T
Trev
Flightless Bird
"bbgruff" <bbgruff@yahoo.co.uk> wrote in message
news:7rergmFr8iU1@mid.individual.net...
> Ezekiel wrote:
>
>>
>> "Enkidu" <enkidu@nogodhere.net> wrote in message
>> news:20100116172902.3320.80961.XPN@nogodhere.net...
>>> Kerry Brown wrote:
>>>
>>>> You'd have to be a couple years behind
>>>> on updates or an idiot to be affected by this.
>>>
>>> Is there a shortage of computers a couple of years behind on updates or
>>> of idiots?
>>
>> It's reported that the hacked computers were still running IE 6. They
>> didn't even upgrade to IE7 let alone IE8 and they've only had over 3
>> years
>> to upgrade.
>>
>> Internet Explorer 7 was released on October 18, 2006. How secure is a
>> 3+
>> year old install of Firefox????
>
> I think that perhaps you are overlooking a couple of points.
>
> I seem to recall that one of the reasons (the main reason) that there are
> so
> many instances of I.E.6 around still is that I.E.6 is still used by a
> large
> number of corporations. In fact, I.E.6 still accounts for 21% of ALL
> browser use, and that is roughly one third of all MS Browser use.
> http://marketshare.hitslink.com/browser-market-share.aspx?qprid=2
>
> I don't believe that the situation is likely to change soon, in that the
> reason is "lock in". A lot of those companies have intranet applications
> which *only* work on I.E.6, and they are stuck with it for a long time
> yet,
> much as South Korea is stuck with I.E. for its banking.
>
> In addition, we should perhaps remember that these attacks were very
> specific and targetted. It is *corporations* that they were directed
> against - and it is there that the greatest concentration of I.E.6
> installs
> lies.
>
> One could (I suppose) argue that this could have happened via *any*
> browser,
> had such a vulnerability been found there? It seems to me though that
> there are two items coming into play, one being the vulnerability of the
> browser (I.E.), and the other the ability to exploit the OS (Windows) into
> executing the downloaded malware.
> One thing I think is for sure - *diversity* of browsers and of OSs would
> be/is a great help in these things.
>
> Finally, this is the very thing which I understand the upcoming Google
> Chrome OS is being designed to put a stop to!
>
>
> From what I have read, I also suspect that you are placing a great deal of
> faith in the newer versions (and patches to) I.E. The Bonn government
> (for
> example) does not seem to share your conviction.
Well said but if the Bonn Govt knows as much about the internet as the
London one That's Zero
news:7rergmFr8iU1@mid.individual.net...
> Ezekiel wrote:
>
>>
>> "Enkidu" <enkidu@nogodhere.net> wrote in message
>> news:20100116172902.3320.80961.XPN@nogodhere.net...
>>> Kerry Brown wrote:
>>>
>>>> You'd have to be a couple years behind
>>>> on updates or an idiot to be affected by this.
>>>
>>> Is there a shortage of computers a couple of years behind on updates or
>>> of idiots?
>>
>> It's reported that the hacked computers were still running IE 6. They
>> didn't even upgrade to IE7 let alone IE8 and they've only had over 3
>> years
>> to upgrade.
>>
>> Internet Explorer 7 was released on October 18, 2006. How secure is a
>> 3+
>> year old install of Firefox????
>
> I think that perhaps you are overlooking a couple of points.
>
> I seem to recall that one of the reasons (the main reason) that there are
> so
> many instances of I.E.6 around still is that I.E.6 is still used by a
> large
> number of corporations. In fact, I.E.6 still accounts for 21% of ALL
> browser use, and that is roughly one third of all MS Browser use.
> http://marketshare.hitslink.com/browser-market-share.aspx?qprid=2
>
> I don't believe that the situation is likely to change soon, in that the
> reason is "lock in". A lot of those companies have intranet applications
> which *only* work on I.E.6, and they are stuck with it for a long time
> yet,
> much as South Korea is stuck with I.E. for its banking.
>
> In addition, we should perhaps remember that these attacks were very
> specific and targetted. It is *corporations* that they were directed
> against - and it is there that the greatest concentration of I.E.6
> installs
> lies.
>
> One could (I suppose) argue that this could have happened via *any*
> browser,
> had such a vulnerability been found there? It seems to me though that
> there are two items coming into play, one being the vulnerability of the
> browser (I.E.), and the other the ability to exploit the OS (Windows) into
> executing the downloaded malware.
> One thing I think is for sure - *diversity* of browsers and of OSs would
> be/is a great help in these things.
>
> Finally, this is the very thing which I understand the upcoming Google
> Chrome OS is being designed to put a stop to!
>
>
> From what I have read, I also suspect that you are placing a great deal of
> faith in the newer versions (and patches to) I.E. The Bonn government
> (for
> example) does not seem to share your conviction.
Well said but if the Bonn Govt knows as much about the internet as the
London one That's Zero