"No, only saying that I've been lucky enough or smart enough to avoid being bitten by them." So why not take the extra step and try eliminating the "luck" and the human-factor from the equation. Some are obviously not so lucky or are not as smart as you - hence this thread. "Doubtful since I check my system regularly for just such an occurrence." I was not talking about you specifically ... hence the word "THEY" referring to people who will continue using IE no matter what. And I did use the word MIGHT. Do a poll here asking "Do you check you system regularly for malware using the newest definitions available even if you haven't noticed anything odd in your machine's behaviour?" What do you think will be the prevailing answer? Btw: I've encountered malware that were present and not detected by newest Adaware definitions or newest virus descriptions of a commercial virus-scanner. That was at my in-laws' place: the malware in question slowed turning off the computer, but otherwise was unable to do anything because of an active firewall quietly blocking it's activities. It took some time to get rid of it ... and in the process I learned that it was one of the many malware programs using IE's vulnerabilities. They downloaded an alternative browser the very next day. "I've been programming and working with computers since before the first IBM PC so I'm well aware of the threats and what they can do. I'm not saying that IE is problem free by any means, merely that by being proactive and taking the time to guard against potential threats, one can avoid the vast majority of pitfalls that some people seem to have." I too have a mere 20 years of experience with computing ... however the vast majority does not have that luxury and may not want to invest hours upon hours investigating security issues just to be proactive. To those people alternatives to IE and it's downfalls do exist. Surfing with IE can be safe: that is not the issue. The issue is that it is not safe without learning how to disable much of it's default settings - leading to unwanted behaviour when surfing at sites meant to take full advantage of those settings. "Faced with a choice of using IE's features, which work for the vast majority of visitors, trying to duplicate them for another browser or coding a plain vanilla site that will work for any browser, guess which one most have chosen? " I'm being involved in web-site design as well... doing a site for DOM-compliant browsers (IE5+, NS6+, FF, Opera 5+ etc) is not difficult nor does it require any kind of tricks - it just requires some basic knowledge and testing from the web-designer. Btw: "Plain and vanilla" sites are oftenmost the ones which are most user-friendly, informative and long-lived (like Rendo here). Much of this comes from the fact the they have been designed to serve and not to show off special tricks. This is, however, somewhat OT. "Just don't expect that FireFox is going to lead to some hacker free Nirvana." Exactly. I'm not saying it's perfect - far from it. But it sure currently offers much better protection than IE - with default settings, might I add. VMWare and other virtual operating systems are really not an option for the vast majority of surfers out there. Much more cheaper, quicker and user-friendly means exist to provide a little-bit safer environment to surf. That would be mainly updating Windows+IE on a weekly basis and learning how to shut down some of IE's worst vulnerabilities ... or one could TRY using an alternative browser. Opera is as good security-wise as FireFox or Mozilla for the average-surfers out there. "There are alternatives but saying that using IE will inevitably lead to doom and destruction simply isn't true." I don't anyone has said that. I know I haven't. I still use IE regularly, but only to test my own designs. Personally I've had lots of problems with IE's security, but as said... surfing with IE can be safe. Lmckenzie: please note that this is not supposed to be flammatory or personal by any means. As English is not my first language, some wordings may sound a bit on the rougher side. Apologies for that.

12rounds, your English is undoubtedly better than my (insert any language here). I understand and believe me, I don't take it as anything other than an exchange of opinions. I actually agree pretty much with what you're saying. It does take a little knowledge and some effort. I simply hope no one is lulled into the impression that with Mozilla, they can dispense with those. It's true that many, perhaps most people take less care with their computers than they would with their automobile or many other aspects of their lives, Why else would people keep opening those "I Love You" messages. If FireFox can help reduce the problem then that's great. Like I said, if nothing else, it's a kick in the pants for Microsoft. I think we agree though that the biggest part of the security equation is will probably always remain the people usings the systems, no matter what they are.

Once, at band camp, I spent over a week trying to get some text to format correctly in a layer, when viewing with Firefox.
Only to have it corrected by the upgrade from v.92 to v.93.
I still get major problems with firefox/mozilla not being able to parse very basic web code, even the latest version. Yet on other pages its able to run what should be IE specific dhtml.
We can't really expect too much from version 1.

You may have missed the 16th anniversary of the first worm last month:

From ZDnet:
"At around midnight on November 2, 1988 the Morris worm, which was written by a 23 year old Cornell student called Robert Tappan Morris, was released on the then-embryonic Internet.
Within hours the worms 99 lines of code overloaded thousands of Unix-based VAX and Sun systems and forced administrators to disconnect their computers from the network to try and stop the worm from spreading.
The Morris worm was part of a research project and was not designed to cause damage but..."

Message edited on: 12/07/2004 17:55

I still get major problems with firefox/mozilla not being able to parse very basic web code I've never had a problem, even with beta versions. I've very occasionally seen CSS based designs that didn't work quite right, but it was the CSS that was poorly coded (i.e., not to standard). shrug In any event, I don't like IE, I don't like the security risks with it (and yes, I run an arsenal of "protection" software), and I prefer Firefox, but will also use Opera. I feel more secure using it, and totally aside from that, it's fast, clean, and gets the job done. ;-) Then again, I was always a Netscape gal, until about version 4.6 when their updates and production slowed to a crawl. I did use IE for a few years, mostly because I couldn't tolerate NS4.x any more. As soon as there was a good, stable NS, I was right back with them, and now I'm using Firefox (yay for Open Source!), so for me, well, it's what I've always preferred. I did design my first graphical website using Netscape 1.1.... ;-) bonni

"I think we agree though that the biggest part of the security equation is will probably always remain the people usings the systems, no matter what they are." Yeah. Who knows... maybe MS gets it act together and redesigns IE to be more robust and security-oriented in the future. Today, however, the difficulties inherent with large company's decision-making and closed-code business culture are hindrances to making a better IE. "I still get major problems with firefox/mozilla not being able to parse very basic web code, even the latest version." That's strange. I've had no difficulties creating even rather complex and layered designs with CSSs. The most obvious problems to my knowledge are that different browsers obey the CSS standard differently causing fluctuations of few pixels etc. and not all browser versions support CSS2 since the standardisation is still under construction (or was when I last took a look at it). In any case Mozilla and Firefox act pretty much the same when it comes to interpreting html (them being based on the same design) and one can hardly argue that Mozilla is a new browser nor that it would suffer from usual "post-beta version" difficulties. I fail to see the relevance of the ZDnet article in this context. There are worms for several OSs out there. I think that is not the issue. However, running a Fedora Linux or HP-UX or whatnot as an OS greatly reduces the risks of being targeted in the world today.

I'll post the problem pages in the HTML/scripting forum.

I think the ZDNet reference was just a whimsical commentary on the whole perspective of security, not anything specific about this question. Microsoft already made security enhancements in XP SP2 but for some reason, they've decided not to release them standalone for IE on other OS versions. Since XP is now targeted for some of the new Longhorn infrastructure enhancements, I suspect that may have something to do with it. Microsoft is a big ship and it doesn't move quickly--until it feels threatened--witness the way they came from nowhere to steamroller Netscape when they saw a potential threat from the Netscape browser. If FireFox becomes too big, I predict they will react. I don't want to get into a debate about the whole open vs. closed source issue. It quickly becomes religious, not unlike the Mac vs. Windows thing. Whatever works for the individual is best for them. I'm not sure being closed source means inherently less secure. Some of the most secure products available are probably very closed source. I think one of Microsoft's problems is that they wanted to make IE a part of their whole Windows/Office grand vision of scripting/ActiveX everywhere with everything being a seamless environment. That works fine for an intranet but when you expose it to the wild and wooly world of the internet, where external threats are rampant, you have a problem. I'm not sure what their answer is but as I said, if the competition begins to get too much market share I expect we'll see something before Longhorn. I'm sure Bill Gates doesn't like losing money, but I know he absolutely hates losing a competition.

"I'm not sure being closed source means inherently less secure." Me neither. There are examples swinging both ways. "I think one of Microsoft's problems is that they wanted to make IE a part of their whole Windows/Office grand vision of scripting/ActiveX everywhere with everything being a seamless environment. " I think so too. "I'm not sure what their answer is but as I said, if the competition begins to get too much market share I expect we'll see something before Longhorn. I'm sure Bill Gates doesn't like losing money, but I know he absolutely hates losing a competition." At current level I believe the newly kindled "browser wars" will eventually get us better browsers - no matter who wins the competition. I also believe that the side(s) competing with Microsofts' products have learned a lesson or two after seeing how MS literally crushed Netscape the last time all those years ago.

Microsoft is a big ship and it doesn't move quickly From what I've heard (and this may be in error, I haven't really researched it a lot), they've disbanded the IE development team, at least for the moment... At current level I believe the newly kindled "browser wars" will eventually get us better browsers I certainly hope so. bonni

"...they've disbanded the IE development team..." I hadn't heard that. It would sound bizarre but it might explain why they say they don't plan adding the XP-SP2 enhancements to a standalone version of IE. I suppose they may be planning to buy someone else's browser. I think I read something about Google working on a browser. I can't see them abandoning the space, especially when they own it. Is there a version of IE for the Mac? I could certainly see them ditching that product since I imagine most Mac users would prefer Safari, at least on OS X.

Attached Link: http://www.mozilla.org/products/firefox/

Attached Link: http://www.proxomitron.info/45/help/Contents.html