is my system safe ?

Come on man, you're drawing a fine line here, as most people will call Netscape, IE and other such solutions *browsers*.

What has this have to do with anything? It does what it supposed to do and that is receive client side scripting and HTML to render a page at the client's machine through a browser and post the page back to the Web Server so server side scripting and HTML controls can be executed on the server side.

And your point is what here?

Show it to me and then and only then will I believe it.

Do you not understand that as long as a Human Being is involved in it no matter what kind of involvement it may be, it's fallible, because Human Being are fallible, as we are not infallible and nothing we do is infallible?

Do you want to explain this, because again, you're making no sense?

I don't consider that data, they are code and HTML controls. Now, data may be encapsulated in a HTML Control when the page is sent or posted back to the Web server, enterable data and/or selectable data on the page, hidden or not hidden.

What has this have to do with anything?

What has this have to do with anything?

Duane :)

In my experience that's usually the fault of the people making those pages, not firefox. "that environment" is specifically designed for IE, often with added proprietary code that firefox doesn't want or need to render.

IE is not a browser. It's a frontend for MS applications, which also happens to render HTML (poorly).

That's been my point all along is that IE has more features in it to produce a via business solution whether that be Intranet or Internet. And for that reason, solutions such as FF, Netscape and others will never be able to match the power of a Web based business solution using IE, particularly so in the corporate environment and Intranet solutions.

You can call it what you want. As long as it's rendering HTML pages at the client's machine or posting it back to the WEB server, IE is doing its job and I really don't care how it's doing it as long as it does what I ask it to do, when developing WEB based business solutions.

For the most part, my serious WEB development experience has been with .NET. IE has done everything I have asked/programmed it to do. The only thing that counts here in all of this is that I can produce viable and powerful Web solutions Internet/Intranet facing WEB solutions with relative ease when using IE coupled to .NET solutions.

If I had my way, I wouldn't even bother using a browser to develop WEB based solutions and leave any browser to a limited role in developing WEB based solutions. I would much rather drive the WEB solution with a Windows desktop application with the WEB server as an application portal, which any browser based solution can never match that power.

But with that type of solution, business are not ready to go there. But they will eventually and leave the browser behind to be used in a limited capacity.

Duane :)

That's just it, those features are proprietary features exclusively made for and used by IE. But when you're developing a web based application you have to realise that not everyone is using the same browser. The web does not belong to MS, no matter how much marketing they throw at it. A web application that requires IE is not a web application by definition, plain and simple.

Only if the tools used to build that solution are MS products that _require_ the use of IE. There are other equally powerful solutions, like Perl or PHP or what have you. They don't require a particular browser, the only thing that comes close is that one uses a fairly recent browser which supports the standards. My point being; as long as the tools produce valid code, it shouldn't matter which browser is used at the user end.

But by doing so, you're shutting out a lot of users that don't run IE. It's no coincidence that most webmail-, forum- and CMS solutions don't require IE. Everyone should be able to access them. And yes, I see those services as web applications.

Fair enough, but that wouldn't be very portable. Which is one of the main advantages of using the Internet, that you can run an app anywhere you want. But you're moving the restriction from the browser to the OS. This way it's not IE but Windows itself that has become a requirement. Now, if that desktop application could be easily ported to other OS's that would be workable.

That's Web based solutions that are only doing simple stuff, where you can use multiple browsers. But things are NOT about the everyday home user that's using a browser. There are also many clients that deal with Internet and Intranet portal solutions external and internal. Granted, those are MS solutions for front-end and back-end processing where my only concern is that the solution work externally and internally. And you can talk about what's a WEB solution and is what is not a WEB solution. As as long as the solution is using a Web Server whether that be a browser based or desktop based internally or externally solution, the fact remains that it's a WEB solution, because it using a WEB server. It's plain and simple.

It does make a difference based on the needs of the solution. One shoe does not fit all solutions.

Then they don't do business with the site. It's plain and simple.

The Web is not all about the solutions you talk about. Those are only part of the total picture. There are also enterprise WEB solutions that are sitting out there on the Internet as well.

It's going that way and eventually it won't make a difference as companies start using more and more Web services based solutions via the desktop. Technology doesn't stand sill and adhere to the status quo.

Browser based solutions will be used in a limited role in the future. The writing is on the wall whether that be MS, Apple, Linux or whatever. It's going to shift to desktop Web solutions. It's the sign of the times.

Duane :)

No, it is not plain and simple like that What you are talking about is MS solutions, not WEB solutions. Just because MS calls it a web browser or web server does not make it so, them same way that calling windows an operating system, does not make it one.

Remember that MS's marketing stragegy is to rename things and to subvert all standards so that people will (be forced to) embrace MS only solutions to their information needs.

Right The MS shoe fits MS situations, real web servers/browsers fit the real world.

Right, But technology follows standards, and MS does not follow standards - not even their own. We must remember that the MS way of a few years ago does not work today - nice way to force all the corporate customes to upgrade to each new product that MS produces. If you believe that most companies will adopt MS only solutions, then buy shares in MS and in every 'add on' security software and hardware supplier.

In the 60's some people said - 'the writing is on the wall - within a decade we will have a cashless society'

Please note that you are using 'web solutions' to mean two very different things. There may be a shift to real web solutions, but you have been using this term to mean 'non web standard MS only' solutions.

The sheep will always follow the MS method, the rest of the world will establish and follow a realistic standard.

Think for a moment what would have happened to the cell phone industry if we had MS involved in handset and protocol design and supply. No, don't. It's just boggles the mind.

Thanks, but I will continue to use a real web browser.

Stuart

I'll repeat it to you again. As long is there is a WEB server sitting there as an implicit application server or as a portal to a an application server, I don't care if it's IIS, Apache, or whatever, it's a WEB server solution.

So what you're telling me here is that MS solutions, using .NET, IE and an IIS Web server are not Web solutions. That's too ridiculous and ludicrous. In addition to that, that MS is not running these solutions on its on O/S platform -- it's not an O/S.

I guess it's not so plain and simple after all.

I got a funny felling here I am bout to have Linux thrown in my face. Please do keep it to yourself.

It seems to be working.

It sounds here like a personal problem to me.

Is that right?

MS, Intel, HP, Sun Micro Systems, IBM, Novell and a few other top dogs sit on the committee and control the .NET Standards, since MS doesn't own .NET. That's right, MS gave it all away.

I don't care about what happened in the past. I live and work in today's environment. However, if one wants to use MS products that control a vast majority of the corporate/business world, one is going to dance to the MS tune.

What are you talking about? My only concern is producing viable business solutions in the corporate world and putting $$$$ in my pockets. And that's with MS solutions at this time, just like it was IBM solutions for me back in the 1970's and 80's.

I don't get hung up on the non-sense. If you want to hang up on the non-sense, then do so and not put it in my face as I am not buying the spill.

What other concerns you got about this are your problems and not mine, as I have heard the song and dance too many times and nothing has really changed.

Yeah, yeah - you're reaching here. And I can't help if you can't see that the trend is going to shift away from browser based Web solutions.

You want to explain what a *real* Web solution is about?

Since .NET is a standard that can run across platforms and is standard approved by the ISO and ECMA to be a standard, then I would like to know what you're talking?

Is that right? I don't think they agree with you.

This is what it means to be a *standard*.

They are already doing it. And it's because .NET is a standard that runs across platforms. And you're not going to be able to stop it. So why worry about it?

Yeah, a real world browser. You sound to me like a Home User here.

In the meantime, C++ is next in the Standardization process, I am going to continue to put $$$$$ in my pockets using the .NET technology, I may even get a chance to do it on Linux before my career ends that started back in 1971, MS is the TOP DOG and the world dances to its tune right now.

And I don't see that changing in your lifetime, because the technology would have to change drastically with a new player emerging to knock MS out of the box.

MS is going to dominate for a long time to come. All one has to do here in the US to see the trend and use any job search engine and enter in .NET. ;-)

It's a MS world and I know where the butter is at on the toast.

Duane :)

What part of "by the way" didn't you understand?

And it does have some meaning: Why should someone take anything on an opinion posted by someone who intentionally violates both technical and social rules for absolutely no good reason?

At least it's not a RFC violation. :-)

Most people would call "Telnet" a webbrowser if you showed them how to manually craft HTTP GET requests. :-)

s/server/trustworthy server/

Just visit one potentially untrusted website with IE and you should reasonably assume your system to be compromised.

F.e. the non-working cross-domain security. First documented by Lie Di Yu in 2004

it's no turned into an object blacklist policy for IEAK and as GPO on WinSrv03. It's also somewhere to find on MSDN, someone recently pointed me on that.

But I though that you'd understand the difference between systematic and random errors? If the Windows Update website was hacked and millions of computers infected, it'd be a random error - but if Microsoft intentionally decided to include potential untrusted content from MSN Ads that could easily abuse the predefined trust relationship with WU, this would be a systematic problem.

The problem is that the security mechanisms of MSIE are required to work together with a trusted server to protect from random errors exploited by untrusted servers - however, it's not secure when initially talking to an untrusted server. I conclude the latter being the common case on the intarweb.

You're complaining about random errors, which you cannot ever be secure again because they're introduced by humans making mistakes.

However, you can easily defend against systematic errors by correctly designing the system. And, in conclusion, such design errors also cannot be easily fixed.

Internet-safety means that there's no systematic errors that would make the system inherently insecure.

Again: MSIE was never intended/designed to be working on any untrusted network like the internet.

That's why not even the most secure configuration and the long-awated-never-coming patches for all vulnerabilities based on random errors will ever make IE safe for the web.

If it would do just that and only that, I'd be happy. However, it allows to run any arbitrary code of choice of the website's owner. It's solely his choice if he does what you wanted, nothing at all, or if he simply deletes your $HOME. Same as granting a remote shell.

Hello? .NET is like Java without a working sandbox. Again, it's not whether the website's owner actually can do something malicious but rather just if he wants to.

Blah blah... the web is for hosting websites, including potentially untrusted ones. That's why MSIE fails so blatantly.

"Duane Arnold" > I guess it's not so plain and simple after all.

-------------------------------------

Who said anything about linux? Oh, you did. That would be off topic here so I will not respond to the bait.

Does that make it good, honest, ethical or acceptable?

-------------------------------.

????

"Those who don't learn from the past are destined to repeat it" "The best predictor of future behavior is past behavior" In other words - if you crawl into bed with MS you will get screwed.

----------------------.

You have contradcted yourself on this one

---------------------------------

I get the feeling this is intended to be some kind of put down or insult. Good thing I am not sensetive about such things.

For the record, I am, in addition to being a "Home User", a programmer, web server admin, and a web site developer and mantainer. I started programming in 1966 on an IBM 7044.

------------------------

Perhaps, but the US is not the world.

I respect your opinion on that, but I disagree.

I would say that the discussion is 'unresolved' - we agree that IE is not a true web browser, but a proprietary solution, and that is the main point. That solution may work for some people. Sometimes it looks like a solution in search of a problem, though.

For a long time the rule was - nobody every got fired for choosing IBM - even when it resulted in a vastly inferior system. The same goes for choosing MS.

There really is no more to say here - you have not really refuted any of my points, and I respect your opinions.

Stuart

I never said it was. However, I did say that MS has a vast majority of the world. You can hold on to your grass root movement about MS and MS that. I really don't care as it's not putting one dime in pockets.

And I agree to disagree. As long as it's rending script and HTML controls at the client's machine and having HTML controls and script posted back to the WEB server, it's WEB browser in a WEB solution. I don't care if it's proprietary or not, as it's doing what I as it to do, and again that's all that counts and nothing else. It's doing what it is supposed to do and that's to allow HTTP communications with a client machine and a WEB server.

That's it that's the bottom line.

Who cares about that? My only concern is about $$$$$ in my pockets based on the expertise that have with the technology -- and anything else here in this whole conversation means absolutely nothing.

Yeah, you're right and I feel the same and we'll leave it at that.

However, I'll throw this out in closing. The MS Win 2k3 server and IIS are just as secure as Linux and Apache. And as long as IIS is involved, and .NET, IE is going to be involved and again there is nothing absolutely nothing you can do about it -- nothing. ;-)

Duane :)

Look, you got your opinion and I have mine as to what is a WEB solution and the tools to do it.

Whatever you're talking about, I'll agree to disagree and leave it at that.

Duane :)

I know of two LARGE state organizations and 1 federal and several fortune 500 companies, and even two large insurance companies that use ASP still and have just started migrating to .Net.

I would never use XP or 2000 Prof for a web server, but the Windows 2003 Server works as a very nice web server platform. I have several of them in our office that run .Net (ASP.Net) and also PHP on the same server (Dual Xeon) with more than 40 root sites running on that single server and it's never overloaded.

IIS is a very good web server foundation, as is other platforms.

It's never happened to me and there you go. You make much to do about nothing.

And your point here is what?

Blah blah ... and none of this is holding any water with me either.

The conversation is over and you should drop it now.

Duane :)

Leythos, I know and the people making these posts are not on the front line or down in the trenches dealing with any of this technology.

So how can they possibly know but to make uneducated assumptions as to what is happening out here in Information Technology, which is based on what they have heard and have never done and I'll guarantee that. MS Win

2k3 server and IIS are just as secure as any other WEB solution platform.

This is the 3rd .NET environment I have been in the last year. Two projects working with ASP.Net, one with Windows Desktop with .Net Remoting Binary over HTTP with an IIS WEB server and one NT .NET service application using SOAP connecting to .NET IIS Web Server over the Internet. I have been using VB and C# .NET to develop the applications.

Now, I am learning about .NET Web services and how to securely use the Web Services in an Internet/Intranet portal environment going across n-tier boundaries with the application server setting on its own tier with the business objects.

This old dog is having lots of fun and getting paid to do it.

Duane :)

One day I will definitely get one cent for every time...

Yeah, you dream on and you keep dreaming if you think you have the pulse of what I am doing.

You're damn near a troll man and you post way too much about nothing.

Duane :(

You don't seem to have a very good understanding of logic, or English, or both. Just because you wrote BTW, it does not explain anything.

BTW:

Results 1 - 10 of 180,000 for harvesting + email + usenet (0.24 seconds)

BTW: Social rules? I think that your are out to lunch.

BTW: 'Why should someone take anything on an opinion posted by someone who' ...violates grammatical rules?

Geo