Firms urged to look at rivals to 'hackers' target' Internet Explorer

Experts say Microsoft Internet Explorer has too many security issues

Ongoing security issues in Internet Explorer have highlighted the potential value of users supporting other web browsers to mitigate the security risk.

Several security bodies and industry experts, including the US government-backed Cert and the non-profit Sans Institute, have urged companies to consider alternatives including Netscape, Opera, Mozilla and Apple's Safari.

Richard Brain, technical director at security consultancy ProCheckup, said, "It is a good idea to use other, safer browsers such as Firefox by default, and the more complex, buggy Internet Explorer to access those sites which will only work with it. Internet Explorer is overly complex and should get back to its roots as a web browser, so that Microsoft developers can simplify it and remove its security holes."

Online businesses that follow this advice may have to re-engineer their websites to make them accessible to all types of browsers.

Phil Cracknell, security consultant at NetSecurity, said he advises clients to use non-Microsoft web servers based on Unix, Linux and Netscape together with Microsoft Internet Information Server to confound hackers. "More obscure operating systems will get hacked less," he said.

Analysts said it will be possible but not effortless to develop interactive, animated e-commerce sites which can be viewed on other browsers.

Bola Rotiba, senior analyst for software development strategy at Ovum, said it is a myth that websites will not work well in non-Microsoft browsers. "Why should companies lose any functionality? There is nothing to say that animations should not exist [in alternative browsers]," she said.

Rotiba added that translating sites for different browsers can be straightforward. "It depends on how much abstraction has been done. Bog-standard HTML can be optimised easily. The question is whether the site is dynamic or static. If it uses Dynamic HTML and Cascading Style Sheets, it will take more work," she said.

Mike Prettejohn, director of website analyst Netcraft, said, "I would not go to the trouble of optimising or tailoring for a specific browser. When GPRS phone-based internet access becomes cheaper and more pervasive there will be a case for having content suitable for small screens."

Stuart Okin, chief security officer at Microsoft, said, "Essentially all browsers have vulnerabilities." He said that unlike now, web developers did not need to consider security two to three years ago. "There is a balance between the richness of the website and understanding security," he said.

Okin urged users to look at the way their websites have been developed, and avoid using features such as pop-up windows, which will be blocked when Windows XP SP2 is introduced.

Read more on Operating systems software