I said, an example would be nice. 23:23, Mar 28, 2004 (UTC)
:::Try looking in Mozilla s Bugzilla Database for bugs against the Tech Evangelism product, which are for pestering sites that don t render on Mozilla (in cases where it s the designer s fault, not Mozilla s). For instance, [http://bugzilla.mozilla.org/buglist.cgiquery_format=&short_desc_type=allwordssubstr&short_desc=&product=Tech+Evangelism&long_desc_type=anywordssubstr&long_desc=%22internet+explorer%22+IE&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&keywords_type=allwords&keywords=&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=&emailassigned_to2=1&emailreporter2=1&emailqa_contact2=1&emailtype2=exact&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=Bug+Number&field0-0-0=noop&type0-0-0=noop&value0-0-0= I searched for any of those with IE or Internet Explorer in comments] and the list is so long it has problems loading properly. OK, so not all of these will be because of IE-only testing, but a smarter query would surely turn up plenty of examples.
:::Oh, and I just thought of one from personal experience: the grocery shopping system on http://www.asda.com - IE shows a list of aisles where Mozilla (and Firefox) has nothing but empty space. - 23:58, 28 Mar 2004 (UTC)
:::: I think everyone s a bit right here and some things that were said don t even contradict each other necessarily. It is certainly true, that many web developers mainly tested their websites in IE and therefore didn t write valid standard code but code that relies on IE-specific behaviour. On the other hand the other browsers are of course trying to detect when they should fake IE-rendering. (In Mozilla/Firefox right click somewhere on the website and go to View Page Info - the Render Mode tells you in which mode the current page is being displayed). -- 21:02, 28 Nov 2004 (UTC)
= IE for Unix; Konq =
I know Microsoft ported IE (version 5 at least, maybe 4) to Solaris and HP-UX, but I don t know any of the details. The website used to be at http://www.microsoft.com/unix/ie/
Also, why is Konqueror listed as being a competing browser on Windows I m guessing this is a mistake or a Konqueror fan just wanted to add it. The [http://khtml-win32.sourceforge.net/ win32 port] never got off the ground, and running on [http://x.cygwin.com/ Cygwin/X] doesn t count.
The Konqueror page claims that there is a Windows port -- though it may be through one of the projects you mentioned.
The only IE for Unix released was for Solaris and HP/UX. I was able to confirm that IE v4 and v5 were released for both... not sure about other versions of IE (or other flavors of Unix). See:
[http://support.microsoft.com/default.aspxscid=kb;en-us;186858 MSDN article], [http://support.microsoft.com/default.aspxscid=kb;en-us;188583 MSDN article] and [http://www.alanwood.net/unicode/browsers_unix.html#ie5 Unicode web browsers for Unix and Linux computers]
00:50, 13 Jul 2004 (UTC)
The repeated mentions of tabbed browsing and popup blocking as features provided by competitors is misleading, especially considering there was no mention of these features being available in alternative browsing interfaces that wrap IE.
I have attempted to mitigate this somewhat with today s edits, clarifying that components of IE are, on Windows, incorporated into various applications, some of which supplement IE s features (e.g. SlimBrowser) and some of which only provide a limited subset thereof (e.g. Winamp s minibrowser panel). There s also Windows Explorer, the application that makes use of IE components to supply the default interface for browsing the filesystem as well as rendering the desktop, features which seem to annoy anti-MS folks but which are viewed favorably by many users.
Even edits such as these may not be enough for adequate NPOV; it might be better to avoid implicitly or explicitly qualifying all components as belonging, first and foremost, to MSIE. Rather, many of them are just a subset of all of the components that go into an application. Some of these are shared, some aren t. I m guessing these issues are discussed at length in some litigation somewhere. - 08:05, 18 Jul 2004 (UTC)
=More concerns about possible anti-IE POV=
For obvious reasons this page may be more invulnerable to POV due to systematic bias amongst WP editors than nearly all others. Here are are some current potential issues:
: others argue that the browser needs to be removed completely before the system is secure. Instructions about how to remove Internet Explorer [from] Windows XP (http://www.tweakxp.com/tweak1241.aspx).
As that link points out, it is not possible to remove IE from WinXP with any degree of safety. There are literally hundreds of Windows programs that rely on IE (the whole shebang not just components). Deleting the files that that link suggets from your hard drive is a bit like playing russian roulette. Firstly we need to decide whether to link to that site at all (the tweak is given the lowest possible score there 1/5, because it basically doesn t work). If we do want to continue link, we will to redo the wording.
:The whole Competing web browsers section
There is no equivalent section on the Mozilla/Firefox/etc/etc pages. The comparison between browsers should be at 14:23, 2 Aug 2004 (UTC)
14:23, 2 Aug 2004 (UTC)
:I am responsible for some of the wordings of the removing internet explorer section. Believe me, it was a lot more POV before I re-did it. The original (anon-contributed) section read: :: Using another browser does does not remove the Internet Explorer files from your computer, nor does it keep other programs from using them. There are a number of other components of the Windows operating system that still default to IE. Also, some other application programs default to IE. This still leaves your system exposed to all of the IE and ActiveX security holes. These additional files need to be removed for better security. Instructions for earlier versions of Windows 95, 98 and ME are available at [http://wp.netscape.com/browsers/using/ieusers/start/removing.html this site]. Microsoft has intentionally made it difficult to remove the IE components from XP. Instructions for the XP version are at [http://www.tweakxp.com/tweak1241.aspx this site], :I tried to remove the obvious POV from it, without eliminating the crux of it. I kept thinking to myself why is Wikipedia giving instructions on how to remove Internet Explorer - 04:38, 3 Aug 2004 (UTC)
:Removing IE has become an issue in Wikipedea for the same resaon it has become an issue elsewhere on the Internet, because MS has made it an issue. There is no section in other Browser wiki entries because they are removed from a aystem in the same manner any other program is removed. That is not true with IE. MS has intentionally made it difficult. The continuing security issues with IE are real. And they continue unabated. They are costing many people untold grief, and costing business many millions of dollars in restoration and down time. It is most certain up to the users to decide to remove the source of these problems. And it is their right to be able to do so in order to protect their systems and data. In what manner is this information a biased to any POV other than MS s
::Wikipedia is not a software uninstallation guide. Anyway, the overhype of security problems in IE will soon be mostly quelled with the forthcoming release of XP SP2. People will thenceforth start complaining about how IE doesn t let them do anything that could be insecure. - 02:44, 6 Aug 2004 (UTC)
::: the overhype of security problems in IE will soon be mostly quelled with the forthcoming release of XP SP2. --- hehehe ... right ... now where have I heard that before. My understanding is that Wikipedia is a source of information on any subject of interest. The NPOV policy is designed to limited bias and proselytizing, not to eliminate information considered contrary to someone particluar agenda. Perhaps YOU think IE security problems are overblown and and will be all cured shortly. You are certainly more than welcome to state that you believe that. You are certainly more than welcome to act, or not act, on that belief in your own personal affairs. But you are NOT welcome to eliminate information from the field that in contrary to your beliefs.
::::What are you talking about The only information I removed from the section in question was: ::::* The almost imperative tense used to describe the removal of Internet Explorer ( These additional files need to be removed for better security ); and ::::* Thinly veiled (and possibly libellious) criticism of Microsoft ( Microsoft has intentionally made it difficult to remove the IE components from XP ) ::::If I was intent on pushing my point of view, I would have removed the section entirely. Oh, it s already been removed by someone else. Well all I did was to bring the statement in line with NPOV policy and its text up to a decent literary quality, so stop berating me. - 12:38, 6 Aug 2004 (UTC)
:::::Oh come on. Next we ll be saying The earth is allegedly round. However, some say it is flat. For crap s sake, the earth is round! Microsoft has made is hard to remove IE! Cut this fake NPOV stuff. 12:51, 6 Aug 2004 (UTC)
::::::I respectfully disagree. The [NPOV] policy says that we should fairly represent all sides of a dispute, and not make an article state, imply, or insinuate that any one side is correct. To achieve a true (rather than fake ) NPOV we must not insinuate that the anti- (or pro-) IE argument is the correct one. - 13:07, 6 Aug 2004 (UTC)
:::::::I know policy. You didn t address my 13:16, 6 Aug 2004 (UTC)
::::::::Is there something you are trying to say Or something I am meant to say to you I am not going to get into a discussion of the merits of the NPOV policy. If you feel that the section in question was better in its original state, feel free to change it back. I ve been sick of the constant edit bias in Microsoft-related articles for over two years, but I got over it. Do you think my change to the statement was POV If so, can you suggest some changes, so I can be more NPOV in future - 13:34, 6 Aug 2004 (UTC)
:::::::::If you didn t get the reductio ad absurdum , what I was basically trying to say was that we are not being biased if we are saying what is obviously the truth. 14:06, 6 Aug 2004 (UTC)
::::::::::Ah, that s what you were getting at. After a long week, I have latin phrases coming out my ears and I didn t really want to try to figure out another. 
Anyway, I most certainly don t mind saying It is difficult to remove Internet Explorer from Windows XP , because that is obviously true enough. It s only when we insinuate that Microsoft did this to stop people changing to other browsers or what not that I feel we enter the realms of POVness. - 14:23, 6 Aug 2004 (UTC)
:::::::::::I contend it is obvious that Microsoft did it for that reason. They have even been prosecuted for this. However, looking at the article, I can see that the anti-trust issue is already sufficiently covered. 14:34, 6 Aug 2004 (UTC)
::::::::::::I don t want to argue any more. Anyway, I think we are running out of indents. If we went long enough, we could make a nice zigzag pattern. Shall we shake metaphorical hands on the matter I don t really know what I have been arguing anyway. - 14:41, 6 Aug 2004 (UTC)
:::::::::::::OK. Anyway, check out 15:01, 6 Aug 2004 (UTC)
:::::::::::::Very nice. :) - 15:07, 6 Aug 2004 (UTC)
:::::::::::::Mark, forgive me for acusing you of removing the removing IE materail. It was Pcb21. Sorry.
::::::::::::::Hi, anon. Yes it was me who removed the section, after bringing up the subject here, and having gained one response which was basically in agreement with me and no other responses. The above discussion has, to be honest, only reinforced my view that one area that might be susceptible to systemic bias is proprietary software. No-one, for example, has, for example responded to my point that even linked to site says that removal of IE from WinXP is basically impossible (it is the same lopping off a core part of the OS and expecting it to carry on working). The site voters give the dual OS method 1.0 out of 5.0 the lowest possible mark. Instead of attempt to improve the article, we get some tangential debate about the nature of NPOV. 22:33, 6 Aug 2004 (UTC)
==...and Mozilla evangelism==
Pcb21 - Resetting the tab for space. In total agreement about fixing the information. We can try to find better info, and certainly include a warning about just how difficult MS has made it to remove IE. - anon
: www.chrisbeach.co.uk - Microsoft are creating an integrated system that is written in native code and well-cached. To separate the browser into a separately installable piece would be to take a step backwards. I don t see anyone complaining about the fact that Apple manufacture their own machines, with their own OS, their own browser and their own machine-specific peripherals. At least MS bothered to make a version of IE for unix, mac, x-windows, smartphones etc. The arguments against IE/Windows integration originate largely from bitter competitors and are evidently self-serving and biased. The POV trash in this article should be removed, but I know as soon as it is, there will be an uproar from the Mozilla Evangelists et al. It makes me sick to see the media twisted like this. It s practically the same as when the Bolsheviks used revolutionary media to incite a bloody uprising against capitalism in Russia. And didn t the new communists do a service to the country..
::Thanks for your opinion, but could you please not try to pick fights I also believe the evils of Microsoft are blown out of proportion by evangelists, but starting fights doesn t serve much of a purpose. 00:27, Sep 15, 2004 (UTC)
::I hate IE myself and all the nonsense that its regular users (including, at once point, my family) have to deal with. I ll likely never use it again. However, I still think that the anti-IE POV in this article is way too much. We need to neutralize it, and I m open to everyone s ideas about how best to do this, including the anons here. No other browser article condemns its subject so much, or provides links to uninstallation instructions. The Wikipedia must be an unbiased reporter. -- 01:18, Sep 15, 2004 (UTC)
What is the factual basis for Internet Explorer is by far the most widely-used web browser, making up approximately 95% of all browser usage, mainly because it has been shipped as the default browser in all versions of Microsoft Windows since Windows 95.
I could not find any objective, conclusive evidence of this. Maybe we could get some data from the access logs of the wikipedia or another general topic website Or else this could beter be rewritten as Internet Explorer is one of the most widely-used web browsers, mainly because it has been shipped as the default browser in all versions of Microsoft Windows since Windows 95. Although I doubt that this is the only reason for its popularity.
Also, usage under MacOSX has dropped very quickly since the introduction of Safari, so maybe the references to the Mac IE are not really current anymore imho. -- 16:23, 6 Aug 2004 (UTC)
:You can pick more or less any survey you like from the dozens online, and they all say the IE average is upwards of 95%. I don t think a re-write is necessary. As a matter of interest the logs for *.wikipedia.org show IE usage as low as 85 or even 80%. This is because Wikipedia is a open source oriented site. (Compare slashdot where IE usage appears lingers as low as 50%). 22:33, 6 Aug 2004 (UTC)
::I ve read that it s 90% IE6, 5% IE5, 5% others (mostly Netscape, then Mozilla, then the rest). 22:43, 6 Aug 2004 (UTC)
= Mac OS X Image Caption =
Is it really neccessary to add the word discontinued to the image caption for the Mac OS X screenshot All it does is make the caption longer, and anyone who wants to know that it s discontinued could read the article. 12:20, 1 Sep 2004 (UTC)
=Moved from VP=
Anyone know why I can only save jpgs I come across on the internet onto my computer in bmp format, and not jpg format, the format which they are in I can t copy and paste them either. It s bloody annoying. I tried looking in tools/internet options but I can t see it. Alternatively, know anywhere where I can get help (please respond on 19:10, 2 Sep 2004 (UTC)
:Here s a Microsoft Knowledge Base Article on the problem (and it s apparent solution/workaround): [http://support.microsoft.com/default.aspxscid=kb;EN-US;q260650 Internet Explorer Does Not Save Graphics Files in the Proper Format]. Some people have said it doesn t work, though. - 21:36, 2 Sep 2004 (UTC)
::I absolutely hated this feature. I would end up converting the gigantic 17:20, Sep 3, 2004 (UTC)
=Incomplete standards=
A recent addition by an anonymous user: * Incomplete Standards-compliance according to the W3C (see [http://www.w3.org/ W3.org]). Note that the standards themselves (eg CSS3) are also incomplete. As I said in the edit summary, the statement seems to summarily dismiss or brush off IE s lack of standards compliance. As a web developer, it s not CSS3 that I care about, but CSS2 and CSS1, which are complete, and which people like me have been clamoring for IE 5 and 6 to support for the longest time now. To conflate those issues is misleading.That said, perhaps we can use this to strengthen the article. Can we get some input as to why Microsoft chose not to support several W3C standards, preferably straight from the mouth (or keyboard, as it were) of an IE developer I d love to incorporate that into the article so that people gain insight into why IE is the way it is. -- 01:11, Sep 15, 2004 (UTC)
Much as I d like to agree, from my research it seems IE doesn t even support CSS 2 fully (specifically different types of selectors), let alone CSS 2.1. - as this article says. 16:08, Nov 28, 2004 (UTC)
= Negative Features =
I m curious as to the definition of a negative feature. In any case it seems irrelevant in an encyclopaedic article. The negative features in the IE page appear to be personal criticisms (POV), and comparisons to other browsers, which should be in Comparison of web browsers :You re right, there s no such thing as a negative feature. The section headings need to be changed or reorganized. However these issues should stay in the IE article, since they are common criticisms. NPOV doesn t mean remove negative criticism. 19:24, Sep 22, 2004 (UTC) ::The negative features here appear to be simply the con side of a pros and cons list. Both sides of any such list will invariably include subjective points, since a feature may be a useful feature to one person and a harmful one to someone else.
::For instance, ActiveX is used by some browser-based applications to do useful work, but disabling it if you don t need it is on many security checklists, because of the problems it can cause. So it is a positive feature to those who use it, and a negative one to those who are harmed by it or have to do extra work to avoid it. These are not simply opinions they are subjective facts which differ from person to person, depending on needs. However, they militate against listing ActiveX as either a positive or negative feature it is simply a function of the browser, turned on by default, which is useful for some and harmful for others.
::One possibility: Avoid listing features which are common among IE and other browsers (Firefox, Netscape, Opera, Safari). List differences from the common denominator. For instance, while a pop-up blocking function is new in IE for XP SP2, it is not an uncommon function of a Web browser. Likewise, element-level alpha is not an uncommon feature; it is, rather, unusual that IE has only element- and not pixel-level alpha as specified by PNG standards. JavaScript, Flash these are likewise common among browsers;. Features which should be listed are those that single out IE: like ActiveX, COM, the use of IE for HTML rendering in Outlook, lack of tabbed browsing, better multi-language support, etc. 22:44, 22 Sep 2004 (UTC)
::: they are subjective facts which differ from person to person, depending on needs - in other words: opinions. If you want to write an article that compares IE to Firefox then by all means do it in Comparison of web browsers. The problem with listing opinions like this is that all browser wikipedia entries risk being filled with negative points that favour the competition, and as competition grows, so will the articles.
::::I disagree with you that subjective facts are opinions. An opinion is a preference, thought, or belief; a subjective fact is a fact that differs from person to person. For instance, some companies find Windows systems cheaper to administer than Unix systems; others find Unix systems cheaper. These are not opinions; they are facts, which contribute directly to the companies bottom lines. They are subjective because they differ from case to case not because they are dubious, untrue, or based on belief rather than reality. 16:13, 25 Sep 2004 (UTC)
:::Entries like this are meant to be opinion-neutral and objective - NOT subjective at all.
::::NPOV does not mean that Wikipedia refrains from describing different people s opinions, or the knowledge of various experts. It certainly does not mean that Wikipedia must avoid mentioning those facts which, when different people interpret them differently, lead to different opinions. We accomplish the goal of being opinion-neutral by describing different opinions, and the facts that inform them not by slicing out opinions, and never by slicing out the facts that lead people to draw different conclusions. 16:13, 25 Sep 2004 (UTC)
: Negative features aside, I would like to question this article s focus on removing Internet Explorer. It s unbalanced, and out of place. Very few Windows users remove IE, due to its obvious drawbacks. Even if it s technically possible, it does disable Windows Update and forces the user to download updates manually. It is possible to have a secure Windows desktop without removing core features of the OS, and it s silly for this article to imply differently. We should tone down the remove IE information, it s of limited interest and a magnet for POV. 18:15, Sep 25, 2004 (UTC)
:RE: Positive features, I noticed the list lists features that are only available in XP SP2. For instance, My windows 98 machine cannot use the pop-up blocker feature. I entirely agree with an earlier comment that positive features must list positive features unique to IE and negative features must list negative features unique to IE. Everything else should be taken out. -- 18:23, Sep 28, 2004 (UTC)
= Competing web browsers =
I totally disagree that this should be taken out. It s highly relevant to the article, and though their is an article talking about various browsers, it s still valid to the article. - 02:55, 15 Sep 2004 (UTC)
:Why The 03:59, Sep 15, 2004 (UTC)
:I think having 04:09, Sep 15, 2004 (UTC)
Let me see, if Dr. Evil wins a hundred billion dollors from a slot machine, and he uses the money to make a hundred billion Mozilla discs and give them to every living thing on Earth, I ll keep this part. So far I don t see any compitition even though I personally uses Netscape, Mozilla and Fire Fox. :Then you won t mind if I put competing web servers into 13:24, Sep 15, 2004 (UTC) ::I m truly puzzled why you might think that anyone would object. We aren t here to produce marketing brochures, so if the information is factual and helps place an article into context then what is the problem Many existing product articles mention comparable products (e.g. 21:36, 25 Sep 2004 (UTC)
:::I think the point is not that Wikipedia shouldn t cover the comparisons, but that every single article shouldn t contain comparisons - if we have a paragraph under 01:30, 26 Sep 2004 (UTC)
::::Entire paragraphs promoting or describing features of unrelated products don t belong here, but a simple phrase like On the 07:44, 26 Sep 2004 (UTC)
= Who recommends IE removal =
I echo Beachy s challenge: Are there real security experts who recommend removing IE from Windows PCs I ve been developing Windows software for years and I say it causes more harm than good. It could interfere with Windows Update, shell functions, future service packs, third party software, etc. And it provides no real security benefit over simply using another browser.
Let s be frank. People who recommend removing IE aren t cynics or security experts. They re just Internet users. They do exist, this article even cites them. Let s not make up titles for them. Very few users actually remove IE, and I don t know a single computer professional who would recommend it. 17:09, Sep 28, 2004 (UTC)
:Agreed. I made my edit to show how stupid the whole edit war really was. Besides which, the following Some Internet users have suggested removing Internet Explorer from computers in order to decrease exposure to security risks on the Internet. is a 13:33, 30 Sep 2004 (UTC)
::I do believe I am responsible for the some internet users... phrasing. Before I changed it to that, it pretty much said you must remove Internet Explorer from your system for it to be completely secure . I toned it down a lot in lieu of actually reverting the user, which I assumed would attract an angry response. - 06:43, 5 Oct 2004 (UTC)
:::Please understand that I know this. I am well aware that you did the best of a bad job, and I think that as a compromise it was most likely the only way that this bit could be improved. However, now we need the original author to back up his original argument (which I think you effectively summarised) with statements of fact. - 11:09, 5 Oct 2004 (UTC)
Where are you anonymous users coming from Would one of you mind letting me know which message board is instructing its users to revert this page 02:53, Oct 5, 2004 (UTC)
:This is where tracking the referer string would be useful. - 03:43, 5 Oct 2004 (UTC)
==Fred Vorck==
OK, here s the story. I received an e-mail from Fred Vorck, who has a page about removing IE from Windows. This page has a blurb about Wikipedia: http://www.vorck.com/remove-ie.html#wiki . Quote: stop making edits to a topic that you know nothing about. Leave the editing to the experts. Fred also says that the MSFN forums have been talking about this. I couldn t find the thread on MSFN, but I suspect that there s some name-calling going on.
:A little bit. See http://www.msfn.org/board/index.phpshowtopic=29162 - it seems they think I work for Microsoft (I m one of the people who commented out the section). - 12:52, 15 Oct 2004 (UTC)
::OK, I took a moment to respond to the board. Not sure if anyone will see this, but there s no harm in trying to explain our actions. - 13:18, 15 Oct 2004 (UTC)
:::Wow, how do we find the time to be wikiholics in between our duties as Microsoft employees Thanks for finding the thread, it s not as bad as I thought. I think the section is better now, although it needs to be moved out of history. I don t want to pester Fred but if he has anything to add I hope he ll continue to contribute here. Removing the link to nLite was unintentional and I m glad he noticed it. 13:36, Oct 15, 2004 (UTC)
I replied to Fred s e-mail and asked him to join us here. I think the people from Fred s page and MSFN can make a positive contribution here. I ask that they read , and help us fix up the section on IE removal. They should understand that it is a small minority of people who feel that it is in Windows users best interests to remove IE. I make a living working with Microsoft products and I don t appreciate the suggestion that I m not an expert on this topic. There is nothing wrong with linking to nLite, by the way. If this section gets killed we should put it in external links.
Also, Fred, regarding this: Wikipedia editors: who says IE is insecure This is a mischaracterization of what we re asking. What I actually asked is, are there real security experts who recommend removing IE from Windows PCs There is a difference between the two. Even if IE is insecure, it doesn t necessarily follow that it should be removed from PCs. 13:17, Oct 5, 2004 (UTC)
For the record, here is what Fred wrote:
The Wikipedia Controversy
This is a strange one. It would seem that there are editors (to be fair, not all of them) at Wikipedia that would like to restrict your access to this information by [http://en.wikipedia.org/w/wiki.phtmltitle=Internet_Explorer&action=history censoring it], continually deleting the section on removing . The only text that gets deleted continually is text that links to my site and to Nuhi s nLite site. I d say IE removal from Windows is something readers deserve to know about, considering that the U.S. Government got involved. Editors at Wikipedia don t seem to agree on standards. First, they wanted the passage on removing IE to say exactly who recommends it -- a minority of IT professionals, because most won t actually read my process (be honest, guys; if you did, you wouldn t print half the things you post on messageboards about Windows being unstable. First, you couldn t do it at all, the MCSE s said. Now, it ll make it unstable, the MCSE s say. Yawn). Then, the Wikipedia editors wanted the entry to have a Neutral Point of View. Then, when the post met these criteria, some Wikipedia editors asked what computer security experts recommend IE removal. When s it going to end How many criteria must someone meet to make this information freely accessible Stop making edits to a topic that you know nothing about. Leave the editing to the experts.
Revised text on Fred s site :::Fred here, several days later. I revised the text on my site a few days ago; it now starts This matter has been dealt with in a fair manner and I consider it settled satisfactorily. See the rest here: http://www.vorck.com/remove-ie.html#wiki ::::It s cool
in a weird way, we kind of like external criticism, because this gives us a chance to revise the text in better manner! Incidently, I wouldn t worry about fair use. The text is licensed under the GFDL. - 22:28, 21 Oct 2004 (UTC)
FDV. None of this is meant to be disrespectful or inflammatory, especially #3. I am not questioning anyone s general expertise. The particular topic at hand, however, is _IE removal_.
1. I ve read Avoid weasel terms. The wording has been altered several times (variously several users, some users, internet users, windows users, disgruntled users, etc etc). Why does a security expert have to endorse removal Isn t the Wikipedia about information As is pointed out, [People like me, Fred] should understand that it is a small minority of people who feel that it is in Windows users best interests to remove IE. That s an excellent way to put it! Why not just say that A minority (omit small as redundant) feels that it is in Windows users best interests to remove IE. Maybe even Fred Vorck, Dino Nuhagic, and Shane Brooks suggest... That is Neutral point of view compliant, isn t it :Well, then that is what we need to write in there! That s ALL I was asking for! Now I can remove a weasel term, something I was hoping to do. You know, you could have modified this yourself you know - you do have permission to do this! - 12:37, 15 Oct 2004 (UTC)
2. If the Wikipedia guidelines require an imprimatur from a security expert rather than an IE removal expert, what does it take Self-apellation An MCSE Kevin Mitnick Just _who is it_ that you re looking for to give the removal process their blessing What, in essence, is a security expert This went from requiring that the Weasel and NPOV criteria be satisfied to requiring the blessing of a security expert, which AFAI can see has no Wikipedia entry. :Well, that s a whole can of worms I m not going into, except perhaps I agree with your point below that you and others are experts in IE removal. Incidently, I like your site. I only use Linux at home, and try to use Firefox only at work but can t because of some vendor lockin issues. - 12:37, 15 Oct 2004 (UTC)
3. I make a living working with Microsoft products and I don t appreciate the suggestion that I m not an expert on this topic. I m not only suggesting it, I m saying it now explicitly: you are not an expert on the topic of removing IE (which is this topic). It s NOT personal, it s all about information! You may be an expert in the use of several Microsoft products; no doubt that s the reason you are editing the entry on IE. I don t know what constitutes expertise on IE removal, but I m certain there are no formal certifications, and I m also certain that if there is any such person as an expert on IE removal, I m one.
I ve been developing Windows software for years and I say it causes more harm than good.
:Good point. - 12:37, 15 Oct 2004 (UTC)
Haven t read (never mind tried) the actual process, huh I have not had any problems to date. I haven t had any users e-mail me with problems. If the HTML subsystem is left in, that s different from IE removal. It all depends on how the files are edited. IE can be removed. If by harm you mean reduces the potential for DDOS and Port 135 attacks and security issues related to IE and MSOE, among other things, then yes, it will do these things, and will therefore harm your machine.
4. ...I don t know a single computer professional who would recommend it. Pleased to meet you! I work in IT and have since 1993. I unreservedly recommend reading my guide and removing IE. 
When I used NT 4 and my users had 95 and 98, there was no such thing as Automatic Update. I used the MS website. That hasn t changed; updates are available there. There is a classic rhetorical device called begging the question. Many IE users make a conclusion about something (say, Automatic Update) as proof that users need IE. The basis for this proof is itself in need of proof. In other words, we first have to determine if Automatic Update is the only route to updating Windows (it isn t).
I see messageboard posts in Slashdot every time an IE topic comes up that say IE is needed for many / all sorts of / several programs (one recent reply to a post of mine claimed it s needed for piles of software). This issue has nothing to do with security. As for security, my files harden TCP/IP in Windows according to guidelines I read at csrc.nist.gov. My files will close Port 135 by default, shut off DCOM, prevent several ActiveX exploits from running... One big issue is that Windows File Protection would need to be restored, which fortunately is easily done and mentioned in my process.
But I m addressing security again, when originally, the Weasel-NPOV dual criteria were asked to be met.
:And now they are, largely thanks to your suggestions. - 12:37, 15 Oct 2004 (UTC)
5. Even if IE is insecure, it doesn t necessarily follow that it should be removed from PCs. And perhasps if removing IE does not improve security or creates insecurities, it doesn t necessarily follow that it shouldn t be done. Wikipedia is about information. A minority of users proved it can be done, but if it is now about the recommendations of security experts, perhaps some indication should be made. Mark already redacted the assertion that it will make a system more secure, and I never changed the text saying it did so. The removal issue, as I note, is one that the U.S. Government stepped into, so I d deem it both relevant and significant to the Wikipedia entry, even if it cannot be proved that anyone other than three individuals in the U.S., Croatia, and Australia have used their own software to do it.
:Which is why I firstly only commented out the information, then retracted this and placed tags around the comments until we could sort out attribution issues - 12:37, 15 Oct 2004 (UTC)
==Analogy with Firefox==
removed the Removing Internet Explorer section with the comment:
:(Irrelevent and distinctly POV (see discussion). Consider - Due to recent vulnerabilities found in Firefox by US-CERT and Secunia, should we not be providing an equivalent section for Firefox)
The section certainly needs work, and will hopefully be discussed and improved, but I don t see how it could be called irrelevant or POV. The information is factual and at least one person (me) found it helpful. As for an equivalent section for Firefox, that depends what you mean. If you are suggesting a Removing Firefox section, it would be pretty short since the package includes an uninstaller (forced integration with the OS just isn t an issue for most programs). If you mean a section listing security vulnerabilities in different versions, I personally would find that helpful: it would be useful to be able to look up whether some program version has outstanding security issues, and this is precisely the kind of fast-moving information Wikipedia offers that a conventional encyclopedia never could. 03:09, 19 Oct 2004 (UTC)
= Disputed =
*As an aside, I removed the multiple templates because they were causing 21:29, Oct 24, 2004 (UTC) **OK, I see what you mean now. I ve rolled back my revert. Now, in what way has the article become worse Please give specific examples of what needs to be changed. - 23:44, 24 Oct 2004 (UTC) **Not sure why we would need to shorten the article by 50% It seems quite informative, presents a pretty balanced (quantity-wise) view of the advantages/disadvantages of IE, presents history, current versions, platforms, etc. Which of this information would you suggest removing Pruning articles is not usually something that we d get into unless it s very POV (and it s not _clearly_ pov as of the current revision) or some such. I d be against any pruning on a length-basis. -- 03:55, 25 Oct 2004 (UTC)
Critics have claimed that security fixes take too long to be released after discovery of the problems, and that the problems are not always completely fixed. After Microsoft released patches to close 20 holes in their general operating system in February 2003, 07:01, 11 Dec 2004 (UTC) *Maybe it should be reworded slightly, but I think it should be included as according to the [http://www.eeye.com/html/Research/Advisories/AD20040210.html original eEye advisory], software affected includes MSIE. -- 20:47, 23 Dec 2004 (UTC)
Removed Critics charge that this rigorous testing is required in large part because Microsoft has failed to make IE sufficiently modular and separable from the rest of the operating system. These critics state that other browsers, because they are designed as a separable module from the operating system, can be tested far more efficiently. Some browsers, such as Firefox and Opera, run on a far more diverse set of installations than IE, supporting a large number of truly different CPU architectures and operating systems (including Microsoft Windows and also MacOS, various Unixes, and various Linux distributions), yet changes to them are released far more rapidly.
*Which critics I m sure this should be pretty easy to verify, but we keep introducing 07:55, 17 Dec 2004 (UTC)
::There is so much crap written about Internet Explorer available on the intarweb . Finding useful quotes about Internet Explorer is like finding a needle in a haystack.
::: Any browser tied in so close to the OS will always be a slightly higher security risk than the others. IE proves this when I remove everyone but administrator from even reading, let alone executing, iexplorer.exe. But I can still use it by opening My Computer and typing a URL in the address bar, said Jacob Bresciani, systems analyst at the University of Alberta, in Edmonton. [http://www.eweek.com/article2/0,1759,1624514,00.asp]
::Anyway close, but not exact. 09:36, 17 Dec 2004 (UTC)
::I think I ve seen that, but I can t find it. I agree with the earlier comment, finding useful quotes is a lot like finding needles in a haystack. I m going to remove the text (and the disputed tag along with it), so that the material is at least NPOV for current readers. I ll leave the text here in the Discussion page so it s not lost -- anyone who CAN find the reference, please do so!! 17:23, 2004 Dec 18 (UTC)
Many security analysts attribute IE s frequency of exploitation in part to its popularity, since its market dominance makes it the most obvious target. However, many others argue that this is not the full story; the Apache web server has a much larger market share than Microsoft IIS, yet Apache has had fewer (and generally less serious) security vulnerabilities than IIS.
= positive features =
AlistairMcMillan removal summary: Remove invalid points. Please point to a browser in talk that does not have an easy to use interface and an integrated search facility (with multiple engines).) . I just wanted to point out that there ARE in fact browsers, and have historically been browsers, which did not have easy-to use interfaces and integrated search. The first that springs to mind is lynx (as it s text based). If we re talking about graphical browsers only, old versions of IE, netscape, and mosaic did not have interfaces which were always easy to use, and certainly didn t have integrated search engines (as current engines like google didn t even exist). Just wanted to point out that it s not necessarily obvious/invalid. -- 07:42, 1 Nov 2004 (UTC)
: Well that is just fan-diddly-tastic. If you take a second to look at my 08:21, 1 Nov 2004 (UTC)
::I did actually look at your user page before I posted, but I do think there s room here for some mention of comparable user interface to... including such features as... if you get my point Clearly yes, the wording as it was was a bit desperate if you like, but it could be useful to include some of that information in a manner less like an advertisement and more like a comparison or feature overview. My 2 cents, anyway. Notice I didn t put the text back in as I think it s fine to leave out, but as I said, it could still be modified to be informative and useful. -- 09:23, 1 Nov 2004 (UTC)
::: I have no problem talking about listing actual user interface features that make IE stand out, for example the recent pop-up window notification bar (or whatever they call it) (and before anyone points it out I know some other browsers have them too), but just saying easy to use interface is a joke. 09:47, 1 Nov 2004 (UTC)
:::: Ease of use is not a joke when talking about software, although to the layman it may seem a gimme . Some people make a career out of making software easy-to-use, and Microsoft have done a vast amount of research on the topic. IE is different from most of the other browser offerings since it is well integrated into the OS, and is 100% native to Windows. This makes its look-and-feel immediately intuitive to anyone who s used Windows software. Firefox has made a good effort with its XUL based interface, but the components used are non-native and differ in colour, size etc. Additionally, when it comes to more complex functions of the browser like security and privacy controls, IE is easier to use for the average consumer because of its setting of simple security levels -- 02:13, 2 Nov 2004 (UTC)
Did you just call me a layman
Lets get specific. Ignoring non-graphical, or ancient browsers that have 0.x% of the browser market.
non-native and differ in colour, size etc IE uses a picture of a little house to represent HOME. Firefox uses... a picture of a little house to represent HOME. IE uses a picture of a green left-pointing arrow to represent BACK and Firefox uses... a picture of a green left-pointing arrow to represent BACK. I detect a pattern here. I can see where users could get confused. 05:51, 2 Nov 2004 (UTC)
:These are opinions. Some people find it easier to use; others do not. As it happens there is a branch of engineering which studies 05:34, 2 Nov 2004 (UTC)
:Edit summary: Compromise on Native widgets. Please point to a relevant browser (i.e. not Lynx) that doesn t have search engine integration before restoring search assistants. AlistairMcMillan, I was wondering if a comparison to PREVIOUS versions of IE would be appropriate, if you re looking for comparable browsers. Old versions of IE (before that damned MSN default search, ~version 4.0) had high browser-share, also, similar widgets, etc. The thing they lacked was integrated search. So perhaps something like since verion xx, IE has had easy-to-use integrated search capabilities, similar to other modern browsers -- 07:44, 2 Nov 2004 (UTC)
:: I was assuming the Pro/Con comparison was with other competing browsers. My preference would be to add listings of the feature additions/changes to the 11:51, 2 Nov 2004 (UTC)
:: Useability is opinions (unless we can come up with some research on the topic). As for the controls being 100% Windows native (and therefore immediately intuitive), the feature stands. If you want to make comparisions, they go in 16:57, 2 Nov 2004 (UTC)
:::Subjectivity ain t the best thing, I agree, but what s your objection to circumstance based on A circumstatial fact is still a fact, & thus deserving of mention in a NPOV article (though I agree about that there s a difference between features & unique features). Besides, non- or only partial support of CSS2, MIME, PNG, etc. is most definately not circumstantial, and nor is tabbed browsing, though that s not really a valid point anyway - just a comparison to alternatives which should be on the appropriate page. On another note, the bit about W3C vs. defacto standards is quite POV in itself - so s this statment, I guess - because standards are important, & the note makes light of that. If IE twists standards, that s bad for the internet itself. --SirPavlova 15:34, 16 Nov 2004 (UTC)
= Disputed IE removal section =
Are there still editors disputing the IE removal section It may need some flow work but it s certainly NPOV d. If there are no objections in the next few days, I d like to remove the disputed notice. 19:48, Nov 4, 2004 (UTC)
The section should be removed. IE components are needed for so many Windows native applications that it is foolish to removed it. VERY few people put forth the effort so do so. It is NOT possible to remove IE from modern Windows version without third party software. 03:35, 5 Nov 2004 (UTC)
:Oh puhleeze. We ve covered this already. Check out the links. - 05:22, 8 Nov 2004 (UTC)
:There are a lot of things that I consider to be foolish, but that other people not only do , but recommend to one another 03:50, 5 Nov 2004 (UTC)
::The section is very much disputed. It is doing little other than advertising third-party hack tools that serve no purpose to the everyday IE user. Removing IE, for better or worse, is a non-recommended technique that is likely to lead to system instability and vulnerability, in part due to disabling Windows Update. Either leave the notice, or remove the section entirely
:::Hardly advertising. I didn t get paid to put this and I am not affiliated with any of these products/companies. This is merely putting forward others stated POV, good or bad. We aren t endorsing this in any way, we merely mention it. - 05:22, 8 Nov 2004 (UTC)
:::That isn t a valid criticism of the section. The fact that you (and I) disagree with Fred Vorck et al is not justification to remove their opinions. 14:21, Nov 5, 2004 (UTC)
::: Non-recommended by whom It clearly is recommended by a number of people, a few of whom seem to have pretty sturdy security credentials. So these people disagree with Microsoft s party line; Wikipedia is not supposed to favor anyone s party line. Nor is it limited in its purposes to the everyday or the perfectly safe otherwise we would not have an article on BASE jumping, an unsafe and crazy thing to do if ever I heard of one.
:::What s more, it s clear from the article that if one removes Internet Explorer, one needs a different method (such as the linked program Daisy) to install Windows updates. 14:47, 5 Nov 2004 (UTC)
::::Daisy is a simple hack of a utility, something which becomes obvious when you read its homepage and discover it is not compatible with SP2. Therefore IE _is_ required for Windows Updates -- 00:49, 6 Nov 2004 (UTC)
:::::Ugh, I m beginning to dispute that section. It s starting to read like a back and forth argument... 01:04, Nov 6, 2004 (UTC)
Another major vulnerability was exposed in Internet Explorer this past week. Since the program IS so tightly integrated into Windows, and is demonstrably buggy and unreliable, those who advocate it s complete removal are sounding more and more sane all the time. I began removing Internet Explorer from Windows with ME, and found that it alone was almost completely responsible for ME s quirkiness and instability. The argument that removing it makes Windows less stable is simply uninformed: IE is responsible for many of the problems in certain versions of Windows. Yes, you can access Windows Update without it, and since about 98% of Windows Update consists of patches for both IE and Outlook Express (another buggy hacker delight) simply eliminating these 2 programs from Windows eliminates most of the need for Windows Update.
In order to be fair and to maintain the NPOV, the removal option should at least be mentioned. Leaving it out or deleting it seems to swing to a very Microsoft positive POV, which I see echoed all up and down this thread. It seems to me that some sore toes have been stepped on.
= Marc Maiffret=
Yep Chris is right, the guy is obviously a nobody. 01:28, 25 Nov 2004 (UTC)
:-- 00:30, 3 Dec 2004 (UTC) - The first article on Alistair s Google list (by CBC news) tells us all we need to know about Marc Maiffret:
:: Even eEye Chief Hacking Officer Marc Maiffret bit the FUD-baited hook: the Internet is about to shut down and you re bickering about nonsense, he told us yesterday, finishing off an e-mail exchange in which we tried to assure him that our previous (admittedly negative) coverage of eEye s vulnerability publicity machine was in no way personal.
:: eEye makes several good security products for Windows and IIS, and has been responsible for finding and aggressively publicizing a number of holes in Microsoft products, especially IIS.
:: But the business of searching for and publicizing security holes while at the same time selling the solutions is a tricky and controversial business, not unlike the model pursued by anti-virus companies. We note, for example, that eEye has yet to publicize an IIS hole that its SecureIIS product won t defeat. Their discoveries inevitably support the claim that SecureIIS is a very wise investment.
:: Now they re facing an intriguing irony. Had they not made such a grand public fuss over their .ida hole discovery and their SecureIIS product s ability to defeat it, it s a safe bet that Code Red would not have infected thousands of systems.
: First that article is by DuhRegister. Anyone who is familiar with their reporting will know they usually have a colourful way of approaching the news. These are the guys who inferred that Microsoft had cancelled the Windows98 project in late 97 or early 98 after Microsoft moved a small group of developers to the Windows2000 team. There is a scandal waiting behind every corner in the Register offices.
: Anyway... poor widdle Micwosoft. Just out trying to make a few bucks. Trying to feed their starving children and all those callous evil people like eEye out there. Maliciously pointing out Micwosoft s little code faux-pas, so that they can exploit them for their own financial gain. Evil evil people. Actually I bet Maiffret sneaks into Microsoft s office once a week and sneaks all these exploits into Micwosoft s code himself. It just a darn tragedy, I tells ya . 02:19, 3 Dec 2004 (UTC)
:: From [http://vmyths.com/rant.cfmid=570&page=4 vmyths.com]
:: MARC MAIFFRET, THE 21yr-old chief hacking officer of eEye (his actual job title), got his fifteen nanominutes of congressional fame in July 2002. Finally.
:: Credit where due: lyrics from the nema album show up in almost every sentence from this point forward. ITAA lobbyist Harris Miller (the real power behind the congressional cyber-throne) okay d Maiffret to testify at a D.C. hearing. Only then could congress meet a boy wearing Vans, 501s, a Hello Kittie tee, nipple rings, and new tattoos that claimed that he was OHT from 1998 and eEye s cutest VP.
:: Now, I want you to realize we know very little about Marc Maiffret. In fact all we really know about him is what he s sold us. He claims he sold his soul at age 17 to a computer security firm -- and the media bought it! All you read or see or hear on TV is an eEye product begging for your dollars.
:: Standing out on C-SPAN, Maiffret had hair so green and loud that congress swallowed his fac,ade. (For the record: some other guy with green hair plays bass for Good Charlotte.) Not all computer security martyrs self-proclaim their divinity -- but Maiffret certainly tried.
:: And in between fits of testimony he told congress about a band named Tool.
:: Don t get me wrong! Maiffret had a lot to say. He had a lot of nothing to say. The code-toting hip hacker wannabee took a stand on every little thing from SCADA to the Chinese national security threat. I half-expected him to brief congress on the plight of midwestern farm women and perhaps even the health risks of Alar-coated apples.
I don t get your point. Ros is saying that Maifrett has green hair and a bad understanding of 23:14, 12 Dec 2004 (UTC)
= Another idea on the features list =
I ve recently become convinced (see ) that pro & con lists are a fundamentally Bad Thing for Wikipedia articles. All they do is give people a place to stack up ranting-points in favor of their POV. They actively discourage real exposition or exploration of issues, since they re so prone to arms-race between the pro and con sides.
And here, on this article, we have yet another example: a pro & con list that has been the focus of escalation, deleting, pruning by folks on both sides of an issue, and which doesn t seem to actually expose or explore the issues that it hints at. I d like to propose a different way to describe IE s features :
I think this might be a way to describe the positive and negative features more neutrally, to invite further description of them -- while at the same time excluding vague and subjective pros and cons . Thoughts -- 02:26, 2 Dec 2004 (UTC)
:Nobody seems to hate this idea right away, so I m implementing it. Feel free to revert me if you think it s awfully terrible, but I do think it s an improvement over a pros & cons list. I haven t rewritten any of the features previously listed -- I ve just regrouped them. -- 23:30, 2 Dec 2004 (UTC)
::I think it s an improvement. Good work. - 03:23, 3 Dec 2004 (UTC)
=Microsoft s detailed bug database=
Chris, could you please give us a link to Microsoft s bug database where we can see them discuss in detail each bug as they are working to figure out how it works and how to develop a patch Thank you. 02:32, 3 Dec 2004 (UTC)
: Let s be clear again.
:* Microsoft keep their bug database completely hidden behind their corporate firewalls. They publish reports about their security bugs when they are either (a) there is an imminent risk of the bug affecting customers or (b) Microsoft decide to release a patch.
:* Mozilla publish their bug database for all to see. Aside from security bugs which they keep closed access to that are through to be real risks. Once the security bugs are fixed, the pages detailing them are opened up.
: For all we know Microsoft and Mozilla both have hundreds of security bugs registered in their database that they haven t found the time to deal with and are keeping secret until forced to act upon. 02:49, 3 Dec 2004 (UTC)
::[http://www.microsoft.com/technet/Security/default.mspx Microsoft s Tech-Net security pages] -- 12:13, 4 Dec 2004 (UTC)
::Let s be clear again - Mozilla [http://www.chrisbeach.co.uk/core/scripts/entryViewer.phpID=6064 deliberately makes security holes confidential] from the public, and from security agencies, sometimes for up to [http://www.nd.edu/~jsmith30/xul/test/spoof.html five years], in the knowledge that exploits exist. Microsoft detail their bugs online, communicate with security agencies like secunia, and patch not just for IE6 in XPSP2 but for many past versions of IE on several different Windows platforms.
::: 1 - We know Mozilla keeps serious security issues from the public, because they have an open bug database. We don t have the first clue what Microsoft do, because they keep their bug database closed. For all we know they have a bug database with hundreds of thousands of serious security bugs listed, or maybe a bug database with zero security bugs. Until they open (which they will never do) their bug database we can t comment.
::: 2 - Microsoft, like Raraoul says, only publish details about their bugs on TechNet after they are patched or someone else has published details (i.e. when they are forced to).
::: 3 - Everyone communicates with security agencies when the agencies find bugs in their products.
::: 4 - Microsoft have to patch multiple versions of IE because they don t release the latest version of IE for all platforms, in an effort to force people to update to the latest version of their operating system.
::: If your goal is really to make this article more NPOV then great. But right now, you are introducing a hell of a bias towards IE. 16:11, 4 Dec 2004 (UTC)
:::: I m not introducing bias towards IE. I am attempting to remove the bias towards Firefox that has been introduced into this article. Unfortunately I appear to be outnumbered by Firefox advocates on this article. It s no mystery - since Firefox will only take off when the public have lost their faith in IE, the agenda is pretty clear. -- 17:23, 4 Dec 2004 (UTC)
:::: Removed the comments about Mozilla s bugzilla listings. Until Microsoft open up their bug database we can t make a comparison. If you want to compare with Microsoft s listings on TechNet, where is the equivalent page from Mozilla. http://www.mozilla.org/security/ 16:15, 4 Dec 2004 (UTC)
Microsoft detail their bugs online Only some bugs that are already publicly known (see the public bugtraq mailing list). Not their private security bug database !
= How to put back IN weasel words in one easy edit =
You basically do the following [http://en.wikipedia.org/w/wiki.phtmltitle=Internet_Explorer&diff=8298136&oldid=8297922] Change:
:Critics have claimed that security fixes take too long to be released after discovery of the problems, and that the problems are not always completely fixed. After Microsoft released patches to close 20 holes in their general operating system in February 2003, Marc Maifrett of eEye Digital Security stated that If it really took them that long technically to make (and test) the fix, then they have other problems. That s not a way to run a software company. [http://news.com.com/2102-1002_3-5158625.html] Microsoft attributes these delays to thorough testing to ensure that bug fixes do not lead to problems elsewhere.
to
:Critics have claimed that security fixes take too long to be released after discovery of the problems, and that the problems are not always completely fixed. Microsoft attributes these delays to thorough testing to ensure that bug fixes do not lead to problems elsewhere.
Never mind that we never note who those critics might be. Never mind that Maifret is actually a critic. C mon people, of course he s a critic. Words like If it really took them that long technically to make (and test) the fix, then they have other problems. That s not a way to run a software company. sounds exactly like criticism to me. And oh look. We have a source! So what if he s not an outside observer (whatever that means). He remains a critic of Microsoft.
Now if you were going to attack that phrase, surely you d have a go at the fact that it should be in the Microsoft article and not the Internet Explorer article! hint hint.
13:56, 10 Dec 2004 (UTC)
:Well if it s a problem then let s just take out that paragraph altogether. Critics have claimed etc etc - It s just opinion for goodness sake. Imagine if this were a real encyclopedia - would you really expect to see quotes like that s not the way to run a software company. Come off it! -- 22:43, 10 Dec 2004 (UTC)
::Yes, that s right Beachy. It s an opinion. And whose is it again Why, it s Mark Maifret of eEye! In which case, we note who the critic is. Oh, incidently. This is a Real Encyclopedia. And we include the opinions of others, even if we don t agree with them ourselves. In this case, Mark Maifret happens to be the critic, and he s notable enough to quote. Even if he isn t polite. You still haven t addressed the issue that this whole paragraph isn t specifically about Internet Explorer (you know, the topic at hand) but about Microsoft s general security reputation! And yet... exploring this point might help us clarify the topic or even explain why it should be removed from the article. Sheesh. Do I have to hand this to you on a platter - 06:53, 11 Dec 2004 (UTC)
::As it happens, experts in the computer security field are not as polite in their published statements as experts in (say) medicine or physics. (Computer security happens to be what I do for a living. Vulnerability notices and such have the word fuck in them even more often than the Linux kernel source code.) That s just something we ve got to deal with if we re committed to citing opinions to experts rather than just weaseling critics say ... -- 23:13, 10 Dec 2004 (UTC)
:::Alistair - I ll do you a deal - Maifrett s quote goes in if I can have this in the anti-trust section: Separate markets exist for shirts and buttons, cars and tires, cars and rustproofing, yet few people would object to these integrations. —Stephen Margolis, Professor of Economics at North Carolina State University, writing for the 23:37, 10 Dec 2004 (UTC)
::::We re doing deals about content now Like a bartering market wtf! That is not the way we do things here. Those two things aren t related. Please argue each point on its merits !!! - 06:53, 11 Dec 2004 (UTC)
:::::Oh for goodness sake, I have already argued the merits of Marc Maifrett s opinion (see earlier in the page). I think it is perfectly fair for the Stephen Margolis quote to be included, by the very same logic that you guys believe it is fair for Maifrett s opinions to be included. I ll do you a deal is merely an expression. Next you ll be tearing my ideas to shreds because of a spelling mistake. -- 20:07, 11 Dec 2004 (UTC)
::::::Look, you said what you said. If you meant something else, then either clarify or don t say it. My point is that we don t agree to put one bit of info in if another bit goes in. - 12:54, 14 Dec 2004 (UTC)
::::Oh, hey, I recognize that quote! It s the one that was being passed off as part of the opinion of the anti-trust court, until I dug up a citation for it. Wow, I wondered where that quote went. :) -- 02:54, 11 Dec 2004 (UTC)
::::I m sorry Chris, but people ARE critical of Internet Explorer. That has to be in a page about Internet Explorer. If you were objecting to the Maiffret quote simply because he has a financial involvement, then I d put serious effort into finding a quote from someone who doesn t, but the reason you are objecting to the quote is simply because it is critical of Microsoft. If someone had stuck a quote in from Maiffret, saying that he thought Internet Explorer was the single most impressive example of software development in the history of personal computing, you would not be complaining that he had a financial involvement and tearing the quote out. Would you 03:16, 11 Dec 2004 (UTC)
:::::I m sorry Alistair, but not everyone is so cynical about IE. If you re going to remove any quotes I put in then don t get worked up when I remove (or tear out ) your own. And to reiterate - Maifrett makes a business out of finding holes in IE (and has been criticised for doing so, see above). If you want to explain Microsoft s perceived slowness in patching take it from the [http://weblogs.asp.net/ie/archive/2004/08/17/216080.aspx people who really know], not some money-grabbing opportunist who spreads FUD about MS to peddle his own products!
::::::Oh wow. Testing takes ages because they ve tightly coupled a webbrowser to their operating system. Boo hoo. I feel so sad for them. I mean, really, perhaps if they hadn t tried to get rid of Netscape by integrating their web browser with the operating system then they wouldn t be in such a mess. It doesn t take Mozilla that long to release security upgrades. - 13:09, 14 Dec 2004 (UTC)
::::::: The time taken for testing has nothing to do with integration with the operating system. This is misconstrued just as people misconstrue that the integration allows hackers full access to the OS (when a compromised Firefox would have equal access to system resources including registry, system files etc). Anyway, my point was that Microsoft is thorough in its testing of patches. The evidence is pretty inescapable on this. Not only are they testing the various different versions of IE, but they are also testing on a number of platforms, in a number of languages, and with a number of different websites. It must seem incredibly insulting to MS s testing teams to see competitors tear shreds out of MS s reputation for allegedly not testing their patches, or criticising the time it takes, suggesting that MS are sitting on their bugs. Equally I d be sad to see such mis-enlightened opinion crop up on this Wikipedia article too -- 13:42, 14 Dec 2004 (UTC)
::::::Have you considered actually adding this information (properly referenced, of course) instead of just removing the whole thing - 12:54, 14 Dec 2004 (UTC)
::::::: I had added this information about MS s testing matrix to the Security section. Unfortunately you may not notice it under the weight of dubious cynical rubbish in that section. By the way, thanks for adding that comment on Maifrett - it needed to be noted. -- 13:46, 14 Dec 2004 (UTC)
::::::::Just trying to make the article NPOV 04:32, 15 Dec 2004 (UTC)
::::::That seems a little disingenuous. Maifrett is a security consultant. He makes money not by finding holes in IE but rather by helping his clients avoid costly security incidents. Your accusation seems comparable to saying that evolutionary biologists make a business out of contradicting the Bible -- it suggests that you care more about elevating the status of IE than about being fair or accurate. -- 01:21, 12 Dec 2004 (UTC)
::::::::I would tend to agree with FOo on this one. - 12:54, 14 Dec 2004 (UTC)
:::::::Maifrett has been criticised for mass publicising obscure holes in MS technology, and without this publicity, it s unlikely that exploits such as Code Red would have got off the ground - read [http://www.theregister.co.uk/2001/07/20/internet_survives_code_red/ this] To suggest that Maifrett is a heroic altruist is completely naive -- 15:06, 12 Dec 2004 (UTC)
::::::::Who suggested he was a heroic altruist Not me -- I said his job is to help his clients . You know, the people who pay him . If you are actually interested in contributing to Wikipedia rather than harming it, ethically questionable practices such as setting up 16:53, 12 Dec 2004 (UTC)
:::::: You inserted a pro-Microsoft quote from a think tank whose largest sponsor is Microsoft, and instead of explaining where the quote came from, tried to suggest that it came from the Department of Justice How the hell can you compare that to me RESTORING a quote that you are determined to remove simply because it is critical of Internet Explorer I don t object to your quote (although I think it is better suited to an article on DOJ v MS). I object to the fact that the way it was inserted was deliberately mis-representing the quote, the source AND the DOJ case as a whole. [http://en.wikipedia.org/w/wiki.phtmltitle=Internet_Explorer&diff=5644235&oldid=5644195]
::::::: Firstly you have no evidence that MS is the biggest sponsor of the Independent Institute, and secondly I never suggested it came from the DoJ - I mentioned it in relation to the case because it was the input of hundreds of economists that helped bring some rationality to the anti-trust case and resulted in it being settled in MS s favour. The case could not prove that MS had in any way hurt the interests of consumers. In fact, by out-competing the rival Netscape, it saved consumers having to PAY for their browser as a separate product!
::::::::It s no secret who the sponsors of the Independent Institute are. It was even published in the New York Times. See [http://www.urielw.com/deception2.htm this page], which has the cite to the NYT article. Moreover, it is false to imply that the case was resolved in Microsoft s favor -- Microsoft was found to have committed wrongdoing in findings of fact that could not be disputed on appeal. With the change in U.S. administration, the DOJ ceased to pursue strong remedies. That s politics, not law. -- 16:53, 12 Dec 2004 (UTC)
::::::::: Since the time of the press conference for our Open Letter to President Clinton on Antitrust Protectionism, in early June, in Washington, D.C., there has been no secret about the support we receive from Microsoft. At that time, I clearly stated that the total funding we received from Microsoft was approximately 7% of our total revenues, a best-estimate based on preliminary projections; it now appears the final figure is about 8%, a statistically insignificant difference, and far less than the 20% figure Mr. Brinkley claimed in his article. Also, and contrary to Mr. Brinkleys assertions, Microsoft is not and never has been the largest supporter of the Institute.
::::::::: [http://independent.org/newsroom/article.aspid=1069 Response to conspiracy theorist attacks on Independent Institute reputation]
:::::: Lastly about the deal and Microsoft s explanation. That is a nice excuse and everything, but in the end it is just an excuse. They could simplify the process if they choose to (release the latest version of IE for ALL platforms), they simply don t because security isn t a priority (no matter how many times they say it is). 03:13, 12 Dec 2004 (UTC)
:::::: Oops. I meant to say isn t high on their list of priorities . 23:24, 12 Dec 2004 (UTC)
::::::: Oh for goodness sake - you look at the testing matrix and call it an excuse What planet are you on Have you ever worked for a commercial software outfit with scores of high profile clients relying on the stability of your product You claim for Microsoft Security isn t a priority - how do you know this Have you ever worked for them The evidence is pretty unambiguous - they have spent over $1BN on SP2, and a year of comprehensive testing. If you think this is an just a mere excuse then you re more ridiculously anti-Microsoft than most! -- 15:06, 12 Dec 2004 (UTC)
:::::::: I agree with Beachy, Microsoft, has spent alot of money securing it s products, in particular testing. Testing isn t easy, when I worked in dedicated hosting, we had an entire testing lab with one server of each configuration, and we would test each patch that we would apply for our customers, to make sure that it didn t have any side effects. No imagine at Microsoft, where they don t just have 10 different configuration, but hundreds it s going to take weeks of testing for just a simple patch.
:::::::: Right now they have hundreds of configurations to test patches against. If they simply made their current version available to ALL platforms, they could simply patch the current one, instead of having to release patches for the nine different versions of IE listed on the IEBlog. They would still have to test patches against multiple platforms, but it would at the very least simplify the process a little. However they won t do that because trying to force people to upgrade (by tying their browser into Windows) is a higher priority. 23:24, 12 Dec 2004 (UTC)
::::::::: Your argument makes absolutely no sense and the conspiracy-theorist speculation about forcing users to upgrade is well off the mark. It is precisely because they _don t_ force users to upgrade that they still support old versions of IE. Making a current version available to all platforms is a massively complicated task for any software product and is completely infeasible for Internet Explorer, since its architecture is likely to be very different on each platform (particularly the 64-bit environments). In addition, if like Mozilla Firefox, the user interface was abstracted from behaviour, the performance would suffer. IE performs well because it appears to use as much native code as possible on each platform.
:::::::::: I m tired of this argument. You think we should never say anything critical of Microsoft. Well I m sorry but that isn t how this place is supposed to work.
:::::::::: You have worked diligently to get rid of that Maifrett quote because it is critical of Microsoft. Removing it at least four times. [http://en.wikipedia.org/w/wiki.phtmltitle=Internet_Explorer&diff=7831166&oldid=7830367] [http://en.wikipedia.org/w/wiki.phtmltitle=Internet_Explorer&diff=8064719&oldid=8064460] [http://en.wikipedia.org/w/wiki.phtmltitle=Internet_Explorer&diff=8298136&oldid=8297922] [http://en.wikipedia.org/w/wiki.phtmltitle=Internet_Explorer&diff=8312190&oldid=8312023] And now that you see that you are the only one who wants rid of it, aside from 03:03, 13 Dec 2004 (UTC)
::::::::::: I m _not_ removing things simply because they are critical of Microsoft. I have already explained my reasons for removing that quote. Since you agree to leave the job title, I will leave the quote. There is a very obvious systematic bias against Microsoft amongst many Wikipedians on this page. I will not allow the supposed NPOV article to become one big rant just because some people don t like the fact that IE doesn t support certain parts of CSS2.1, or because of some spyware targetted at SP1, or because someone thinks tabbed browsing should be built into the browser. In many of these cases there are reasons which are out of MS s control, or MS is working on the solution. If you think it s too slow then use another product - in fact tell your friends to, as well. However, do not denigrate MS as if they have some over-arching obligation to your needs and they have let down society. If we re to move forward we need to understand the reasons why IE has been developed the way it has, and we need to help MS address the concerns (through posting on the various IE developer blogs) rather than bitching against the Corporation like angsty teenagers. I have no affiliation with MS. In fact I use Macs more than I do PC s these days. Apple s practises (for better or worse) are more monopolistic than Microsoft, what with them bundling their own hardware with their own OS and their own browser.. but for me it s great - everything just _works_ - and I m willing to pay for that. -- 19:48, 13 Dec 2004 (UTC)
In evaluating anything, such as Microsoft s testing and security practices, one can resort to any number of criteria for evaluation. Two such criteria are to grade the attempt on the effort expended, or to grade it on its yield or results. Let us stipulate that Microsoft expends a tremendous effort on testing and security practices. If one accepts the first criterion -- sometimes manifest as the labor theory of value, or the modern schoolroom practice of giving credit for showing your work rather than for getting the right answer -- then it is clear that Microsoft deserves excellent credit. If, however, one rejects this criterion and judges work based on its yield or result rather than the effort expended, then the credit earned is not so easily clear. Nonetheless, it seems that the choice between these two criteria is subjective, and that as many people do choose to grade on the basis of effort rather than result, the article should reflect both points of view -- as well as other, less well-spoken forms of evaluation, such as conformity to a majority or to a perceived elite.
Yet still, Wikipedia policy shuns original research . It is not, therefore, our place here to come up with our own research on the quality of Microsoft s security efforts. It is, rather, left to us to document the facts as they lay, out there in the world. Some of those facts include: Internet Explorer remains the most popular Web browser; many security experts do recommend against its use; security holes have been found in all browsers; spyware today afflicts IE and Windows users to the exclusion of users of other browsers and operating systems; security is only one of many considerations that go into a cost-benefit analysis of which software to use. -- 20:07, 12 Dec 2004 (UTC)
= Please stop edit warring =
Beachy and Alistair, please quit edit-warring over the Maiffret quote. It doesn t matter that the guy s title is Chief Hacking Officer (if, indeed, it still is). It s a tongue-in-cheek title anyhow; that s the whole point -- it s intended to play with both the street cred of being a 03:34, 13 Dec 2004 (UTC)
= Not free of charge =
If you read the EULA you will see that you need a Windows OS license to install Internet Explorer. This means it s illegal for non-Windows users to install it under Wine.
:But it s still free of charge because you don t have to pay anything to obtain it. If we applied your logic to every other free product then you could also argue that freeware isn t freeware because you need to pay for a PC to run it. So in my opinion it is of course completely free of charge, subject to the user being bound by the terms of the licence. -- 17:15, 13 Dec 2004 (UTC)
::Wrong. The difference is the fact that you are perfectly able to obtain freeware whether you have a computer or not. It would be illogical to do so, but you are allowed to. You are not allowed to use IE without a Windows license.
:::Yeah but you can OBTAIN IE whether you have a computer or not WITHOUT CHARGE but as you say you are not allowed to use it without a Windows licence so Internet Explorer IS free of charge. I think we should define what exactly a charge is when it comes to software, either for obtaining it or for using it. For me, I d define a charge as something you need to hand over to obtain the software, regardless of whether you are going to install and use it. 12:30, 14 Dec 2004 (UTC)
:I think it makes sense for the article to say that Internet Explorer is sold as a component of Windows. This gives reasonable faith and credit to Microsoft s anti-trust position that IE is not a separate product, while also reflecting the fact that IE is not disseminated as freeware. -- 23:52, 13 Dec 2004 (UTC)
::Okay, I think that makes the best sense - it s actually a statement that both Microsoft and others can agree with. Sounds NPOV to me! I ve made the change, hopefully that helps. 17:31, 2004 Dec 18 (UTC)
= References =
Can someone add references See 13:02, 14 Dec 2004 (UTC)
= Factually accuracy =
I m going to take the liberty of removing the tag because I think that all concerns over fact have been addressed. - 13:27, 14 Dec 2004 (UTC)
= CERT not use use IE =
The CERT advisory was specific in nature to that one particular vulnerability the one linked, and has not been seen in any future advisories.
: There is no general recommendation from US-CERT against using Internet Explorer. This note (one of seven solutions to a patched vulnerability) has simply been over-hyped by Mozilla Evangelists and other nay-sayers. It dates back to June, pre-dating SP2. Sorry guys but the excitement s over. -- 17:37, 14 Dec 2004 (UTC)
:: IE is integrated into Windows to such an extent that vulnerabilities in IE frequently provide an attacker significant access to the operating system. It is possible to reduce exposure to these vulnerabilities by using a different web browser... [http://www.kb.cert.org/vuls/id/713878]
:: THESE vulnerabilities Plural. Note how they use the term this vulnerability to refer to Microsoft Internet Explorer does not properly validate source of redirected frame . Do you see the difference Do you understand that they are making a blanket recommendation, not a recommendation specific to this vulnerability 17:54, 14 Dec 2004 (UTC)
::: Yes, and since SP2, the other vulnerabilities are largely obsolete. Not that it really matters since US-CERT have NEVER issued a general recommendation against IE. The closest thing I have seen to a CERT recommendation against one browser is RUS-CERT s report about Mozilla s secretive security policy [http://www.chrisbeach.co.uk/core/scripts/entryViewer.phpID=6064 details here]. I know how much you anti-IE guys would love it to have US-CERT to officially warn against IE - it would be a massive win for Firefox. However, the truth is there is no report that is entitled A Recommendation For Browser Usage. There is no Use Alternative Browsers directive. There is only Art Manion s note in the solutions of an isolated vulnerability report that has since been patched. ~~----
Here I ll make it easier for you, please point to the bit that says temporary... Please note the use of the word vulnerabilities . He is not just talking about the one vulnerability.
: Use a different web browser
: There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, local file system (Local Machine Zone) trust, the Dynamic HTML (DHTML) document object model (in particular, proprietary DHTML features), the HTML Help system, MIME type determination, the graphical user interface (GUI), and ActiveX. These technologies are implemented in operating system libraries that are used by IE and many other programs to provide web browser functionality. IE is integrated into Windows to such an extent that vulnerabilities in IE frequently provide an attacker significant access to the operating system.
: It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when viewing untrusted HTML documents (e.g., web sites, HTML email messages). Such a decision may, however, reduce the functionality of sites that require IE-specific features such as proprietary DHTML, VBScript, and ActiveX. Note that using a different web browser will not remove IE from a Windows system, and other programs may invoke IE, the WebBrowser ActiveX control (WebOC), or the HTML rendering engine (MSHTML). [http://www.kb.cert.org/vuls/id/713878]
Try actually reading the passage you keep reverting. Nowhere does it say they issued a report condemning IE. 19:46, 14 Dec 2004 (UTC)
:Something else to note in this controversy: This Wikipedia article is entitled Internet Explorer . It is not entitled Internet Explorer in Windows XP Service Pack 2 . Beachy has implied or stated several times now that security deficiencies present in other current (supported) versions of MSIE are unimportant. However, clearly Microsoft does not agree with Beachy, since it continues to treat MSIE in Windows 2000 (and, IIRC, a few other versions) as supported products.
:(Indeed, it is not clear to me that a software vendor can abandon moral responsibility for the quality of widely-deployed products simply by declaring the most widely-used versions unsupported . I certainly think less of Red Hat for its ill-treatment of its users in this regard -- though the Fedora Legacy effort has helped somewhat.)
:: Yes you re right, and by that logic we ought to write more about the many security vulnerabilities in the previous versions of Firefox. Since it didn t have an auto-update feature there s likely to be many people still using it. I could write a whole essay on the 5-year old XUL spoofing vulnerability. What do you reckon guys - do I have your blessings on this -- 11:53, 15 Dec 2004 (UTC)
::: The vast majority of users prior to Firefox 1.0 were by their very nature technically-adept users who kept up to date on security patches and bug fixes; auto-update was implemented in 0.9. (I should also point out here that Firefox only had thirteen total security vulnerability advisories lodged against it from inception through October 2004, none of them rated as extremely critical by [http://secunia.com/product/3256/ Secunia], vs MSIE s 44 in the same time period, despite Firefox being beta software during that entire time period. Your comparing beta releases of a project to a mature product that is several years old is a bit disingenious.) I don t have a problem with discussing the (already fixed) security issues in Firefox, so long as context is maintained regarding their seriousness and the state of the product at the time. -- 21:42, 23 Dec 2004 (UTC)
:We should note that other Wikipedia articles dealing with software do not make the ahistorical mistake of considering only the latest version. For instance, our (rather short) article on 23:06, 14 Dec 2004 (UTC)
:: If we mentioned the Security issue, using the example of Sendmail article, it would be one sentence, IE runs under the user account, which is often an administrator by the default settings, and has had compromises in the past which are allowed to run wild due to the high level of privileges. Sendmail has had severe compromises, particularly when you consider that it takes no action by the user to get compromised other than turning an unpatched release loose on the net. While the IE compromises generally require the user to surf to an unsafe or compromised site. The Sendmail article whitewashes what are major compromises, and why I have moved all my clients *nix MTAs to Postfix when applicable. ::Now if users got as in depth in the sendmail article as we are in the IE article I would consider it an example. Anyways I feel that we could mention the CERT advisory in it s context, that it was just one of 7 options, and was considered the most severe, and was fairly specific as it has not been mentioned since them. IE is in no way perfect, but it boggles the mind how some users get infected while others that use a little intelligence don t.
= Concerns and problems =
The edit summary says: Restore ActiveX to list. ActiveX s trust model is a concern for many users and it is a problem, which is why IE SP2 asks before installing any. Alistair, could we expand on this Maybe with some references :) thanks! - 14:40, 23 Dec 2004 (UTC)
: Added one reference. A year or two ago, Microsoft told people to turn off the accept everything from Microsoft check box because of a problem with something they had released. I can t remember right now (a) what specifically this component was or (b) if it was definitely related to ActiveX. If anyone else can remember, that would be a perfect example of the problems with the trust model. 14:57, 23 Dec 2004 (UTC)
: Added another source. We may also want to include the 1996 quote from Charles Fitzgerald on the 15:14, 23 Dec 2004 (UTC)
::I m not sure -- that s kind of a null statement. What is intrinsically secure meant to mean, and what software could be accurately given that label (If no software can be called intrinsically secure , then stating that ActiveX is not intrinsically secure is semantically empty or even misleading -- like saying, Among elephants, the Indian elephant is not green. )
::The problems that many people have with ActiveX don t have to do with lacking intrinsic security , as I see it. The two big problems I ve seen described in the security literature are the inappropriateness of an all-or-nothing security model for browser-based controls ; and the conflation of identification of a code-signer with trustworthiness of the signed code . (Basically, what users care about is not This code was signed by FooCorp, who bought a certificate from Verisign but rather This code is not going to delete my porn collection and send my credit card number to the Russian Mafia. )
::Another issue is whether the ritual of code-signing and verification amounts to 16:23, 23 Dec 2004 (UTC)
::: Sorry. About the quote from Fitzgerald. I was kinda being facetious. If I thought that quote was at all useful here, I would have inserted it myself. 20:08, 23 Dec 2004 (UTC)
:::: Heh, you guys really are enjoying all this toying with the reputation of ActiveX aren t you! Must be fun imagining all the things you could do. But have you or anyone you know had their computer taken over, or hard drives wiped by a rogue ActiveX control Ever Or any of your friends -- 00:29, 24 Dec 2004 (UTC)
::::: Have you or anyone you know been covered in lava and killed Me either. But that doesn t mean that the people in Pompeii weren t covered with lava and killed. Nor does your statement mean that someone hasn t lost a hard drive or computer taken over it can t or hasn t happened; the fact that you personally don t know anyone does not make the fact that ActiveX can be exploited for that purpose either illogical or untrue. And, just for the record, I do know someone who had their computer taken over due to ActiveX security problems. (My sister, just for the record.) -- 00:48, 24 Dec 2004 (UTC)
::::: Chris, two things. First of all our personal experiences are irrelevant. Please read the comments in Help about 03:51, 24 Dec 2004 (UTC)
:::::: Alistair, if personal experiences are irrelevant, then you shouldn t let your bad experiences colour your edits on this page. You only see compromised PC s, day in, day out - you don t see the vast majority of Microsoft PC s that are fine, and not crippled by spyware, and are not crawling with virii, and are getting along just fine with SP2. Embittered as you probably are, I should think you mistrust Microsoft in general, and will look straight for any minor flaw in SP2 in order to support your sentiment. The fact is, short of incorporating a virus-checker into SP2 (which would immediately land MS in trouble with Sophos, Norton, Symantech et al), Microsoft have made an unprecedented and significant lock-down within IE. It is a ridiculous to put FUD in this article suggesting (with no evidence) that the registry may have to be edited before SP2 can be installed.
:::::: I know SP2 removes many of Firefox s main selling points but the bottom line is that it is a WIN for consumers. I don t care if some obscure little holes have been found in a post-SP2 Internet Explorer. Until you can prove that the dangers of these holes outweighs the benefits of the firewall, the AV-integration, the popup-blocker, the fault-tolerant addon manager, the binary/script/ActiveX lockdown, we NEED to encourage people to install this update, and not sit back and criticise it. -- 12:05, 24 Dec 2004 (UTC)
::::::: Whether SP2 removes many of Firefox s main selling points is both irrelevant and debatable (are there still major open security flaws in IE Yes, yes there are) but the facts are quite simple: there IS spyware that requires editing the registry to remove it; people SHOULD install SP2; people NEED to be aware that installing SP2 on a spyware-compromised computer can cause irrepable damage to their OS. This article is supposed to be NPOV, not NPOV until we decide there s something we should push , as you seem to be doing. ( [W]e NEED to encourage people to install this update... ) That means 1] including information on why and how to install the update and 2] including information on what needs to be done prior to installing the update, including the fact that there IS spyware that requires editing of the registry to remove it. (What is it about that one sentence that has you so teed off One gets the feeling you would be less upset if we made disparaging comments about your family than the above statement...) -- 16:47, 24 Dec 2004 (UTC)
:::::::: I agree with your points (although regarding your second point, one may demonstrate POV by choosing which information to include). My only concern is that there are people out there with a vested interest to disparage SP2. It s a shame people can t give MS a bit of credit for spending $1BN and a year of development on major security enhancements. Of course, SP2 will not be the magic bullet that prevents all future exploits, but it s a step in the right direction for the Corporation. They have shown that they are responding to criticisms such as those aired in this page. But what s the response Well, it seems the same people that demanded a security lock-down are now trying to rip it to shreds. Think how the developers at Microsoft (who are human beings) must feel when they read this page and most others from the grass-roots media. They must be fed up with trying to address people s concerns and getting it thrown back in their faces. I despair at the anti-MS POV that seems engrained in the psyche of most editors here. It s desperately negative and acheives nothing, unless you guys are simply here to present a case for competing browsers. -- 21:42, 24 Dec 2004 (UTC)
::::::: I don t think Alistair is arguing against encouraging people to install SP2. And I am certainly not doing so. (The funny thing is, if you knew me, I am one of Microsoft s biggest cheerleaders amongst my friends/colleagues, save for IE.) But it is not unreasonable (or unexpected in this forum) to provide both viewpoints, not just the go ahead and install SP2, everything will suddenly turn up roses viewpoint that you seem to be espousing. (Another side point: Microsoft *bought* both an AV developer and spyware-removal software developer and is widely expected to offer the next iterations of both their products either free or at a reduced cost to Windows owners...MS could give a flip less about pissing off Symantec etc., and 10 to 1 the only reason there s no AV in SP2 was the company wasn t bought soon enough.) -- 16:47, 24 Dec 2004 (UTC)
Chris some people, who IMHO should know better, never manage to rid their machine of crap and simply decide to wipe them and start from scratch:
: On Sunday night, while preparing for a trip Monday to New York, the notebook I had planned to bring was suddenly struck by the most malicious software (malware) I ve ever encountered. This Trojan horse got through my defenses despite the fact that I was running the Release Candidate 1 (RC1) version of Windows XP Service Pack 2 (SP2) with the firewall turned on. It was infuriating, and after hours of investigating, deep cleaning with various antivirus and spyware products, and consulting with my technical guru (Storage UPDATE s Keith Furman, a lifesaver), I finally gave up. As I write this commentary, I m heading to New York by train, using a different machine, and my infected laptop is home, awaiting a complete wipeout. I never did completely clean up the machine, and I m still frustrated by the defeat. [