Internet Explorer 8’s security

Internet Explorer 8 is now available for download and the first reviews look good. Here’s one:

…both speed and security are seriously better in IE8…The most significant effort involves expanding IE’s detection efforts past its current ability to identify phishing sites. The browser can now also flag suspected or known malware sites, or sites attempting to infect visitors with malware. The need for SmartScreen is great; during development, Barzdukas says, Microsoft found that infectious sites outnumbered phishing sites by a charming 10:1.

And, for this reviewer at least, IE8 passes the very important mom test:

In our tests, the detection was effective, correctly jumping on sites we knew to be infected with various bits of feral code. The warning we received, designed to support that second goal of protecting users from themselves, was perhaps even more effective than a harried tester would have liked — if the browser sees that you’re headed for a site already known to be problematic, it throws up a bright-red page warning you to turn back to your home page or inviting you to get more information. What you can’t do is easily go anywhere else; there’s no “OK” button to click. That design choice may have been a bit unnerving for a reviewer, but I’m personally planning to install the browser on my mother’s machine for that feature alone.

Read more about browsers

Cloud computing and security

I expect a lot more of this sort of thing in the next couple of years. But that doesn’t mean you should completely shun cloud computing.

Security is not a switch

As always, the decision to use Google Docs or any other cloud service is not made by asking, “Do security dangers exist?” Rather, you should ask, “Is the mix of benefits and security risks for cloud computing more or less attractive than the mix of risks and benefits involved in keeping all of my files on my laptop?”

Keeping all of your files on your own storage media is attractive in several ways. You have complete control over your files, and you can’t lose them or lose control over access rights unless you make a mistake (fail to back-up your files, fail to encrypt your files, fail to prevent someone from stealing your hard disk, etc.).

But some mistakes are pretty tough to prevent. Consider the situation where you are typing on your laptop in a cafe, and someone grabs and dashes with your laptop. Suddenly, you’ve lost all the files you haven’t backed up, and you’ve lost control over everything you haven’t encrypted.

Floating on a cloud

If you had been working on one document among many that is hosted in a cloud, the dasher would probably just get access to whatever he could click on in the time it would take you to change the password to your account. (That seems true as long as the website in question requires the old password to by typed in before a new password can be created.) Not a great position to be in, but cloud computing comes off looking okay, especially if you aren’t the type who encrypts every file stored on his hard drive (and who is?).

The tradeoff is that you have to trust that the cloud computing company is better at backing up your files and preventing unwanted access than you would be. But what happens when their servers get hacked, a disgruntled employee sabotages data, the company gets acquired, or the company goes out of business? Your data in each of those situations is in danger.

It will be interesting to see how cloud computing develops and how popular it becomes. So far, it seems that most people prefer to keep important files on their own computers, but that may change.

Read more about Uncategorized