Page 1 of 2 12 LastLast
Results 1 to 15 of 18

Thread: Is IE safe?

  1. #1
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,436
    Thanks
    372
    Thanked 1,457 Times in 1,326 Posts

    Is IE safe?

    Hey Y'all,

    Here's an interesting experience I had today.

    I was trying to download the NirSoft Utilities (which often throw flags for viruses) using FireFox.
    First try - no go warned of potential virus.
    Second try - turned off Malwarebytes Active Scanning - no go again.
    Third try - turned off Windows Defender Active Scanning - no go again.

    Restored all AV products to full settings.
    Fourth try - I used IE 11 - Success not a burp!

    Of course when I went to Extract the files to my USB key Windows Defender complained to high heaven.

    FWIW HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,202
    Thanks
    49
    Thanked 987 Times in 917 Posts
    What produced the warning, Firefox?

    cheers, Paul

  3. #3
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,436
    Thanks
    372
    Thanked 1,457 Times in 1,326 Posts
    Paul,

    I would assume so.
    ffdownload.JPG
    HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  4. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,202
    Thanks
    49
    Thanked 987 Times in 917 Posts
    Yep, that's a Firefox warning.

    cheers, Paul

  5. #5
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,755
    Thanks
    171
    Thanked 652 Times in 575 Posts
    As the safest browser *, IE knows best:

    • SmartScreen checks files that you download from the web against a list of reported malicious software sites and programs known to be unsafe. If it finds a match, SmartScreen will warn you that the download has been blocked for your safety.

    SmartScreen also checks the files that you download against a list of files that are well known and downloaded by many people who use Internet Explorer.


    SmartScreen Filter: FAQ

    Bruce

    * Internet Explorer (11) continues to outperform other browsers: With an average block rate of 99.9%, the highest zero-hour block rate, fastest average time to block, and highest consistency of protection over time percentages, Internet Explorer leads in all key test areas (April 2014)
    Last edited by BruceR; 2014-09-17 at 21:33. Reason: added link to more recent IE11 test results

  6. The Following User Says Thank You to BruceR For This Useful Post:

    RetiredGeek (2014-09-14)

  7. #6
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,643
    Thanks
    147
    Thanked 884 Times in 845 Posts
    SmartScreen can be nuisance at times when you know a site is safe, but I'd sooner have it than not as an additional level of security.

  8. #7
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    As Bruce stated, IE seems to rely on reputation (said to be effective) of the downloaded file to avoid issues, while the others seem to rely on whatever installed antimalware programs you have. IE does seem to be smarter and you can always rely on the installed security software to handle any issues after the download is concluded.
    Rui
    -------
    R4

  9. #8
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,202
    Thanks
    49
    Thanked 987 Times in 917 Posts
    I use WOT in Firefox to verify a site's reputation, but it doesn't do downloaded files.

    cheers, Paul

  10. #9
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    This seems to be a disturbing trend, at least to me it is, of browsers taking more secrurity control
    over downloads. And I don't like it one little bit.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  11. #10
    New Lounger
    Join Date
    May 2010
    Location
    Tucson, Arizona, USA
    Posts
    9
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by Paul T View Post
    I use WOT in Firefox to verify a site's reputation, but it doesn't do downloaded files.

    cheers, Paul
    I also use WoT, but with a large grain of salt. WoT members have listed as malicious or untrustworthy just about every climate-sceptic and pro-2nd-amendment site. It seems the WoT community doesn't just "vote" on true malware but on opinions it doesn't like.

    I use WGET to download Nirsoft Launcher files because Firefox won't let me. You can turn this blocking feature off in about:config by toggling "browser.safebrowsing.enabled" to "false". There is an about:config" setting called "browser.safebrowsing.reportMalwareErrorURL" but I can't find out how to use it to report Nirsoft files as safe. And since Nirsoft files *_ARE_* used by bad guys, I doubt if we'll be able to override this.

  12. #11
    New Lounger
    Join Date
    May 2010
    Location
    Tucson, Arizona, USA
    Posts
    9
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by CLiNT View Post
    This seems to be a disturbing trend, at least to me it is, of browsers taking more secrurity control
    over downloads. And I don't like it one little bit.
    Advanced users can disable this. Google *"browser.safebrowsing site:kb.mozilla.org" to learn about "safebrowsing", or toggle it off completely in your Preferences on the Security tab (disable "block reported attack sites").

    * I prefer StartPage but YMMV: https://startpage.com/do/search?q=br...ozillazine.org
    Last edited by AngusSF; 2014-09-22 at 21:53. Reason: Fix URL

  13. #12
    New Lounger
    Join Date
    May 2010
    Location
    Tucson, Arizona, USA
    Posts
    9
    Thanks
    0
    Thanked 1 Time in 1 Post
    Nir Sofer's response to this TODAY:
    Command-line options removed from the official release of my password-recovery tools
    http://blog.nirsoft.net/2014/09/22/c...ecovery-tools/

  14. #13
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,483
    Thanks
    176
    Thanked 152 Times in 129 Posts
    First, about Microsoft's way of preventing installation and use of NirSofer utilities:

    While IE may not block the download, upon the next MSE or Windows Defender scan, many NirSofer utilities and possibly NirLauncher itself, will be flagged as malware and removed by default. So, what IE giveth, Windows Defender may taketh away,.

    There has been speculation over the years in Comments Threads that Microsoft may be removing NirSoft utilities in part because they compete with the Sysinternals suite of utilities. I cannot confirm this speculation.

    As for Firefox, the problem is "Safe Browsing" file blocking, and it is turned on by default. Go to Edit>>Preferences>> Security (Tab) .
    Look at the highlighted item in my Image here: (Open in New Tab for enlargement.)
    Firefox Security.png
    Uncheck the highlighted item. When finished downloading, you may wish to restore the option for safety when browsing other sites.
    I performed my test under Linux to eliminate the Firewall and Antivirus issues. Maybe someone can post back if this does or does not work with Firefox 32 under Windows. I am aware that some AV products place their own Plugins into browsers in Windows, making these plugins an additional hurdle which must be temporarily disabled to allow downloads which are being blocked.
    I got this idea from reading THIS THREAD . Then I looked up Firefox Safe Browsing at the Mozilla Firefox site.

    Safe Browsing is doing much the same thing as Windows 8 and IE 11 with their safe browsing and Smart Screen protections. There are entire sites blocked due to reputation issues. This makes the OS or the browser act as an additional line of defense against unsafe downloads. Normally, these are good safeguards. But occasionally the site is not the problem, and good sites can thus get a bad reputation for hosting "bad" downloads.

    As for antivirus false-positives, all products I have seen allow users to create an Exceptions List or some such option. I used to do this with Malwarebytes, but the false-positives showed up with every new update to any of the NirSoft Utilities. This makes keeping up with over-aggressive or non-discrete AV Rules a real problem for those who want powerful system maintenance and repair tools at hand.

    One other possible solution is to install NirLauncher onto a USB Stick, and answer any popup warnings with Allow. This Page tells us this way of using NirLauncher is perfectly acceptable. Since NirLauncher is not an installed Windows Program, the Launcher should work just fine when launched from a USB stick. And with some of the Utilities, there may be an advantage to running from an outside the OS location. Ironically enough, Sysinternals Suite can be installed into NirLauncher on a USB Stick as a new Folder, with a new Path Code inserted as directed at the NirLauncher installation How-To page.

    In any event, if the USB stick containing the Utilities is not present during AV scanning, no Exceptions are needed, and nothing from the Utilities will be quarantined, sandboxed or removed. However, when using the Utilities, some AV shields or protections may have to be muted temporarily. I can do this with Avast from the Notification Tray Icon; other products will need other measures.

    All that I need to do to make NirLauncher and its Packages useable on USB is to un-ZIP the archive to the correct location. The Path to the Package (or any other Packages and additional Utilities which work within the Launcher environment) should be set to the local Directory within the USB Stick (which is the default with NirLauncher and its Packages).

    Updates to anything in the NirSoft Packages (or Sysinternals for that matter) can be done by deleting the old versions and un-ZIPping and pasting in the new versions. Works for the Launcher itself too.

    The code provided by NirSoft for adding additonal Packages is posted on their site. Adding additional Utilities to the Package is as simple as un-ZIPping the utility downloads, then placing the uncompressed stand-alones into the NirLauncher Package. Almost invariably, the added Utilities show up in the NirLauncher lists and function perfectly well.

    The trick is to get all these downloads off the Firefox Blacklist in the first place. Simply temporarily unchecking the Safe Browsing security option seems to work perfectly well for this purpose. Just make SURE you are downloading something reputable from a reputable site, and that the site is not showing signs of being hijacked or infected. I would rather forego a valuable system tool than download a virus by mistake.

    Too bad about losing the Command-Line option for one of NirSoft's more useful tools. But it is sadly true that Trojan Horses can take control of this feature. Such is the world in which we live. Here's hoping Nir Sofer figures out some way to provide this tool to those who really need it, without getting balcklisted by Google.
    Last edited by bobprimak; 2014-09-24 at 14:38.
    -- Bob Primak --

  15. #14
    5 Star Lounger
    Join Date
    Mar 2010
    Location
    east coast
    Posts
    701
    Thanks
    89
    Thanked 8 Times in 8 Posts
    interesting

    i am skeptical

    my experience is that IE is the worst browser to use no matter how you measure it
    so i wonder who came up with that glowing review and did they include the things that i would think are important in rating a browser

    IE has been hacked way too many times for me to blindly accept such a rating
    now maybe it has been improved
    but i moved to firefox et al years ago and never looked back

    is IE still slower than molasses and annoying to use
    as well as being easily targeted by scumware hackers ?

    have they really fixed it so it is worth considering ??

    i would like to know who did that report claiming it is so red hot
    and if they used the criteria that i care about to rate it



    Quote Originally Posted by BruceR View Post
    As the safest browser *, IE knows best:

    • SmartScreen checks files that you download from the web against a list of reported malicious software sites and programs known to be unsafe. If it finds a match, SmartScreen will warn you that the download has been blocked for your safety.

    SmartScreen also checks the files that you download against a list of files that are well known and downloaded by many people who use Internet Explorer.


    SmartScreen Filter: FAQ

    Bruce

    * Internet Explorer (11) continues to outperform other browsers: With an average block rate of 99.9%, the highest zero-hour block rate, fastest average time to block, and highest consistency of protection over time percentages, Internet Explorer leads in all key test areas (April 2014)

  16. #15
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,593
    Thanks
    5
    Thanked 1,059 Times in 928 Posts
    @speedball,

    If your experience is several years old then yes IE has changed a great deal. From what I can tell, IE is no different from any other browser as far as security issues go these days. The biggest problems I run into in IE are add-ons. Many IE problems disappear when add-ons are disabled. I do not see any speed disadvantage with IE for what I do.

    The last several releases of IE have greatly improved its standards compliance. Microsoft says they are committed to continuing on this path.

    Note: the IE11 quote is actually a link. Follow it for more information.

    Joe

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •