Why Internet Explorer 6 Refuses to Die

Internet Explorer 6 was one of the ways that Google and many other companies were attacked recently. Web developers have hated it for a long time because of its lack of stability and lack of standards support.

IE 6 is the default browser shipped with Windows XP, and routinely is placed into lists of one of the worst technical products ever. Google announced in January that they would stop supporting IE 6 (which means YouTube will no longer work in IE 6). The French and German governments strongly advised (link in French) against using Internet Explorer in January 2010, in part because of security risks in IE 6. There are campaigns everywhere advocating against the use of IE 6.

So why is it still alive and supported by Microsoft? Over at the IT Expert Voice, one writer was determined to find out. The article is very interesting, and listed a number of reasons that IE 6 is still being used in spite of it all:

  • Upgrades comes slowly. If you upgrade your systems on a three to five year cycle, then IE 6 is very likely still present on the network.
  • A critical application requires IE 6. This is quite unfortunate, but happens often enough. If the vendor hasn’t converted to a more standards-compliant environment, the users can’t either.
  • “If it isn’t broke, don’t fix it.” This is almost a “head-in-the-sand” approach – or an extreme reluctance to upgrade at all. Hopefully, this is not common.
  • Using IE 6 can limit users to more appropriate sites. This reason is also incomprehensible: certainly the more popular sites will fail to work in the future with IE 6 – but IE 6 is also a security risk and more and more work-related sites will stop using IE 6 as well. I can’t imagine anyone would seriously use this as a reason to keep IE 6 – but apparently some have.

CNet also had an interesting article about why Intel continues to use IE 6; it is an excellent read.

Google Hacked by Chinese Government

This news has been developing all week, with extensive coverage: the technology media picked it up first, but so did the law media and the mainstream media.

Google announced that it (and an estimated 33 other companies) had been attacked by sources in the Chinese government and that GMail accounts of Chinese dissidents had been targeted. Many companies refuse to specify whether they were, in fact, attacked by China (including Yahoo and Symantec). Also attacked were Dow Chemical, Northrup Grumman, and Juniper Networks, as well as an attack against Gibson Hoffman & Pancione, the law firm prosecuting a lawsuit against China for code theft involving an Internet filter.

In response to the attack, Google said that it would seek to provide uncensored results on google.cn (Google’s Chinese search engine) and that it would pull out of China if it could not – shutting down their Chinese offices entirely.

The US Secretary of State, Hilary Clinton, stated that she would be lodging a formal complaint this week.

The attack against Google has been picked apart; a zero-day exploit in Internet Explorer was the method. The method was covered at CNET and is described in detail by McAfee’s CTO, George Kurtz, in a blog post. The blog Praetorian Prefect has a description and video of the attack in action.

Another aspect of the attack is that the surveillance tools were in fact, compromised, providing easy access to a lot of data. This was covered by Timothy Lee over at the Freedom to Tinker blog.

Not all accept the fact that Google would pull out of China because of human rights issues; at the French blog Transnets by Francis Pisani at Le Monde, there is a two-part article (Google Power/1 and Google Power/2, in French) about the unanswered questions behind Google’s possible removal from China.

The Electronic Frontier Foundation (EFF) took note; there is an article about the unanswered questions related to the events, including commentary and links.

Several countries have been recommending that their citizens not use Internet Explorer; specifically, Le Monde has an article (in French) that the countries of Germany and France are suggesting that their citizens use other browsers.

Media coverage has been extensive. Elinor Mills over at CNET has a complete FAQ, as well as a video description of what happened. The New York Times is also covering the story.