Re: IE is just as safe as FireFox

[Vincent Archer <var () deny-all com>]

On Fri, Nov 19, 2004 at 10:51:43AM -0500, joe wrote:
> > Autoconfig script may enumerate hosts which don't require a proxy. 
> > Usually there are a very few intranet servers in corporate network.
>
> You should have prefixed "there are very few... " with one of two things 
>
> 1. Relative to the internet...
>
> 2. In my experience...

Well, he did say "usually" :)

> This is actually the area where IE is so strongly embedded due to its
> application interfaces and what MS has been building towards for so long
> with it. If you look at this space and compare how firefox renders/operates
> next to IE you will see why many companies chose IE as their official
> browser even in the face of having more exposure due to security. A lot of
> that depends on how the web site is designed/built but there is a lot of
> functionality there that can only be reached (and thereby exploited) on IE.
> There are companies whose primary LOB applications internally are on IIS
> servers and can only be accessed with IE. In those cases it isn't a simple
> pick up and replace the browser scenario. 

Even something as simple as OWA (Outlook Web Access), which is often used
as the main component of the corporate "Extranet" is strikingly different.
OWA looks like an average web app when viewed on a Mozilla or similar
browser. OWA looks almost exactly like Outlook when viewed by IE.

Other apps flatly refuse to work with anything but IE. None of these
are strictly "web applications" anymore - they are applications that use
an UI processor, which happens to be the HTML processor as well.

-- 
Vincent ARCHER
varcher () denyall com

Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 5, rue Scribe - 75009 Paris - France
www.denyall.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html