Internet Explorer has a major vulnerability to a “man-in-the-middle” attack, and has for several years. This means that (for example) someone can set up a spoof version of a financial website (like your bank, or an ecommerce site from which you’re purchasing something), that will fool IE into sending your credit card data to it, instead of the intended recipient, because Explorer apparently isn’t rigorous enough about checking certificates on the Secure Socket Layer.

While this is irritating, even infuriating, in itself, it’s made more so by many site designers’ insistence on writing their sites to IE’s perverted version of HTML and other Microsoft technologies, so that one can’t even use other browsers (e.g., Opera) with them. I avoid using IE as much as possible (and once I finally get the Windows monkey off my back, it won’t be possible to use it at all), but there are some sites that are vital for managing my accounts that either don’t work at all, or are unviewable on any other browser. The Schwab site, for example, won’t do business with you in secure manner unless you have Explorer. They claim that this policy is in the name of “security.”

I hope that this will cause them to rethink that philosophy, given the self-evident irony of it with today’s news (and numerous other instances in the past of Redmond’s less-than-devoted commitment to security in general).