Home
Contact Me
RSS v2.0 Feed
ATOM v0.3 Feed
Login
Dec
January 2004
Feb
S
M
T
W
T
F
S
28
29
30
31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
2
3
4
5
6
7
Site Stats
Posts - 475
Articles - 94
Comments - 577
Trackbacks - 231
News
All the news that's fit to print.
Disclaimer
These postings are provided
"AS IS" with no warranties, and confer no rights.
Desktop Cam
My Flickr Photos
Post Categories
Blogging
Gaming
Miscellaneous
Personal
Technology
Article Categories
.Text Skins
About Me
Blogging .NET Style
Technology
Virtual PC Boot Disks
Virtual PC Tips and Tricks
Virtual Server 2005 Information
Archives
March, 2005 (7)
February, 2005 (24)
January, 2005 (39)
December, 2004 (28)
November, 2004 (22)
October, 2004 (44)
September, 2004 (30)
August, 2004 (25)
July, 2004 (27)
June, 2004 (27)
May, 2004 (32)
April, 2004 (32)
March, 2004 (36)
February, 2004 (26)
January, 2004 (40)
December, 2003 (9)
November, 2003 (20)
October, 2003 (7)
Image Galleries
AMD Fall Tech Tour 2004
Awesome Trucker
Ben Pictures
Ben's Artwork
Family Pictures
Funny Stuff I Find
PC Case Upgrade
Zack Pictures
My Bookshelf
Creating Customer Evangelists: How Loyal Customers Become a Volunteer Sales Force
Written by:
Ben McConnell, et al
ISBN: 0793155614
The Macintosh Way
Written by:
Guy Kawasaki
ISBN: 0673461750
In My CD Player
Words and Music: John Mellencamp's Greatest Hits
John Mellencamp
ASIN: B0002XL252
Feels Like Today
Rascal Flatts
ASIN: B0002VL0Z6
All I Want For Christmas Is A Real Good Tan
Kenny Chesney
ASIN: B0000CBH7C
Blogs I Like To Read
Niall Kennedy's Weblog
Scott Watermasysk
Skippy.NET
Tao of Mac
tech-centric blog from the left
The .NET Guy
Thoemmi.NET
Longhorn Links
Enable DWM in Longhorn
Longhorn b4074 Optimization Guide
LonghornBlogs
MSDN ISO --> Bootable DVD
MSDN Longhorn Guided Tour
MCE 2005 Sites
Addicted to Digital Media
Chris Lanier's Blog
Mark Salloway's MCE Blog
Matt Goyer's Blog
mavromatic.com
Newsgator Online Services
RSS Feeds I Watch
Sharepoint Links
GotSharepoint.com
Lamont Harrington's Blog
LMR Solutions - Workflow
Microsoft's Sharepoint Site
MSDN - Customizing Sharepoint Part 1
MSDN - Customizing Sharepoint Part 2
MSDN - Customizing Sharepoint Part 3
Sharepoint Solutions
Sharepoint University
SharepointCustomization.com
SharepointSummit.com
User Control Container Web Part
Useful Links
Flickr
Microsoft Manual of Style for Technical Publications
Virtual Strategy Magazine
What is IWUG!?
Web Design Sites
A List Apart
Bartelme Design
Colly's CSS Rollover Generator
Enhanced Labs
Everaldo.com
glish.com CSS Style Techniques
Gordonmac.com
GUI Stuff!
SimpleBits
stock.xchng - free stock photgraphy
Wackypixel
yellowicon
ZeroWeb.org
Windows Server Links
File Migration Tookit for WS03
IISToolshed
Miscellany
Friday, January 30, 2004
Now We're Not Supposed To Click HyperLinks!?
I saw a lot of blog posts and media coverage on this -
http://support.microsoft.com/default.aspx?scid=kb;%5Bln%5D;833786
And at first, I have to admit that I rolled my eyes and thought, "Geez, when will we ever learn." Then I saw an e-mail from a good friend of mine whom I respect a great deal. He was pretty shocked (and annoyed) as well - "I mean, come on. Computers are supposed to make our lives easier. The internet is supposed to speed things up. Reverting back to manual entry for URLs is just plain dumb!" This guy is one of the smartest people I know - and when it comes to "which product is best" is always fair. (Even if he has a
slight
propensity for the penguin!) It encouraged me to investigate things a little more...
So I read the knowledgebase article - from start to finish - instead of just going by the short snipets that have been included with the coverage that I have seen. Aside from the fact that this knowledgebase article is completely inappropriate for the casual computer user (far too technical, guys, come on!) I don't believe it's one of those situations where we should be quick to criticize.
I'm not drunk on the "Kool-Aid" - I promise. Keep Reading.
What this article describes is not a vulnerability in IE in my opinion - there's more than enough of those to go around, though. I'll grant you that. It describes a "spoofing" attack where a malicious person misrepresents the actual website that a user thinks they are visiting. This isn't unique to IE, folks. A person using Safari, Netscape, Mozilla or Opera might fall for the same trick. It's industry standard URLs and HTML. So, here I am sticking up for IE - for those of you who were reading on waiting for me to do something like
this
, I'm more than willing to do it. I just don't think it's deserved this time.
It's frustrating that the media chooses to sell newspapers and drive traffic to websites rather than accurately and fairly relating the facts. That's why they call it reporting, anyway, isn't it? But then again, we're all capitalists here, aren't we? Juicy headlines and "IE sucks" stories generate clicks.
I own a Mac and sometimes use Safari. I use (and have used) various flavors of Linux, so I'm familar with Mozilla. I even have Firebird installed on this Windows XP system right now. However, I'm no expert by any means. Am I missing some sort of silver bullet that these browsers contain that would protect the casual user from an attack like this? If so, shame on us for not having built it into the product. If not, we need to find one. 55,000 smart people work at Microsoft - 54,999 including me - someone should be able to find an answer.
But in fairness to all, I do have to admit - "manually typing the URL in the address bar" is a pretty lame suggestion, isn't it!? Could you imagine typing "http://support.microsoft.com/default.aspx?scid=kb;%5Bln%5D;833786" every time you wanted to look up the aforementioned article? I'd probably give up and switch too. Let's hope it doesn't come to that...
posted @
7:54 PM
Powered by:
Copyright © Bob Roudebush (RoudyBob) - bob@roudybob.net