Pando

Internet Explorer's parting gift: A slightly safer browsing experience

By Nathaniel Mott , written on April 30, 2015

From The News Desk

Microsoft is killing Internet Explorer. But it plans on teaching the ancient Web browser a new trick before it's taken to the digital farm where software "retires." And that trick might just help make the web a little bit safer for consumers.

The new feature will warn consumers whenever they visit a website featuring "misleading advertising." Microsoft says in its announcement that these ads often ask people to visit an infected website or download a troublesome app.

Internet Explorer will also be stricter in its filtering of advertisements that include malicious code. Together, these updates will make it easier for people who don't know how to protect themselves online to avoid potential disasters.

They could also help those who think they're browsing safe sites but really aren't. Companies have been known to weaken security just to inject ads into consumers' browsing, like Comcast started to do last year. Ars Technica wrote:

Seth Schoen, the senior staff technologist for the Electronic Frontier Foundation, reviewed the data pulled by Singel and said that ‘there ended up being JavaScript in the page that was not intended by the server.’

Even if Comcast doesn’t have any malicious intent, and even if hackers don’t access the JavaScript, the interaction of the JavaScript with websites could ‘create’ security vulnerabilities in Websites, Schoen said. ‘Their code or the interaction of code with other things could potentially create new security vulnerabilities in sites that didn’t have them,’ Schoen said in a telephone interview.

Those aren't just theoretical risks, either. Forbes' interstitial advertisements were used by Chinese hackers to spread malware last year. As I wrote then:

Chinese hackers are believed to have taken the worst part of Forbes’ website — the page that displays a 'Thought of the Day' alongside some advertisement or another — and used it to distribute malware to a relatively small number of the website’s many daily visitors.

Forbes said in a statement to the Washington Post, which first reported on the hacking, that it discovered 'no indication of additional or ongoing compromise nor any evidence of data exfiltration' during an internal investigation into the attack in December 2014.

Advertisements aren't just creepy nuisances that follow people around the web. They also make it easier for attackers to reach their targets. And despite those risks, it's clear that many companies value money over their customers' safety.

Few will be sad to see Internet Explorer go. The browser often failed to keep pace with its rivals, and jokes about its best feature being its ability to let people download other Web browsers were all too common. But at least this demented relic will be able to make the Internet a little bit safer before it finally passes on.

[illustration by Brad Jonas]