Exporing the Internet
without Internet Explorer is safer
by Prof. Arnaldo Coro Antich
From Rebelion website July 14, 2004
Translated from Spanish by AK.
Edited by Walter Lippmann.
Mozilla and Opera are two Internet browsers that have lately become more widely used, but since the end of June there has been a gigantic increase in the number of internet users who, alarmed by the latest news of security problems with Internet Explorer, have gone to web sites where they download these two programs and completely replace the unsafe Microsoft software.
For a long time "hackers" have noticed that the best way to protect computers from penetration by all types of viruses, is to simply not use Internet Explorer to navigate the network of networks: the Internet.
In response, the Bill Gates’ super-monopoly, Microsoft Corporation of Redmond, Washington, United States of America, accuses fans of information and communication technologies of being obsessed with finding security problems in the company’s products.
Microsoft says that "hackers" and many computer science specialists have simply dedicated themselves to systematically damaging the prestige of the company.
But last week, responding to a security problem discovered in Internet Explorer, it was not "hackers" nor even "people envious of the profits of Microsoft" that sounded an urgent warning to all the users of the navigator that dominates 95 percent of the market, according to numerous experts.
The security problem was published in the Web site of Wired, a well-known magazine specializing in the theme of new technologies of information and communication. A few hours later, an official organization of the government of the United States of America that operates under the name of "Computer Emergency Readiness Team", a work group that alerts the public to emergencies in computation, issued an unusual warning, with a very strong recommendation to users of Microsoft Internet Explorer that they change to a different navigation program, due to the “significant vulnerabilities in technologies" in the software created by Microsoft.
The super-monopoly responded quickly through the mass media. Gary Schare, director of the Windows Client Division at Microsoft, hurried to inform to the press that the warning by CERT, as it is known by its English acronym, said that CERT’s advice had been misrepresented in much of the press coverage.
Attempting to both appease one of Microsoft’s most powerful clients, the US government, and control the damage caused by the warning, Mr. Schare stated: "Microsoft certainly respects the work CERT does to help protect the Internet and users," but immediately he added that regarding the consideration that users switch browsers, it was "unfortunate that the published articles have misrepresented CERT's suggestions, and we are working with CERT to clarify their advice", affirmed Schare to the journalists who questioned him.
Let’s see what happened after the launching of the alert by the CERT. It turned out that many experienced cybernauts, including a great number of network administrators, carefully analyzed not only the most recent security failures detected in Internet Explorer, but were also guided by the way the alert note was written and, reading between the lines, they immediately began to download from wherever possible, internet browsers which did not have the serious security problems of Internet Explorer.
In a few hours Web sites where free browsers like Mozilla and Firefox can be downloaded, such as www.mozilla.org, became increasingly popular. Mozilla and Foxfire are open source-code browsers developed by the Mozilla Organization, which resurrected the remnants of Netscape after it was acquired in 1999 by another giant of computer science, America On Line (AOL).
The download requests for Mozilla and Firefox began to increase as soon as the CERT warning was issued, and demand continues to rise, explained the director of Mozilla’s nonprofit Foundation of Engineering, Chris Hoffman. This Foundation was created a year ago to promote the development, distribution and implementation of Mozilla applications for the web. On July 1, 2004 an unprecedented number of downloads was registered, when concerned Internet Explorer users went to the Mozilla site in amazing numbers reaching two hundred thousand, double the normal amount.
Hoffman, on the other hand, declared that the work team of Mozilla had not been surprised by CERT’s security alert -- in fact, the number of downloads of the original Mozilla and its more recent version Firefox, has continuously increased since last autumn and the number of registered users of those free browsers doubles every few months. Users that have been frustrated by the problems of Internet Explorer and Windows have found in Mozilla a good and economical solution.
Hoffman concluded his statements by emphasizing that the recommendations of CERT reflect a tendency that they, in the Mozilla Foundation, had been observing for a long time.
On the other hand, computer science security experts from several countries point out that Mozilla does not support the Microsoft platform called ActiveX, which is, in the opinion of many, one of the reasons why Mozilla is a safer browser than Internet Explorer. ActiveX was intended to make it possible for Web sites to add multimedia and interactive features, but it has become the favorite target of malicious hackers to slide spy programs (Spyware) into computers, without the user’s knowledge or explicit consent, which is to say, in a totally concealed way, leads to all kinds of problems.
Patrick Hinojosa, chief technology officer at Panda Software, one of the most well-known software companies developing programs to fight all types of computer viruses, explained that "ActiveX allows programs to run in the browser. It is a big part of the security equation, as most Internet Explorer don’t have this locked down by default.”
He continued his explanation by adding that there has been a significant number of "security patches" issued for Internet Explorer over the last year or so although not all the problems were connected with ActiveX, because they are had detected other security problems not related to this.
ActiveX is only part of the story, according to Hoffman, who indicated that the high degree of integration of Internet Explorer with the operating system Windows, and the differences between the architecture and configurations of security of both browsers, Mozilla and Internet Explorer, explain why Mozilla is much safer from viruses and hacking while navigating the internet. Tight integration between the browser and the operating system certainly provides more power and convenience for users, but it also acts as a more easily accessible entry for "hackers". Unlike Internet Explorer, Mozilla requires that the user acknowledge and grant approval for any situation that involves downloading from the internet or an intranet, as well as installing or running executable code or any other risky operation.
A well-patched version of Internet Explorer can do the same thing, but Mozilla has the advantage of being able to stop the cybernetic attacks automatically and to keep malicious codes from being run. This has made Mozilla and Firefox much less vulnerable to the attacks of the hackers that have caused so much damage to Internet Explorer users who often do not even know that their computer is jeopardized every time they connect to the Internet. An estimated 90 percent of computers in the world use the Microsoft operating systems, creating a homogenous environment that is attractive for cyber criminals looking to cause problems.
The fact that Mozilla uses an open-code development model makes it much safer in the opinion of a great number of experts on the matter.
Each change that is made to the applications of Mozilla is analyzed by several specialists who are familiar with the code of the program before the changes are incorporated into the end product that is offered for downloading or distributed on compact discs.
What is called the "source code" of Mozilla is available to anyone who wants it to analyze it. Microsoft Corporation totally refuses to disclose the source code on any of its products, maintaining absolute secrecy and preventing people from outside of the monopoly from detecting security problems before the software is put on the market.
Now, once again users of Windows XP, the most recent operating system of Microsoft, will have to download from a Web site, a new "Service Pack", which, supposedly will resolve the most recent security problems of Internet Explorer.
===================================
The article from WIRED referred to above:
http://www.wired.com/news/print/0,1294,64065,00.html
source for this
article by Arnaldo Coro:
http://www.rebelion.org/noticia.php?id=2279