While you can't uninstall IE, you can reduce its exposure to the web. A friend of mine developed a lockdown approach that included installing Mozilla, removing all visible signs of IE, pointing IE at a proxy server, and creating a login script that continually repoints IE at said proxy server. This proxy server allows through a couple of things that really need it (eg Microsoft Update), and otherwise displays a static page telling you to use a better browser. The proxy server is a necessary step because you can't actually remove IE.
Last I heard the lab that he runs (which is used by a bunch of teenagers) had avoided getting any significant virus infections in over a year. He is proud of that fact, but complains that achieving that goal takes a *lot* more work than it should. Cheers, Ben On Tue, 22 Mar 2005 00:20:03 -0500, Anthony R. J. Ball <[EMAIL PROTECTED]> wrote: > > Windows cannot really live without IE, too many things embed it. I have > just been playing with Macromedia Breeze and it obviously uses embedded IE > to talk to the Macromedia site in its powerpoint plugin. > > Like it or not, the only way to unistall IE is to unistall Windows... > > Hrm... doesn't sound like an awful idea ;) > > On Mon, Mar 21, 2005 at 09:14:41PM -0800, Ranga Nathan wrote: > > Accessing inernet when you are logged on as administrator is like inviting > > AIDS (sorry, this sounds drastic but it is :) ). > > At home where I dont have too much security, I always log on as a common > > low-privilege user. while on internet. Using Mozilla is always wise. > > I can not believe that there is still no way to remove IE from Windows!!!! > > The worst nightmare is some casino site that attaches to IE like a leech! > > I even called those folks one day and they refuse to own up to anything! > > __________________________________________ > > Ranga Nathan / CSG > > Systems Programmer - Specialist; Technical Services; > > BAX Global Inc. Irvine-California > > Tel: 714-442-7591 Fax: 714-442-2840 > > > > > > > > > > Bob Rogers <[EMAIL PROTECTED]> > > > > Sent by: [EMAIL PROTECTED] > > 03/21/2005 07:03 PM > > > > To > > Ben Tilly <[EMAIL PROTECTED]> > > cc > > [email protected], Ranga Nathan <[EMAIL PROTECTED]> > > Subject > > Re: [Boston.pm] [getting OT] Controlling Windows with Perl? > > > > > > > > > > > > > > From: Ben Tilly <[EMAIL PROTECTED]> > > Date: Mon, 21 Mar 2005 18:21:38 -0800 > > > > And now that there is serious venture capital behind adware, some > > of the more difficult security exploits are getting hit hard. For > > instance > > I've heard that that internal Windows messages have *no* security > > infrastructure. Any application can send a message to any other > > application and there is no way for the recipient to figure out who the > > message is really from. (To exploit you have to send the right > > message to the right application when it is expecting to see a > > message that can be confused with yours.) > > > > That is correct. It is apparently easy to subvert apps such as > > antivirus that run as Administrator via their GUI, if they are foolish > > enough to present a GUI on a less-privileged desktop. > > > > But if you're using IE as your trojan horse, and you already have > > enough control over it to send messages to other app windows, then you > > have full access to the privs of the IE user, so why bother? Odds are > > it's a home system, and you won't even have to get Administrator privs > > in order to install adware, spyware, etc. > > > > A friend who supports a lot of small businesses is predicting that by > > the end of this year, Windows will essentially be unusable on the > > Internet. This seems extreme to me, but I don't keep track of these > > things, he does, and he has pretty good insight into the industry. > > > > It seems extreme to me, too, even if we were just talking about home > > systems. If I understand correctly, this window message thing is a > > fundamental design flaw in the older Windows APIs, but there is current > > technology that addresses the problem. Unfortunately, it is less > > convenient for users, so the trick will be to get vendors to switch to > > using it. But if it threatens to hit MS in their pocketbook, it will > > happen. > > > > But then, I do my best to ignore Windows, and have been largely > > successful at it, so I'm hardly an expert. > > > > -- Bob Rogers > > http://rgrjr.dyndns.org/ > > > > _______________________________________________ > > Boston-pm mailing list > > [email protected] > > http://mail.pm.org/mailman/listinfo/boston-pm > > > > > > > > _______________________________________________ > > Boston-pm mailing list > > [email protected] > > http://mail.pm.org/mailman/listinfo/boston-pm > > > > -- > www.suave.net - Anthony Ball - [EMAIL PROTECTED] > OSB - http://rivendell.suave.net/Beer > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > "To find fault is easy; to do better may be difficult." - Plutarch > > > _______________________________________________ > Boston-pm mailing list > [email protected] > http://mail.pm.org/mailman/listinfo/boston-pm > _______________________________________________ Boston-pm mailing list [email protected] http://mail.pm.org/mailman/listinfo/boston-pm
