The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
[Computer Security Thread] CVEs, or "Crap! Vulnerabilities! Eughhhhh..."
TetraNitroCubane
Not Angry...Just VERY Disappointed...Registered User regular
Not Angry...Just VERY Disappointed...Registered User regular
Computer Security Thread
Dear Malware: We Hate You
It's a dangerous internet out there. In this thread, let's discuss questions, recommendations, and techniques related to computer security.
Dealing with a nasty infection? Make a post and see if anyone has any advice. Need some recommendations on which anti-virus to use, or just have a quick question about what MBAM is? Check out the software list and ask around for testimonials. The thread's really intended to be a catch-all for any information you might need for security related issues. The OP will be updated as more information fills out, recommendations are made, news breaks, or errors are caught.
On that note, please feel free to contribute to the OP! If you know of a piece of security software overlooked, or take issue with the advice given, post it in the thread and the OP will be modified accordingly. As a major disclaimer I personally am not a security expert, but many people on the forums are very skilled in this field. I plan to give as much help as I can, but hopefully this thread can become a useful info-dump. With luck we can avoid numerous redundant threads on the forum about the same problems, and have a quick-access reference for a variety of questions.
Most of the assembled links and advice are offered for Windows systems, but discussion for all OS flavors are invited.
Big `lo List of Dang-Useful Security Software:
A note on software: No single solution is 100% effective for every person. Depending on how you use your machine, different software will be more suited to your needs. As such, there's no way to tell you exactly what to install, but hopefully you can get some good recommendations about where to start if you're curious.
Current Top Recommendations.
From lurking about the forums, the following pieces of free software have been highly recommended by a large number of people. They're listed here for quick reference, and may change or rotate depending on forum reception and popular opinion. They're lightweight, very effective, and easy to work with. If you're wondering what to get for Anti-Virus or Anti-Malware, these are solid choices. For a list with more options, see behind the spoilers.
- Anti-Virus: Microsoft Security Essentials
- Anti-Malware: MalwareBytes Antimalware
- After-the-Fact Malware Removal: Combofix (Read the guide before you use it!)
Anti-Virus Software:
This post is old and requires some updating. A/V Software is currently evolving quickly. For the moment, the best advice is - Avoid McAfee (if you're running Government machines, Kaspersky) if you can.
[/list]Anti-Malware:
This section needs updating, but for the time being, useMalwareBytes Antimalware. `Nuff said for now.
Firewalls:
Basic layers of defense against intrusion from internet-based attacks. From Windows XP SP2 and higher, Windows Firewall should be on by default. A large majority of people using computers should therefore already have a firewall on, but these solutions offer more robust options if you're interested.
Interesting note: Windows firewall has caught a lot of flak in the past for not having outbound protection. For XP, it certainly doesn't. In Windows Vista and Windows 7, though, it is possible to configure the firewall for outbound filtering. See here for more details.
Personal Opinion from the OP (Take with a grain of NaCl): If you're worried about nasties, outbound blocking isn't going to help you much. Once the thing is on your system, it's too late, even if you're blocking it's communications. Outbound blocking/monitoring can be useful for privacy's sake, though.
Interesting note: Windows firewall has caught a lot of flak in the past for not having outbound protection. For XP, it certainly doesn't. In Windows Vista and Windows 7, though, it is possible to configure the firewall for outbound filtering. See here for more details.
Personal Opinion from the OP (Take with a grain of NaCl): If you're worried about nasties, outbound blocking isn't going to help you much. Once the thing is on your system, it's too late, even if you're blocking it's communications. Outbound blocking/monitoring can be useful for privacy's sake, though.
Rootkit Detection:
Rootkits can be nasty, nasty things when put to malicious purposes. I'm not an expert, so I can't explain them fully, but my layman's understanding of them is that they can effectively hide from just about anything - including your A/V and Antimalware software. The following programs are designed to detect, and/or remove rootkits from your system.
Make no mistake, though. If a rootkit gets on your system, the highly recommended course of action is to backup, clean format, and rebuild. It's the only way to be sure you got the sucker.
(Unless specified, these programs are only for x86 machines. 64-Bit Rootkit detectors are a different matter)
Make no mistake, though. If a rootkit gets on your system, the highly recommended course of action is to backup, clean format, and rebuild. It's the only way to be sure you got the sucker.
(Unless specified, these programs are only for x86 machines. 64-Bit Rootkit detectors are a different matter)
- Rootkit Revealer (Microsoft)
- F-Secure Blacklight
- Gmer
- Hitman Pro (x64 compatible)
- Rootrepeal
- Sophos Anti-Rootkit (May function on x64 systems)
Other Protective Software - HIPS (Host Intrusion Prevention System) and Sandboxing:
HIPS and Sandboxing programs add a fantastic layer of first-line defense in addition to Anitvirus and Antimalware software. Most of these programs aim to prevent any software that's untrusted from running or modifying the system, or else will run programs/save files in a virtualized environment where they can't cause harm. Sometimes this means more hassle for the end user in some regards - If you actually want to get a file or program out of the sandbox, or past the HIPS, you have to do so manually - But it's very difficult for nasties to get past these layers if you have them configured correctly.
Keep in mind some of these programs take some advanced configuring, and may not play well with others. I'd recommend further research into each product before taking the plunge.
Note that as of writing this post, there are no functioning HIPS or Sandboxing programs that I know of for x64 Windows machines. Microsoft's Patchguard makes this rather difficult. (EDIT: 64-Bit Sandboxie is available, in release form, as of 2/3)
Keep in mind some of these programs take some advanced configuring, and may not play well with others. I'd recommend further research into each product before taking the plunge.
Note that as of writing this post, there are no functioning HIPS or Sandboxing programs that I know of for x64 Windows machines. Microsoft's Patchguard makes this rather difficult. (EDIT: 64-Bit Sandboxie is available, in release form, as of 2/3)
- Sandboxie
- GeSWall
- DefenseWall
- Shadow Defender
- Malware Defender
- VMWare Browser Appliance (Requires VMware Player. See instructions written by someone more experienced that I here.)
Other useful software:
Sysinternals Stuff - Tools of great value, now owned by Microsoft.
- Autoruns - Allows you to see and manipulate/remove all startup tasks and such. Also has a very handy 'Filter Out Windows Processes' option.
- Process Explorer - Task Manger on Steroids. Allows you to see all running processes, including daughter process relations and in-use DLLs, etc.
- Process Monitor - More detailed process information, including monitoring of real-time file system, registry, and thread activity.
- Secunia Personal Software Inspector - Free tool designed to alert you to the presence of outdated and / or vulnerable software on your system. Great for keeping up with third-party programs.
- HijackThis - Now owned by Trend Micro, HijackThis is a useful program for determining if nasties have their hooks in your browsers. A HijackThis log is sometimes requested if you're looking to remove malware, but not always. It takes a bit of experience to decipher the logs, but if you want to auto-analyze the results there are two OK-ish websites here and here. Just be aware of what you're doing before you remove anything!
- ESET Sysinspector - Tool for monitoring system changes and status. Sysinspector takes 'snapshots' of your system, and reports back 'risk' levels for each entry it finds. The real power comes from the ability to compare 'snapshots' between different time points, to see what changes have occurred to your system.
- WinPatrol - System monitoring software. WinPatrol keeps an eye on new additions and changes to your system, and alerts you to when they take effect.
- [url=Cleanup! - Free tool to remove temporary files from various locations on a Windows XP or earlier system, where malware oftentimes hide after infection.
- CCleaner - Tool to remove unwanted temporary files and/or old registry entries from a system.
LiveCD and RescueCD options:
In the event that your system becomes infected with a piece of malware, it's often preferable to try to solve the problem from outside the afflicted operating system instead of trying to address the issue from within. The following LiveCD and RescueCD options are bootable images that you can burn to a disk. The tools and available utilities for each vary depending on which you choose, but they will all allow you to boot into a Linux or Windows Environment from which you can address infection, or else take to directly to a scanning utility. This can be particularly useful for backing up files from an existing partition before doing a complete reformat/reinstall.
Other Protective Measures
Having layers of security is always a fantastic idea. It's never a good approach to rely upon one security suite and hope it will keep you one-hundred percent safe. There are actually a number of really great ways to keep your system secure that don't involve additional scanning applications, some of which are built right into most operating systems.
Because I'm a silly, silly goose, you can find this information elsewhere in the thread (I neglected to account for size, and this was a late addition to the OP). Even if it sounds a bit different than usual, this is really important stuff! Take a look and see what works best for your system.
Because I'm a silly, silly goose, you can find this information elsewhere in the thread (I neglected to account for size, and this was a late addition to the OP). Even if it sounds a bit different than usual, this is really important stuff! Take a look and see what works best for your system.
I'm Infected! What do I do?
Even the most vigilant user can get infected these days, thanks to the way zero-day threats and new malware propagate at an alarming rate, and in unexpected ways. If you suspect that you've been infected, there are a number of ways verify a compromise. Try running MalwareBytes AntiMalware, an anti-virus scanner, or an online scanner from the list below. They'll let you know what/if anything hit you. If they come back positive, or you're just sure that the porn-laiden pop-ups / Scareware windows that you're seeing are a good indication that you've been compromised, there are several things you can do. It's hard to give generic advice that will work in all cases, but the following are some basic ways to approach the problem. These options are, in no particular order:
- The Nuke From Orbit: Backup your data. Clean format your hard drive. Reinstall your operating system and start over. Whatever infected you, it'll likely be gone.
Yes, it sounds severe, but to be completely honest it's the only way to be sure. Modern malware has deep-digging claws, and if it gets onto your system there's a good chance of it inviting all of its friends. Once an initial infection occurs, most nasties will launch droppers to install other trojans and such, and even deploy rootkits onto your system. There's always a possibility that, no matter how well you cleaned the system, there's something left over that you can't see. Some nasty shit like Virut will also corrupt just about everything of your system, so even removal of the virus will leave damaged files behind that can't be repaired.
If you take this course of action, be sure to scan your backups for nasty garbage before you restore them. Remember, PDF and .doc files are vectors for infection. Disable autorun for USB devices on XP (it's disabled by default on Vista and 7) before you plug in your backup drive, and ensure your stuff is clean before restoring.
It may seem like a pain in the ass, but if you're running a modern system on Win 7, reinstallation can be quite fast. And with programs like NLite and vLite it can be a bit easier to manage. Restoring from an image backup can be even more painless, if your backup solution hasn't been compromised. - Outsider Assistance: Scan your disks from outside the operating system.
Booting from a live-CD into another operating system will ensure that whatever crap got its hooks into your machine will be inert. See the "LiveCD and RescueCD options" section in the "Useful Software List" section above for various image files that can assist in either scanning for nasties, or else allowing you to backup your system from outside the OS. Alternatively, you can mount the HDD somehow to an OS X or Linux system with A/V software, and scan through that route. A bit tricky if you go the 'pop the HDD' route, perhaps, but safer than trying to clean from within Windows, if your Windows disk is infected. - The Inside Job: Scan in Safe Mode.
Reboot your system. Once the BIOS POST message clears, mash on F8 until you have the option to load various Windows Safe-Modes. Choose Safe Mode with Networking, and let things load up. Once you're in, download, install, and update MalwareBytes AntiMalware as necessary. Let it run a full scan, and then take action to remove any nasties. Follow this up with an A/V scan from one of the entries on the list below to make sure you're clean. Mix and match removal tools and other anti-malware solutions as necessary (It'll really depend on what you're dealing with). This approach has variable success, but can do the trick in some cases.
If you're going to try to clean an infected system from the infected partition, one of the strongest, most effective tools to root out the malware is ComboFix. Note that this is extremely powerful software, and inappropriate usage will damage your system. The link above will take you to a guide that's pretty comprehensive, so just be sure you're following along appropriately. In many cases, ComboFix is a pretty stellar way to combat even rootkits.
A couple of additional notes about this method: First is that sometimes MalwareBytes works pretty stellar in Safe Mode, but sometimes it's not ideal. The creators themselves have said MBAM isn't designed to run in Safe Mode, but anecdotal evidence suggests that's the only way to root out some nasties. Your mileage may vary, so you might want to try scanning both in and out of Safe Mode. Second, if malware is pestering you to the point that you can't even run any security/cleanup software, try using RKill to terminate the nasty process before launching your cleaners. There are several flavors of RKill to try, but you only need to use one. The others are there as alternatives in case one is blocked.
General Tips:
Safe Browsing by limiting what sites you visit is no longer effective. Obviously, you're safer if you avoid porn/piracy/illegal sites on the internet, but that doesn't make you 100% safe. An emergent and popular threat known as "Malvertising" means that ANY website - no matter how safe and trusted - can potentially expose you to malware. The New York Times, National Geographic, Snopes, and other websites have all infected people who simply visited their pages. Of course, there are a number of actions you can take to mitigate the danger.
- Ensure everything is updated. Obviously you want your OS up to date, so rely on critical updates and service packs from Windows Update. But don't neglect your other third-party programs. Browsers are regularly patched for security purposes. PDF readers and IM clients are similarly patched. As OS patches become more automated, third-party software will become increasingly targeted, so play it safe and up to date.
- Browser Safety. This is a tricky issue I'm reluctant to weigh in on, so hopefully thread contributors can assist. It's difficult to call any one browser 'more secure' than others these days, so long as we're talking about the latest versions. IE 6 and IE 7 should be treated as ebola-carrying monkeys, and not touched with a ten-foot pole. IE 8 apparently has much better default security, and lower privileges, and has been regarded as much more secure than previous versions. Firefox is imminently customizable, and can be made secure if configured properly. Ditto for Chrome, Safari, and Opera.
Above all, ensure that you employ some manner of javascript blocking. Exploits are commonly launched via javascript, and blocking them here will ensure such attacks never even reach your machine. On Firefox, get Noscript. For Opera, it's a bit more of a hassle - Go to Preference --> Advanced --> Content. Uncheck "Enable Javascript", "Enable Plugins", and "Enable Java". This will globally deactivate Java and Javascript for all newly visited webpages. When you visit a page where these features are required, right-click on the page and select "Site preferences". Now enable the options you wish. It will save these options on a per-site basis, so you'll never have to do it again for that site. It's a pain, but the advantage is that, if for some reason a malicious redirect lands you on a malware page, javascript won't be able to run, since it's a domain you've never visited before.
Chrome and Safari should have methods for selective script blocking as well, but I'm unfamiliar with them at this time. I'll fill in this space if someone in the thread can provide details! - DON'T PANIC: Modern malware is often 'Scareware' that tries to pressure the user into making an uninformed, rash decision to install malicious software. If you see a popup telling you that it's found a virus on your machine, treat it with suspicion. Do you recognize the name of the software? It is a security suite you're running? If not, you're likely looking at a browser-generated fraud. Clicking anywhere on the dialogue (i.e. even the 'X', 'NO', or 'Cancel' buttons) will launch a download of rogue anti-virus software. The best way to deal with it is to ctrl-alt-del to call up the task manager, and kill the browser entirely. Then do a scan with Malwarebytes just to be sure it didn't do anything nasty. Above all, stay in control. If you're not sure of what you're seeing, find a way to record messages/screenshots before taking action.
Additionally, remember to apply the same ideals to communications in general. Don't let someone pressure you into thinking your bank account, credit card, or Paypal are being frozen and they need your password right now!! Anyone who asks you for your password and login information over any channel (IM, email, even the phone) is either an idiot or a thief. Regardless of which they are, you don't want them having that information.
News
- News Refresh Inbound. Please hold
More will be added to the list as time goes on. Until then, be safe!
TetraNitroCubane on
+1
Posts
Very good ideas. Combofix is offline for the moment, thanks to a system-breaking bug. I'll be sure to add it into the OP once the author gets the issues sorted out. Their main link explicitly warns against using other versions hosted elsewhere. I gather it's something rather serious.
I admit that I'm unfamiliar with vmware for sandboxing, but I'll gladly add it in!
I also added a news section, which I'll try to keep up to date without spamming the thread to severely. For the time being, everyone should be aware of the recent exploits to Adobe products and PDF viewers which utilize Javascript. There's more information in the OP.
*ducks*
In all seriousness, I've kept a Linux router/firewall set up between the Internet and any Windows PCs I've had set up, and I have never picked up anything nasty. No viruses, no hacks, etc. Bottom line, I don't trust Microsoft in the slightest to keep their own product secure, and will never connect a Windows box direct to the 'net if I can ever avoid it.
That's one off the list. Now all we need is someone saying 'Buy a Mac!'
I kid, I kid. Your reasoning is sound in my opinion. Running Linux (or OS X) is a viable solution to many of the ailments that Windows boxes are prone to. I'm not making any accusations otherwise - Windows machines are a prime target in a way that other OS options are not, for a variety of reasons. Unfortunately, it's not everyone knows how to set up a Linux router / can escape to OS X, etc.
I'm using avast now on my laptop windows partition which doesn't get used more than a month at a time or so, so I'm not terribly concerned about it, but does microsoft security essentials do as good a job or better than it? It'd be nice to use that instead just to keep things somewhat consistent, and I don't think I really need an antivirus that badly anyways, but avast doesn't seem bad so I'm ok with keeping it until something better comes along.
Taking the simple steps of a seperate firewall, and using ANYTHING other than IE (really, please, pretty please) can reduce your chances of contracting something by, what, 99%?
edit: oh, and the Norton uninstall program doesn't actually remove it entirely, last I checked. Fun fun.
I would also suggest that Zonealarm be removed from the list of Firewalls. That thing is garbage and should not even be acknowledged.
I'd still say ditch it and switch to MSE, though :P
And heck, MSE is doing really well with detections at the moment. It's picking up stuff that NOD's been missing lately, according to VirusTotal.
I'll certainly agree with this, to a degree. I've been using it for years now, and been pretty happy thanks to the low resource usage and good protection. Unfortunately they seem to be 'slipping' a bit. Most of the latest 'comparatives' studies seem to rank it low against Day-0 threats... but still, the really snappy and repeated signature updates are a big plus. I get two, if not three a day.
If this is consensus, consider it gone. The Firewall list is a little brief right now, but I'll try to fill it out soon. I admit I don't have much experience with Zonealarm.
I'm personally glad for you that you have no experience with ZoneAlarm, cause you're a lucky man. I'd definitely go as far as to say that ZA is a p.o.s.
You are so far behind the times. Only Windows has security functions like ASLR (Address Space Layout Randomization). IE is also very secure now, more so by default than most every other browser. In fact only Chrome comes close to all the little settings options that IE has. Chrome is the only other browser to follow IE's example and add a sand box mode. IE also runs at a lower privilege level than any other browser.
Nothing can install through IE without the user's permission. In the chance that something does slip through it still can't make any changes to the system thanks to the sand box mode.
Microsoft becomes high priest of secure software development
OPINION: Pigs Fly! Microsoft Leads in Security
I tried AVG a while back, didn't like how it auto-installed a Firefox addon that added a bunch of useless shit.
I am very happy with MSE.
Currently DMing: None
Characters
[5e] Dural Melairkyn - AC 18 | HP 40 | Melee +5/1d8+3 | Spell +4/DC 12
I assume you're talking about IE 8, which no one will install, because it's not supported by anything?
ZA modified the Windows tcp/ip stack. It did this in 98SE, 2000, & XP. ZA has problems with Vista & Win7 because they use a different tcp/ip stack and a lot more security & system hardening so programs in general can't just mess with the system.
Then there is the little issues of ZA not disabling, as in you would "disable" it the program would say ok and tell you it's disabled and then keep on running. So if you were trying to diagnose a connection problem you had to uninstall ZA to get proper network info.
And lastly ZA would leave a lot of trash in your system when you did uninstall the thing.
So yes the Windows Firewall is just fine, if you want something more use Comodo. I've also had good resutls with McAfee's firewall, I just don't feel like paying for it.
On another note, has anyone had any experience with Prevx? It's supposed to be cloud-based malware recognition that doesn't conflict with A/V software, but I'm at a loss as to what it actually does (i.e. if it's signature based, heuristics based, system monitor based). Their website is a little too flashy for my taste, and I can't find any real info there, but it's been recommended to me by word-of-mouth.
lolz, no, just no, please god no. Stop spouting stupid shit. You can have the best fucking stand alone firewall in the world and it doesn't mean shit when a trusted site is delivering the payload to your web browser, or you open that file from a trusted source, or view that attachment from a trusted email. Secondly, there's that whole cause/effect thing going on, and claiming that your precious firewall has prevented you from getting anything is a joke. But hey if we are trading useless anecdotes, guess what, I don't have a fancy linux firewall and I too haven't picked up anything nasty!
Oh hey, more stupid shit:
lolz, yeah, not supported by anything, except one of the most popular internet applications around: Steam, maybe you've heard of it? Oh, and here's another shocker, Win7 comes with IE8 by default, so I am guessing there are just a few people using it as their default browser. Really dude, if you want to bury your head in the sand, that's fine, but keep the stupid inside your head.
Tetra, I totally agree about the client firewall and blocking outbound connections. It is mostly a privacy/control thing and less a security thing. I use one because I want to know what apps are phoning home and decide whether or not to let them out. The other useful aspect is isolating infections to a single computer within your trusted zone. Sure my laptop may get infected, but the hope is that the client side firewall will prevent the virus from accessing trusted resources before I can kill its network access and deal with the infection.
ASLR wasn't even coined by Microsoft. It has existed in OpenBSD, and patched into Linux (now core iirc) for nearly a decade. Like most good parts of Windows, it was licensed, purchased, or otherwise ripped from other operating systems.
1. Obviously no firewall in the world can prevent a trusted client from doing something stupid. I am not stupid. A good firewall will, however, protect you from all manner of worms and scans looking for running services with known exploits. But yes, it's only one piece of the puzzle.
2. I can't use IE8 due to several of my employer's internal WebApps being completely broken in it; and they are designed to work in IE7. Hell, some of the products we sell still don't have IE8 support. It's growing, sure, and I admit I was exaggerating when I said "anything", but I know I am not incorrect when I say that there are a large number of people out there with non-public applications that will not run in IE8 yet.
3. Up until last weekend, I was running a Vista64 machine with AVG and Firefox, behind the aforementioned Linux router/firewall. I've been running variants on this setup for, oh, 7 or 8 years now. Combined with good browsing habits and a bit of caution, I have never picked up a virus.
So, you can stop getting so defensive. I'll trust Windows the day I hook it up straight to the 'net and don't get a worm infection within the first 10 minutes. And for the record, no, I don't trust Linux either, but I DO trust my firewall rules, and I do trust that far, far less malware targets it.
Operating systems are tools. They each have their strengths and weaknesses. Anything I relate is opinion based on my personal experience; it may not be your experience that Windows is insecure, but it has been mine. I also admit this is colored by my time spent fixing Windows PC, and then my time spent working with Linux servers.
Can we quit with the zealotry now? :P
Windows breaks a lot because a lot of Windows users are complete morons when it comes to security or computers in general. That is why you spend so much time fixing Windows boxes.
P.S. Putting up your own security measures and then berating Windows for lacking their own proper security, without even allowing the Microsoft software an opportunity, is a horrible logic.
Minor Thread Alteration: I've moved Prevx and added Threatfire to a new Anti-Malware category, 'Behavior Blockers'. I'm really torn on these programs, particularly Prevx. After doing some research, they seem like invaluable tools that can run alongside current A/V solutions without much issue, and cloud-based recognition makes them appealing. Prevx in particular has some glowing reviews from sources I usually trust.
However, I just can't get over the fact that Prevx just feels shady. Their website looks like a scareware site, and apparently the free version of their software may or may not engage in scareware tactics. There have been a number of odd news releases about them, too, including accusations that they've created their own malware to boost sales. These developments, combined with their recent behavior during the 'Black Screen of Death' debacle (details) makes me consider removing Prevx from the list.
I don't want the list being a collection of my personal opinions, though, and I have no experience with the actual software. Any input on the matter would be greatly appreciated. The problem I always have when researching security issues is the rampant fanboyism that paralyzes some of the discussion venues like Wilder's.
Consider it done!
Also, ComboFix is back online, so I added it to the recommended links for reactive malware removal as per Stigweard's suggestion. It's a potent program, and not to be used lightly, but it's very good at what it does.
Great to see ComboFix is back. Its my current favorite last resort tool.
Take Tetra's word that ComboFix is not to be taken lightly. This thing will root out even the most stealthy of rootkits but it can give you major problems with your system files if you aren't careful. See, in the process of removing these rootkits some system files might get caught up in the crossfire and get purged along with the rootkit because of Combofix's detection algorithm. This can turn a hijacked system into an unbootable one quick. Im sure the recent outage was because of this very reason. A new kit was being purged along with system files and it was trashing systems.
Id also like it if Smitfraudfix were on the list. This little prog is a dynamo when it comes to getting rid of browser hijacks and those fake anti-virus programs. But like Combofix, do your homework and know exactly what you are getting rid of before you use these tools.
Thank you for the only adult pro-MS response to the Linux users in this thread.
edit: Firefox 3.5 user here.
I do tech support for a major national bank's web site. Basically I take calls from consumers and explain to them why they screwed up their passwords, etc. One thing that we have noticed since the release of Internet Explorer 8 is it produces many unexplained errors. One of it's favored errors tells us, through an error code, that the IE 6 user needs to apply hotfix to properly use the javascripting of our website. It identifies as I E 6... Most of the time the only way to get IE 8 to 'work' for our site is to get the consumer to find the compatibility button. These are the very same consumers that take 20 minutes to find the address bar. IE 8 is still not supported by my financial institution, and the main response when a consumer has an issue with the site, and they are using IE 8 is to install Firefox, Opera, or Safari.
"If you're going to play tiddly winks, play it with man hole covers."
- John McCallum
IE has "quirks mode" commands that can be added to a site's code/templates. Basically sites can tell IE8 to open them in compatibility automatically. They could also add a little info bar telling people with IE6 to either upgrade to IE8 or to install the hotfix.
Example site: http://ie6update.com/#
I personally do not care for Firefox, a big part of that is the User base. I have no qualms admitting that I'm a MS fanboy. When it comes to web surfing I use IE & Opera in tandem. When IE7 came out I was trying to spread the message, whether you use IE or not you should still upgrade PCs to IE7 even if you install an alternate browser. The moment I mentioned IE I would immediately be cut off with some phrase involving the word Fuck. This was always Directly followed by the proclamation “I use Firefox” like it’s a badge of honor.