washingtonpost.com  > Technology > Columnists > Fast Forward

Page 2 of 2  < Back  

Another Brick in the Firewall

I was also troubled to see that two other spyware finders, Ad-Aware and Spybot Search & Destroy, found some offenders that AOL's tool had missed -- while each, in turn, did not locate some of the suspects that AOL had found.

Elsewhere in this Security Edition, AOL users will find some simplified spam-filtering controls and more limits on pop-up ads, including the option to disable those animations that briefly float over some Web pages. (Yes, The Post's site does run quite a few of those.)

_____Recent Columns_____
3-Point Shopping For a Computer (The Washington Post, Nov 21, 2004)
Firefox Leaves No Reason to Endure Internet Explorer (The Washington Post, Nov 14, 2004)
Photos Plus Music Equals an Expensive iPod (The Washington Post, Nov 7, 2004)
Fast Forward Archive
_____Help File_____
Rescuing Music Files (The Washington Post, Nov 28, 2004)
Complete Help File Archive

But AOL 9 SE does nothing to address the way malicious Web sites exploit vulnerabilities in Microsoft's Internet Explorer browser to force-feed software to a victim's computer. I put a fresh copy of Windows XP on a laptop, installed AOL 9 SE and used that software to visit a known hijack site. After a restart, I was greeted by a set of strange shortcuts on the desktop, a new toolbar in Internet Explorer and a barrage of pop-up ads and alerts.

I had not consented to install any of this junk, but because AOL uses Internet Explorer for its own browsing software, none of the security features built into the online service could stop this hostile takeover.

AOL can hope that its users keep up with such Microsoft updates as Service Pack 2, which blocked this site's hijack attempts on other computers. But it would do better to switch to a more secure browser.

It certainly knows how to: Its CompuServe software uses a browser based on its own Netscape program, as does the Mac OS X version of AOL itself. In fall 2002, AOL had planned to make this change to its Windows software, too, but then it abandoned those plans.

Now that there's a renewed interest in non-IE browsers, such as the Firefox release I reviewed two weeks ago, AOL ought to rethink this.

While it's on this crusade to protect users' computers from unwanted intrusions, it also ought to set a better example in its own software. The AOL 9 SE installer added an enormous toolbar to my copy of Internet Explorer, scattered marketing links across my desktop and stuffed a second array of shortcuts into the Windows taskbar. At no time during the installation was I notified of these changes, much less asked for my permission.

But with all its faults, this Security Edition of AOL still represents much more comprehensive protection than what Windows users can expect from either Microsoft or computer manufacturers. It's a start; it just had better not be a finish.

Living with technology, or trying to? E-mail Rob Pegoraro at rob@twp.com.

< Back  1 2

© 2004 The Washington Post Company