IE8 and Trustworthy Browsing


This blog post frames our approach in IE8 for delivering trustworthy browsing. The topic is complicated enough that some context and even history (before we go into any particular feature) is important, and so some readers may find this post a bit basic as it’s written for a wide audience. In previous posts here, we’ve written about IE8 for developers: the work in standards support, developer tools, script performance, and more. In future posts, we’ll write about IE8 for end-users (beyond the benefits of improved performance, activities, and Web Slices). This post starts a series about trustworthy browsing, a topic important for developers and end-users and everyone on the web. By setting the context and motivation with this post, the next posts that dive into the details of IE8 will build on this foundation.

Trustworthy refers to one of our overall goals: provide the most secure and most reliable browser that respects user choice and keeps users in control of their machine and their information. For reference, Microsoft’s framework for Trustworthy Computing in general spans four areas: security, privacy, reliability, and business practices.

Security is often where the trust discussion begins. Narrowly, security in this context means “as the user browses the web, the only code that runs on the user’s machine is code that the user allows to run”. For example, when the user visits “www.somebadsite.com” the site should not be able to just run “virus.exe” and infect the user’s machine with malware. IE7 made a lot of progress on security, starting with Protected Mode and developing IE to be “secure by design, secure by default” as part of the following SDL requirements. IE7 was the first browser to support Extended Validation certificates to help protect users from deceptive websites, as well as delivering anti-phishing protection, International Domain Name support with protection from deceptive websites, a richer SSL experience and support for stronger SSL cipher algorithms, ActiveX opt-in, and great integration with Parental Controls in Windows Vista. We have done even more security work in IE8 to address the evolving threat environment.

Privacy is a complex topic that more often than not puts one party in conflict with another. If security boils down to “the user is in control of what code runs on the machine,” then privacy boils down to “the user is in control of what information the browser makes available to websites”. Many people immediately think of “cookies” at this point because so much discussion and early work around privacy focused on the specific implementation of cookies. Cookies and cookie protection are definitely one aspect of the online privacy discussion. IE6 included innovative work implementing the P3P web standard (from the W3C), and both IE6 and IE7 use it to block cookies from websites that don’t have a privacy policy that complies with the user’s settings. It’s a great example of a privacy protection in use today on the web. In IE7, deleting cookies as well as other information that shows where the user has been on the web is much easier.  That said, there’s more to online privacy than cookies, as cookies are only one implementation of content that can disclose information to websites. In some discussions, people have also described IE7’s Phishing Filter as a privacy feature because it helps protect users from sharing information. The larger challenge here is notifying users clearly about what sites they’re disclosing information to and enabling them to control that disclosure if they choose. As we talk more about privacy, we will broaden the discussion to include additional protections from sharing information that the browser can offer users.

Reliability is relatively simple: the browser should always start, find the Internet, and show web sites without crashing. We define reliability to mean “as the user browses the web, the browser performs well and does not terminate unexpectedly”. End-users really don’t care about the cause of instability in the system – malformed web pages (see the old Slashdot article that this post refers to, for example) or third-party extensions (like toolbars; see this post about IE7’s “No Add-ons” functionality) – they just want the browser to work. In addition, when something does go wrong, an important part of reliability is how gracefully the browser recovers from the unexpected. Another aspect of reliability is that sites continue to render correctly. We’ll post more here about the work we’ve done to make IE8 more robust, as well as more interoperable and compatible at the same time.

Business practices guide decisions we make in designing and distributing our products. The key principle here is respecting user choice. For example, when a user installs a new version of IE, IE respects the user’s choice of default search engine. In IE, the user can add or remove different search providers using OpenSearch, a public and open standard that some other browsers have chosen to support as well. IE respects the user’s choice of system defaults (Windows Vista’s “Default Programs” functionality, as well as Windows XP’s Set Program Access Defaults). Explicitly asking the user before installing a new version of IE is key to respecting the user’s browser choice. 

Ultimately, trustworthy browsing is about enabling users to be in control and respecting the choices users make. Specifically, it’s about enabling users to be in control of their machine, of their browser, of their settings, of their experience, of what data they share with whom when. Each part of trustworthy browsing involves an industry-wide challenge. For example, security is an industry challenge; every browser on the web faces attacks.

While all these statements may sound inherently obvious to some readers, these topics are so important that we thought it would be good to talk in general about how we think about them overall.  Over the coming weeks this blog series will talk about how we’re making progress against these challenges, to set the stage for the release of IE8 Beta 2 in August.

Thanks,

Dean Hachamovitch
General Manager
Internet Explorer

Edit: removed hyperlink

Comments (81)

  1. Anonymous says:

    The General Manager of Internet Explorer doesn’t know that you check an URL before posting it, or you use the canonical "example.com"?

  2. Anonymous says:

    "Edit: removed hyperlink"

    Oh come on, Dean. Where’s the humor? 😛

  3. Anonymous says:

    One thing I would very much like is for instnaces of IE to be more separated in memory. That way if one tab or window crashed it wouldn’t bring down the others. Good crash recovery is also a must for IE8.

    Finally, though, I think the problem of toolbars etc should be dealt with once and for all. When an add-on is identified as the cause of a browser crash, that add-on should be disabled and the user notified. Maybe that would encourage the developers of buggy code (looking at Apple here and their ghastly Quicktime…) to make their add-ons run properly.

  4. Anonymous says:

    long’s actions are outright ridiculous. sure, ms is gonna drive traffic to him, let him make adsense-money at their expense. just for the fun of it. sure.

  5. PinkDuck says:

    Re: "people have also described IE7’s Phishing Filter as a privacy feature because it helps protect users from sharing information"

    Yet they are happy to send every single URL they browse to Microsoft or one of their agents.

  6. Anonymous says:

    How about another requirement for a ‘trustworthy’ IE.

    Comply with standards – Complying with standards is very important for a globally accessible world wide web.  We at Microsoft are committed to following standards and working with the W3C to develop standards BEFORE implementing them in our browser.  We refuse to go back to the old days of trying to create a proprietary web.  We understand that this makes web developers trust us, because we are all about helping developers, developers, developers.

  7. Anonymous says:

    @Ozzie,

    I find this hilarious, but somebadsite.com seems to consistently crash my version of Firefox 3.0. That really is a bad site!

  8. Anonymous says:

    Restricting cookies is useless for protecting privacy.  You should speak to your colleagues in MSN AdCenter and ask how it is possible to track individual users without cookies enabled.  It is even possible to track different users of one PC by their behaviour and different PCs in one house by their UA strings.

    To give proper privacy you would have to redirect all browsing sessions to the Tor network and randomise their user agent string.

    Blocking tracking domains in the local hosts file is a better way to control privacy, once you make the request it does not matter if you are sending cookies or not.

    Asking users what information to send is useless because they don’t know.  It will be like UAC where it is either turned off or becomes such an annoyance that they switch to another browser.  P3P was not successful and only made more work for us developers.  P3P on steroids will be more of the same.

  9. Anonymous says:

    Trustworthy: "provide the most secure and most reliable browser that respects user choice and keeps users in control of their machine and their information".

    "most secure and most reliable"? – woops! I think this is a line describing a better more robust open source browser that runs on multiple OS’s and in 30 odd languages… made by the Mozilla organization.

    I think its called Firefox.

    I think the quote for IE should be:

    "Trustworthy refers to one of our overall goals: provide the most secure and most reliable browser ***THAT WE CAN*** that respects user choice and keeps users in control of their machine and their information."

    To suggest that IE "is" the most (secure|reliable) browser shows utter naivety or blatant self-propaganda.  

  10. Goedkoop lenen says:

    The "most secure|reliable browser" is also something, something..stupid. Every browser has it flaws, maybe IE some more than others, but hey. They are at least trying to make it better then before.

    Some competitions among browsers can’t hurt the end user, right?

  11. Anonymous says:

    uh, guys, read the start of the sentence. it’s their goal. not all obvious how to even judge what the most secure reliable browser is…

  12. Hello Mr Hachamovitch,

    I agree and support "billibob"’s post

    {

    "Complying with standards is very important for a globally accessible world wide web.  We at Microsoft are committed to following standards and working with the W3C to develop standards BEFORE implementing them in our browser.  We refuse to go back to the old days of trying to create a proprietary web.  We understand that this makes web developers trust us, because we are all about helping developers, developers, developers."

    }

    on compliance with W3C web standards. That too should be a very "loud and clear", visible, resounding and echoing commitment regarding IE 8 (and future releases of IE) trustworthy browsing.

    In the past (say, from late 2001 to 2004 inclusively), Microsoft’s commitments toward implementing W3C web standards (HTML 4, CSS 1, CSS 2.x, DOM 1, DOM 2, ATAG 1, UAAG 1, etc) have been weak, unreliable, not trustworthy. I don’t want to pounce furthermore on this issue because I can see, verify and measure results, improvements, better compliance, particularly in the CSS 2.1 spec in IE 8.

    IE 8 and UAAG guidelines/recommendations. I’d like to see Microsoft commit to this formally.

    Font-size control by the user (Jakob Nielsen)

    http://www.useit.com/alertbox/20020819.html

    A lot of ageing baby-boomers are now more and more fighting/struggling with webpages using 9px, 10px, 11px, 12px font-size.

    This was mentioned before by me at

    channel9.msdn.com/Wiki/InternetExplorerFeatureRequests

    and also in IE blog by 2 posters (Jordan Biserkov March 27th and Cecil Ward April 4th) regarding

    "Internet Explorer 8 and Adaptive Zoom" IE blog post on March 25th 2008 from Saloni Mira Rai.

       "For this year’s list of worst design mistakes, (…) I asked readers of my newsletter to nominate the usability problems they found the most irritating. (…) Bad fonts won the vote by a landslide, getting almost twice as many votes as the #2 mistake. About two-thirds of the voters complained about small font sizes or frozen font sizes;"

       Top Ten Web Design Mistakes of 2005: 1. Legibility Problems

    "

    http://www.useit.com/alertbox/designmistakes.html

    Educate web designers on best coding (web standards compliant,  interoperable and accessible) practices (at MSDN2 and elsewhere) and then practice what you preach. I often stumble on non-text-size-resizable webpages at Microsoft.

    Regards,

    Gérard

  13. Anonymous says:

    I have been running ie7 for a long time and in the last few days it has been crashing frequently. I reloaded it from scratch with all of the updates and that did not fix the problem. My PC is current on all MS updates. I have been reporting this to MS ever since it started. Is this a known problem?

  14. Anonymous says:

    @Bob: This is almost always caused by a buggy addon.  Please see http://www.enhanceie.com/ie/troubleshoot.asp for information on how to verify.

  15. Anonymous says:

    I think people take their hatred for MS too far and then impose that on IE.  I read an article that said that MFF hasn’t updated their security index in over 2 years.  Now, they’ve released MFF 3.0, so maybe that has changed, but MSIE is always updated.  Also, I find that MSIE renders things must cleaner then MFF.  MFF seems to try to render things so crisp and sharp that they hurt my eyes to look at.  Also, MFF pisses me off when I try to use floats and absolut positioning through CSS.  Lastly, MSIE loads on almost all of my computers 2-3x faster than MFF.

    I say MSIE is doing fine and I look foward to what they have coming.  People who die-hard love MFF and resent MSIE usually just have previous anti-MS feelings.  I use IE all the time and almost never have problems.  In fact, the MS sanctioned Web Developer toolkit may not be as advanced as MFF’s (which I love) but it’s getting there.

  16. Anonymous says:

    @Matt: This is your issue: "I use IE all the time and almost never have problems."

    Since you DON’T use other browsers, and therefore DON’T develop for other browsers, you have NO IDEA how bad IE actually is.

    Take 10 minutes to Google "Bug in IE"… if you don’t find 1,000’s of results I would be very surprised.

    From the other perspective, I can write (and do) applications that render PERFECTLY in ALL other browsers, using Spec based HTML/CSS/JavaScript that fall to bits in IE due to bugs.

    Thankfully IE8 fixed a whopping 50% of their worst bugs… so in 5 years, we’ll be able to drop backwards support for all legacy IE products (including IE7!)

  17. Anonymous says:

    [[Take 10 minutes to Google "Bug in IE"… if you don’t find 1,000’s of results I would be very surprised.]]

    Hrm… It only took 10 seconds to google for "george is an idiot" and I got 6190 results.  

  18. @Matt

    "I find that MSIE renders things must cleaner then MFF. (…) I use IE all the time and almost never have problems."

    You can try 138 testcases with IE 7 at my website

    http://www.gtalbot.org/BrowserBugsSection/MSIE7Bugs/

    (3 tests are particularly creating major problems for any visitor with IE 7) and definitely well over 750 other tests at Ian "Hixie" Hickson, Bruno Fassino, Alan Gresley, Mark "Tarquin" Wilton-Jones, David Hammond, Peter-Paul Koch, Robin Lionheart (HTML 4 conformance tests), Simon Pieters (45 test failures), Tino Zijdel, Rowan Wigginton, Robert Blaut, Tobie Langel, etc, etc, etc.

    which IE 7 fails and which other browsers (Firefox 2.0.0.14, Opera 9.27, Safari 3.1.1) pass.

    CSS 2.1 testsuite (september 2007):

    Firefox 3.0a9pre rv:1.9a9pre nightly build 2007092502 fails 27 tests out of 500 (5.4% failure); Opera 9.50a3 build 9542 fails 50 tests out of 500 (10.0% failure); Internet Explorer 7 fails 129 tests out of 500 (25.8% failure); Safari 3.0.3 build 522.15.5 fails 43 tests out of 500 (8.6% failure).

    DOM 1 Core tests with JsUnit 2.0Beta TestRunner by W3C. MSIE 7 fails 85 tests out of 224 tests, a 37.9% rate failure which is well over/above the percentage rate of Firefox 2 (6.3% failure rate) and Opera 9 (5.1% failure rate).

    We all agree that IE 8 beta 1 does a lot better at CSS 2.1 tests and that IE 8 beta 1 fixed hundreds of bugs (when comparing with IE 7).

    Regards,

    Gérard

  19. Anonymous says:

    On the subject of security, you guys really have to update your Internet Zones feature. Internet Zones status bar has to display the allowed and blocked domains, with option to add subdomains to trusted/restricted zones with 1 click on the status bar. In it’s current version, I have no way of telling what subdomains are blocked. Instead, I just get a "mixed content" warning, with no way to fix it.

    Try the noscript plugin in Firefox to see the changes you need to make.

  20. Anonymous says:

    Also, what’s the reason RUNAS is disabled in Vista for IE7? Will it also be disabled in IE8? If so, why? Please fix.

    I can run Firefox with the RUNAS command just fine under Vista.

  21. Anonymous says:

    How long does IE user have to wait for a smart location bar "awesome bar" and to easily add favorites website. Those FF3 feature is really helpful and should be copied right away.

  22. Anonymous says:

    Stop irritate me with silverlight update each time I surf on official Microsoft website! When I say no, I really meant it. Keep harassing me won’t get your product sold. Period.

  23. PatriotB says:

    @Just a bystander — ranting to the IE team won’t do any good, they don’t have any control over the Silverlight team, including the strings that the Silverlight team apparently pulls with the microsoft.com folks.

    I agree with you that being begged to install Silverlight is terrible; and I hate it too.  I wonder if when IE8 is released each page on microsoft.com will have "click to install IE8" in the upper-left corner?  Doubt it, since Silverlight seems to be where all the corporate attention is at.  Makes me think that the IE team isn’t too fond of their tactics either — or Silverlight itself for that matter, since it goes completely against the HTML/CSS efforts that the IE team is promoting.

  24. Anonymous says:

    You bring up some very good points about components and importance of Trust on the web.  I recently explored this same topic, with a focus of the online products, themselves in my latest article.  Check it out…

    http://tpgblog.com/2008/06/23/trust-and-credibility-they-go-hand-in-hand/”>http://tpgblog.com/2008/06/23/trust-and-credibility-they-go-hand-in-hand/

    And let me know what you think.  Enjoy!

    Jeremy Horn

    The Product Guy

    http://tpgblog.com

  25. "

    Stop irritate me with silverlight update each time I surf on official Microsoft website! When I say no, I really meant it. Keep harassing me won’t get your product sold. Period.

    "

    I have to agree with "Just a bystander". If "(Business practices) The key principle here is respecting user choice.", then users should not have to decline repeatedly, again and again.

    Regards, Gérard

  26. Anonymous says:

    Well said, Dean Hachamovitch, General Manager of Internet Explorer. But have you ever thought about high-performance browsing as well?

  27. Anonymous says:

    http://blogs.zdnet.com/security/?p=1361

    Internet Explorer ‘feature’ causing drive-by malware attacks

    "Schouwenberg (left) said he reported the vulnerability to Microsoft a long time ago, warning the company that JavaScript embedded into GIF files can be executed under certain circumstances.  Microsoft disagreed and the issue was never patched."

    Thanks Microsoft, can always count on IE to protect from drive-by malware downloads.

  28. Anonymous says:

    I think IE could be made safer if you implemented the Netscape Plugin API. So Plugin-writers can write theiy plugins using a simple API and end-users can install them more easily than ActiveX-Controls.

  29. Anonymous says:

    @Daniel– Uh, the NPAPI is no safer than ActiveX, the API isn’t any simpler, and they’re not any easier to install.  So, I’m not sure what the point would be.  

  30. Anonymous says:

    @"The Unique Elite" — IE8 is much faster than IE7.  Check out the benchmarks and read the notes from recent web conferences.

    @"Drive-By"– The blog posting you’re talking about is just stupid.  The hole they’re talking about was closed years ago as a part of IE7, and frankly, proper server side code can prevent this anyway.

  31. Anonymous says:

    Hey Dean,

    Could you guys please add background-color, border-color, and color support for checkboxes please? I have to admit they look best in Opera right now. It would also be nice if they did not have a two pixel thick border by default.

    The only other style related nuisance in IE8 B1 right now is that inline-level elements when rendered as block-level do not have their height correctly rendered.

    For example an element with the following…

    span {

    border: 1px #000 solid;

    display: block;

    height: 18px;

    }

    …should have a rendered height of 20px total. However in *all* browsers this is incorrectly rendered as 18 pixels even though it is explicitly set to display as a block-level element. Unless I missed something in the spec…?

    I’m mostly interested in GUI and JScript improvements in beta 2 as well as seeing the progress in regards to the two bugs I posted. I’d really like to see addEventListener support added though I think it’s been clarified that it won’t make the cut for IE8.

    Keep up the good work…

  32. Anonymous says:

    @Ted:

    I count more ActiveX related security problems than NPAPI related security problems.

    Besides, every other Browser uses NPAPI so Microsoft could help making Plugin developers life easier. Wasn’t there some guy shouting "Developers, developers"?

  33. Anonymous says:

    John A. Bilicki III:

    I’ve tested your code in Firefox 3, Safari 3.1 and Opera 9.5 and neither redners 18px height. They correctly render a height of 20px.

    If IE8b1 renders a height of only 18px that’s a bug. If not done yet, you should report it (https://connect.microsoft.com/IE/Feedback).

  34. Anonymous says:

    @ Daniel

    I use secondary style sheets to correct rendering errors. I do not use them for browser versions in development however (IE8 and until recently Opera 9.5). You can test browsers without the CSS patch by using the following HTTP query at the end of any URLs at my website…

    http://www.jabcreations.com/blog/?csspatch=0

    Version 2.8 Preview V will debut later on this week if all goes well. It’ll have patching for browsers/versions per *nix, OS X, and Windows platforms. Opera 9.5 currently shares Opera 9.0/9.1/9.2 patch.

  35. Anonymous says:

    Daniel says <<"I count more ActiveX related security problems than NPAPI related security problems.">>

    False comparison.  There are more ActiveX controls than NPAPI plugins by orders of magnitude.

  36. Anonymous says:

    Please, I am begging you, please take a look at javascript performance. A perfect example is setting up an onmouseover event for all rows in a table of 200+ rows. Or even setting up tr:hover in a stylesheet to just change the background color. It is EXTREMELY slow and laggy. Every other browser in the world handles it fine except for IE. It is drastically limiting a lot of the web 2.0 advancement for websites. I have had to hold back a number of features on my websites because of bad IE performance on this issue.

    Thank you!

  37. @ John A. Bilicki III

    > Could you guys please add background-color, border-color, and color support for checkboxes please? I have to admit they look best in Opera right now.

    Maybe you could submit such request at connect’s IE feedback… unless you have done so already.

    Here’s good testpage:

    http://www.dhtmlkitchen.com/learn/css/forms/radio.html

    (credits to Garrett Smith)

    Regards, Gérard

  38. @ John A. Bilicki III

    Regarding background-color, border-color, and color support for checkboxes…

    I filed it: Bug 354150 at connect IE feedback

    Regards, Gérard

  39. Anonymous says:

    Most average user rarely pay attention to what link they are clicking and they fall victim to a prank or malicious website. anyone can

    basically create a link that display msn but the url address is different. I think it’s because the url info location is in the left side of the status bar. When IE user mouse over a link we see the url info displayed in the left side of the status bar. How about displaying the url info in the address bar instead. It’s much easier for IE user to notice it and experience is also nice knowing that link is right. This is another way to enchance the IE address bar.

  40. Anonymous says:

    @Gérard Talbot, could you please file this as well: CSS 2.1 requires a media type of text/css for CSS files, but IE parses any files here. Opera and Safari do so as well at the moment, but since it’s testes in Acid3, they’ll start to be more conformant soon.

    @Ted, I can do the calculations. In a situation where the amount of AX-Controls is the same as NPAPIs, then still, the Controls suffer more.

    Anyway, you can give any amount of controls and Plugins to be compared.

  41. @Daniel

    > CSS 2.1 requires a media type of text/css for CSS files

    Can you give more details, like a testcase URL?

    > it’s testes in Acid3

    What’s the Acid3 test number for that?

    If I understood you correctly,

    <link rel="stylesheet" href="basic.css">

    will be processed as type text/css when it is not explicitly saying such and that is the bug…? Did I get this right?

    Regards, Gérard

  42. Anonymous says:

    – CCS 3 Full support

    – Ability to Merge multiple IE separate windows into tabs and vicevers.

    -Better add-on management tool!,It’s way too comlicated for the avergae ie user!

    -Download manager for god sake

    -Faster browsing,enchance performance

    -Less memory consumption!

    -SVG support!

    – Show what plu-ins are operating in the browser in the interface,perhaps in the zoom tool on the bottom!

    -Ability to customize the color of the tab bar!

    Please!

  43. Anonymous says:

    i tried to download the smallest IE Image but because im using WiFi it cut out & the download stalled so could enable microsoft FTM for the vpc images

  44. Anonymous says:

    @GI– it’s an interesting idea, but keep in mind that any site can redirect to any other, so the original url isn’t so important.  And if they built the feature you described, the bad guys could build a link that is the background of the entire page and then spoof the address bar with the url of the site that the user not on..

    @Daniel– Yeah, I’m sure you did the math.  You gotta be careful when you just make $%!+ up, because people are going to catch on.  Particularly when you then ask for the numbers that you obviously don’t have.  

    For those who aren’t experts in this space (as Daniel obviously isn’t) keep in mind that ActiveX controls are used by many things other than the browser, while NPAPI plugins are used exclusively by minority-share browsers like Firefox.  Hence, it’s not at all surprising that there are more AX controls.  

    It’s also pretty much completely irrelevant.  The point is that both ActiveX and NPAPI are binary native code modules that can do anything the current user can do.  One difference is that in IE, such controls are restricted by Protected Mode, while in other browsers, they have no restrictions.  Additionally, IE supports killbits, while other browsers do not have such a mechanism.  If other browsers gain in marketshare, their lack of add-on security is inevitably going to bite them.

    @Eduardo: Since CSS3’s spec isn’t done yet, it is pretty silly to call for "full support."

  45. Anonymous says:

    About the sizing problem: be sure that you’re using a "strict" HTML doctype (HTML 4.01 Strict + DTD path) to ensure that the browser is using Strict mode.

    There was progress in IE7 and 8 security wise, that’s for sure: but then, IE6 was so bad… IE7’s heavy code review was useful (one in ten vulnerability that hit IE6 since IE7 came out didn’t affect 7 as strongly).

    About NPAPI: it certainly isn’t simple, but it’s documented, and used (by Mozilla sure, but also Safari/Konqueror, and Opera) – representing a 15-35% market share (depending on where you’re at). It did enjoy one huge advantage over ActiveX for a long while, plugins could be hosted and run inside a non-admin user’s directory, meaning that a limited user could enjoy the plugin, and if the plugin was compromised, it couldn’t go past the user’s limitations (taking control of ActiveX in a limited user account led to privilege escalation, and still does on XP)

    About mimetypes: I think Daniel is right, external resources have to be identified by a mimetype: http://www.w3.org/TR/REC-CSS2/conform.html#text-css, and current browsers do (or should do) that at least in Strict mode.

  46. Anonymous says:

    @Mitch– i would be very surprised if it was really only 1 in 10.  ms did a ton of security work in ie7.  of course, at best, you’re going off of the number of "disclosed" security issues, since obviously not all issues are known.

    Overall, other browsers have somewhere under 20% marketshare combined, making IE the most interesting target.  as other browser gain share, they also gain attackers and exploits.  it’s the nature of the beast.  

    From your explanation of NPAPI’s so-called advantage, it’s clear that you do not understand how security works on Windows.  

    If an Admin user on XP runs an NPAPI extension in Firefox, that extension runs with admin permissions.  Period.

    It has nothing to do with "directories"… if a normal user runs a program or addon in, say, System32, that program or addon only runs with that user’s permissions.  Similarly, if an admin runs a file in any folder, that file runs as admin.  (On Vista, things changed such that the application might prompt on startup before getting full admin creds).  

    As for mimes, current browsers rarely enforce MIME-types for CSS & Javascript resources.  They could start, but that would mean taking a compatibility hit for no clear benefit of any sort.

  47. Anonymous says:

    Ted, the features that i was talking about was not really my idea it’s actually a Firefox add-ons called fission "Active link/mouse-over link in the address bar".

  48. Anonymous says:

    active link/mouse-over link in the address bar and domain highlighting work really well. Right now this is only possible in fission and locationbar a Firefox add-ons. IE team should check this feature out.

  49. Anonymous says:

    @ Gérard

    The test page you sent I am pretty sure it creates an element over the checkbox, I’ve seen that before. But the bug that you filed is pretty much what I requested for here in the blog. It would be nice if we could beauty up IE’s native Windows GUI controls a bit.

    I don’t know about the rest of you guys but Firefox is *not* a minority browser based on well over quarter of a million hits in three weeks…

    Firefox –> 62.7%

    IE –> 26.5%

    Safari –> 2.3%

    Opera –> 1%

    Mozilla Suite –> 0.6%

    Minefield –> 0.3%

    Iceweasal –> 0.3%

    AOL –> 0.2%

    SeaMonkey –> 0.2%

  50. Anonymous says:

    @John– No offense intended, but I don’t think your traffic is even remotely representative of real web traffic.

    General consensus is that Firefox has ~16% share worldwide.  In some countries it’s higher, in some lower.

  51. Anonymous says:

    @ Ted

    Fine and dandy however I don’t trust statistics because they are typically gimped by the people who are doing them. They don’t typically comprehend how to remove site-scrappers, email-scrappers, and take bad user agent practices such as claiming to be one browser which could be considered a partial spoof (earlier Opera spoofs and primarily Konqueror and Safari’s genius idea to proclaim they are "like Gecko"). Lastly are these groups who do statistics determining this via unique IP associations or by sheer hit count in example?

    Also I question the variety of the sources they receive their statistics from any way. I wouldn’t imagine Firefox’s share as being upwards of 60% right now however I exceptionally doubt it’s far below 30%.

    Also please watch how you word things such as "minority share". That’s not very encouraging since it’s essentially that "minority share" that encouraged the higher ups at Microsoft to allow Chris, Dean, and everyone else to actually (get back or continue) work on IE. I’d like to see this work continued because when Microsoft does work on IE they actually make much more progress then other browser vendors in the same amount of time. IE4 released in September 1997 *KILLS* Netscape 4 as far as standards go (presuming you have a good understanding of how CSS1 works). If you don’t trust me on that test my site out in IE4…I’m serious.

    If the same amount of effort is put in to IE9 as is currently being put in to IE8 and they don’t fumble and try to support HTML4 in place of XHTML IE9 is highly poised to give other browsers a run for their money…potentially. I know some people here are excited about HTML5 but it’s frankly being executed incorrectly by attempting to do things like drop versioning in their Doctype (passively declares itself the very last version of HTML) among other things (<all_elements href="virus.exe") that as a Web Designer and Developer couldn’t be bothered with where with XHTML supported in IE9 I could add support for things like the ping attribute while using XHTML 1.1.

  52. Anonymous says:

    @Ted: I understand very well. I know how security works in windows: there is none :p (OK, there used to be none, things started to change in 2004).

    I know: if a user is an administrator, every and all extensions you run will run with admin privileges and can be used to infect your system – be it ActiveX or NP.

    However, NP can run from a local user’s directory with a local user’s right (security in Windows is defined per file per user, and per process; in POSIX systems, both are much more linked).

    You can’t turn a computer into a zombie simply by subverting a NS plugin – you need to get privilege escalation on the user account running that instance of the plugin (which, admittedly, wasn’t too difficult, but still added a barrier).

    Microsoft didn’t concern itself with this for ActiveX, the latter having been created for Win9x (Windows 95 OSR 2.5 and more recent, to be precise) – which was, by definition, a single user, unprotected memory space OS family. This was corrected in IE8 for Vista, but XP still can’t run an ActiveX control without relying upon ActiveX’s own security layer (and broken ActiveX controls abound, which can be used to work around that layer).

    @JAB3: I basically agree with you – IE4 was surprisingly advanced at the time, and I’m quite impressed by how much you can still do with IE5 to support standards (were it not for the event model, I wouldn’t gripe about IE that much, I admit). HTML 5 is an interesting idea: merging HTML4 and XHTML 1.0 would admittedly make HTML maintenance easier (XML is much simpler than SGML syntax-wise; the fact is UAs perverted HTML a lot).

    Mitch

  53. @Daniel, @Mitch 74 and @Ted

    A stylesheet sent as content-type text/plain shouldn’t be interpreted by the browser as CSS. It should instead be ignored. The type attribute on the link element should have no relevance if the document comes with an HTTP Content-type header.

    Testcase by David Hammond:

    http://www.webdevout.net/testcases/css-content-type/

    @Ted

    > current browsers rarely enforce MIME-types for CSS

    Firefox 1+ and Gecko-based browsers do enforce it.

    Regards, Gérard

  54. Anonymous says:

    <<<you need to get privilege escalation on the user account running that instance of the plugin (which, admittedly, wasn’t too difficult, but still added a barrier).>>>

    Wrong.  If the user is an admin, Firefox and all of its addons run as admin.  As you’ve been told REPEATEDLY here, the file path is irrelevant.  The user’s token is all that matters.

  55. Anonymous says:

    I guess I’ll have to wait for IE8 final release to judge such benefits of this browser.

    From my earlier experience with IE5 to IE7 they were not very close to "trustworthy browsing".

  56. Anonymous says:

    http://blogs.zdnet.com/security/?p=1370

    Exploit code released for unpatched IE 7 vulnerability

    So much for Trustworthy Browsing.

  57. Anonymous says:

    *Correction on my last post: I meant to say, ‘try to support HTML5 in place of XHTML’.

  58. Anonymous says:

    @John Bilicki — Ted’s statistic is ballpark correct. Fx seems to be at around 15-20% market share (and this takes into account user-agent strings, http request, and caching behaviors unique to each user agent). Safari is around 5-7%, and Opera is around 1%. … IE is used, worldwide, to browse around 75-80% of the time.

  59. Anonymous says:

    @All bantering about browser stats.

    A few notes to keep in mind.

    1.) There is an overwhelmingly large population of Tech-Savvy web users out there that use (Firefox,Opera,Safari,etc.) – By Choice over whatever default browser comes with their OS. e.g. Those that really know what is out there, use the best tools out there. IE doesn’t make this list.

    2.) There is a large population of "kids" (5-20 yrs old) that are/have grown up with technology, and they PREFER Firefox,Opera,Safari hands-down over IE.  Ask any 16yr old… "Firefox is Cool, IE is Lame".  This "next generation" of web users/ future business executives are going to be pushing hard to move better browsers into the enterprise business world.  Again, IE is not on this list.

    3.) Until IE can both properly support standards (e.g. keep the folks in item #1 above happy), and banish the "lame" reputation it has garnished, marketshare for IE will continue to slide with Firefox, Opera, and Safari all there ready to lap it up.

    Last point. 35% of stats are wrong, and the other half are made up.

  60. Anonymous says:

    As someone whose email address is posted in thousands of forum posts, newsgroup discussions, and blogs,

  61. Anonymous says:

    Hi! I’m Eric Lawrence, Security Program Manager for Internet Explorer. Last Tuesday, Dean wrote about

  62. Anonymous says:

    All VERY good ; keep it up. However, (I know its a bit too late in the development process) but i would love a feature, where cookies, authentication sessions, etc expire and are deleted after a number of days automatically! Like history, the user chooses how long info is kept.

    Anyone know of an addon ?

  63. indestiny says:

    Hopefully it turns out good with the security and the css attributes.

  64. Anonymous says:

    Last week was an exciting week for Windows and blogging. Senior Vice Presidents Steven Sinofsky and Jon

  65. Anonymous says:

    Previous posts have covered trustworthy principles in general and some product specifics as well. Privacy

  66. Anonymous says:

    Previous posts on the IE Blog have covered trustworthy principles in general and some product specifics

  67. Anonymous says:

    We’re excited to release IE8 Beta 2 today for public download. You can find it at http://www.microsoft.com/ie8

  68. Anonymous says:

    We’re excited to release IE8 Beta 2 today for public download. You can find it at http://www.microsoft

  69. Anonymous says:

    The IE Blog reports on the long-awaited Beta 2 release of IE 8 : We&#8217;re excited to release IE8 Beta

  70. Anonymous says:

    Hi All, We’re excited to release IE8 Beta 2 today for public download. You can find it at http://www.microsoft.com/ie8

  71. Anonymous says:

    IE8 Beta 2 is available today for public download from http://www.microsoft.com/ie8 (for 32- and 64-bit

  72. Anonymous says:

    Back in June, Dean Hachamovitch kicked off a series of blog posts explaining how the IE team approached

  73. Anonymous says:

    [l] The second beta version of IE8 was released on August 27th. It is working well in testing so far

  74. Anonymous says:

    The second beta version of IE8 was released on August 27th. It is working well in testing so far. Only

  75. Anonymous says:

    &#160; &#160; 안녕하세요! 저는 인터넷 익스플로러 보안 프로그램의 책임자인 에릭 로렌스라고 합니다. 지난 화요일, 딘(Dean)이 신뢰성 높은 브라우저 에 대한 저희의 생각을

  76. Anonymous says:

    &#160; &#160; 이전 글에서는 일반적인 안정성 확보를 위한 행동 지침 (영어) 과 제품의 세부 사항 ( XSS Filter 와 안정성 (영어) )에 대해 설명했습니다. 프라이버시

  77. Anonymous says:

    IE8 и блокировка стороннего контента В прошлых статьях мы уже говорили о принципах надежности в общем

  78. Anonymous says:

    В прошлых статьях мы уже говорили о принципах надежности в общем и о некоторых особенностях браузера

  79. Anonymous says:

    В прошлых статьях мы уже говорили о принципах надежности в общем и о некоторых особенностях браузера