Internet Explorer Woes Once Again

November 19, 2004 @ 8:25 pm

Internet Explorer Woes

I think it’s safe to say that Internet Explorer is dangerous for general computer users. If you recall I had a fairly bad bout with IE a couple of months ago myself. This week I had the pleasure of being asked by a several of my friends to look at their computers to see ‘what’s wrong with my machine’.

Both of these machines were massively infected by browser hi-jackers and various pieces of malware. So much so that both machines had become practically unusable, not just for Internet access, but for general operation. Both machines have been in use for less than 2 months. This after – “I didn’t download and install any software”. Ok, I’m not sure I believe that, but regardless I don’t think these problems came from any installed software, but rather got on the machine via Internet Explorer and malicious plug-ins that installed from malicious Web pages.

When I ran Ad-Aware on the first machine I got over 200 hits for corruption with over 50 files installed on the system. I managed to get rid of most of the junk by running Ad-Aware, HiJackThis and repeatedly working with Startup Commander and using ProcessExplorer form Systernals to figure out what got loaded and removing DLLs. The other machine had over 400 hits with nearly 100 hundred files. End result: 1 machine cleaned up completely (oddly the one with 400 hits) the other was still a mess and I couldn’t offhand think of other ways to clean it up and decided it’d just be easier to reinstall Windows.

I’m a Microsoft software developer. I spent my time working all day long with MS development tools and productivity software. But when it comes to the Web Browser I’m sorry to say that I could not in good faith EVER recommend a neophyte computer user to use Internet Explorer. I recommended to both of my friends that they use FireFox as their browser and avoid IE like the plague.

There are just too many ways to get into IE and with the ActiveX support it has the results are disastrous (even with SP2 installed – one of the machines is brand new and came with SP2 pre-installed!).

There are a few major problems with IE that make it more than ridiculously lame:

No way to uninstall/reinstall or at least to completely reset the browser
No way to see in some manageable way what’s installed in the browser (you can’t even view BHOs without a third party utility)
The whole IE Options setup is ridiculously complex – finding any particular option is like looking for a needle in a hay stack.
ActiveX support

The first three are things that Microsoft could easily provide. Of course by the time you need this it’s probably too late, but even so, stopping the madness in the situations I’ve seen would have been made a lot easier if IE would just be able to not load any plugins when loaded even when loaded through COM or ‘scripted’ in some other way.

Then at least you could let the various spyware utilities do their job and have a reasonable chance of getting through fixing the problem without it immediately returning the next time the browser starts up.

ActiveX support is one of those things that was a cool idea 10 years ago. Ok, it still is a useful technology if it wasn’t for the security issues. I’ve used ActiveX controls for a number of things over the use – both built-in and custom controls. It should be pretty obvious that ActiveX shouldn’t be used in any application anymore because it requires users to change or adjust their security settings. Yet in ASP.NET 2.0 Microsoft will provide a feature called Script Callbacks that uses the XMLHTTP ActiveX component to call server side code from client HTML pages. This is a truly misguided featured in light of the security problems, even though it could be a very useful feature.

I personally use IE for most of my browsing – primarily because several sites I use regularily don’t work very well with Firefox. In addition, I find that FireFox’s rendering of many Windows style controls is really ugly (buttons and textboxes etc. don’t look quite right for Windows) and the differences in the rendering between IE and FireFox due to interpretation of the various CSS styles are somewhat annoying. To me it just seems that IE looks a lot cleaner on most Web pages than FireFox does unless the pages are completely controlled through CSS tags (which a lot are not).

But as I mentioned I have had my problems with IE. I got hacked due to some of my own ignorance but at least I had somewhat of a clue where to go looking and what software to use to attempt to fix the problems. But even given that it still took me 2 days and feedback from a number of people before I got everything back to normal.

It’s a sad state of affairs when so much effort goes into just maintaining a machine and it gets much worse when you’re dealing with a neophyte. Trying to get something like this fixed if you don’t know somebody who can help you out is also a pricey proposition that can easily run a few hundred dollars. And desperate people will actually pay that for their $500 hand me down computer.

It’s also really sad state of affairs when there are so many boneheads who have nothing better to do than try to come up with ways to fuck up people’s computers. What in the world is the payoff? Bragging rights? Get off your Ego, bra! Sign of the times I guess in this dog eat dog world where nothing is sacred.

This sort of thing has taken a lot of the fun out of computing in general. Just think of all the wasted time that goes into fixing problems related to this. If we as computer professionals are struggling with this stuff, think about your non-computing friends and family of how they must feel. I know plenty of people who’ve gotten so scared about using a computer they’ve downright given up and no longer use a computer. I can’t blame them…

Of course the anti-Microsoft crowd is snickering. If only you ran - x-nonMicrosoft – you wouldn’t have this problem, but if anything else ever catches on the scale of Windows you can bet that the same sort of evil ingeniousness will go into breaking that system.

Still I do find it pretty disturbing that Microsoft is so ignorant to the issues at hand. We constantly hear talk about Microsoft ‘fixing their security’ issues, but there is really very little progress being made. Even obvious solutions like a complete browser overhaul are and have been for years completely ruled out when that would be one way to clean up this mess. Instead MS points at LongHorn for any updates to the Web browsing experience.

Web Browsers will be with us for a long time and although Microsoft would rather have a Windows based rich client to the Web world (which is what LongHorn is shooting at and will likely be failing on) HTML is here to stay. One can hope that HTML gets richer and provides a standard interface much like the XMLDOM that provides some additional functionality like HTTP and SOAP clients etc. that are part of the system itself rather than having to run as proprietary add-ons so that the browser can become a bit smarter and provides it in a cross browser environment. But I’m not getting my hopes up…

Ok, I’m done rambling but it’s been a frustrating couple of days…

Feedback for this Weblog Entry

re: Internet Explorer Woes Once Again
by Shannon J Hager November 21, 2004 @ 9:16 am

to view BHOs in IE 6 SP2:
tools > Internet options > Programs > Manage Add-ons

re: Internet Explorer Woes Once Again
by Gabe November 22, 2004 @ 4:02 am

Well, here is a perfect example of MS ignorance...

http://blogs.msdn.com/Steve_Lamb/archive/2004/11/22/267878.aspx

Now, I don't know Steve, but he seems to think it's funny the Register (a typicaly harsh MS critic) is recommend people install SP2. He misses that the problem was that ALL other versions of their software were vulerable, simply because you visited what you though was a safe website.

I don't blame the programers, how many bugs have you encountered in your own software that you've written off as "user error", when in fact, it really was a questionable design, but you would have to rewrite (and break backward compatability). I question the lack of management and leadership. Someone has to say, look, it can't be fixed. A rewrite is needed, and yesterday.

re: Internet Explorer Woes Once Again
by Rick Strahl November 22, 2004 @ 10:07 am

Gabe,

>> I don't blame the programers, how many bugs have you encountered in your own software that you've written off as "user error",

this is only too true. <g> But this security thing has been going on for a LONG time with Microsoft and IE is the biggest part of the security problem at least for end users. By creating a new browser that removes the truly scary portions of the browser (automatic installs of any kind, activeX control support).

At least making that available as an alternative. As it stands Microsoft is leaving us little choice but to say - "Don't use this piece of shit!".

I don't know about you, but as somebody who makes his living off Microsoft software and tools that's not something I like to tell people, but if it's the only way to do this...

re: Internet Explorer Woes Once Again
by Gabe November 23, 2004 @ 2:03 am

>> I don't know about you, but as somebody who makes his living off Microsoft software and tools that's not something I like to tell people, but if it's the only way to do this...

Agreed. This is why I love open source. Not because I use it that much, but because it has provided the first real competition for MS in a long time. It will force them to continue to invovate and not rest on their Laurals. Competetion is good! I hope Java is around a long time so that MS will be forced to continually inovate their .NET platform (or WinFx).

re: Internet Explorer Woes Once Again
by Ed Dunphy December 23, 2004 @ 2:58 pm

Rick, I share your pain. There are times when it takes IE about 3-5 minutes to load. And I have a machien with 1.5 GIGs of RAM!!!!

There is a 3 step ritual that I run when things go haywire in IE:

(in this order)
1. Spybot S&D
2. Adaware
3. CCleaner (aka Crap Cleaner) - check which cookies you want to keep before running this one.

This usually brings the machine back to a workable state. If it doesn't, I then take the same steps you to find the problem. Process Explorer is a great program.

BTW: I really love your articles and blogs. Keep up the great work!!!!

re: Internet Explorer Woes Once Again
by southy February 17, 2005 @ 7:10 pm

help I am a computer novice at best-- heres my problem--- every time I launch aim yahoo instant messagener or use ie and navigate around I am literally covered up with pop ups from ie--- adware ie serch pages and on and on and on and on how do i unattach these page sso the do not launch atomatically helpppppppppppppppppppppppppppppppppppp!!!!!!!!!!!

re: Internet Explorer Woes Once Again
by cyeborg June 06, 2005 @ 2:04 am

it's not removing plzzzzz fromat ur pc don't wasit ur time

Hacked by browser - Rick Strahl's Web Log
by Rick Strahl's Web Log October 15, 2006 @ 6:46 am

cloneing playstation dvds
by cloneing playstation dvds March 27, 2008 @ 6:22 pm

Don’ t you think the idea is neat, having a coffee mug that can tell you everything you want in the early morning? Such as the weather, time, traffic, stocks etc, without needing you to sit in front of your computer screen while having your breakfast. That is the concept of a Yuno coffee mug PC. As today’ s computer chips are getting smaller and smaller, it shouldn’ t be too far from now to produce an intelligent coffee mug that comes equipped with touch- screen technology that would tell what have been mentioned.

shrink dvd files
by shrink dvd files June 13, 2008 @ 7:06 am

and launch mvn clean clover: instrument clover: clover. If the clover compilation is failing, check your pom and add missing dependencies until it pass. This should fix the zero code coverage issue.

free dvd decrypt software
by free dvd decrypt software June 18, 2008 @ 5:23 am

To download it, head on over to the Windows Live Dev Connect page on Microsoft Connect , go to the download page and download it.

dvd player record
by dvd player record June 18, 2008 @ 6:24 am

Computer Virus- First Look: Internet Cleanup 5.

best dvd burning software
by best dvd burning software June 18, 2008 @ 2:04 pm

First real obsessive banging the machine was with Street Fighter 2, watching with rapt attention as the local stoner (our guru) talked me thru the special stances taken to get that perfect with a Ryu or Ken type (see champion and/ or cheater). This was lost on me because I was certainly the E. Honda/ Dhalsim type (see foreigner in a foreign land), and proceeded to lose for the four odd years that my local convience store carried the original edition. I did buy pot from our guru (thus providing his money for...

copy protected dvd
by copy protected dvd June 19, 2008 @ 1:18 am

They describe themselves as the“ only online dictionary and search engine you need for computer and Internet technology definitions” — and they’ re right!

decoders for dvd
by decoders for dvd June 19, 2008 @ 3:18 am

Within four minutes, the unprotected SP1 box was hacked via a buffer overrun in the Local Security Authority Subsystem Service (the same flaw used by the Sasser worm). Shortly thereafter, it was hit with the MS Blast exploit, as well as continued attempts using the Sasser flaw. Ten hours after the experiment began, the machine was screwed.

dvd decrypter copy
by dvd decrypter copy June 19, 2008 @ 4:07 am

I go to Cabell library almost everyday because it\'s a great place to study and do computer work since I don\'t have a laptop. Cabell Library has days where there are no computers in use, so I use the basement (B- 8 computer lab). I have been going for one month and in that time period NO ONE has made an attempt to keep it clean. The computer lab is VERY DISGUSTING. There are used tissues, spilled drinks, balled up papers, hair, boogers, and I mean the WORKS. Whatever you can think of you\'ll probably find it...

Registry Cleaner
by Registry Cleaner June 21, 2008 @ 5:10 pm

Another goal is for the Lynx\'s engine\'s combustion chamber to operate for a total of 120min between overhaul periods but so far only up to 25min hot fire time has been achieved. The bottleneck to achieving 120min is electronics glitch issues.

program pro game rip
by program pro game rip June 22, 2008 @ 9:23 am

Other advances include solid- state photon detectors that led to today\'s night vision capabilities and microwave and millimeter- wave monolithic integrated circuits, or MIMICS, that enable cell phones and miniature global position system receivers to work. DARPA\'s work in lithography enabled a microchip smaller than a thumbnail to hold 100 billion transistors. The agency also developed the computer mouse, an effort to make computers more user- friendly.

free dvd movie copiers
by free dvd movie copiers June 24, 2008 @ 8:22 am

58 test methods 30 alert methods Powerful Report Manager and Log Analyzer Remote Monitoring Agents Web service, Telnet service, Remote Control Console Utilities and auxiliary applications IP- Tools provides 19 TCP/