Brian Krebs notes after extensive individual study that Internet Explorer was unsafe for 3/4ths of the year during 2006.
While I applaud Brian’s efforts, I doubt that comes as much of a surprise to anyone. What is, however, a little shocking is the fact that for more than 3 months out of the year (not necessarily concurrent), Microsoft was withholding (or just didn’t have) solutions for flaws that identity thieves were actively using in criminal pursuits. Actually, that’s no surprise either, so I’ll move on – but kudos to Brian first for pointing it out to everyone else!
When you buy a car that is similarly screwed up, one of several things may happen:
- The dealer denies responsibility over and over while portending to fix things under the vehicle’s warranty. Then your ex-girlfriend marches into the showroom and calls you from her cell phone, screaming bloody murder into your ear (and everyone else’s in the showroom) until the general manager hands out a new car (and you have to find a dealer in another state to handle your service, since the present dealer now hates you so damn much). Yes, that happened to me (or an ex, that is), and even though we are no longer together I still think that was a pretty killer move on her part.;
- You hire a lawyer to assist you in enforcing some state lemon law, and after enormous time and expense you get a new car (and you have to find a dealer in another state to handle your service, since the present dealer now hates you so damn much);
- Your vehicle fails to perform, in a catastrophic way, when you least expect it. You crash. You get hurt really bad. You may very well hurt others really bad. Everyone hires a lawyer. After enormous time and expense, the court finds the big manufacturer at fault, and everyone gets compensation.
Now, to my point…
Regarding IE (and Windows in general) – unfortunately for it’s users, there is no lemon law. I believe the cute little EULA (which nobody reads), takes care of that. Instead, it has failed, catastrophically.
- How much damage has been done to innocent bystanders – those who don’t read the EULA because they’re simply running something else (I suspect the EULA covers passersby like corporate employees and friends borrowing the computer, but I’m not taking the time to install Windows just to find out)?
- How many people have had to hassle endlessly with spam, as a result of some friend’s desktop contact list being pilfered via virus infection?
- How many identities have been snatched as a result of the same?
- For that matter, how many servers running business critical application on alternative operating systems accessed by alternative browsers have been crashed by floods of spam and DDOS attacks originating from zombiefied home computers?
- How much time and money has been spent direct protecting one’s self against these indirect threats?
- How much time and money has been wasted correcting the mistakes of others?
Where the hell is a screaming girlfriend when you need one?