Non-Microsoft browsers are most secure choice

The security issues in Internet Explorer have highlighted the need for companies to think about supporting other web browsers on...

The security issues in Internet Explorer have highlighted the need for companies to think about supporting other web browsers on their customer-facing websites to control the security threat.

A number of security bodies and industry experts, including the US government-backed CERT, and non-profit Sans Institute, have urged companies to consider Microsoft alternatives. These include Netscape, Opera, Mozilla and Apple's Safari.

Richard Brain, technical director at security consultant ProCheckup, said: "It is a good idea to use other, safer browsers like Firefox by default, and the more complex, buggy Internet Explorer to access those sites which will only work with IE.

"IE is an overly complex bit of software that should really get back to its simpler roots as a web browser, so that Microsoft developers can simplify it and remove its security holes," he said.

"Online businesses that follow this advice may have to re-engineer their websites to make them fully accessible to non-Microsoft browsers."

Phil Cracknell, security consultant at NetSecurity, advises his clients to use non-Microsoft web servers, based on Unix, Linux, and Netscape, together with Microsoft IIS, to confound the hackers.

"More obscure operating systems will get hacked less," Cracknell said.

He added that Microsoft should not be vilified, because it has provided what users demanded.

"We wanted interactive stuff and to plug things into the browser; and there's a cost to that: there will be ports open.

"The Windows environment, while it is slated for OS vulnerabilities, has had to go through a hardening process, and I think Microsoft has stepped up to the mark," Cracknell said.

Analysts said it will be possible, although not effortless, to develop interactive, animated e-commerce sites that can be viewed on other browser platforms.

Bola Rotiba, senior analyst for software development strategy at Ovum, said it is a myth that websites will not work well in non-Microsoft browsers.

"Why should companies lose any functionality? There is nothing to say the animations shouldn't exist [in alternative browsers]," Rotiba said.

Rotiba added that translating the site for different browsers can be straightforward. "It depends on how much abstraction has been done to build the site. HTML is not an issue; bog-standard HTML can be optimised easily.

"The questions to ask are what is the site doing: is it dynamic or static? If it uses dynamic HTML and cascading style sheets, it will take more work," Rotiba said.

If the site uses a high degree of scripting languages like PHP and CFML (ColdFusion Markup Language), developers will also have their hands full, she said.

"Tools like Macromedia MX, and Dreamweaver MX allow you to produce a site for every platform available. But if you've written the scripts in something like CFML, there are not many tools available to translate the interactive, dynamic part," Rotiba said.

Read more on Operating systems software