Ad Block on FireFox: Not On IE

[ColemanSmith]

I have Ad block plus on FF.

Why isn't it running on IE?

[jamieplucinski]

Because Internet Explorer sucks and provides only one thing Firefox doesn't.

Spyware.

Firefox is superior in every single way, wasting time developing something for a browser that nobody in their right mind should be using this day in age would be counter productive. The last thing an internet explorer user should be worrying about is advertisements.

[mrbene]

A little harsh maybe

Adblock Plus is an extension built on the extensible Mozilla base (which is why it works with Seamonkey and a few others). It hooks into the web browser and makes decisions about what will be downloaded and what will be displayed.

Internet Explorer doesn't expose the hooks to what's downloaded and displayed in at all the same way ("at all"). Ad blockers for IE are generally personal proxies - web traffic is funneled through another program that makes decisions on what gets downloaded before making the requests.

Since a personal proxy can affect all traffic from the computer, they can be used to block ads for all web browsers.

A personal proxy is a less elegant solution, since you need another program running, you can't hide DIVs and other elements, and you don't have the same immediate feedback when creating and modifying filters.

[jamieplucinski]

Not *too* harsh , I've been in IT long enough to know the evils of IE first hand... the more people try and make Internet Explorer into something it's not the more dangerous it becomes and vice versa. I felt a cold chill down my spine when I saw someone had released an add-on that allowed Firefox to embed Internet Explorer tabs... kinda defeats the purpose of a secure browser really.

Internet Explorer is safe to use on one thing, sites that you trust, and you need to be very restrictive on what you do and do not trust, many banks require internet explorer, but most now work with all browsers. Windows Update works with Firefox through something that isn't sneaky as hell, windizupdate.com

For every use someone has for internet explorer there is, 99% of the time, a far better way on Firefox, personally I haven't used Internet Explorer in the past 2 years for anything other than downloading Firefox on clean Windows installations and I do *everything* online.

So if you're using Internet Explorer for sites that ask for it sit back and ask yourself if this is Yahoo Launchcast or your bank, if it's not they're probably trying to sucker you into installing spyware. AdBlock Plus on Firefox provides another layer of privacy, increases performance, and depending on the list protects you from spyware and malicious scripts. Adding all of things abp adds to Firefox to Internet Explorer would not make a lick of difference since the browser itself is insecure from the ground up.

I might have sounded harsh, but when it comes to Internet Explorer the sooner people realise how evil the damn thing is, the less spyware we're going to see running rampant across the internet.

[ColemanSmith]

I appreciate the replies that answered the question that I asked.

I have had FF for years and only use IE occasionally and only for trusted sites.

I also have a boat load of security measures including RoboForm etc.

I would point out that I did not ask for opinions about IE7.

I only wanted to know if there was a way to make Adblock work for IE.

[Stupid Head]

I only wanted to know if there was a way to make Adblock work for IE.

Try IE7Pro.

[username]

Because Internet Explorer sucks and provides only one thing Firefox doesn't.

Spyware.

Firefox is superior in every single way, wasting time developing something for a browser that nobody in their right mind should be using this day in age would be counter productive. The last thing an internet explorer user should be worrying about is advertisements.

I just disabled your list in AdBlock as I definitely do not wish to have someone altering my browsing experience who actually states such childish, immature, bashing, unfunded and unprofessional comments.

Get real boy!

[jamieplucinski]

@username: Unfounded? I suggest you seriously take a look at Internet Explorer through something other that Redmond tinted glasses. I speak regularly with Microsoft employees and have done for years, even during the Vista beta they were using Firefox, even after the beta they're using Firefox, why? For exactly the same reasons I stated above.

Internet Explorer is really that bad, unless it's locked down to within an inch of it's life then it's too dangerous to use for 99% of the internet.

The reasons I stated in my second post are reasons why people don't develop for internet explorer, it's hard to do anything on such an insecure code base without having to worry about security.

I've been in the computing field for almost a decade, I know Windows like the back of my hand, I know what is and isn't secure and I know that as an attack vector Internet Explorer is one of the best ones out there. This isn't baseless bashing of Internet Explorer, it's warranted warnings against something insecure. Plus if people are only using IE for their trusted sites, like banks etc, then filtering them would be unnecessary, any bank selling advertisement space next to your account statements is not worth using.

If you really think that Internet Explorer isn't insecure or anything else I've said, look around the web, ask some people who know what they're talking about and you'll soon change your stance.

[username]

IE (especially <7) has had its security issues, many of them also caused by insecure default settings (which were heavily "improved" and tightened with version 7 however). I have never said IE is perfect but neither is Firefox (6 of 14 Secunia advisories are still unpatched - and no, I am not discussing now IE's advisories).

Your arguments

"provides only one thing - Spyware", "Firefox is superior in every single way", "wasting time for a browser that nobody should be using would be counter productive"

were purely polemic and not supported by any actual facts.

I am still wondering what you meant by "the more people try and make Internet Explorer into something it's not the more dangerous it becomes". I take it that you actually complain about people writing Add-Ons for IE. Sorry, but such a kind of "critic" cant be taken serious.

I see IE's biggest issue in the ActiveX support which allows users to download unchecked third party code which runs natively without any sandbox. Apart from that you wont encounter many other issues you cant also have in other browsers.

[jamieplucinski]

Read the 4th post in this thread for something other than the super short post I did initially.

I am still wondering what you meant by "the more people try and make Internet Explorer into something it's not the more dangerous it becomes". I take it that you actually complain about people writing Add-Ons for IE. Sorry, but such a kind of "critic" cant be taken serious.

That's not what I meant at all, Internet Explorer is a web browser first and foremost, what I was talking about when it comes to making Internet Explorer into something it's not is people "customizing" it, if a pop-up appears and someone clicks it they get a toolbar that delivers advertising, spyware and other nasties, which in turn downloads another, and another. I wholeheartedly agree that ActiveX is a major concern with Internet Explorer, but the access that ActiveX has to the system as a whole (as you said) is shocking, and nothing Microsoft has done has really changed that, IE7 and Vista introduced an annoying UAC prompt to ask if you wanted to install an ActiveX control, but unless you understand what a .dll or OCX file is people just click through it and continue.

My main point, that I didn't make very clearly, is that if people start developing Firefox addons for Internet Explorer it could easily confuse people into assuming that they're going to get the same level as security as they did in Firefox. AdBlock Plus in Firefox is great, but in Internet Explorer the controls used to provide functionality could be easily compromised and make abp act strangely and reflect badly upon the good work of Wladimir.

Although I have to admit that it'd be hilarious if IE ever did get adblock plus, especially since the AdBlock Plus Nazi's would then have to block the entire internet

[username]

Read the 4th post in this thread for something other than the super short post I did initially.

I already did, but I am sorry I couldnt find a single proper argument but only rather hostile bashing attempts.

That's not what I meant at all, Internet Explorer is a web browser first and foremost

Sure.

what I was talking about when it comes to making Internet Explorer into something it's not is people "customizing" it, if a pop-up appears and someone clicks it they get a toolbar that delivers advertising, spyware and other nasties, which in turn downloads another, and another.

Here we are once again! What are you talking about?

Customising? What?

A popup in IE does absolutely the same as it does in Firefox, Opera or whatever other browser - given of course it supports the used technology, in case you want to refer to ActiveX - see below.

I wholeheartedly agree that ActiveX is a major concern with Internet Explorer, but the access that ActiveX has to the system as a whole (as you said) is shocking

So I assume your only criticism is IE's support for downloadable ActiveX components?

Well, I already mentioned choosing this solution might not have been the wisest idea, but it is only an "optional" feature (and can be even completely disabled) and can hardly be used as argument to bash the entire IE like you did (sucks, Spyware, ....). Sorry but this is just polemic.

and nothing Microsoft has done has really changed that, IE7 and Vista introduced an annoying UAC prompt to ask if you wanted to install an ActiveX control, but unless you understand what a .dll or OCX file is people just click through it and continue.

Security always introduces annoyances, one way or another. I am not aware of the actual wording but I'd suppose it is rather explicit of a potential security problem. Now if the user still continues there is few you can do. Similar security warnings are also present in Firefox.

What would you have done if you were Microsoft? The only viable solution would be to remove ActiveX support, which would completely break backwards compatibility.

My main point, that I didn't make very clearly, is that if people start developing Firefox addons for Internet Explorer it could easily confuse people into assuming that they're going to get the same level as security as they did in Firefox.

Which people? Developers or users? Add-Ons (or extensions) arent about security, neither in Firefox nor in IE. They are about extending the browser's functionality. They can introduce security issues in both browsers.

AdBlock Plus in Firefox is great, but in Internet Explorer the controls used to provide functionality could be easily compromised and make abp act strangely and reflect badly upon the good work of Wladimir.

Thats not true. An adblocker couldnt be more easily compromised in IE than it could in Firefox.

[jamieplucinski]

@username: /sigh okay let me explain a few things,

A) Something can be easily compromised in IE more so than Internet Explorer, this is due to most spyware writers being lazy and using system default paths or hard coded paths, since everyone who uses Internet Explorer has it in a single location, with a single fixed destination folder for cache and a single bunch of registry keys in their own HCKU key.

Firefox uses a random folder name and not all spyware writers are smart enough to get a directory listing and process entries, assuming there is even a Firefox profile stored locally in the %AppData% folder tree. This of course makes mobile Firefox installations almost invisible.

Plus Internet Explorer lacks the required hooks to handle advertisements in the way Firefox does, instead software is required to create a proxy to filter traffic, this is problematic as people would be unable to detect what filters were causing problems with pages in the same way that abp can.

B) Popups in Internet Explorer could be popup windows or ActiveX installation requests, Firefox displays a nice bar at the top of the Window, depending on your Windows Service Pack/IE version IE will just pop up a dialog box.

C) Developers/Users? Users, more spyware is installed by users clicking a box to make it go away than sneaky backdoor installations (at least initially).

D) What would I have done if I were Microsoft? Exactly the same thing they did for the .Net Framework in Vista... locked it the hell down and only allowed elevated processes or system processes to access certain parts of the system. Did it break anything? Not much, but the hotfixes patched that. This is possible to do in Windows XP and earlier but Microsoft won't do it, they're keeping as much Vista related material and code on Vista to try and help it's failed launch.

E) Customising? I'm not sure if you're confused by the spelling customising, it is after all the correct English spelling of the word customizing or the concept itself. Regardless customising could mean any number of things, down to something like IE7 pro or Google's toolbar. Sadly people are duped into doing this by spyware writers, installing countless toolbars or getting a zwinky. There are countless Internet Explorer based toolbars that "customise" the browser, but in reality just turn it into a spyware downloading service. There are very few, if not any toolbars that do the same to Firefox.

F) Firefox ships without VBScript, Microsoft's scripting language, for a plethora of reasons, but this too has been used in the past to infect machines and it brought most of the Visual Basic programming language to IE, which in turn allows a web page to access parts of your system that you would never want an unknown web server tinkering with.

G) If my statements are polemic then you are a controversialist, the IE/Firefox flame war has existed for years, and before Firefox it was Netscape/Opera. This is a not just a case of "IE sucks because Microsoft make it and they suck." moreover a case of IE sucks because it is single handedly the most exploited Windows component of all time and yet people like yourself still strike to cover up it's flaws with polemical counterarguments.

There are a vast number of people online that have written about, on more than one occasion, the huge security flaws that internet explorer itself has and opens a computer up to. Microsoft itself has admitted these flaws and is working (albeit slowly) on resolving them but seems more interested in "keeping up with the jones'" (Firefox) since every release or planned upgrade in the IE family since Firefox came out has been to offer similar functionality in the hopes of winning a vast number of people who ditch IE for Firefox daily. The same applies to functionality in Opera, IE 7 has a lot of things in it that were present in Opera and Firefox but not on the drawing board for IE7 initially.

Internet Explorer is integrated so deeply within the operating system that even doing something as simple as printing a file, even from a non Microsoft application loads multiple DLL files that are provided with Internet Explorer upgrades. Did you know that? I'm willing to bet not.

Regardless of what camp you are from, who's fanboy you are, or what browser you use nobody in their right mind would argue against Internet Explorer being insecure, it is, always has been, and always will be. And until Microsoft drop backwards compatibility or at least secures it in the way they did for .Net Framework 1.x, 2.x, and 3.x (1.x and 2.x being backports) in Vista nothing will change.

[username]

A) Something can be easily compromised in IE more so than Internet Explorer, this is due to most spyware writers being lazy and using system default paths or hard coded paths, since everyone who uses Internet Explorer has it in a single location, with a single fixed destination folder for cache and a single bunch of registry keys in their own HCKU key.

Strangely this single file location is based on the Windows language. So a US "developer" using hardcoded paths would basically make his application useless on every machine outside the US - very unlikely!

Firefox uses a random folder name and not all spyware writers are smart enough to get a directory listing and process entries, assuming there is even a Firefox profile stored locally in the %AppData% folder tree. This of course makes mobile Firefox installations almost invisible.

Lets stick to a fair comparison, wouldnt you agree that would be better?

The random directory name only applies to the profile directory. The application itself is installed by most users also in the default directory. Now IE also uses a "random" directory name as it is based on the login name.

Someone dedicated enough to write a Spyware application will be aware of these issues and will take care of them. A random name is the least problem - you know how one says, security through obscurity.

Plus Internet Explorer lacks the required hooks to handle advertisements in the way Firefox does, instead software is required to create a proxy to filter traffic, this is problematic as people would be unable to detect what filters were causing problems with pages in the same way that abp can.

Then I wonder how Google's toolbar can block popups or how Power IE is able to block entire ad banners.

Sorry but this statement has eventually shown that you are not really aware of the actual facts but are only making up your own stories in order to bash IE with - unfunded - "arguments".

Firefox displays a nice bar at the top of the Window, depending on your Windows Service Pack/IE version IE will just pop up a dialog box.

IE shows this "nice bar at the top" since three years. So what do you complain about?

C) Developers/Users? Users, more spyware is installed by users clicking a box to make it go away than sneaky backdoor installations (at least initially).

Yes, but this is only possible with improper ActiveX/VBScript settings and these were heavily improved/tightened with IE 7 - as I already wrote!

E) Customising? I'm not sure if you're confused by the spelling customising, it is after all the correct English spelling of the word customizing or the concept itself.

What are you referring to? Yes, I used the proper English spelling, while you used the americanised one. What does this have to do with the topic? I guess not much.

Regardless customising could mean any number of things, down to something like IE7 pro or Google's toolbar. Sadly people are duped into doing this by spyware writers, installing countless toolbars or getting a zwinky. There are countless Internet Explorer based toolbars that "customise" the browser, but in reality just turn it into a spyware downloading service.

Yes, but this is not an IE security issue, but solely based on the fact the IE is the more popular browser. The exactly same thing is possible on Firefox.

F) Firefox ships without VBScript, Microsoft's scripting language, for a plethora of reasons, but this too has been used in the past to infect machines and it brought most of the Visual Basic programming language to IE, which in turn allows a web page to access parts of your system that you would never want an unknown web server tinkering with.

Agreed, VBScript has too much access to the system. So basically your only complaints are VBScript and ActiveX?

G) If my statements are polemic then you are a controversialist

Am I? I asked you for actual facts to support your statements, which you have failed to deliver so far.

the IE/Firefox flame war has existed for years, and before Firefox it was Netscape/Opera.

Yes, because there have always been uninformed people who simply went on repeating bashing stories they snapped up somewhere.

This is a not just a case of "IE sucks because Microsoft make it and they suck."

I am sorry, I would say it is exactly what you described.

moreover a case of IE sucks because it is single handedly the most exploited Windows component of all time and yet people like yourself still strike to cover up it's flaws with polemical counterarguments.

Polemic counterarguments? Sorry, but I cannot remember that I bashed Firefox with "professional" statements like "sucks" and general random accusations like "Spyware" without bringing up a single backup.

There are a vast number of people online that have written about, on more than one occasion, the huge security flaws that internet explorer itself has and opens a computer up to.

Yes, many of those belong to the group I referred to three paragraphs ago.

As I already wrote, IE has had its security issues and some of them were even rather serious, but so did Firefox. Microsoft certainly also ignored the importance of Security for a long while but they were catching up.

Microsoft itself has admitted these flaws

Of course the admitted them, what should they have done otherwise?

but seems more interested in "keeping up with the jones'" (Firefox) since every release or planned upgrade in the IE family since Firefox came out has been to offer similar functionality

Sure they implemented features of Firefox in IE. Wouldnt it have been insane not to implement features which have proven to be useful?

But while we are at, half of Firefox' features were copied from Opera (with its extensions, all the features).

The same applies to functionality in Opera, IE 7 has a lot of things in it that were present in Opera and Firefox but not on the drawing board for IE7 initially.

I doubt you can know what was present on the drawing board for IE7. But as mentioned previously, in terms of Opera's features it is actually Firefox who based all of its features on Opera.

Internet Explorer is integrated so deeply within the operating system that even doing something as simple as printing a file, even from a non Microsoft application loads multiple DLL files that are provided with Internet Explorer upgrades. Did you know that? I'm willing to bet not.

The IE is not integrated into the operating system (=kernel) at all.

Fact is, the IE as we use it does not contain the actual browser code (as Firefox does) but only calls user-mode libraries which are shipped by default with Windows. This makes sense as the typical IE functionality like HTML rendering, HTTP requests, proxy logic and more is not only used by IE but also by other applications like Media Player, Windows Help, Updaters, and many more.


To summarise, I agree (as already did) that ActiveX and VBScript can pose a serious security problem, however (as I already mentioned twice) IE7 improved very much in this area by securing/tightening the default settings. Apart from that it does not seem that you have any other criticism but only try to bash IE with unfunded arguments.

[username]

E) Customising? I'm not sure if you're confused by the spelling customising, it is after all the correct English spelling of the word customizing or the concept itself.

What are you referring to? Yes, I used the proper English spelling, while you used the americanised one. What does this have to do with the topic? I guess not much.

I now see what you referred to, sorry.

No, I wanted to know what you meant by "people customising the browser". Your explanation about browser add-ons cleared it up.

[jamieplucinski]

/sigh go online, search a few websites, find advert blockers for Internet Explorer. You'll find Norton, and AdMuncher to name but two, along with Privoxy and countless others, all that use a proxy method. Not making anything up, I'm just smarter than you are.

Localized paths? Wrong. Start, Run, enter %appdata%\microsoft\Internet Explorer... oh no! Some complex coding that took. And by the way, that'll work on most systems, even non-US ones.

Googles toolbar blocks popups by catching and filtering window.open events, pretty much the only part of DOM and JS specifications they (Microsoft) complied to.

IE shows this "nice bar at the top" since three years. So what do you complain about?

3 years... if you update. Not everyone gets the latest updates for IE, and Microsoft don't provide it on all versions of Windows... and yes people are still using Windows 98.

Yes, but this is only possible with improper ActiveX/VBScript settings and these were heavily improved/tightened with IE 7 - as I already wrote!

IE7 is an optional update for people that visit Windows Update or enabled automatic updates, doesn't mean a single thing for users that don't update or have an older version of Windows.

Yes, but this is not an IE security issue, but solely based on the fact the IE is the more popular browser. The exactly same thing is possible on Firefox.

Actually it is since Firefox doesn't have itself locked into the system deep enough to compromise it in the same way IE can.

I doubt you can know what was present on the drawing board for IE7. But as mentioned previously, in terms of Opera's features it is actually Firefox who based all of its features on Opera.

I should do, I was testing it for Microsoft, I even have some of the very early alpha downloads from Microsoft Connect sitting on a DVD in my basement.

The IE is not integrated into the operating system (=kernel) at all.

An operating system consists of much more than a kernel, take away the explorer subsystem and you're left with nothing. Internet Explorer ships with a lot of system components, download a full install package, extract the files and compare them to your system directories... the names match up and so do the file destinations.

You really have no idea what you are talking about and in all honesty you have very little to no understanding of how Windows works, how it's subsystems work, and how bad Internet Explorer really is.

Rather than continue arguing with you, which is a completely pointless exercise, I'm just going to ignore this thread. Although I suggest you start reading here and then follow the links around the Web to see the wider picture when it comes to Internet Explorer and the huge security risks that you seem to think have vanished since Microsoft added a padlock onto a barn door without any hinges; all it would need is a little push or pull either way and it'd fall.