PCRegulationSecuritySoftwareWorkspace

British Government Sticks With IE6, Citing Cost

parliament
0 0 3 Comments

The British government has opted to stick with Internet Explorer 6 on its computers, despite its documented security risks

The British government has refused to upgrade its default web browser – Internet Explorer 6 – despite well publicised security issues with the outdated web browser.

In response to a 6,000-strong petition urging government departments to upgrade away from IE6, the government has said it is simply too expensive.

Firewall Trust

“Complex software will always have vulnerabilities and motivated adversaries will always work to discover and take advantage of them,” responded the government to the petition. “There is no evidence that upgrading away from the latest fully patched versions of Internet Explorer to other browsers will make users more secure. Regular software patching and updating will help defend against the latest threats.

“It is not straightforward for HMG departments to upgrade IE versions on their systems,” the government added. “Upgrading these systems to IE8 can be a very large operation, taking weeks to test and roll out to all users. To test all the web applications currently used by HMG departments can take months at significant potential cost to the taxpayer. It is therefore more cost effective in many cases to continue to use IE6 and rely on other measures, such as firewalls and malware scanning software, to further protect public sector internet users.”

The British government’s decision to stick with Internet Explorer 6 in these austere times comes despite the fact that, in January, the German government urged its citizens to ditch Microsoft Internet Explorer as a result of the Aurora attack on Google. The French government followed suit shortly after that, and urged its computer users to switch to a different web browser such as Firefox or Chrome.

IE6 Diehards

The Aurora flaw is the same one that reportedly enabled hackers to break into the Gmail accounts of human rights activists in China. The attack resulted in Google reconsidering its policy of co-operating with the Chinese government, and threatening to pull out of the country all together.

Yet it seems that the government is not alone in sticking with IE6, as some organisations also prefer using the old browser, despite the fact that IE6 attracts cyber attackers because it lacks up-to-date security features. One of the reasons some organisations tend to stick with IE6 is because of its inability to render sites such as Facebook properly, meaning employees are forced to get more work done as opposed to posting or checking status updates.

Back in February, the Department of Health advised NHS organisations to abandon Internet Explorer 6, and said that they should upgrade to Internet Explorer 7.

IE8 Privacy Criticism

Microsoft meanwhile has hit back at criticism that IE8 could have offered better privacy tools if not for executive pressure.

According to the Wall Street Journal, whilst IE8 was being developed, it offered an easy way to block third-party tracking. Developers were keen on the system being left on by default, in order to give users the most privacy, but the Journal report claims executives successfully argued that tracking was necessary for advertising – and Microsoft’s bottom line.

Microsoft has objected to this version of events, and said that there is no single way to guarantee users’ privacy online.

“Because some of the technologies that can be used for tracking are also essential today for basic functionality, there is no ‘Just give me perfect privacy’ feature,” said Internet Explorer general manager Dean Hachamovitch in a Microsoft blog post.

“Distinguishing between a tracking technology (a beacon) and a useful piece of web content (a stock chart used as a beacon) is not obvious,” he added.

  1. You have to laugh, IE 6 is the last version compatible with windows 2000, if HMG government computers had XP professional they would have upgraded to IE 8 for free with the normal security updates.

    Schools update to all the latest versions every year, in fact it is more usual to update one machine and copy it across the network as an ‘image’.

    The process costs nothing and is part of normal maintenance.

    It is more likely that HM government is stuck with contracts or manufacturer locked hardware/software which cannot be touched by its IT people. Its better to say the truth about this than look as silly as they are.

  2. Where is Firefox or Chrome in this argument? Why does the government feel it has to use Microsoft products at all, let alone the dreadful IE6.

    As a web design agency we have positively encouraged our clients to switch to Firefox or Chrome. Website development fixes for IE6 take up much of our time so please pull the plug on it.

  3. The cost argument does not hold water. People having to design sites for IE6 because the govt departments are sticking to it are incurring far more cost that the govt would fixing its bad web apps and rolling out a better browser.

    Come to think of it, keep IE6 for your webapps, rollout Firefox and IETab – there: better browser, lower cost for everyone and still compatibility with crap web apps!