This page shows the source for this entry, with WebCore formatting language tags and attributes highlighted.
Stop Using IE
There are two announcements from the last couple of days that nicely dovetail. The first is form Microsoft: <a href="http://www.microsoft.com/">Microsoft</a> has <a href="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-055.asp">admitted</a> (though not very publicly) that IE has another easily-exploitable hole in its cookie security that allows: <span class="quote"><q>A malicious web site with a malformed URL could read the contents of a userís cookie which might contain personal information. In addition, it is possible to alter the contents of the cookie. This URL could be hosted on a web page or contained in an HTML email. ... Customers should consider disabling active scripting in the Internet Zone and the Intranet Zone. Customers using Outlook Express who have not set OE to use the "Restricted Sites" Zone should do so as a best practice.</q></span> There is no patch yet and the risk to client systems is rated as 'High', so you've been warned. It basically means that any web page can be programmed to retrieve all cookies stored with your browser. All you have to do is browse to it. The second is from <a href="http://www.opera.com">Opera</a>, which has a <a href="http://www.opera.com/pressreleases/20011113.html">new beta web browser</a> out for Windows (and looks very nice). The 5.12 version is very stable and functions extremely well. It's also <i>much</i> faster than Internet Explorer. If you are using any MacOS flavor, I strongly encourage you to try it out, as it's superior speed is even more noticeable on that platform. Another good replacement is <a href="http://www.mozilla.org">Mozilla</a>, which has the exact same browser on most popular platforms (all flavors of Windows, MacOS, and Linux). It's a bit slower than Opera, but has better support for dynamic HTML.