Internet Explorer 7 Security

By Daniel Miessler on October 26th, 2005: Tagged as General | Windows

Look I’m pretty enthused about the new security features being used in the upcoming version of Internet Explorer. There’s a lot to be optimistic about.

But articles like this make me sad. I fail to see how IE7′s security hinges on the strength of encryption between it and a remote website.

Have you ever gone to fix someone’s system that was trashed by IE, only to say to yourself, “Damn, if only they’d used TLS instead of SSL.”? Yeah, me neither.

SSL 2.0, TLS 1.0 — whatever. I’m all for the stronger standard, but I’m more interested in seeing more needed improvements such as the handling of ActiveX, scripting, input validation, etc.

  • Tim

    I guess the argument (for changing security layers instead of upgrading the buggy or insecure features)is that the more shady sites will bork because they use SSL1.0 or 2.0… but like the article says, it’s easy to add in SSL3.0 or TLS

  • Tim

    I guess the argument (for changing security layers instead of upgrading the buggy or insecure features)is that the more shady sites will bork because they use SSL1.0 or 2.0… but like the article says, it’s easy to add in SSL3.0 or TLS


Top

Popular

Information Security / Technology

Politics

Philosophy & Religion

Technology & Science

Culture & Society

Miscellaneous

Arguments

Projects

Collections

Twitter

What I'm Reading

Favorite Books and Essays

Top Blog Categories

Inputs