Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Security Internet Explorer The Internet Education Worms IT

Penn State Tells Students To Ditch IE 486

Posted by timothy
from the and-while-you're-at-it-mull-over-your-OS dept.
Hoyceman writes "About 80,000 students and staff are being told to use an alternate browser. The Penn State ITS department sent the alert 'because the threats are real and alternatives exist to mitigate Web browser vulnerabilities.' InformationWeek is carrying the story."
This discussion has been archived. No new comments can be posted.

Penn State Tells Students To Ditch IE

Comments Filter:
  • About time (Score:5, Funny)

    by eneville (745111) on Saturday December 11, 2004 @05:02PM (#11062437) Homepage
    The students finally get an education.
    • Re:About time (Score:2, Interesting)

      by OffTheLip (636691)
      College is a time of rebellion against the 'machine' and power to the people. If ever there was a more benign grassroots movement than open source and 'in your face' smackdown to corporate control suitable to todays US times I can't imagine.
      • Re:About time (Score:3, Interesting)

        by eneville (745111)
        Well I recently finished a BSc (Hons) Computing, after 6 years of computing study (various different computing courses), so I'm in a good position to add coment here.

        The college students don't give a hoot as to what they are running, so long as they can screw it up. Remember the GNVQ Computer Studies reboot technicians can do little else than delete files. The Art students don't care if it says "Internet Explorer" or "Mozilla FireFox" at the window title, just so long as they can access hotmail.

        The colleg
        • by skids (119237) on Saturday December 11, 2004 @09:53PM (#11063872) Homepage
          The CIO called a meeting on security, brought in all the CIO's and CS managers from the University branchess for the state, and among other things, we talked about what to do about the slew of problems with student machines.

          I pointed out that students get zero education on computer security, and that if they really wanted to fix the problem, they would create a 1 credit required gen-ed course on personal computer security. Students would thus be required to learn how to keep junk off their desktops one hour a week for a semester (plus it would be an excuse to give remedial computer usage insruction to some of the freshmen that come from living-under-a-rock high school.)

          That idea raised some eyebrows. They said "now, THAT's thinking out of the box." They diligently noted it in their notepads and pointless PDA gizmos.

          And then, did absolutely nothing.

          But that's about what I was expecting, that just because they had the wherewithal to recognize a good idea when they heard it, didn't mean they would remember it for more than a week. That's not how it works. If it doesn't reach crisis proportions, these types of people don't do crap about it.
          • Wait, making students take a class to teach them something at a university is thinking outside the box? jeez, and I thought the college I went to was bad.
    • by twitter (104583)
      The students already knew, but they also know that they were going to have lame brained problems if they used an alternate browser. Having the computing department come out and say this is a big boots for them. Staff may also be relieved by this.

      Sometimes, thanks to clueless professors, I've needed to use IE. I actually talked to two professors about using standards instead of cheap development tools that foist garbage on their students and would require expensive software and break in a year or two.

  • Nice! (Score:2, Interesting)

    by Anonymous Coward
    When I was there, Penn State's IT group was rather inept. Glad they're starting to take security and computing infrastructure seriously. Good job guys!
    • Hopefully they understand how to detect Internet Explorer [ericgiguere.com] server-side and further encourage relunctant students to switch.

      Eric
    • Re:Nice! (Score:5, Insightful)

      by aventius (814491) on Saturday December 11, 2004 @07:07PM (#11063143) Homepage
      Penn State's IT department is definitely NOT inept. I was there from 1999-2003 and I was always impressed with their implementations, policies, security, and interest in encouraging new technologies. Hell, all Computer Science grad students are given Apple Powerbooks with VirtualPC and Windows. Penn State was one of the first to give their students free Napster service in order to circumvent the RIAA bullshit. Even as a Mechanical Engineering student, I had access to Windows, Macs, Suns, and Linux boxes. I had FTP-able storage that I could access from Lab computers and from my apartment. They may not be the best, but from comparisons I've made between them and other Tier 1 schools that I've visited or attended, they are above average.
    • Re:Nice! (Score:3, Interesting)

      by Deathlizard (115856)
      Before I got a job at the Current College I work for I worked for one of Penn State's Satellite Campuses.

      The IT director that works there is a good friend of mine. when he took the IT position I helped him out for awile and eventually worked there while I was still in college.

      Security was priority one there. We didn't screw around when it came to protection of the network. We also understood that our PC's had to be rock solid since they had direct static IP connections to the internet.

      Virus wise, I can r
  • Article text (Score:4, Informative)

    by Anonymous Coward on Saturday December 11, 2004 @05:04PM (#11062457)
    AC karma whore post:

    Penn State Tells 80,000 Students To Chuck IE Dec. 10, 2004

    A public university with an enrollment of over 80,000 puts the kibosh on Microsoft's Internet Explorer.

    A public university with an enrollment of over 80,000 put the kibosh this week on Microsoft's Internet Explorer, and urged its students to switch to alternative browsers such as Firefox, Mozilla, Opera, or Safari.

    Penn State University on Wednesday issued an alert to students and staff recommending that they dump IE and use a different browser.

    The university's Information Technology Services (ITS) gave the advice "because the threats are real and alternatives exist to mitigate Web browser vulnerabilities," ITS said in a statement. It cited the security problems in IE that have been the focus of both media reports and recommendations from such organizations as the US-CERT, the federally-funded computer response team housed at Carnegie Mellon University.

    "The University computing community [should] use standards-based Web browsers other than Internet Explorer to help minimize exposure to attacks that occur through browser vulnerabilities," added ITS.

    Penn State's advice is the latest negative news about Microsoft's popular browser. Security problems continue to plague IE -- some patched, some not -- while rivals like Firefox slowly nibble away at its still-dominating market share.
  • by I_am_Rambi (536614) on Saturday December 11, 2004 @05:05PM (#11062462) Homepage
    Will this ITS department support issues with other browsers. Each browser has its quirks, and work arounds for certain things. If they recommend using other browsers, they must be able to support them, especially if they run proxies.
    • by bone_idol (782109) on Saturday December 11, 2004 @05:21PM (#11062572)
      Firefox supports NTLM authentication on windows also, so you can transparently authenticate. In the location bar type
      about:config
      and look for
      network.automatic-ntlm-auth.allow-proxies
      network .automatic-ntlm-auth.trusted-uris
      see http://adam.theficus.com/archives/2004/09/firefox_ tutoria.html [theficus.com]
      • by Tim C (15259)
        That's the one thing I don't like about Firefox - so many useful options are hidden in about:config instead of being in the GUI configuration settings management tool.
        • The devs behind Firefox are trying really hard to make a piece of Open Source software that appeals to the masses. The non-technical-adepts don't like software with ten jazillion options in a menu tree. The propellor-heads can handle about:config just fine. They've added the features that even 95% of non-IT types think are essential. If you know what NTLM is then about:config is nothing to complain about.
    • But it's fixable. (Score:2, Insightful)

      by ulatekh (775985)

      Will this ITS department support issues with other browsers. Each browser has its quirks, and work arounds for certain things.

      But Firefox, being open-source, can be fixed so as to eliminate the need for workarounds. The IT department can coordinate with the project developers and find solutions. Something closed-source doesn't do nearly as well.

      As annoyed as I am with Microsoft in general, if they would make the Windows XP source code shared-source, I'd track down and fix bugs I found. I wouldn't min

  • by ghettoboy22 (723339) <scott.a.johnson@gmail.com> on Saturday December 11, 2004 @05:07PM (#11062472) Homepage
    I ditched it as soon as I discovered Camino (fka Chimera).
    • by Phroggy (441) *
      I ditched it as soon as I discovered Camino (fka Chimera).

      Of course people don't still use IE on Mac OS X, because everyone knows it sucks ass. That has nothing to do with millions of Windows users who DON'T know any better.
      • sadly that's not true. pretty much every old school mac os 9 user i know that now uses os x uses IE for mac. STILL. even though microsoft publically said they are stopping all updates (including security)
      • To be honest, most OS X users just see the compass icon for Safari in the dock and think, "Oh, there's the internet," just like they do with IE on Windows.
  • by Anonymous Coward
    Penn state students tell college to ditch Joe Paterno
  • Good move! (Score:5, Insightful)

    by TooMuchEspressoGuy (763203) on Saturday December 11, 2004 @05:10PM (#11062495)
    I wish more colleges had IT departments that made decisions like this. At the major state university that I go to, the university website and everything in it are designed to be browsed via IE. It's quite annoying when I have to close Firefox and use a slow, buggy, adware- and virus-vulnerable browser just to, say, look at courses when I'm scheduling for the next semester.

    Kudos to Penn State for not falling into the "it's built into the OS so we'll use it as a standard!" trap.

    • At Harvard... (Score:3, Interesting)

      by thefultonhow (702889)
      I go to Harvard University, and am a User Assistant -- basically, a student-employee of Computer Services who helps undergrads with computer problems. Our policy whenever someone comes in with a problem, be it a virus or spyware or even a simple problem with Eudora, is to install Firefox. I have never had a user object, and when I show them some features like tabbed browsing, they really warm to the browser. One girl even said that she used DeadAIM primarily for the tabs and loved it that Firefox came wi
    • Don't know if this is still true, but PSU's IT department was fairly good when I went there (compared to stories on /. about other schools). At the old computer store (I believe now rolled into the main bookstore) they had equal numbers of PC and Mac models, which by itself shows that they at least allow for differing computer types. A guy I knew, as a senior project, had to make an OS based on this "Linux" thingy, which in '97 I never even heard of.

      Good school. Bad football team. Go JoePa.
  • I go to Temple University and while our CS department hasn't gone that far they have installed Firefox on all the computers in the labs
  • by Infonaut (96956) <infonaut@gmail.com> on Saturday December 11, 2004 @05:11PM (#11062501) Homepage Journal
    1) They'll pretend it didn't happen

    2) They'll sue

    3) They'll go on a charm offensive

    4) They'll spin the virtues of Longhorn

    5) They'll talk about IE's innovative approach to browsing

    Others...?

  • 80,000 (Score:2, Informative)

    by Rollie Hawk (831376)
    I believe the 80,000 refers to the students, not the staff.
  • by BorgCopyeditor (590345) on Saturday December 11, 2004 @05:17PM (#11062540)
    I say Joe Pa, you say 'terno!
    Joe Pa...
    ...'terno!
    Joe Pa...
    ...'terno!

    I say M.O., you say 'zilla!
    M.O....
    ...'zilla!
    M.O....
    ...'zilla!

    (pause)

    MOZILLA!!!

    • I say "We are", you say "Penn State"
      We are...
      ...Penn State
      We are....
      ....Penn State


      Now I say "We are", you say, "using an open-source, secure and standards complaint browser!"
      Hmm...just doesn't have the same ring to it...
  • by c0dedude (587568) on Saturday December 11, 2004 @05:18PM (#11062545)
    At Brown [brown.edu] we get a CD with all the latest security patches and a copy of Firefox every year. Prevents trouble, methinks.
  • by Dink Paisy (823325) on Saturday December 11, 2004 @05:18PM (#11062554) Homepage
    I consider this article [slashdot.org] to be firm proof that alternate browsers are a form of security through obscurity. Not that that is a bad thing if it works, and in this case it is clear that IE is being targeted more than its alternatives.

    But make sure that your alternate browser it is a recent version of Firefox or Mozilla. They have responded very quickly to security issues, and are being proactive about security, much more so than the the people behind Konqueror or Opera. Also, keep your alternate browser patched just as vigilantly as you would Internet Explorer. As the popularity increases you will see more attacks against Mozilla based browsers.

    I don't know what the answer to security is. I hope it isn't educating users, because that just plain doesn't work for most people. The problem is that right now there doesn't seem to be any other way.

    • by The Cisco Kid (31490) * on Saturday December 11, 2004 @05:29PM (#11062628)
      The point isnt to replace an all-MS/IE enviroment with an all-Mozilla environment - the point is for there to be a healthy ecosystem of browsers, so that there will no longer be one homogenous set of systems all vulnerable to the same attacks.
    • by Rits (453723) on Saturday December 11, 2004 @05:42PM (#11062705)
      But make sure that your alternate browser it is a recent version of Firefox or Mozilla. They have responded very quickly to security issues, and are being proactive about security, much more so than the the people behind Konqueror or Opera.

      I'm sorry, but that is FUD. Opera will be the first browser to patch the latest, cross-browser, issue [secunia.com].

      A fixed 7.54u1 is being distributed at this moment. See the Opera advisory [opera.com].

      And as far as solutions go: why expect perfect safety online, when we don't have it offline either? Software should improve, online systems should be more secure (it is stupid if money can change hands online only secured by a single login), and most people will smarten up in time. Perfection will not be reached.

      MSIE has a track record of leaving critical holes open for a while, but most reported holes are not critical. And MSIE is much more informative about it issues than either Opera, which only recently started publishing advisories, and Firefox (what advisories?) Selling Firefox purely on the safety issue will come back to bite it in the long run.
      • Actually with konqueror if you change the popup blocking policy to smart which I think is the default it is not affected. Only if the popup policy is set to allow does the problem exist.

        I think firefox and mozilla have a similar workaround also. It should also be pointed out that this workaround is the most advised configuration to run konqueror in since the smart policy means that popups can only open as a response to use clicks and never just on their own. This makes it more useful then just a regular po
    • I don't think you can say that the Konqueror devs are reticent about security. It's true that due to its small market share, there simply aren't many security issues discovered to respond to, but I'm sure if one was discovered they would take it seriously. They've already gone to great lengths to warn users about possible user agent spoofing, against which some other browsers offer no protection.
  • safari? (Score:4, Interesting)

    by jxyama (821091) on Saturday December 11, 2004 @05:19PM (#11062557)
    if a student can run safari as an alternative, then he/she must be using a Mac. not to defend IE, but isn't IE for Mac less dangerous than IE for Windows? if he/she has already ditched Windows, does he/she need to ditch IE too?
    • Re:safari? (Score:2, Interesting)

      IE for mac is vulnerable to many of the 'make it crash!' exploits. exploits designed to mess with Windows through IE of course fail. Many mac users use IE because it was the default browser in OS X before Safari came out (Irony, huh?). Safari came with 10.3, but I don't think the system changes the default browser on install.
    • I believe IE for the Mac is still on version 5.5. It has not been updated by MS for quite some time to compensate for vulnerabilities.
      I am a Mac user myself and find it hard to imagine chosing the clunky IE over Safari. Safari, despite being a little less-featured than Firefox (none of the new RSS tricks) is a very nippy little app that serves my needs. Unlike IE, it doesn't give me CSS rendering issues either.
    • Nobody in their right mind uses IE for Mac because it's a horrible, horrible program. Safari comes as the default browser for all new Macs (I don't know why Apple even bothers to bundle IE any more, it must be a contract thing) and there is a Firefox build for them too.
    • The IE/Mac team at Microsoft was disbanded. There will be no new versions of IE/Mac. Security and standards support is decent in IE/Mac, but it'll never support CSS3 or XHTML 2.0... it would be dumb on any geek's part to recommend switching to IE/Mac now.
    • Re:safari? (Score:3, Interesting)

      by artemis67 (93453)
      not to defend IE, but isn't IE for Mac less dangerous than IE for Windows?

      A live hand grenade with the pin pulled is less dangerous than IE for Windows.

      True, IE for Mac doesn't have any of the vulnerabilities of its Windows cousin. For one thing, when malware tries to install to "c:\windows", Mac OS says, "Huh? What?" That, plus the fact that the Mac development team wrote the browser from scratch, so the two have little or no code in common.

      IE for Mac is getting quite old, but it still has its uses. It
  • Security (Score:5, Interesting)

    by FiReaNGeL (312636) <fireang3l&hotmail,com> on Saturday December 11, 2004 @05:19PM (#11062562) Homepage
    Looks like IE get burned by the very same 'feature' that allowed it to get 95% market share : integration with Windows and total access to stuff it shouldn't. Lesson learned, Microsoft?

    But even without security, FireFox is just plain better. Tabbed browsing is huge, Bookmark toolbar, extensions, find-as-you-type (HUGE improvement over CTRL+F search)... Now I look at IE (the rare time I need to open it for windowsupdate) and it just feels...dirty.
    • Looks like IE get burned by the very same 'feature' that allowed it to get 95% market share : integration with Windows and total access to stuff it shouldn't.

      It's funny how KDE does not suffer the same kinds of problems despite having better "integration". Ease of use does not have to be a security nightmare. With Konqueror, I have access to sftp, ftp and other network shares as if they were local files, drag and drop easy with split screens and multiple tabs. Floppy and CD mounting are as easy as click

  • by Goosey (654680) on Saturday December 11, 2004 @05:20PM (#11062564) Homepage
    At my college [starkstate.edu] the first thing I did on every computer I touched was to install Firefox. I also put Winamp on a few open lab computers for listening to Internet radio while I worked.

    Recently I became unable to login to my student account, with a message "Your account has been disabled, please speak to your network administrator."

    Well I went and found my network administrator [mailto] to ask about what was up. Apparently it is against school policy to install programs on their computers. This is totally understandable and reasonable, and I apologized. But he decided I needed to be chewed out and he had a killer fact that he just knew would crush me.

    Looking me in the eyes he proceeded to tell me that due to me installing Firefox and Winamp on two of the open lab computers they no longer function and had to be totally reformatted. This man, who is in charge of keeping the school network secure, seriously thinks that Firefox and Winamp could possibly be the root of a computer's DEATH. I did not argue the matter no matter how ridiculous it is; I just wanted my account back.

    How is it they let people become the network administrator for an entire technical college, a college that hands out degrees in technical fields, that are just that ignorant. How can any competent network admin possibly think Firefox and Winamp are causing a computer to not boot?

    So now under threat of permanently losing my student account I am forced to use IE. It is excruciating, because I am not the only person installing software on the open lab computers, just the only one knowledgeable enough to install useful non adware-infested programs. Just opening Internet Explorer results in about 3 minutes of closing popups.
    • So now under threat of permanently losing my student account I am forced to use IE

      I've heard of running Firefox/Thunderbird off of USB Jump Drives. Then you get to keep your bookmarks too. You'd have a case that you didn't "install" anything on any lab computer.

      • This is true, I put Firefox 0.8 onto my uni network space, no installation required. I'm not sure how well this will work for 1.0.
      • Pardon my ignorance, but hasn't been running Firefox from a single executable without installing always been an easy option?

        I remember the beta versions that would unzip to a single directory, and clicking the executable would run the browser without running any form of setup.exe or other installation file.

        Has the program changed that much where special tweaks and hacks are required to make it a standalone executable?
    • Look, I don't see how installing winamp and firefox could kill the OS (although this is windows we're talking about) but you were installing software on someone elses computer, you deserved to get yelled at. On the other hand, why is anyone allowed to install software on a lab machine? We have some WinXP machines in our lab and no one but the lab admin can install anything on them.
    • by poofyhairguy82 (635386) on Saturday December 11, 2004 @05:37PM (#11062672) Journal
      How can any competent network admin possibly think Firefox and Winamp are causing a computer to not boot?

      You are dealing with a Windows admin. For many of them, the common reason for everything is that the problem is someone else's fault. That someone else being a combination of Microsoft, Firefox, Winamp, the computer's mood that day, some virus, "an act of God," or hackers that don't really exist. Don't take it personally.

    • Then you should have a look at portable firefox: http://johnhaller.com/jh/mozilla/portable_firefox/ [johnhaller.com] or here http://portablefirefox.mozdev.org/ [mozdev.org] (within the next week)
    • The tech support deparment I worked in for a state uni kept a Ghost image of the student machines so if they became screwed up it was a quick automated task to fix the problem.

      "Just opening Internet Explorer results in about 3 minutes of closing popups"

      So why were you putting your head in the sand by installing two pieces of software that had nothing to do with the problem? No wonder you got chewed out. You using FireFox and Winamp aren't doing anything to help.

      If you want to make yourself useful you s

    • You should ask the admin why he allowed common users to install software in the first place. I bet he doesn't even know how to prevent that.

      I recommend not storing any of your personal files on computers he manages, because they'll probably be e-mailed to the world by a worm, soon.

    • How is it they let people become the network administrator for an entire technical college, a college that hands out degrees in technical fields, that are just that ignorant.

      Because technical colleges are a joke as far as technology degrees are concerned. They also probbably pay jack shit to a network administrator, so they wind up with people who believe in computer voodoo. i.e. "it must have been that mysterious fire-fox and win-amp that those damn kids are all hopped up on these days." Remember, to
    • I'm going to school at Baker College [baker.edu] and at my campus, they've got Deep Freeze [faronics.com] on all the computers. You are logged on as admin* and can install whatever you want, but when the computer is restarted it goes back to its original condition. It installs a filter driver that keeps track of all writes to the main disk, logs them and prepares to undo them upon restart. All your documents/files you want to keep are put on removable media (they'll get undone upon restart otherwise). Authorized admins can disable this temporairily to make permanent changes. Turn on a computer and it is in pristene condition; no crap, regardless of what the previous user did. This might not be so good for home use, but for the pre-installed standard lab environment needed for the computers, it works beautifully.
      I would definately recommend Deep Freeze for any place with requirements like this. Put all the user profiles and documents on a central server, cluster or removable media and make permanent local changes impossible.
      Viruses on the document storage area should be the only malware left; if you put it on a server, it can be scanned easily.

      * It's not quite full admin, as you can't install new services or drivers; they might mess with Deep Freeze.
    • by Quixote (154172) on Saturday December 11, 2004 @06:59PM (#11063107) Homepage Journal
      Just went to your college's homepage [starkstate.edu], and was quite surprised to see a "homeland security threat condition" graphic on the homepage!

      If this is their public face, it most likely means that the place is run by total dicks. You're better off switching to a different school.

    • Installing software on the school's machines, regardless of your good intentions, showed really bad judgment.

      You also have to realize that although you consider yourself to be more knowledgeable than this admin, there are lots and lots of users who are way, way lower on the scale. At my school, the network admins are currently squabbling with the faculty over an attempt to keep faculty from attaching their own dekstop machines to the campus network. Well, I really don't think the FreeBSD box on my desk is

  • At my university I am a student helpdesk worker and everytime someone calls about spyware problems I always recommend they install firefox. Also on the cd of software we include for all 6000 students on campus we have firefox as well as openoffice. No one objects to using firefox and are actually happy to hear that it will make their spyware issues go away.
  • Article Misleading (Score:5, Informative)

    by dampjam (779525) on Saturday December 11, 2004 @05:24PM (#11062592)
    Although Penn State has issued this warning, it is far from true. All Penn State Computer Lab Machines have IE set as the default, and group policy is set such that you cannot switch even to the installed version of Firefox. In addition the Firefox user settings are stored in Application Data which has a 20 meg quota. This means whenever a user tries to log out after browsing, it refuses saying there is too much data. IE on the otherhand, gets cleaned of cookies and cache automatically so that when you log out there is never a problem with the quotas. If Penn State wants to actually get people to switch, they should do something about it on their own machines.
    • by omicronish (750174)
      Interestingly, the University of Washington, which is across the lake from Microsoft, has made Firefox the default on all CS computers, and possibly on all campus computers as well. IE is still available, but Firefox starts by default.
  • Publicity stunt (Score:3, Insightful)

    by KalvinB (205500) on Saturday December 11, 2004 @05:29PM (#11062627) Homepage
    The college of ed at a major state university where a certain couple famous people recently debated, where I used to work only uses IE on their systems. They also used Windows 98 until recently (now they use XP). During the hay day of blaster and myDoom and whatnot guess which department was the least affected by it all? The College of Ed. Even with all our Win98 boxes being directly on the wire. Even our division of teachers was the least affected. There were a few that turned off automatic update like we told them not to and those were the ones that got it.

    Guess who was most affected by the worms? The engineering department which requires logging onto the domain with your student ID and who run Windows 2000.

    The College of Ed tech support people actually did their job and that prevented a lot of problems. So the fact that the IT people of Penn State are sending out a warning to 80,000 students just makes me laugh.

    Our wonderful IT deparment can't even keep the network running reliably during heavy usage times such as pre-registration week and when grades come out.

    IE and Windows aren't the problem.

    Sending out a rediculous warning e-mail isn't going to do anything for them or the open source movement. People keep telling me the sky is falling and I've yet to see it actually happen to my systems.

    A better solution would be to educate the students on where to get the free VirusScan software from the university and how to keep it up to date along with their Windows system.

    It doesn't matter what browser you're using. It needs to be kept up to date.

    • Re:Publicity stunt (Score:5, Insightful)

      by J. T. MacLeod (111094) on Saturday December 11, 2004 @05:44PM (#11062716)
      IT staff doing their job will both recommend the safest path as well as try to prevent damage. It's wonderful that the university took such steps, but to say that IE isn't the problem is very, very incorrect.

      I see PCs all the time which have IE up to date as well as have up to date anti-virus software that are *still* plagued with problems. Why? IE vulnerabilities.

      Even for a patched system, IE presents a vulnerability for computers that are used for "general" web surfing. Firefox is a perfectly valid recommendation, even for those with up-to-date systems.
  • ...the level of prosperity where it's not shocking when people or organizations ditch IE for it? Firefox is the obvious better choice, this shouldn't be 'news'.
  • Department of Duh." Sheesh. Windoze lusers have to be most impervious people on earth. How many times do their systems have to get compromised before they dimly ponder alternatives? Infinity -1, apparently.
    • Most Windows users don't know anything about the alternatives. Remember that the majority Windows users are very uneducated about computers other than knowing how to move a mouse and click stuff. Microsoft and Dell/HP/Gateway/etc. sold millions of these computers because of "ease of use" and because of relatively low cost (compared to, say, a Macintosh; to most of these types of users, they'd buy the $399 Dell or HP over the $799 eMac, even though the eMac is more full-featured and immune to Windows malwa

  • by fuzzybassoon (728480) on Saturday December 11, 2004 @05:36PM (#11062665)
    It's been the onofficial policy for my University's helpdesk to install FireFox on any students' computers, particularly if they've been having Spyware problems. Here's part of an e-mail sent out on Nov. 5 to the entire Yale Community.

    To Selected Members of the Yale Community:

    We wanted to send you an important reminder about your privacy and
    security while browsing the Internet. We are concerned about certain
    vulnerabilities inherent in Microsoft Internet Explorer (MSIE). Even if
    you do not use this application as your browser, you should consider a
    read through for information about keeping your computer updated.

    Due to its popularity, MSIE has increasingly been the target of technical
    exploits and sophisticated "phishing" schemes. We strongly encourage you
    to take certain precautions for your own security:

    1. First and foremost, verify that your computer is updated with current
    patches and updates. The best and easiest way to do this is to set your
    computer to automatically update its operating system and antivirus
    software. If you need assistance doing this, please see below for contact
    information.

    2. There are known vulnerabilities in MSIE that do not yet have patches.
    This has happened in the past and appears likely to happen again in the
    future. We recommend that you either:

    a) Refrain from visiting unknown websites or providing personal or
    financial information while using MSIE, unless you are absolutely certain
    you are dealing with a truly reputable website (for example the CDW-G
    website in the Yale ePortal).

    b) Use an alternative web browser such as Mozilla or Safari. The Yale
    Software Library (www.yale.edu/software) provides recommended alternatives
    that are easy to install and provide the same basic functionalities as
    MSIE. There are some web pages that will only display properly in MSIE
    (since it contains certain special proprietary functions), but most web
    browsing can be accomplished using the alternatives.
  • A good start... (Score:2, Insightful)

    by Mori Chu (737710)
    Most college admins' time is spent dealing with student spyware. IE is a big source of it (though not the only one). Something's got to give. I think it's a great idea to recommend installing Firefox and to lock out machines with spyware run amok. I'd think that mandating Ad-Aware and/or SpyBot would be an even bigger help. I don't know the feasibility, but if they could force any connecting machine to identify itself as having SP2 installed, that by itself would be a huge start. They just don't have
    • I'd think that mandating Ad-Aware and/or SpyBot would be an even bigger help. I don't know the feasibility, but if they could force any connecting machine to identify itself as having SP2 installed, that by itself would be a huge start. They just don't have the time to deal with unprotected machines.

      Just to point out the obvious, mandating the install of pc spyware/adware programs could only apply to those computers running a microsoft OS. The tech savvy folks using linux, OSX or other unixlike OS are not
  • by DrStrangeLug (799458) on Saturday December 11, 2004 @05:56PM (#11062784)
    3 years ago I worked at a small college in the SW United Kingdom, and when the Internet became "The Big Thing" we used Netscape and then Mozilla as our browser base.

    They've recently been merged with/taken over by a larger college in a nearby town, and the surviving IT department is in the process of converting the site from :

    • A Corel WP Suite & OpenOffice mix to MS Office
    • Groupwise to Outlook
    • Mozilla to I.E.


    Common Sense doesn't always win.
  • IE is evil (Score:2, Interesting)

    by h311sp0n7 (773094)
    A couple of months ago I was trying to convince the head of ITS at my work to switch to Mozilla. When Firefox went 1.0 he obliged and we did a complete rollout to all clients. The only real problem being that many Web programmers do not conform to W3C standards and only build applications that are compatible with IE. Personally, I do not use IE and have not for a long time, but the pages that I do create conform to W3C standards. The move to any browser is dependant on how pages are written. More of the
  • Project (Score:3, Interesting)

    by utlemming (654269) on Saturday December 11, 2004 @06:04PM (#11062823) Homepage
    During a major network reworking project at a college apartment complex, my partner and I recommend that the comlpex go over to Firefox. The interesting thing is that some of the tenats referred to the new internet at "Firefox" internet, as opposed to "Internet Explorer" internet. And even better was the fact that several of the tenats asked where they could get his new "internet." Out of the people over in the complex nearly half have switched over to Firefox. The exposure of Firefox actually started in their Internet lounge. And since people saw that the complex was using Firefox they started to what it. So I think that the best way to get some of these alternative standards-based browsers out is for exposure in main stream enviroments.
  • by NASAdude (731949) on Saturday December 11, 2004 @06:11PM (#11062865) Journal

    I submitted this same story with a lot more detail (but not the InformationWeek link) 28 hours prior to the timestamp on this story. It was rejected. Sure, mod me off-topic if you think I'm whining.

    I posted my write-up in my journal [slashdot.org] for posterity's sake. Replies are welcome on this post in regards to the actual news story. Comments as to why you think the submission was rejected should only be posted in the journal. (You don't want to be off-topic, right?) Did I submit at the wrong time of day? Was the submission too long? Ok... enough whining.

    I won't make you do unnecessary clicking, so here are some of the relevant links that I found:
    Penn State's own news article [psu.edu]
    Chronicle of Higher Education article [chronicle.com]
    ZDnet article [zdnet.com]

    The journal entry [slashdot.org] also has comments taken from a PSU IT personnel listserv, as well as other links.

  • by MasterVidBoi (267096) on Saturday December 11, 2004 @08:06PM (#11063398)
    As a linux and firefox user, this is probably the wrong approach. Students should not be told that they must or must not use any particular piece of software as long as that software doesn't damage the network (I don't think IE causes nearly as many problems as p2p on college campuses).

    My school has a slightly different way of dealing with this (at least for dorm computers): If your machine appears to be infected, they cut your internet access. Then, they'll fix your computer and give you a talk about security, but only once.

    If you get infected again, you lose internet access, and don't get it back until you demonstrate that your machine has been reformatted. Every time. All of a sudden, even the most non-techie people start to be a little more careful, and start listening to you.
  • Is it really news? (Score:5, Insightful)

    by Spy der Mann (805235) <spydermann.slashdot@nOsPaM.gmail.com> on Sunday December 12, 2004 @12:23AM (#11064476) Homepage Journal
    When I was in school, I remember using Netscape 3 to view webpages (after all, we were using Unix).

    I'd rather say that universities are going back to their roots. IE was designed for home computers and the Joe User, not for universities.

Riches: A gift from Heaven signifying, "This is my beloved son, in whom I am well pleased." -- John D. Rockefeller, (slander by Ambrose Bierce)

Working...