Barney's Blog

Blog archive

IE 10 Security's Bumpy Roadblock

If you are relatively young, you think protected mode is an IE feature that stops hackers from loading malicious code (or tries to) or changing your security settings (or tries to).

If you have graying hair and are overdue for a colonoscopy you think protected mode is a way of tricking an Intel 80286 processor into addressing more than 640K (yes kilobytes) of memory so it can run Windows.

IE 10 now has an enhanced protected mode (EPM), a feature testers will eventually stumble over.

The news is good and bad. Whenever you tighten security you harm user experience. Just look at what Maxwell Smart had to go through to get into Control headquarters (if you get this reference, you probably know the first definition of protected mode, something Bill Gates pontificated on at many gatherings.)

In the case of IE 10 and the Metro interface, there is the AppContainer Sandbox. The great part is this doesn't share cookies across apps. The bad part? It doesn't share cookies across apps, so you are putting in user names and whatnot to get base level functions from some Web sites.

The nice part? When a hacker hijacks one page, he can't steal your data from another.

Posted by Doug Barney on 03/28/2012 at 1:19 PM


comments powered by Disqus

Reader Comments:

Thu, Mar 29, 2012 Dan Iowa

Not to fear, if any security settings prevent the hacker from stealing your data from another page or from sharing cookies across apps, there will be instructions automatically sent to you telling you that the web app will not work, and this is how you turn off that security. What people can't seem to get their heads around is this: Google is the hacker. Fasebook is the hacker. The very app that users are wanting to use was designed to gather information about the user. The app is free for a reason.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.