 |
 |
IE finally getting safer?
|
|
|
|
|
Moderator  Join Date: Feb 2006
Location: on the verge of insanity
Status:
Offline
|
|
(BusinessWeek)--Since the days of Windows 95, security experts have been beating up on Microsoft for the way it integrated the Internet Explorer browser with its operating system. A decade and countless security vulnerabilities later, Microsoft is finally conceding that the critics were right. This means big changes are coming in the version of Internet Explorer that's due this fall.
I have been using an early, and still buggy, test version of Internet Explorer 7, which will be released both as part of Vista (the next release of Windows) and in a separate version for Windows XP. It goes a long way toward separating the browser from the operating system. That makes browsing safer but less convenient since a number of things that used to happen automatically will now require your intervention.
The great weakness of IE has been the way Microsoft empowered the browser to download and run programs automatically. It didn't take long for the bad guys to figure out that this was an open door for attacks. Microsoft imposed restrictions on these ``drive-by downloads'' a couple of years ago as part of a major update to Windows XP, but IE 7 makes the rules much stricter. You have to give explicit permission even to run programs already stored on your computer, with the exception of a handful of well-known tools such as Macromedia Flash player or Real Networks' RealPlayer. As long as people don't mindlessly give permission to everything, this should make it tougher for hackers to exploit flaws in existing programs.
IN EFFECT, MICROSOFT IS TAKING AWAY the browser's special, trusting relationship with Windows. And with Vista the divorce comes with a restraining order. Even when you let IE run a program, it won't be able to create or change files or system settings unless you give it additional permission. This makes it far harder for a malicious Web site to hijack your home page or install a program that monitors your keystrokes.
These changes will cause many of the ``scripts'' that automate Web sites, as well custom programs written for corporations' internal Web sites, to fail. That's why Microsoft is urging Web masters to start experimenting with the software months before its release. Based on my experience, most sites will be fixed with time to spare, but many corporations will drag their feet in fixing internal software.
A more visible security change is designed to help prevent fraud. The new IE will warn people when a link they click on is likely to take them to a ``phishing'' site, the sort of place that steals passwords or other personal information. On known phishing sites the address bar at the top of the window turns red, and a warning appears, while on suspect sites the bar turns yellow. And in an effort to keep Web sites from whisking you off to places you may not want to go, any new windows opened automatically must show their true identity in an address bar.
There are also some nice, if badly overdue, usability improvements. You will be able to open multiple pages within a single window and save the group as a single bookmark; rival browsers such as Firefox and Opera have long offered this ``tabbed browsing'' feature. And Microsoft has finally provided a reliable way to enlarge or shrink text, though in the version I've been testing the bigger text isn't always reformatted, so it sometimes sprawls off the right edge of the window. I hope this feature will be fixed before release.
The convenience IE offered over other browsers, such as Netscape, helped fuel the explosive growth of the Web. But that ease of use came at far too high a price. Partly because of the resistance of corporate customers that had built applications taking advantage of dangerous features, Microsoft was far too slow to fix them. But the software giant is finally biting the bullet, and late is a lot better than never.
-------------------------------------------------------------------------------------------------------
Better late than never I suppose. It's about time they implement the tabbed browsing feature, I always hated have 15 windows open. Since it seems most hackers gun for MS, I wonder how much safer it will truly be?
|
|
I like my water with hops, malt, hops, yeast, and hops.
|
| |
|
|
|
|
|
|
|
Baninated
Join Date: Jan 2006
Location: Drifting in space, all mashed up
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Jun 2001
Location: On the move again...
Status:
Offline
|
|
|
|
|
"No footprints when we're gone. Only where we've been, a faint and fading glow" Bruce Cockburn
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Oct 2002
Location: Boston, MA
Status:
Offline
|
|
I don't plan to give IE second chance.
|
"Never give in, never give in, never, never, never, never - in nothing, great or small, large or petty - never give in except to convictions of honor and good sense." Winston Churchill
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Oct 2004
Location: Downtown Austin, TX
Status:
Offline
|
|
Security issues and lack of tabbed-browsing aside, IE really isn't a bad browser.
|
|
|
| |
|
|
|
|
|
|
|
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status:
Offline
|
|
Originally Posted by jamil5454
Security issues and lack of tabbed-browsing aside, IE really isn't a bad browser.
"Favorites" organization suxxors, too.
-t
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top