This page is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
"On the other hand, the dominance of Internet Explorer in the web browser market has led some web developers to design their sites with IE in mind as the target browser. This means that browsing with Internet Explorer can often be freer of irritation due to other browsers' inability to run IE-specific code."
I'm not sure if this information is accurate. Most web developers write their sites with all the major web browsers in mind. Very few make it "IE-specific." Perhaps delete or re-write this? -- Sasha Slutsker
I know Microsoft ported IE (version 5 at least, maybe 4) to Solaris and HP-UX, but I don't know any of the details. The website used to be at http://www.microsoft.com/unix/ie/
Also, why is Konqueror listed as being a competing browser on Windows? I'm guessing this is a mistake or a Konqueror fan just wanted to add it. The win32 port never got off the ground, and running on Cygwin/X doesn't count.
The
Konqueror page claims that there is a Windows port -- though it may be through one of the projects you mentioned.
The only IE for Unix released was for Solaris and HP/UX. I was able to confirm that IE v4 and v5 were released for both... not sure about other versions of IE (or other flavors of Unix). See:
MSDN article, MSDN article and Unicode web browsers for Unix and Linux computers
Gecko 00:50, 13 Jul 2004 (UTC)
The repeated mentions of tabbed browsing and popup blocking as features provided by competitors is misleading, especially considering there was no mention of these features being available in alternative browsing interfaces that wrap IE.
I have attempted to mitigate this somewhat with today's edits, clarifying that components of IE are, on Windows, incorporated into various applications, some of which supplement IE's features (e.g. SlimBrowser) and some of which only provide a limited subset thereof (e.g. Winamp's "minibrowser" panel). There's also Windows Explorer, the application that makes use of IE components to supply the default interface for browsing the filesystem as well as rendering the desktop, features which seem to annoy anti-MS folks but which are viewed favorably by many users.
Even edits such as these may not be enough for adequate NPOV; it might be better to avoid implicitly or explicitly qualifying all components as belonging, first and foremost, to MSIE. Rather, many of them are just a subset of all of the components that go into an application. Some of these are shared, some aren't. I'm guessing these issues are discussed at length in some litigation somewhere. - mjb 08:05, 18 Jul 2004 (UTC)
For obvious reasons this page may be more invulnerable to POV due to systematic bias amongst WP editors than nearly all others. Here are are some current potential issues:
As that link points out, it is not possible to remove IE from WinXP with any degree of safety. There are literally hundreds of Windows programs that rely on IE (the whole shebang not just components). Deleting the files that that link suggets from your hard drive is a bit like playing russian roulette. Firstly we need to decide whether to link to that site at all (the "tweak" is given the lowest possible score there 1/5, because it basically doesn't work). If we do want to continue link, we will to redo the wording.
There is no equivalent section on the Mozilla/Firefox/etc/etc pages. The comparison between browsers should be at web browser. References to other browsers in this (and other browser-specific articles) should be in passing. e.g. "IE does not provide tabbed browser, unlike Moz-based broswers. Similar functionality can be obtained by using multiple windows." Pcb21| Pete 14:23, 2 Aug 2004 (UTC)
Pcb21| Pete 14:23, 2 Aug 2004 (UTC)
Pcb21 - Resetting the tab for space. In total agreement about fixing the information. We can try to find better info, and certainly include a warning about just how difficult MS has made it to remove IE. - anon
What is the factual basis for "Internet Explorer is by far the most widely-used web browser, making up approximately 95% of all browser usage, mainly because it has been shipped as the default browser in all versions of Microsoft Windows since Windows 95."?
I could not find any objective, conclusive evidence of this. Maybe we could get some data from the access logs of the wikipedia or another general topic website? Or else this could beter be rewritten as "Internet Explorer is one of the most widely-used web browsers, mainly because it has been shipped as the default browser in all versions of Microsoft Windows since Windows 95." Although I doubt that this is the only reason for its popularity.
Also, usage under MacOSX has dropped very quickly since the introduction of Safari, so maybe the references to the Mac IE are not really current anymore imho. -- gmlk 16:23, 6 Aug 2004 (UTC)
Is it really neccessary to add the word "discontinued" to the image caption for the Mac OS X screenshot? All it does is make the caption longer, and anyone who wants to know that it's discontinued could read the article. — 33451 | Talk 12:20, 1 Sep 2004 (UTC)
Anyone know why I can only save jpgs I come across on the internet onto my computer in bmp format, and not jpg format, the format which they are in? I can't copy and paste them either. It's bloody annoying. I tried looking in tools/internet options but I can't see it. Alternatively, know anywhere where I can get help? (please respond on my talk page thanks) Dunc_Harris| ☺ 19:10, 2 Sep 2004 (UTC)
A recent addition by an anonymous user:
* Incomplete Standards-compliance according to the W3C (see W3.org). Note that the standards themselves (eg CSS3) are also incomplete.
As I said in the edit summary, the statement seems to summarily dismiss or brush off IE's lack of standards compliance. As a web developer, it's not CSS3 that I care about, but CSS2 and CSS1, which are complete, and which people like me have been clamoring for IE 5 and 6 to support for the longest time now. To conflate those issues is misleading.
That said, perhaps we can use this to strengthen the article. Can we get some input as to why Microsoft chose not to support several W3C standards, preferably straight from the mouth (or keyboard, as it were) of an IE developer? I'd love to incorporate that into the article so that people gain insight into why IE is the way it is. --
Ardonik.
talk() 01:11, Sep 15, 2004 (UTC)
Much as I'd like to agree, from my research it seems IE doesn't even support CSS 2 fully (specifically different types of selectors), let alone CSS 2.1. - as this article says. Match 16:08, Nov 28, 2004 (UTC)
I'm curious as to the definition of a "negative feature." In any case it seems irrelevant in an encyclopaedic article. The "negative features" in the IE page appear to be personal criticisms (POV), and comparisons to other browsers, which should be in Comparison of web browsers
I totally disagree that this should be taken out. It's highly relevant to the article, and though their is an article talking about various browsers, it's still valid to the article. - Ta bu shi da yu 02:55, 15 Sep 2004 (UTC)
Let me see, if Dr. Evil wins a hundred billion dollors from a slot machine, and he uses the money to make a hundred billion Mozilla discs and give them to every living thing on Earth, I'll keep this part. So far I don't see any compitition even though I personally uses Netscape, Mozilla and Fire Fox.
I echo Beachy's challenge: Are there real security experts who recommend removing IE from Windows PCs? I've been developing Windows software for years and I say it causes more harm than good. It could interfere with Windows Update, shell functions, future service packs, third party software, etc. And it provides no real security benefit over simply using another browser.
Let's be frank. People who recommend removing IE aren't "cynics" or "security experts." They're just Internet users. They do exist, this article even cites them. Let's not make up titles for them. Very few users actually remove IE, and I don't know a single computer professional who would recommend it. Rhobite 17:09, Sep 28, 2004 (UTC)
Where are you anonymous users coming from? Would one of you mind letting me know which message board is instructing its users to revert this page? Rhobite 02:53, Oct 5, 2004 (UTC)
OK, here's the story. I received an e-mail from Fred Vorck, who has a page about removing IE from Windows. This page has a blurb about Wikipedia: http://www.vorck.com/remove-ie.html#wiki . Quote: "stop making edits to a topic that you know nothing about. Leave the editing to the experts." Fred also says that the MSFN forums have been talking about this. I couldn't find the thread on MSFN, but I suspect that there's some name-calling going on.
I replied to Fred's e-mail and asked him to join us here. I think the people from Fred's page and MSFN can make a positive contribution here. I ask that they read Wikipedia:Neutral point of view and Wikipedia:Avoid weasel terms, and help us fix up the section on IE removal. They should understand that it is a small minority of people who feel that it is in Windows users best interests to remove IE. I make a living working with Microsoft products and I don't appreciate the suggestion that I'm not an expert on this topic. There is nothing wrong with linking to nLite, by the way. If this section gets killed we should put it in external links.
Also, Fred, regarding this: Wikipedia editors: "who says IE is insecure?" This is a mischaracterization of what we're asking. What I actually asked is, "are there real security experts who recommend removing IE from Windows PCs?" There is a difference between the two. Even if IE is insecure, it doesn't necessarily follow that it should be removed from PCs. Rhobite 13:17, Oct 5, 2004 (UTC)
For the record, here is what Fred wrote:
The Wikipedia Controversy
This is a strange one. It would seem that there are editors (to be fair, not all of them) at Wikipedia that would like to restrict your access to this information by censoring it, continually deleting the section on removing Internet Explorer from Windows from the IE Wiki entry. The question we all need to be asking is "why?" There was even a huge debate about whether the IE removal information should be included at all! Actually, in the article, as it stands in September 2004, there is a reference to XPLite that is not deleted. The only text that gets deleted continually is text that links to my site and to Nuhi's nLite site. I'd say IE removal from Windows is something readers deserve to know about, considering that the U.S. Government got involved. Editors at Wikipedia don't seem to agree on standards. First, they wanted the passage on removing IE to say exactly who recommends it -- a minority of IT professionals, because most won't actually read my process (be honest, guys; if you did, you wouldn't print half the things you post on messageboards about Windows being "unstable." First, you couldn't do it at all, the MCSE's said. Now, it'll make it unstable, the MCSE's say. Yawn). Then, the Wikipedia editors wanted the entry to have a Neutral Point of View. Then, when the post met these criteria, some Wikipedia editors asked what computer "security experts" recommend IE removal. When's it going to end? How many criteria must someone meet to make this information freely accessible? Stop making edits to a topic that you know nothing about. Leave the editing to the experts.
Revised text on Fred's site
FDV. None of this is meant to be disrespectful or inflammatory, especially #3. I am not questioning anyone's general expertise. The particular topic at hand, however, is _IE removal_.
1. I've read Avoid weasel terms. The wording has been altered several times (variously several users, some users, internet users, windows users, disgruntled users, etc etc). Why does a security expert have to endorse removal? Isn't the Wikipedia about information? As is pointed out, "[People like me, Fred] should understand that it is a small minority of people who feel that it is in Windows users best interests to remove IE." That's an excellent way to put it! Why not just say that? "A minority (omit small as redundant) feels that it is in Windows' users best interests to remove IE." Maybe even "Fred Vorck, Dino Nuhagic, and Shane Brooks suggest..." That is Neutral point of view compliant, isn't it?
2. If the Wikipedia guidelines require an imprimatur from a security expert rather than an IE removal expert, what does it take? Self-apellation? An MCSE? Kevin Mitnick? Just _who is it_ that you're looking for to give the removal process their blessing? What, in essence, is a "security expert?" This went from requiring that the Weasel and NPOV criteria be satisfied to requiring the blessing of a security expert, which AFAI can see has no Wikipedia entry.
3. "I make a living working with Microsoft products and I don't appreciate the suggestion that I'm not an expert on this topic." I'm not only suggesting it, I'm saying it now explicitly: you are not an expert on the topic of removing IE (which is this topic). It's NOT personal, it's all about information! You may be an expert in the use of several Microsoft products; no doubt that's the reason you are editing the entry on IE. I don't know what constitutes expertise on IE removal, but I'm certain there are no formal certifications, and I'm also certain that if there is any such person as an expert on IE removal, I'm one.
"I've been developing Windows software for years and I say it causes more harm than good."
Haven't read (never mind tried) the actual process, huh? I have not had any problems to date. I haven't had any users e-mail me with problems. If the HTML subsystem is left in, that's different from IE removal. It all depends on how the files are edited. IE can be removed. If by "harm" you mean "reduces the potential for DDOS and Port 135 attacks and security issues related to IE and MSOE, among other things," then yes, it will do these things, and will therefore "harm" your machine.
4. "...I don't know a single computer professional who would recommend it." Pleased to meet you! I work in IT and have since 1993. I unreservedly recommend reading my guide and removing IE. ;-) When I used NT 4 and my users had 95 and 98, there was no such thing as Automatic Update. I used the MS website. That hasn't changed; updates are available there. There is a classic rhetorical device called "begging the question." Many IE users make a conclusion about something (say, Automatic Update) as proof that users need IE. The basis for this proof is itself in need of proof. In other words, we first have to determine if Automatic Update is the only route to updating Windows (it isn't).
I see messageboard posts in Slashdot every time an IE topic comes up that say IE is needed for "many / all sorts of / several" programs (one recent reply to a post of mine claimed it's needed for "piles" of software). This issue has nothing to do with security. As for security, my files harden TCP/IP in Windows according to guidelines I read at csrc.nist.gov. My files will close Port 135 by default, shut off DCOM, prevent several ActiveX exploits from running... One big issue is that Windows File Protection would need to be restored, which fortunately is easily done and mentioned in my process.
But I'm addressing security again, when originally, the Weasel-NPOV dual criteria were asked to be met.
5. "Even if IE is insecure, it doesn't necessarily follow that it should be removed from PCs." And perhasps if removing IE does not improve security or creates insecurities, it doesn't necessarily follow that it shouldn't be done. Wikipedia is about information. A minority of users proved it can be done, but if it is now about the recommendations of security experts, perhaps some indication should be made. Mark already redacted the assertion that it will make a system more secure, and I never changed the text saying it did so. The removal issue, as I note, is one that the U.S. Government stepped into, so I'd deem it both relevant and significant to the Wikipedia entry, even if it cannot be proved that anyone other than three individuals in the U.S., Croatia, and Australia have used their own software to do it.
User:138.38.32.84 removed the "Removing Internet Explorer" section with the comment:
The section certainly needs work, and will hopefully be discussed and improved, but I don't see how it could be called irrelevant or POV. The information is factual and at least one person (me) found it helpful. As for an equivalent section for Firefox, that depends what you mean. If you are suggesting a "Removing Firefox" section, it would be pretty short since the package includes an uninstaller (forced integration with the OS just isn't an issue for most programs). If you mean a section listing security vulnerabilities in different versions, I personally would find that helpful: it would be useful to be able to look up whether some program version has outstanding security issues, and this is precisely the kind of fast-moving information Wikipedia offers that a conventional encyclopedia never could. Saucepan 03:09, 19 Oct 2004 (UTC)
"Critics have claimed that security fixes take too long to be released after discovery of the problems, and that the problems are not always completely fixed. After Microsoft released patches to close 20 holes in their general operating system in February 2003,
Marc Maifrett of
eEye Digital Security stated that "If it really took them that long technically to make (and test) the fix, then they have other problems. That's not a way to run a software company."
[1] Microsoft attributes these delays to thorough testing to ensure that bug fixes do not lead to problems elsewhere." Why is this even in the article? This is talking about general security issues, not just about security issues with Internet Explorer! Shouldn't it go somewhere else? -
Ta bu shi da yu 07:01, 11 Dec 2004 (UTC)
Removed Critics charge that this rigorous testing is required in large part because Microsoft has failed to make IE sufficiently modular and separable from the rest of the operating system. These critics state that other browsers, because they are designed as a separable module from the operating system, can be tested far more efficiently. Some browsers, such as Firefox and Opera, run on a far more diverse set of installations than IE, supporting a large number of truly different CPU architectures and operating systems (including Microsoft Windows and also MacOS, various Unixes, and various
Linux distributions), yet changes to them are released far more rapidly.
"Many security analysts attribute IE's frequency of exploitation in part to its popularity, since its market dominance makes it the most obvious target. However, many others argue that this is not the full story; the Apache web server has a much larger market share than Microsoft IIS, yet Apache has had fewer (and generally less serious) security vulnerabilities than IIS."
AlistairMcMillan removal summary: "Remove invalid points. Please point to a browser in talk that does not have an easy to use interface and an integrated search facility (with multiple engines).)". I just wanted to point out that there ARE in fact browsers, and have historically been browsers, which did not have easy-to use interfaces and integrated search. The first that springs to mind is lynx (as it's text based). If we're talking about graphical browsers only, old versions of IE, netscape, and mosaic did not have interfaces which were always easy to use, and certainly didn't have integrated search engines (as current engines like google didn't even exist). Just wanted to point out that it's not necessarily obvious/invalid. -- ABQCat 07:42, 1 Nov 2004 (UTC)
Did you just call me a "layman"? :-)
Lets get specific. Ignoring non-graphical, or ancient browsers that have 0.x% of the browser market.
I'm drawing a blank here, where are the easy-to-use interface features that make IE stand out.
"non-native and differ in colour, size etc" IE uses a picture of a little house to represent HOME. Firefox uses... a picture of a little house to represent HOME. IE uses a picture of a green left-pointing arrow to represent BACK and Firefox uses... a picture of a green left-pointing arrow to represent BACK. I detect a pattern here. I can see where users could get confused. AlistairMcMillan 05:51, 2 Nov 2004 (UTC)
Are there still editors disputing the IE removal section? It may need some flow work but it's certainly NPOV'd. If there are no objections in the next few days, I'd like to remove the disputed notice. Rhobite 19:48, Nov 4, 2004 (UTC)
The section should be removed. IE components are needed for so many Windows native applications that it is foolish to removed it. VERY few people put forth the effort so do so. It is NOT possible to remove IE from modern Windows version without third party software. Pmsyyz 03:35, 5 Nov 2004 (UTC)
Another major vulnerability was exposed in Internet Explorer this past week. Since the program IS so tightly integrated into Windows, and is demonstrably buggy and unreliable, those who advocate it's complete removal are sounding more and more sane all the time. I began removing Internet Explorer from Windows with ME, and found that it alone was almost completely responsible for ME's quirkiness and instability. The argument that removing it makes Windows less stable is simply uninformed: IE is responsible for many of the problems in certain versions of Windows. Yes, you can access Windows Update without it, and since about 98% of Windows Update consists of patches for both IE and Outlook Express (another buggy hacker delight) simply eliminating these 2 programs from Windows eliminates most of the need for Windows Update.
In order to be fair and to maintain the NPOV, the removal option should at least be mentioned. Leaving it out or deleting it seems to swing to a very Microsoft positive POV, which I see echoed all up and down this thread. It seems to me that some sore toes have been stepped on.
Yep Chris is right, the guy is obviously a nobody. AlistairMcMillan 01:28, 25 Nov 2004 (UTC)
ITAA lobbyist Harris Miller (the real power behind the congressional cyber-throne) okay'd Maiffret to testify at a D.C. hearing. Only then could congress meet a boy wearing Vans, 501s, a Hello Kittie tee, nipple rings, and new tattoos that claimed that he was OHT from 1998 and eEye's cutest VP.
I don't get your point. Ros is saying that Maifrett has green hair and a bad understanding of Tool's lyrics? What the hell does that have to do with Internet Explorer? BTW Please remember to sign your comments. AlistairMcMillan 23:14, 12 Dec 2004 (UTC)
I've recently become convinced (see Talk:Plural of virus) that "pro & con" lists are a fundamentally Bad Thing for Wikipedia articles. All they do is give people a place to stack up ranting-points in favor of their POV. They actively discourage real exposition or exploration of issues, since they're so prone to arms-race between the "pro" and "con" sides.
And here, on this article, we have yet another example: a pro & con list that has been the focus of escalation, deleting, "pruning" by folks on both sides of an issue, and which doesn't seem to actually expose or explore the issues that it hints at. I'd like to propose a different way to describe IE's "features":
I think this might be a way to describe the "positive and negative features" more neutrally, to invite further description of them -- while at the same time excluding vague and subjective "pros" and "cons". Thoughts? -- FOo 02:26, 2 Dec 2004 (UTC)
Chris, could you please give us a link to Microsoft's bug database where we can see them discuss in detail each bug as they are working to figure out how it works and how to develop a patch? Thank you. AlistairMcMillan 02:32, 3 Dec 2004 (UTC)
Microsoft detail their bugs online Only some bugs that are already publicly known (see the public bugtraq mailing list). Not their private security bug database ! Raraoul
You basically do the following [3] Change:
to
Never mind that we never note who those critics might be. Never mind that Maifret is actually a critic. C'mon people, of course he's a critic. Words like "If it really took them that long technically to make (and test) the fix, then they have other problems. That's not a way to run a software company." sounds exactly like criticism to me. And oh look. We have a source! So what if he's not an "outside observer" (whatever that means). He remains a critic of Microsoft.
Now if you were going to attack that phrase, surely you'd have a go at the fact that it should be in the Microsoft article and not the Internet Explorer article?! hint hint.
Ta bu shi da yu 13:56, 10 Dec 2004 (UTC)
In evaluating anything, such as Microsoft's testing and security practices, one can resort to any number of criteria for evaluation. Two such criteria are to grade the attempt on the effort expended, or to grade it on its yield or results. Let us stipulate that Microsoft expends a tremendous effort on testing and security practices. If one accepts the first criterion -- sometimes manifest as the labor theory of value, or the modern schoolroom practice of giving credit for "showing your work" rather than for getting the right answer -- then it is clear that Microsoft deserves excellent credit. If, however, one rejects this criterion and judges work based on its yield or result rather than the effort expended, then the credit earned is not so easily clear. Nonetheless, it seems that the choice between these two criteria is subjective, and that as many people do choose to grade on the basis of effort rather than result, the article should reflect both points of view -- as well as other, less well-spoken forms of evaluation, such as conformity to a majority or to a perceived elite.
Yet still, Wikipedia policy shuns "original research". It is not, therefore, our place here to come up with our own research on the quality of Microsoft's security efforts. It is, rather, left to us to document the facts as they lay, out there in the world. Some of those facts include: Internet Explorer remains the most popular Web browser; many security experts do recommend against its use; security holes have been found in all browsers; spyware today afflicts IE and Windows users to the exclusion of users of other browsers and operating systems; security is only one of many considerations that go into a cost-benefit analysis of which software to use. -- FOo 20:07, 12 Dec 2004 (UTC)
Beachy and Alistair, please quit edit-warring over the Maiffret quote. It doesn't matter that the guy's title is "Chief Hacking Officer" (if, indeed, it still is). It's a tongue-in-cheek title anyhow; that's the whole point -- it's intended to play with both the "street cred" of being a " hacker" and the "business cred" of a CXO-level title. -- FOo 03:34, 13 Dec 2004 (UTC)
If you read the EULA you will see that you need a Windows OS license to install Internet Explorer. This means it's illegal for non-Windows users to install it under Wine.
Can someone add references? See Wikipedia:Cite your sources for info on how to do it. - Ta bu shi da yu 13:02, 14 Dec 2004 (UTC)
I'm going to take the liberty of removing the tag because I think that all concerns over fact have been addressed. - Ta bu shi da yu 13:27, 14 Dec 2004 (UTC)
The CERT advisory was specific in nature to that one particular vulnerability the one linked, and has not been seen in any future advisories. PPGMD
Here I'll make it easier for you, please point to the bit that says temporary... Please note the use of the word "vulnerabilities". He is not just talking about the one vulnerability.
Try actually reading the passage you keep reverting. Nowhere does it say they issued a report condemning IE. AlistairMcMillan 19:46, 14 Dec 2004 (UTC)
The edit summary says: "Restore ActiveX to list. ActiveX's trust model is a concern for many users and it is a problem, which is why IE SP2 asks before installing any." Alistair, could we expand on this? Maybe with some references :) thanks! - Ta bu shi da yu 14:40, 23 Dec 2004 (UTC)
Chris some people, who IMHO should know better, never manage to rid their machine of crap and simply decide to wipe them and start from scratch:
Chris, if you could put down your "I <3 BILL" banner and your pom-poms for just a second. It is not uncommon to find that you need to use all kinds of software to rid a machine of spyware/viruses/etc. I find spyware all the time that AdAware won't clean but SpyBot will. Or viruses that Norton won't remove but McAfee will, and vice versa. And now and again, by the time AdAware/SpyBot/whatever has cleaned entries from the Registry and is scanning through a hard drive, after having skipped various things it can't kill and delete, the spyware that is still running has already written the entries back in. So now and again yes, it is necessary to go in and empty HKEY_LOCAL_MACHINE/.../Run, HKEY_CURRENT_USER/.../Run, etc yourself. AlistairMcMillan 12:20, 24 Dec 2004 (UTC)
Comments from a Reg reader: Feel free to use the quote. And thanks for asking!
Merry XMas! t
----- Original Message -----
From: Chris Beach To: Tim Mullen, SecurityFocus Sent: Saturday, December 25, 2004 8:44 AM Subject: Reg reader comment: WinXP SP2: stop moaning and get downloading
A Reg reader has the following comments to make on the story WinXP SP2: stop moaning and get downloading:
Tim, I thoroughly agree with your article on SP2 ("Stop moaning and get downloading"). I'd like to quote the first paragraph on the Wikipedia article on Internet Explorer, but another editor has reminded me that your article is copyright. I'd really appreciate if you'd give me permission to use your quote on this page, since it contains a lot of anti-MS and even some anti-SP2 sentiment, which needs to be balanced http://en.wikipedia.org/wiki/Internet_Explorer Regards Chris Beach
I see a number of comments above which suggest that the purpose (or one purpose) of this Wikipedia article is to convince people to take some action -- for instance, to install Windows XP Service Pack 2. This is not what Wikipedia articles are for. We are not here to be technical consultants, recommending to people our opinions of they should do, any more than we are here to be technical evangelists.
Lines like "we NEED to encourage people to install this update, and not sit back and criticise it" suggest that the purpose of this Wikipedia article is to "sell" XP SP2 to readers. (Take "sell" out of scare-quotes for readers currently running Windows 2000 -- for them, it really would be a sale and not just a free download.) This is thoroughly inappropriate, as inappropriate as if we were to write this article from the perspective that readers should immediately delete IE and run only Lynx.
We are here to write accurate articles about what is, not what people should do. Here's an example: Wikipedia's article on Abortion states what an abortion is, and what people's beliefs are about it -- it does not abuse Wikipedia's voice to claim that people should or should not have one. We should do the same. The claim, "Everyone who's using Windows should upgrade to XP SP2" is every bit as much an opinion as "Everyone who has an unwanted pregnancy should be able to get a free abortion."
The purpose of a Wikipedia article entitled Internet Explorer is to describe what a thing called "Internet Explorer" is: in all versions (especially all those currently widely used); throughout its history; its technical features and its social effects; and so forth.
As much as I agree that XP SP2 is a major improvement for IE security, we are not writing sales materials for XP SP2. We are not writing an article that deals only with the XP SP2 version of IE -- so we cannot drop descriptions of problems that exist in the widely deployed W2k version simply because they are "fixed in XP SP2".
And we certainly would be unjustified in deleting any true statement on the basis that it would discourage people from installing SP2. Our purpose here is true statements -- not encouraging people to run SP2 or anything else.-- FOo 05:33, 26 Dec 2004 (UTC)
To clarify, there is nothing wrong with reporting accurately that some important figure (like a security expert, or US-CERT, or Microsoft) recommends a particular course of action (like uninstalling IE, or upgrading to Windows XP SP2). However, there is a difference between writing an article that reports that Joe Bloggs recommends X, and writing an article that itself recommends X.
Again, we are not in the consultancy business here, nor the advocacy business. We are in the encyclopedia business. Beachy's claim above that "we NEED to encourage people" to buy or install Windows XP SP2 is the diametrical opposite of what Wikipedia articles are for. We are not here to push SP2, nor to push Linux or Mac OS X or Mozilla Firefox for that matter. We are here (in this article and talk page) to describe Internet Explorer.
If an accurate description of Internet Explorer (including accurate & attributed reporting of opinions about it) leads some readers to choose and continue to use Internet Explorer, fine. If it leads people to install SP2, fine too. If it leads them to ditch IE and Windows and run Mozilla on Solaris/x86, that's also fine. However, none of these is the goal of the article. The only legitimate goal of a Wikipedia article entitled "Internet Explorer" is to describe Internet Explorer. Any other goal is a contravention of Wikipedia's charter.
As for Beachy's accusations of bias on my part -- I would like to think that my edits stand for themselves. I think I've done a good deal to make this article adhere closer to Wikipedia's NPOV policy, for instance breaking up the irredeemably biased "positive and negative features" list into neutral categories of present and absent features. (See Wikipedia:Pro & con lists for some proposed guidelines I wrote on why pro & con lists are anti-NPOV.) By the way, I'd like to extend thanks to Beachy for helping improve the new form of that list after I created it.
For what it's worth, my background is as follows: I work as an in-house security technician for a well-known scientific research institution. I have worked in system administration for seven years and security specifically for four years. I have in the past held the SANS GSEC certification, which covers Windows and Unix security. (It is not a very high-ranking certification, and I let it lapse this October. I don't think too much of certifications.)
At my workplace, we have about 60% Windows systems on our network, with the remainder pretty evenly split among Mac OS X, Linux, and commercial Unix. I spend a lot of time working with our Windows technicians to understand and control problems such as viruses and spyware, and to help encourage Windows users to patch their system. I have written custom software for the purpose of scanning Windows systems rapidly for known remote vulnerabilities, so as to help Windows users understand and secure their systems from attack.
While I am not a Windows user myself (I personally use Debian, Red Hat, and Solaris at work, and Mac OS X at home), I have a great deal of exposure to it and plenty of hands-on knowledge of the threats that inconvenience and harm Windows users. I freely admit that (like any other "security guy") I have more knowledge of the "negative" aspects of a lot of software than the "positive" ones, simply because my work concerns itself more with how software fails rather than how it succeeds.
I am not the kind of person who hates Windows or IE and wishes to see harm come to its users. I want everyone to have secure computing. I also want this article to be an encyclopedia article, and not to be anyone's advocacy. I am not here to push Mozilla Firefox, open-source software, or any sort of "agenda" other than the one that Wikipedia itself is here to push -- the agenda of knowledge. -- FOo 18:40, 27 Dec 2004 (UTC)
This page is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
"On the other hand, the dominance of Internet Explorer in the web browser market has led some web developers to design their sites with IE in mind as the target browser. This means that browsing with Internet Explorer can often be freer of irritation due to other browsers' inability to run IE-specific code."
I'm not sure if this information is accurate. Most web developers write their sites with all the major web browsers in mind. Very few make it "IE-specific." Perhaps delete or re-write this? -- Sasha Slutsker
I know Microsoft ported IE (version 5 at least, maybe 4) to Solaris and HP-UX, but I don't know any of the details. The website used to be at http://www.microsoft.com/unix/ie/
Also, why is Konqueror listed as being a competing browser on Windows? I'm guessing this is a mistake or a Konqueror fan just wanted to add it. The win32 port never got off the ground, and running on Cygwin/X doesn't count.
The
Konqueror page claims that there is a Windows port -- though it may be through one of the projects you mentioned.
The only IE for Unix released was for Solaris and HP/UX. I was able to confirm that IE v4 and v5 were released for both... not sure about other versions of IE (or other flavors of Unix). See:
MSDN article, MSDN article and Unicode web browsers for Unix and Linux computers
Gecko 00:50, 13 Jul 2004 (UTC)
The repeated mentions of tabbed browsing and popup blocking as features provided by competitors is misleading, especially considering there was no mention of these features being available in alternative browsing interfaces that wrap IE.
I have attempted to mitigate this somewhat with today's edits, clarifying that components of IE are, on Windows, incorporated into various applications, some of which supplement IE's features (e.g. SlimBrowser) and some of which only provide a limited subset thereof (e.g. Winamp's "minibrowser" panel). There's also Windows Explorer, the application that makes use of IE components to supply the default interface for browsing the filesystem as well as rendering the desktop, features which seem to annoy anti-MS folks but which are viewed favorably by many users.
Even edits such as these may not be enough for adequate NPOV; it might be better to avoid implicitly or explicitly qualifying all components as belonging, first and foremost, to MSIE. Rather, many of them are just a subset of all of the components that go into an application. Some of these are shared, some aren't. I'm guessing these issues are discussed at length in some litigation somewhere. - mjb 08:05, 18 Jul 2004 (UTC)
For obvious reasons this page may be more invulnerable to POV due to systematic bias amongst WP editors than nearly all others. Here are are some current potential issues:
As that link points out, it is not possible to remove IE from WinXP with any degree of safety. There are literally hundreds of Windows programs that rely on IE (the whole shebang not just components). Deleting the files that that link suggets from your hard drive is a bit like playing russian roulette. Firstly we need to decide whether to link to that site at all (the "tweak" is given the lowest possible score there 1/5, because it basically doesn't work). If we do want to continue link, we will to redo the wording.
There is no equivalent section on the Mozilla/Firefox/etc/etc pages. The comparison between browsers should be at web browser. References to other browsers in this (and other browser-specific articles) should be in passing. e.g. "IE does not provide tabbed browser, unlike Moz-based broswers. Similar functionality can be obtained by using multiple windows." Pcb21| Pete 14:23, 2 Aug 2004 (UTC)
Pcb21| Pete 14:23, 2 Aug 2004 (UTC)
Pcb21 - Resetting the tab for space. In total agreement about fixing the information. We can try to find better info, and certainly include a warning about just how difficult MS has made it to remove IE. - anon
What is the factual basis for "Internet Explorer is by far the most widely-used web browser, making up approximately 95% of all browser usage, mainly because it has been shipped as the default browser in all versions of Microsoft Windows since Windows 95."?
I could not find any objective, conclusive evidence of this. Maybe we could get some data from the access logs of the wikipedia or another general topic website? Or else this could beter be rewritten as "Internet Explorer is one of the most widely-used web browsers, mainly because it has been shipped as the default browser in all versions of Microsoft Windows since Windows 95." Although I doubt that this is the only reason for its popularity.
Also, usage under MacOSX has dropped very quickly since the introduction of Safari, so maybe the references to the Mac IE are not really current anymore imho. -- gmlk 16:23, 6 Aug 2004 (UTC)
Is it really neccessary to add the word "discontinued" to the image caption for the Mac OS X screenshot? All it does is make the caption longer, and anyone who wants to know that it's discontinued could read the article. — 33451 | Talk 12:20, 1 Sep 2004 (UTC)
Anyone know why I can only save jpgs I come across on the internet onto my computer in bmp format, and not jpg format, the format which they are in? I can't copy and paste them either. It's bloody annoying. I tried looking in tools/internet options but I can't see it. Alternatively, know anywhere where I can get help? (please respond on my talk page thanks) Dunc_Harris| ☺ 19:10, 2 Sep 2004 (UTC)
A recent addition by an anonymous user:
* Incomplete Standards-compliance according to the W3C (see W3.org). Note that the standards themselves (eg CSS3) are also incomplete.
As I said in the edit summary, the statement seems to summarily dismiss or brush off IE's lack of standards compliance. As a web developer, it's not CSS3 that I care about, but CSS2 and CSS1, which are complete, and which people like me have been clamoring for IE 5 and 6 to support for the longest time now. To conflate those issues is misleading.
That said, perhaps we can use this to strengthen the article. Can we get some input as to why Microsoft chose not to support several W3C standards, preferably straight from the mouth (or keyboard, as it were) of an IE developer? I'd love to incorporate that into the article so that people gain insight into why IE is the way it is. --
Ardonik.
talk() 01:11, Sep 15, 2004 (UTC)
Much as I'd like to agree, from my research it seems IE doesn't even support CSS 2 fully (specifically different types of selectors), let alone CSS 2.1. - as this article says. Match 16:08, Nov 28, 2004 (UTC)
I'm curious as to the definition of a "negative feature." In any case it seems irrelevant in an encyclopaedic article. The "negative features" in the IE page appear to be personal criticisms (POV), and comparisons to other browsers, which should be in Comparison of web browsers
I totally disagree that this should be taken out. It's highly relevant to the article, and though their is an article talking about various browsers, it's still valid to the article. - Ta bu shi da yu 02:55, 15 Sep 2004 (UTC)
Let me see, if Dr. Evil wins a hundred billion dollors from a slot machine, and he uses the money to make a hundred billion Mozilla discs and give them to every living thing on Earth, I'll keep this part. So far I don't see any compitition even though I personally uses Netscape, Mozilla and Fire Fox.
I echo Beachy's challenge: Are there real security experts who recommend removing IE from Windows PCs? I've been developing Windows software for years and I say it causes more harm than good. It could interfere with Windows Update, shell functions, future service packs, third party software, etc. And it provides no real security benefit over simply using another browser.
Let's be frank. People who recommend removing IE aren't "cynics" or "security experts." They're just Internet users. They do exist, this article even cites them. Let's not make up titles for them. Very few users actually remove IE, and I don't know a single computer professional who would recommend it. Rhobite 17:09, Sep 28, 2004 (UTC)
Where are you anonymous users coming from? Would one of you mind letting me know which message board is instructing its users to revert this page? Rhobite 02:53, Oct 5, 2004 (UTC)
OK, here's the story. I received an e-mail from Fred Vorck, who has a page about removing IE from Windows. This page has a blurb about Wikipedia: http://www.vorck.com/remove-ie.html#wiki . Quote: "stop making edits to a topic that you know nothing about. Leave the editing to the experts." Fred also says that the MSFN forums have been talking about this. I couldn't find the thread on MSFN, but I suspect that there's some name-calling going on.
I replied to Fred's e-mail and asked him to join us here. I think the people from Fred's page and MSFN can make a positive contribution here. I ask that they read Wikipedia:Neutral point of view and Wikipedia:Avoid weasel terms, and help us fix up the section on IE removal. They should understand that it is a small minority of people who feel that it is in Windows users best interests to remove IE. I make a living working with Microsoft products and I don't appreciate the suggestion that I'm not an expert on this topic. There is nothing wrong with linking to nLite, by the way. If this section gets killed we should put it in external links.
Also, Fred, regarding this: Wikipedia editors: "who says IE is insecure?" This is a mischaracterization of what we're asking. What I actually asked is, "are there real security experts who recommend removing IE from Windows PCs?" There is a difference between the two. Even if IE is insecure, it doesn't necessarily follow that it should be removed from PCs. Rhobite 13:17, Oct 5, 2004 (UTC)
For the record, here is what Fred wrote:
The Wikipedia Controversy
This is a strange one. It would seem that there are editors (to be fair, not all of them) at Wikipedia that would like to restrict your access to this information by censoring it, continually deleting the section on removing Internet Explorer from Windows from the IE Wiki entry. The question we all need to be asking is "why?" There was even a huge debate about whether the IE removal information should be included at all! Actually, in the article, as it stands in September 2004, there is a reference to XPLite that is not deleted. The only text that gets deleted continually is text that links to my site and to Nuhi's nLite site. I'd say IE removal from Windows is something readers deserve to know about, considering that the U.S. Government got involved. Editors at Wikipedia don't seem to agree on standards. First, they wanted the passage on removing IE to say exactly who recommends it -- a minority of IT professionals, because most won't actually read my process (be honest, guys; if you did, you wouldn't print half the things you post on messageboards about Windows being "unstable." First, you couldn't do it at all, the MCSE's said. Now, it'll make it unstable, the MCSE's say. Yawn). Then, the Wikipedia editors wanted the entry to have a Neutral Point of View. Then, when the post met these criteria, some Wikipedia editors asked what computer "security experts" recommend IE removal. When's it going to end? How many criteria must someone meet to make this information freely accessible? Stop making edits to a topic that you know nothing about. Leave the editing to the experts.
Revised text on Fred's site
FDV. None of this is meant to be disrespectful or inflammatory, especially #3. I am not questioning anyone's general expertise. The particular topic at hand, however, is _IE removal_.
1. I've read Avoid weasel terms. The wording has been altered several times (variously several users, some users, internet users, windows users, disgruntled users, etc etc). Why does a security expert have to endorse removal? Isn't the Wikipedia about information? As is pointed out, "[People like me, Fred] should understand that it is a small minority of people who feel that it is in Windows users best interests to remove IE." That's an excellent way to put it! Why not just say that? "A minority (omit small as redundant) feels that it is in Windows' users best interests to remove IE." Maybe even "Fred Vorck, Dino Nuhagic, and Shane Brooks suggest..." That is Neutral point of view compliant, isn't it?
2. If the Wikipedia guidelines require an imprimatur from a security expert rather than an IE removal expert, what does it take? Self-apellation? An MCSE? Kevin Mitnick? Just _who is it_ that you're looking for to give the removal process their blessing? What, in essence, is a "security expert?" This went from requiring that the Weasel and NPOV criteria be satisfied to requiring the blessing of a security expert, which AFAI can see has no Wikipedia entry.
3. "I make a living working with Microsoft products and I don't appreciate the suggestion that I'm not an expert on this topic." I'm not only suggesting it, I'm saying it now explicitly: you are not an expert on the topic of removing IE (which is this topic). It's NOT personal, it's all about information! You may be an expert in the use of several Microsoft products; no doubt that's the reason you are editing the entry on IE. I don't know what constitutes expertise on IE removal, but I'm certain there are no formal certifications, and I'm also certain that if there is any such person as an expert on IE removal, I'm one.
"I've been developing Windows software for years and I say it causes more harm than good."
Haven't read (never mind tried) the actual process, huh? I have not had any problems to date. I haven't had any users e-mail me with problems. If the HTML subsystem is left in, that's different from IE removal. It all depends on how the files are edited. IE can be removed. If by "harm" you mean "reduces the potential for DDOS and Port 135 attacks and security issues related to IE and MSOE, among other things," then yes, it will do these things, and will therefore "harm" your machine.
4. "...I don't know a single computer professional who would recommend it." Pleased to meet you! I work in IT and have since 1993. I unreservedly recommend reading my guide and removing IE. ;-) When I used NT 4 and my users had 95 and 98, there was no such thing as Automatic Update. I used the MS website. That hasn't changed; updates are available there. There is a classic rhetorical device called "begging the question." Many IE users make a conclusion about something (say, Automatic Update) as proof that users need IE. The basis for this proof is itself in need of proof. In other words, we first have to determine if Automatic Update is the only route to updating Windows (it isn't).
I see messageboard posts in Slashdot every time an IE topic comes up that say IE is needed for "many / all sorts of / several" programs (one recent reply to a post of mine claimed it's needed for "piles" of software). This issue has nothing to do with security. As for security, my files harden TCP/IP in Windows according to guidelines I read at csrc.nist.gov. My files will close Port 135 by default, shut off DCOM, prevent several ActiveX exploits from running... One big issue is that Windows File Protection would need to be restored, which fortunately is easily done and mentioned in my process.
But I'm addressing security again, when originally, the Weasel-NPOV dual criteria were asked to be met.
5. "Even if IE is insecure, it doesn't necessarily follow that it should be removed from PCs." And perhasps if removing IE does not improve security or creates insecurities, it doesn't necessarily follow that it shouldn't be done. Wikipedia is about information. A minority of users proved it can be done, but if it is now about the recommendations of security experts, perhaps some indication should be made. Mark already redacted the assertion that it will make a system more secure, and I never changed the text saying it did so. The removal issue, as I note, is one that the U.S. Government stepped into, so I'd deem it both relevant and significant to the Wikipedia entry, even if it cannot be proved that anyone other than three individuals in the U.S., Croatia, and Australia have used their own software to do it.
User:138.38.32.84 removed the "Removing Internet Explorer" section with the comment:
The section certainly needs work, and will hopefully be discussed and improved, but I don't see how it could be called irrelevant or POV. The information is factual and at least one person (me) found it helpful. As for an equivalent section for Firefox, that depends what you mean. If you are suggesting a "Removing Firefox" section, it would be pretty short since the package includes an uninstaller (forced integration with the OS just isn't an issue for most programs). If you mean a section listing security vulnerabilities in different versions, I personally would find that helpful: it would be useful to be able to look up whether some program version has outstanding security issues, and this is precisely the kind of fast-moving information Wikipedia offers that a conventional encyclopedia never could. Saucepan 03:09, 19 Oct 2004 (UTC)
"Critics have claimed that security fixes take too long to be released after discovery of the problems, and that the problems are not always completely fixed. After Microsoft released patches to close 20 holes in their general operating system in February 2003,
Marc Maifrett of
eEye Digital Security stated that "If it really took them that long technically to make (and test) the fix, then they have other problems. That's not a way to run a software company."
[1] Microsoft attributes these delays to thorough testing to ensure that bug fixes do not lead to problems elsewhere." Why is this even in the article? This is talking about general security issues, not just about security issues with Internet Explorer! Shouldn't it go somewhere else? -
Ta bu shi da yu 07:01, 11 Dec 2004 (UTC)
Removed Critics charge that this rigorous testing is required in large part because Microsoft has failed to make IE sufficiently modular and separable from the rest of the operating system. These critics state that other browsers, because they are designed as a separable module from the operating system, can be tested far more efficiently. Some browsers, such as Firefox and Opera, run on a far more diverse set of installations than IE, supporting a large number of truly different CPU architectures and operating systems (including Microsoft Windows and also MacOS, various Unixes, and various
Linux distributions), yet changes to them are released far more rapidly.
"Many security analysts attribute IE's frequency of exploitation in part to its popularity, since its market dominance makes it the most obvious target. However, many others argue that this is not the full story; the Apache web server has a much larger market share than Microsoft IIS, yet Apache has had fewer (and generally less serious) security vulnerabilities than IIS."
AlistairMcMillan removal summary: "Remove invalid points. Please point to a browser in talk that does not have an easy to use interface and an integrated search facility (with multiple engines).)". I just wanted to point out that there ARE in fact browsers, and have historically been browsers, which did not have easy-to use interfaces and integrated search. The first that springs to mind is lynx (as it's text based). If we're talking about graphical browsers only, old versions of IE, netscape, and mosaic did not have interfaces which were always easy to use, and certainly didn't have integrated search engines (as current engines like google didn't even exist). Just wanted to point out that it's not necessarily obvious/invalid. -- ABQCat 07:42, 1 Nov 2004 (UTC)
Did you just call me a "layman"? :-)
Lets get specific. Ignoring non-graphical, or ancient browsers that have 0.x% of the browser market.
I'm drawing a blank here, where are the easy-to-use interface features that make IE stand out.
"non-native and differ in colour, size etc" IE uses a picture of a little house to represent HOME. Firefox uses... a picture of a little house to represent HOME. IE uses a picture of a green left-pointing arrow to represent BACK and Firefox uses... a picture of a green left-pointing arrow to represent BACK. I detect a pattern here. I can see where users could get confused. AlistairMcMillan 05:51, 2 Nov 2004 (UTC)
Are there still editors disputing the IE removal section? It may need some flow work but it's certainly NPOV'd. If there are no objections in the next few days, I'd like to remove the disputed notice. Rhobite 19:48, Nov 4, 2004 (UTC)
The section should be removed. IE components are needed for so many Windows native applications that it is foolish to removed it. VERY few people put forth the effort so do so. It is NOT possible to remove IE from modern Windows version without third party software. Pmsyyz 03:35, 5 Nov 2004 (UTC)
Another major vulnerability was exposed in Internet Explorer this past week. Since the program IS so tightly integrated into Windows, and is demonstrably buggy and unreliable, those who advocate it's complete removal are sounding more and more sane all the time. I began removing Internet Explorer from Windows with ME, and found that it alone was almost completely responsible for ME's quirkiness and instability. The argument that removing it makes Windows less stable is simply uninformed: IE is responsible for many of the problems in certain versions of Windows. Yes, you can access Windows Update without it, and since about 98% of Windows Update consists of patches for both IE and Outlook Express (another buggy hacker delight) simply eliminating these 2 programs from Windows eliminates most of the need for Windows Update.
In order to be fair and to maintain the NPOV, the removal option should at least be mentioned. Leaving it out or deleting it seems to swing to a very Microsoft positive POV, which I see echoed all up and down this thread. It seems to me that some sore toes have been stepped on.
Yep Chris is right, the guy is obviously a nobody. AlistairMcMillan 01:28, 25 Nov 2004 (UTC)
ITAA lobbyist Harris Miller (the real power behind the congressional cyber-throne) okay'd Maiffret to testify at a D.C. hearing. Only then could congress meet a boy wearing Vans, 501s, a Hello Kittie tee, nipple rings, and new tattoos that claimed that he was OHT from 1998 and eEye's cutest VP.
I don't get your point. Ros is saying that Maifrett has green hair and a bad understanding of Tool's lyrics? What the hell does that have to do with Internet Explorer? BTW Please remember to sign your comments. AlistairMcMillan 23:14, 12 Dec 2004 (UTC)
I've recently become convinced (see Talk:Plural of virus) that "pro & con" lists are a fundamentally Bad Thing for Wikipedia articles. All they do is give people a place to stack up ranting-points in favor of their POV. They actively discourage real exposition or exploration of issues, since they're so prone to arms-race between the "pro" and "con" sides.
And here, on this article, we have yet another example: a pro & con list that has been the focus of escalation, deleting, "pruning" by folks on both sides of an issue, and which doesn't seem to actually expose or explore the issues that it hints at. I'd like to propose a different way to describe IE's "features":
I think this might be a way to describe the "positive and negative features" more neutrally, to invite further description of them -- while at the same time excluding vague and subjective "pros" and "cons". Thoughts? -- FOo 02:26, 2 Dec 2004 (UTC)
Chris, could you please give us a link to Microsoft's bug database where we can see them discuss in detail each bug as they are working to figure out how it works and how to develop a patch? Thank you. AlistairMcMillan 02:32, 3 Dec 2004 (UTC)
Microsoft detail their bugs online Only some bugs that are already publicly known (see the public bugtraq mailing list). Not their private security bug database ! Raraoul
You basically do the following [3] Change:
to
Never mind that we never note who those critics might be. Never mind that Maifret is actually a critic. C'mon people, of course he's a critic. Words like "If it really took them that long technically to make (and test) the fix, then they have other problems. That's not a way to run a software company." sounds exactly like criticism to me. And oh look. We have a source! So what if he's not an "outside observer" (whatever that means). He remains a critic of Microsoft.
Now if you were going to attack that phrase, surely you'd have a go at the fact that it should be in the Microsoft article and not the Internet Explorer article?! hint hint.
Ta bu shi da yu 13:56, 10 Dec 2004 (UTC)
In evaluating anything, such as Microsoft's testing and security practices, one can resort to any number of criteria for evaluation. Two such criteria are to grade the attempt on the effort expended, or to grade it on its yield or results. Let us stipulate that Microsoft expends a tremendous effort on testing and security practices. If one accepts the first criterion -- sometimes manifest as the labor theory of value, or the modern schoolroom practice of giving credit for "showing your work" rather than for getting the right answer -- then it is clear that Microsoft deserves excellent credit. If, however, one rejects this criterion and judges work based on its yield or result rather than the effort expended, then the credit earned is not so easily clear. Nonetheless, it seems that the choice between these two criteria is subjective, and that as many people do choose to grade on the basis of effort rather than result, the article should reflect both points of view -- as well as other, less well-spoken forms of evaluation, such as conformity to a majority or to a perceived elite.
Yet still, Wikipedia policy shuns "original research". It is not, therefore, our place here to come up with our own research on the quality of Microsoft's security efforts. It is, rather, left to us to document the facts as they lay, out there in the world. Some of those facts include: Internet Explorer remains the most popular Web browser; many security experts do recommend against its use; security holes have been found in all browsers; spyware today afflicts IE and Windows users to the exclusion of users of other browsers and operating systems; security is only one of many considerations that go into a cost-benefit analysis of which software to use. -- FOo 20:07, 12 Dec 2004 (UTC)
Beachy and Alistair, please quit edit-warring over the Maiffret quote. It doesn't matter that the guy's title is "Chief Hacking Officer" (if, indeed, it still is). It's a tongue-in-cheek title anyhow; that's the whole point -- it's intended to play with both the "street cred" of being a " hacker" and the "business cred" of a CXO-level title. -- FOo 03:34, 13 Dec 2004 (UTC)
If you read the EULA you will see that you need a Windows OS license to install Internet Explorer. This means it's illegal for non-Windows users to install it under Wine.
Can someone add references? See Wikipedia:Cite your sources for info on how to do it. - Ta bu shi da yu 13:02, 14 Dec 2004 (UTC)
I'm going to take the liberty of removing the tag because I think that all concerns over fact have been addressed. - Ta bu shi da yu 13:27, 14 Dec 2004 (UTC)
The CERT advisory was specific in nature to that one particular vulnerability the one linked, and has not been seen in any future advisories. PPGMD
Here I'll make it easier for you, please point to the bit that says temporary... Please note the use of the word "vulnerabilities". He is not just talking about the one vulnerability.
Try actually reading the passage you keep reverting. Nowhere does it say they issued a report condemning IE. AlistairMcMillan 19:46, 14 Dec 2004 (UTC)
The edit summary says: "Restore ActiveX to list. ActiveX's trust model is a concern for many users and it is a problem, which is why IE SP2 asks before installing any." Alistair, could we expand on this? Maybe with some references :) thanks! - Ta bu shi da yu 14:40, 23 Dec 2004 (UTC)
Chris some people, who IMHO should know better, never manage to rid their machine of crap and simply decide to wipe them and start from scratch:
Chris, if you could put down your "I <3 BILL" banner and your pom-poms for just a second. It is not uncommon to find that you need to use all kinds of software to rid a machine of spyware/viruses/etc. I find spyware all the time that AdAware won't clean but SpyBot will. Or viruses that Norton won't remove but McAfee will, and vice versa. And now and again, by the time AdAware/SpyBot/whatever has cleaned entries from the Registry and is scanning through a hard drive, after having skipped various things it can't kill and delete, the spyware that is still running has already written the entries back in. So now and again yes, it is necessary to go in and empty HKEY_LOCAL_MACHINE/.../Run, HKEY_CURRENT_USER/.../Run, etc yourself. AlistairMcMillan 12:20, 24 Dec 2004 (UTC)
Comments from a Reg reader: Feel free to use the quote. And thanks for asking!
Merry XMas! t
----- Original Message -----
From: Chris Beach To: Tim Mullen, SecurityFocus Sent: Saturday, December 25, 2004 8:44 AM Subject: Reg reader comment: WinXP SP2: stop moaning and get downloading
A Reg reader has the following comments to make on the story WinXP SP2: stop moaning and get downloading:
Tim, I thoroughly agree with your article on SP2 ("Stop moaning and get downloading"). I'd like to quote the first paragraph on the Wikipedia article on Internet Explorer, but another editor has reminded me that your article is copyright. I'd really appreciate if you'd give me permission to use your quote on this page, since it contains a lot of anti-MS and even some anti-SP2 sentiment, which needs to be balanced http://en.wikipedia.org/wiki/Internet_Explorer Regards Chris Beach
I see a number of comments above which suggest that the purpose (or one purpose) of this Wikipedia article is to convince people to take some action -- for instance, to install Windows XP Service Pack 2. This is not what Wikipedia articles are for. We are not here to be technical consultants, recommending to people our opinions of they should do, any more than we are here to be technical evangelists.
Lines like "we NEED to encourage people to install this update, and not sit back and criticise it" suggest that the purpose of this Wikipedia article is to "sell" XP SP2 to readers. (Take "sell" out of scare-quotes for readers currently running Windows 2000 -- for them, it really would be a sale and not just a free download.) This is thoroughly inappropriate, as inappropriate as if we were to write this article from the perspective that readers should immediately delete IE and run only Lynx.
We are here to write accurate articles about what is, not what people should do. Here's an example: Wikipedia's article on Abortion states what an abortion is, and what people's beliefs are about it -- it does not abuse Wikipedia's voice to claim that people should or should not have one. We should do the same. The claim, "Everyone who's using Windows should upgrade to XP SP2" is every bit as much an opinion as "Everyone who has an unwanted pregnancy should be able to get a free abortion."
The purpose of a Wikipedia article entitled Internet Explorer is to describe what a thing called "Internet Explorer" is: in all versions (especially all those currently widely used); throughout its history; its technical features and its social effects; and so forth.
As much as I agree that XP SP2 is a major improvement for IE security, we are not writing sales materials for XP SP2. We are not writing an article that deals only with the XP SP2 version of IE -- so we cannot drop descriptions of problems that exist in the widely deployed W2k version simply because they are "fixed in XP SP2".
And we certainly would be unjustified in deleting any true statement on the basis that it would discourage people from installing SP2. Our purpose here is true statements -- not encouraging people to run SP2 or anything else.-- FOo 05:33, 26 Dec 2004 (UTC)
To clarify, there is nothing wrong with reporting accurately that some important figure (like a security expert, or US-CERT, or Microsoft) recommends a particular course of action (like uninstalling IE, or upgrading to Windows XP SP2). However, there is a difference between writing an article that reports that Joe Bloggs recommends X, and writing an article that itself recommends X.
Again, we are not in the consultancy business here, nor the advocacy business. We are in the encyclopedia business. Beachy's claim above that "we NEED to encourage people" to buy or install Windows XP SP2 is the diametrical opposite of what Wikipedia articles are for. We are not here to push SP2, nor to push Linux or Mac OS X or Mozilla Firefox for that matter. We are here (in this article and talk page) to describe Internet Explorer.
If an accurate description of Internet Explorer (including accurate & attributed reporting of opinions about it) leads some readers to choose and continue to use Internet Explorer, fine. If it leads people to install SP2, fine too. If it leads them to ditch IE and Windows and run Mozilla on Solaris/x86, that's also fine. However, none of these is the goal of the article. The only legitimate goal of a Wikipedia article entitled "Internet Explorer" is to describe Internet Explorer. Any other goal is a contravention of Wikipedia's charter.
As for Beachy's accusations of bias on my part -- I would like to think that my edits stand for themselves. I think I've done a good deal to make this article adhere closer to Wikipedia's NPOV policy, for instance breaking up the irredeemably biased "positive and negative features" list into neutral categories of present and absent features. (See Wikipedia:Pro & con lists for some proposed guidelines I wrote on why pro & con lists are anti-NPOV.) By the way, I'd like to extend thanks to Beachy for helping improve the new form of that list after I created it.
For what it's worth, my background is as follows: I work as an in-house security technician for a well-known scientific research institution. I have worked in system administration for seven years and security specifically for four years. I have in the past held the SANS GSEC certification, which covers Windows and Unix security. (It is not a very high-ranking certification, and I let it lapse this October. I don't think too much of certifications.)
At my workplace, we have about 60% Windows systems on our network, with the remainder pretty evenly split among Mac OS X, Linux, and commercial Unix. I spend a lot of time working with our Windows technicians to understand and control problems such as viruses and spyware, and to help encourage Windows users to patch their system. I have written custom software for the purpose of scanning Windows systems rapidly for known remote vulnerabilities, so as to help Windows users understand and secure their systems from attack.
While I am not a Windows user myself (I personally use Debian, Red Hat, and Solaris at work, and Mac OS X at home), I have a great deal of exposure to it and plenty of hands-on knowledge of the threats that inconvenience and harm Windows users. I freely admit that (like any other "security guy") I have more knowledge of the "negative" aspects of a lot of software than the "positive" ones, simply because my work concerns itself more with how software fails rather than how it succeeds.
I am not the kind of person who hates Windows or IE and wishes to see harm come to its users. I want everyone to have secure computing. I also want this article to be an encyclopedia article, and not to be anyone's advocacy. I am not here to push Mozilla Firefox, open-source software, or any sort of "agenda" other than the one that Wikipedia itself is here to push -- the agenda of knowledge. -- FOo 18:40, 27 Dec 2004 (UTC)