Look, it's very simple.
There are two ways you can design a browser:
- (a) Allow the remote system unfettered access to the local system, so that it can, essentially, do as it likes.
- (b) Deny the remote system access to the local system, so that, essentially, it doesn't matter what the remote system does, it can't do any damage.
There are
only two ways to design a browser. Anything in-between is just a hash-up with the advantages of neither.
Internet Explorer uses system (a). Mozilla uses system (b). So does Opera. So does Firefox. So does every other modern browser.
All real world browsers have errors and exceptions, but on the whole, Mozilla & Firefox & Opera deny any traffic that isn't explicitly permitted, where MSIE allows any traffic that isn't explicitly forbidden. (And, on the "if your mum says no, ask your dad, and if he says no, ask your sister" theory, can usually be relied upon to also allow explicitly forbidden traffic if the traffic is smart enough to ask nicely.
When you go to a random web site, you want a system (b) browser. Anything else is juzt plain stupid risk-taking. You could wind up with
anything on your system.
On the other hand, there are certain web sites (Housecall and Windows Update are the obvious examples) where you actually
want the remote site to go trawling through all your files and alter any that it takes a fancy to. For this task, and
only for this task, you need a system (a) browser.
For Housecall and Windows Update, use IE. Any other browser that
can use Housecall is too insecure to use anywhere else. For all other sites, use a modern, secure browser. Always. Or be prepared for all the hacks and infections and exploits and drama that accompany providing the world with unfettered access to your system.
