Internet Explorer 7 Security

By Daniel Miessler on October 26th, 2005: Tagged as General | Windows

Look I’m pretty enthused about the new security features being used in the upcoming version of Internet Explorer. There’s a lot to be optimistic about.

But articles like this make me sad. I fail to see how IE7’s security hinges on the strength of encryption between it and a remote website.

Have you ever gone to fix someone’s system that was trashed by IE, only to say to yourself, “Damn, if only they’d used TLS instead of SSL.”? Yeah, me neither.

SSL 2.0, TLS 1.0 — whatever. I’m all for the stronger standard, but I’m more interested in seeing more needed improvements such as the handling of ActiveX, scripting, input validation, etc.

  • Digg
  • Reddit
  • HackerNews
  • StumbleUpon
  • DZone
  • Google Bookmarks
  • Twitter
  • Facebook
  • del.icio.us
  • FriendFeed
  • Posterous
  • RSS
  • email
  

View Comments

  • Tim
    I guess the argument (for changing security layers instead of upgrading the buggy or insecure features)is that the more shady sites will bork because they use SSL1.0 or 2.0... but like the article says, it's easy to add in SSL3.0 or TLS
blog comments powered by Disqus

 

twitter_icon

Sample Original Content


Information Security

Tutorials and Primers

Culture & Society

Technology & Science

Politics

Philosophy & Religion

Miscellaneous

Tools & Projects


Blog Archives