Sectors - Will someone please put IE6 out of its misery?

Our weekly trawl of the security blogosphere finds more flaws than you can poke a mouse at. But we have the answer: prehistoric browsers.

When Web developers sit down to code a site, we gather an important step in their working process is to sigh a heavy sigh at the prospect of anyone accessing their creation using Internet Explorer 6.

IE6 is still the planet’s most popular browser. But it is a security dud. Hence this campaign from some Norwegian web publishers who are asking their users to surf their sites using just about any other browser.

Qualys explains why this is a good idea, in this post.

If you want to heed the call, why not go retro with your browser? Lynx, a text-based browser from the days before the Web got all graphical (and the Web competed with WAIS and Gopher as ways to access information) can now be had for Windows. While we are going all retro, why not check out this Gopher server, to experience the Net in less-than-glorious early 90s style!

Less glorious, meanwhile, are the folks who steal credit card numbers and sell them online, as detailed in this F-Secure post containing videos purportedly created by number skimmers/vendors. Want more bad news? Captchas are borked, according to Websense. Securiteam says DJBDNS has been broken. And Didier Stevens says the recent PDF flaw can get to work even without Acrobat Reader executing.

It’s not all bad out there, though. Arbor says Conficker’s growth has slowed. And RSA reckons the PCI DSS Council’s new step-by-step implementation approach is not a dud.

We also like reading the VRT blog, because they seem jolly competent, as epitomised by this post explaining how ClamWin gets new virus signatures to play with.

Another post worth a scan is Forrester’s preview of its Database and Server Security research, which suggests these two items are under-reported in the security stakes. Laptops left in cabs hog the headlines, leaving these more serious breaches under-appreciated.

Okay … that’s all been pretty heavy. So let’s wrap with a different take on security, namely this Bruce Schneier post entitled “Three Security Anecdotes from the Insect World”.

Read more on Web application security