Picked up via Schestowitz (thus the title), but he’s just a troll. I apologise for quoting SJVN also (as the link), but it’s useful as a FUD monitor. So then, what’s the problem?
Well, it’s http://www.theregister.co.uk/2010/11/03/ie_0day_bug/ IE6 exploit. Copied to SJVN (who, honourably, points out that this is IE6 specific), and copied to the Pointless Hatred That Has No Name … well, ok, BoycottNovell.
Something you won’t read on Loon sites is the following:
“In an encouraging sign, few of the visitors were affected because they weren’t using a vulnerable browser, they added.”
Something that none of them will point out (bar SJVN, who is almost approaching sanity) is that this doesn’t really apply to IE8. You know, that version of a popular browser that has been available since March 2009? On a free download?
Obviously this would never happen on a Linux desktop. If only because you’re more likely to be attacked by a triceratops than to have a March 2009 desktop still working.
Oh, shoot. I can’t be bothered with these morons any more. Here’s Dr Roy’s bitch-fest on the supposed problem:
“The exploits were hosted on a page of an unidentified website that had been breached without the owner’s knowledge, according to antivirus provider Symantec, which discovered the attacks a few days ago. The perpetrators then sent emails that lured a select group of people in targeted organizations to the booby-trapped page, causing those who used IE versions 6 and 7 to be infected with a backdoor trojan.”
No comment. You decide.
Incidentally, and I can’t even be bothered to read this even though it’s an actual response to the “threat,” you can check out Kaspersky Labs.
Who cares about gaping holes in Android when you can target a version of IE that came out in August 2001?
I mean, it’s not like IE6 can be trivially updated to IE9. And it’s not like Android can be trivially updated to …
... oh, wait.
Comments
“If you’re running Windows 7, you should be looking forward to IE9.”
Wait, how did he get IE6 on Windows 7 in the first place…..?
“In other words, it’s not idiot end-users running unpatched copies of XP that’s keeping IE 6 alive, its businesses. You’d think their IT departments would know better.”
Remember when Google got hacked with the Aurora security hole that was never successfully exploited on IE7/8 ? Somehow, SJVN didn’t point that out so much back then, I do wonder why that is….......
“[...], but to do that inside IE8? While keeping ActiveX and JavaScript? I can’t see it.”
You’d be shocked, but ActiveX still works on IE8. Also last time you mentioned it, you said it was an IPC technology, didn’t you?
“Kill the blasted IE6 specific applications already, re-write them in standard HTML and JavaScript, and move to a Web browser with real security already! Is it really that hard?”
Totally, and it’s so uhm cheap and goes so quickly to rewrite your whole goddamn intranet. Really, how could you? I mean, the best example is Google here. YouTube and other sites are already not supporting IE6 anymore, and I bet their intranet goes the same way… OH WAIT.
Oh come now, SJVN. I’d be the first person to bash IE, especially IE6, but damn, you would have to go and lie and turn it into another excuse to bash MS, wouldn’t you? Tsk.
You must be signed in to leave comments.