Chris Salmon Technologies

I was at a friend's house just a couple of days ago.  He asked me to help him with some domain registrations.  Within a couple of minutes, I recognized the frustrating, tell-tale signs of some kind of malware/spyware infection.  His fancy new laptop is crawling like mountaintop molasses... I couldn't take it and said, "I've got to fix this 'puter before we go any further, what is wrong with this thing?"  "Oh, yeah," he says, "it was running fine until just the other day, and suddenly it started acting like this."

So, I dig up Spybot for him and download it.  In addition something has turned off his security center settings, and the laptop is pretty much just sitting open to the network.  After quite a bit of time downloading tools, booting into safe mode, running scans, and tweaking his settings, I get the darn thing running like it's supposed to run again.  Scans showed a variety of nasty bugs and one trojan horse running on his computer.  

"How did I get that stuff?  How can I avoid being infected?" He asks.  My reply? "Stop using Microsoft internet tools is the easiest, quickest answer I can give you.  That will vastly improve your security even without doing anything else."

Recent break-ins at Google and 20+ other big companies were all related to bugs in Internet Explorer.  Outlook has been a fertile field for crackers planting their bugs for years.  Why do people continue to use these tools when they're known to be insecure and buggy?  The easy answer goes back to the Microsoft antitrust settlement in the 90's, where it was revealed that MS forced computer manufacturers to include their crappy internet stuff in all computers shipped.  Microsoft threatened companies like Dell with losing their ability to purchase Windows cheaply if they did not comply, thus basically forcing the infection of millions of users with IE and Outlook, rather than users having tools that had been around for years back when MS was saying the internet would never amount to anything.  MS also made a rather poor decision to use their knowledge of their own operating system (Windows) to "integrate" their internet tools with the base operating system of the computer.  This was obviously another attempt to get a competitive edge on Netscape and other browsers of the time, using MS's knowledge of their Windows monopoly to the advantage of the newly formed browser group at MS.  Microsoft has always used this to their advantage, to make competitors' software run more slowly or more poorly than MS's own products.

There is also a more in-depth answer, which is also part of the antitrust problems with Microsoft.  When Microsoft finally decided they better pay attention to the internet, they ignored the W3C, the international body for WWW standards.  Rather than constructing their applications and servers to match everyone else's W3C compliance and ensure ease-of-use and interoperability, they just decided that they would impose their own, proprietary standards upon the pre-existing Web.  This was yet ANOTHER attempt to use their monopoly position on the desktop and laptop to exclude potential competitors for their browser and email application.

And so, even today, there are a number of websites, especially those running their crappy IIS webserver, that will not run correctly with any browser but IE.  So users who wish to run another browser, not only find that their computer comes with IE, and they have to know about and download a different browser, they will also find that since MS servers and browsers don't match the open, international standards of the internet, they have trouble viewing and using some websites.  Then on the flip side, Microsoft has made it also that sites that don't use their proprietary servers, will not run correctly WITH IE.  MS basically is saying, "screw the users, they're going to use our internet tools whether they like it or not!"

And that may explain, why Google was hacked using known exploits in IE, when Google has their own browser, Chrome.  Even I have IE on my Windows machines for the mere reason that every once in a while I find a site I MUST use IE with or it doesn't display or work correctly.  In fact I have 4 browsers on my computers that I can use if needed, and I advise others to do the same.

Microsoft recently revealed that they had known since August of last year about the hole in IE that was exploited by the Chinese crackers against Google and the other American companies that were penetrated and compromised.

Here are three other choices for browsing, that will drastically cut down on the likelihood that you will become infected or compromised:

1. Opera - this is what I use most of the time.  I prefer it's integrated internet environment, with email, file transfer, notes, RSS news reader, everything in one environment.  I never have to leave Opera to do almost anything on the internet.  Opera also runs on my smart phone and my linux machines and servers. 
2. Chrome - this is a very good tool, that is extremely fast and light, from Google.  Don't sign up for it to report all your browsing to Google though, if you value privacy.
3. Firefox - a direct descendent of the original graphical internet browser, this is also a very advanced open-sourece tool with many sophisticated features and some very cool plugins (like SEO plugins) that have been developed for it.

I'll dig more into non-Microsoft internet applications for Windows and other operating systems in the next article in this series.

No microsoft tools, applications, or operating systems were used in the construction of this post