IE8 SmartScreen in action


Last week at PDC, as we were about to start talking to people about IE9, I saw the following notification from my Facebook account:

From: Facebook [mailto:notification+mwm5axbx@facebookmail.com]
Sent: Tuesday, November 17, 2009 10:05 AM

Dina posted something on your Wall and wrote:

“funny vid of u, you see it? http://www.facebook.com/l/ca339;hTTP://www.N70.InFO/2d”

To see your Wall or to write on Dina’s Wall, follow the link below:

<..>

Thanks,

The Facebook Team

The message was from someone I know pretty well, and I believed the message. The address itself (http://www.n70.info/2d) wasn’t that suspicious; there are a lot of URL shortening services, and the .info domain has many legitimate sites on it. So I clicked the it:

IE8 SmartScreen blocking page indicating that the requested URL is unsafe

and thought – whew. 

IE8’s SmartScreen now blocks malware sites over two million times a day. IE8 offers a lot of protection from real-world attacks: phishing protection, a cross-site scripting filter, and Protected Mode (I may run as an administrator, but my browser doesn’t). With attacks on the rise, using (or upgrading to) a browser with this much protection is more important than ever. IE8 also offers great reliability because of process-isolation, and offers users the ability to manage add-ons that affect performance and stability. InPrivate Browsing and InPrivate Filtering are also quite handy.

I wrote back to my friend, and she was surprised. You can read Facebook’s guidance about what to do if this happens to you or a friend.

Dean Hachamovitch

Comments (72)

  1. Anonymous says:

    with very of the best wishes….by

  2. rezultate says:

    well worth the read.I found it very informative as I have been researching a lot lately on practical matters such as you talk about…

  3. Anonymous says:

    Matt – tuck your tail between your legs and re-read the above comments and every other comment on the IE Blog since IE7 betas were released.

    IE is slower since IE6 and most seem to blame the new tab structure since it was a hack.

    However I’ll let you let MSFT take the lead on this.

    Dear Microsoft – since only you have total ability to correctly measure the exact timing of addons in IE and this ability is not available directly in the public IE8 builds please provide a complete list of timings (inc. min/max) for the top 30 addons.  This will be the only way that users can accurately determine which of the addons are the slow ones that are bogging down their IE installs.

    Of course, when the public gets this list, and un-installs the slow addons and we still find IE8 slow – please be prepared to explain how the architecture of IE9 will be fixed to improve the loading time of the browser and tabs regardless of addons installed.

    Unimpressed with IE performance;

    stanley

  4. Anonymous says:

    I would like very much for new IE is very fast , very good.

  5. Anonymous says:

    HAHAHAHA!

    "I believed the message. The address itself (http://www.n70.info/2d) wasn’t that suspicious; there are a lot of URL shortening services, and the .info domain has many legitimate sites on it."

    Survival of the fittest. Dumbass IE developer.

  6. Anonymous says:

    I am shocked:

    a: at either the lies or the lack of experience Dean has. Sure you want to promote the fact you have phishing detection, no need to write a fake story about it… or if this really is the case I would fire Dean for ever being dumb enough to click a link like this. What the hell man you work with the internet, this is as standard as phishing attacks get. I fear that for years the guy has been using previous versions of IE and has been hacked a zillion times!

    b: at the standard MS approach to how they seem to forget all the other companies, developers and people that have pushed the technology MS appears to have completely created by itself.

    sigh… well done IE team, you have saved the internet yet again… now get off your asses and do some css3 and standards compliance FFS! O and sure… dont post this… its way to real for your web-surfers that clap everytime you dribble on the keyboard.

  7. Paul McKeown says:

    Dean,

    You write: "With attacks on the rise, using (or upgrading to) a browser with this much protection is more important than ever."

    Perhaps, time to recommend to all your customers on IE 6 and IE 7 to upgrade to IE 8, NOW… ?

    As you say, IE 8 is just so much better!

    Best Regards.

  8. EricLaw [MSFT] says:

    @Paul: Indeed, the IE team has recommended that customers upgrade to IE8 since March (as soon as it was released).

  9. Frank Grimes says:

    Should there be a JavaScript error on the warning page, as in your screenshot?

  10. Xepol says:

    I always wonder who reports the page as unsafe.  Do 100 people have to visit, get infected and recognize it as the source?  Does that mean 10,000 people have to go there first before the usual 1% clue in?  Does 10,000 people have to clue in first?

    For old sites that remain unscrubbed long after their detection, it might be useful. Realistically, however, how likely is a new exploit site to be caught this way?  It seems more useful to have a decent virus scanner (in all cases)

    I just can’t help that this lulls people in to a false sense of security and away from the real solutions such as virus scanners and common sense.

    And hey, nice captcha for this one – right on target -> "419"  I don’t normally post the captcha, but its pretty amusing  AND another good example of false security.  The captcha image is probably cleaner than most scans, great for OCR software.

  11. Mitch 74 says:

    I just tried the address in Firefox 3.5. I also got a warning that it is unsafe. I run it as normal user – not admin. I also have scripting disabled by default (NoScript).

    I couldn’t try it in IE 8, because while tracking down a possible Javascript bug yesterday, I loaded it with several toolbars and extensions. It now crashes once in a while, and is extremely sluggish (not usable as main browser).

    And I couldn’t reproduce the bug. Pooh.

    Still, you’re right: whatever OS or browser you prefer, ensure that you’re running the safest version you can.

  12. id7 says:

    I thought we were talking about ie9 now, how about ie9 <insert feature here> in action

  13. Randy says:

    After upgrading to IE8, new problem came up and that as this:

    whenever I want to go from first page to open new tab, the screen will go black first for a seconds then it will come back normal again.

    would U help in solving this problem.

    Regards

  14. Greg says:

    We want more (decent) IE9 news. IE8 isn’t newsworthy anymore, especially not these kind of personal posts.

  15. KS says:

    The Smartscreen Filter misses a lot of malicious sites because of a severe defect in the smartscreen reporting mechanism: there is no way to report a website the browser isn’t currently on. This defect is being actively used by malicious sites to disguise themselves and thus prevent reporting. They simply redirect for instance to Google if they detect that the request is not via POST from the original phishing email form or not from a referrer they expect. Thus it’s impossible for an investigator to report them.

    This problem is well-known for at least a year. When will the IE team act?

  16. Hey buggy says:

    Google Chome does exactly the same. What an original idea, spend the time redesigning an EXPIRED and OBSOLETE browser.

  17. hb860 says:

    Not only Google Chome, Opera also have that feature. And this is not fresh information.

  18. billybob says:

    Chrome OS goes one step further by trying to eliminate malware altogether.  This is the 21st century and we still cannot make a web browser that will not break your machine.

    Am I the only person who is embarrassed by the IT industry when I hear people say ‘I clicked on the wrong link and now my machine is broken’?

    Providing red screens and unintelligible messages to non-technical users does not pass for security.

  19. Jake says:

    Although I agree that IE8 is much safer than previous versions of IE – most avoid it simply because the slowdown in IE from IE6 to IE7, and now from IE7 to IE8 is just unbearable.  Opening a new tab (regardless how many extensions you have) should not take more than 150ms.

    Please stop telling us that the IE team has no issues with this in no-addons mode because none of us will ever run in no-addons mode in real life.

    My car can get 500mi./gal. when I put it inside a cargo jet plane but that’s useless considering I will never drive my car like that.

    In addition to IE running very slow on the client side (I recently wrote a JS benchmarking test bed that indicates that IE runs all JS slower than any other browser) there are more alarming issues at hand.

    IE6 used to leak memory like a sieve – in fact there is a tool called sIEve that you can use to see just how much memory IE is leaking but there is a new bug in IE8 that shows that IE8 leaks memory in ways much worse than IE7 or IE6 and there is no workaround,

    http://com.hemiola.com/?p=5

    As noted in the above test case, manipulating the DOM to insert form elements (any kind) or links (hmm, just about everything that you’d ever want to manipulate in the DOM) will leak memory even if you remove all references to the elements.

    When I run the test IE leaks memory for about 1.5 minutes then IE crashes hard.

    How about we focus on fixing IE8 and upgrading IE6/IE7 users before we start worrying about IE9 features?

    That said, when IE9 does come out – I expect that the developer tools will include a "memory" tab, that similar to sIEve will track exactly how much memory IE is using and for what so that developers can at least try and avoid the more severe IE memory leak bugs until IE10 comes along to fix them.

    thanks

    Jake

  20. Mitch 74 says:

    Errr… Guys, I’m certainly not the last to bash the IE team on IE inadequacies. However, this certainly isn’t one. We got IE9 news rather recently. While I would also appreciate some more, this was a blog post displaying how IE can protect you against tricky spoofing attacks.

    That other browsers can do it too, is cool; it’s if IE had failed at protecting against this kind of spoofing while other browsers did succeed, that we could blast the IE team over that.

    But IE 8 actually worked in that case. No more, no less. Stop the OOT rants, please.

  21. billybob says:

    The IE team do not have to read the comments if they don’t want to.  We HAVE to make that site run in IE 6,7,8 and soon 9, even if it takes all night.

  22. Jake says:

    @Mitch 74 – "Stop the OOT rants, please"

    1.) what is "OOT"? was this meant to be "Moot"? e.g ranting against IE is pointless because MSFT won’t listen?

    2.) which "Guys" are you referring to? pls use @notation so we know who you are talking to.

    As a general aside the IE Blog is the *ONLY* method of communication with the IE Team.  Its extremely frustrating that this is the case but MSFT has refused all requests for an open 2-way communication channel.

    Thus as a result the IE Blog is the place that all comments and questions about IE are posted.  Each post will be full of comments that do not relate to the original post because of the lack of a better channel.

    Currently bugs filed in connect do not get status updates or comments so that is a dead avenue for feedback.

    Comments on this blog do not get responded to unless (a) the comments are vulgar – in which case EricLaw comes on to try and keep the peace, or (b) there is enough of an uproar from commenters about a particular bug, enhancement, feature or invalid implementation to "force" a response.

    Unfortunately because there is no published roadmap of any kind and no real transparent openness to the development process in IE, nor real public bug tracking for IE – developers are fed up with trying to get information from Microsoft about IE and the comments turn ugly.

    I know personally I hit bugs in IE (every version) every day. The first bug of the day makes me groan and grit my teeth… but by the second – nth bug it makes me swear profanities at IE.

    The sad thing is this doesn’t need to be like this.  Open up the communication channels, give timely status updates for bugs and implementations so that we can calm ourselves knowing that things really are improving and there is light at the end of the tunnel.

    Informed developers are Happy developers.

    Developers, Developers, Developers!

    Jake

  23. Will Peavy says:

    @billybob and Jake – if you take the time to properly learn the fundamentals of web programming, and take advantage of libraries, you’ll find that making sites work across browsers is not that difficult.

  24. billybob says:

    Will, you are right when it comes to fairly static websites, but anything which could be called a ‘Web Application’ is a nightmare in IE.

    There are hundreds of bugs and oddities which we do learn, that is why we are complaining.  The other browsers do not have anywhere the number of bugs that IE has and they have good developer tools.

    How is a talented web developer supposed to make a site work in IE if it leaks memory and then crashes?  How do you avoid that particular issue?

  25. Jake says:

    @Will Peavy – since I’ve been doing web development for over a decade and am intimately familiar with most libraries and browser bugs I can assure you (as can other pro developers) that making Web Applications work across browsers *IS* difficult.

    Yes I can use jQuery or similar to abstract away most of the IE bugs but that doesn’t solve everything and it gives developers a false sense of stability when they venture out and use some vanilla javascript and end up hitting bug after bug.

    Even still – there are many things that most libraries don’t solve for you. E.g. getting auto-complete to work on IE forms requires a hack because the implementation was not done correctly.

    Calling FormObject.submit(); will not "remember" form values for the user so that they don’t need to re-type them on future visits.

    Funny though, cause it works just fine in any other browser.

    There are fixes for this available on the web, but they require hacking IE to make it work.

    Finally, even though many libraries will overcome IE bugs for you – knowing that they exist is important as is knowing that they will be fixed so that we don’t need to worry about "Will this work in IE?" – after building sites/apps that work flawlessly in Firefox, Chrome, Safari & Opera.

    Jake

  26. carlos says:

    Sorry for the off topic.

    Any advance in IE9 regarding ACID3, SVG, Canvas, video tag, HTML5 support in general?

    Thanks !

    http://en.wikipedia.org/wiki/Acid3

  27. @ Will Peavy

    Developing a website to work across browsers like IE6 and IE7 is very difficult, very time consuming, not assured of success when tested/tried under different contexts (like resizing window viewport, printing, text size rescaling/increasing, selecting with mouse, with javascript turn off, with image disabled, etc.). Often it is a nightmare as soon as the webpage implies a semi-complex CSS columnar template. Any webpage using float, clearance, abs. and rel. positioning, scalable (percentage based) design, adjoining margin collapsing, inline box model in IE6 will very often require ugly workarounds, non-forward adjustements, weird hacks, ugly fixes, invalid code which contribute to bloated code.

    IE6 has a myriad of serious layout engine problems: content disappearing, overlapping (peekaboo, guillotine, etc), strange unexpected offsets, unpredictable rendering, content duplicated, infinite reflow loop (causing CPU activity to be maximized), even crashes on (publicly documented) specific code.

    IE6 and IE7 very often require many sorts of unexpected, unexplained and unexplanable code (overflow: hidden; width: 100%; zoom: 1, font-size: 100.1%, a space here, a leading underscore there, a star hack, etc.) which, in the end, have no reason to be, which can not be coherently/rationally documented or logically justified anywhere, including MSDN.

    regards, Gérard

  28. Steve says:

    Can you please write about when IE 8 will start to support CSS 3 columns?

    http://www.quirksmode.org/css/multicolumn.html

  29. Vern W. Ganste says:

    "most avoid it simply because the slowdown in IE from IE6 to IE7"

    If I leave "Java(tm) Plug-In 2 SSV Helper" allowed, tab creation on this machine slows to about 1/2 of a second for me. I would like to know what the heck the "Secure Static Version" Helper does and why it’s not possible for it to do some of it’s work in one or more background worker threads.

  30. Mitch 74 says:

    @Will: if you merely use libraries to abstract what browsers you are using, then yes, you can make websites that work without too much of a hassle.

    As said by Jake: basic websites.

    But then, if you want to build more advanced websites, or not load a hundred Kb of libraries for a mere few functionalities, then you’ll develop your own tools.

    And this is where IE is (all versions, eventhough IE 8 is much less so) really annoying.

  31. ieblog says:

    @Vern: IIRC, for compatibility, when you install new versions of the JVM, the installer leaves your old JVM versions around for compatibility with local (trusted) applications. This presents a security threat if those older (vulnerable) JVMs can be accessed by web content.

    I believe the purpose of the Java SSV Helper is to prevent a web site from sending you an applet that requests that an older version of the JVM be used to execute that applet– instead, in the browser, only the latest version of the JVM may be used.

    I have no idea why it’s slow; perhaps it’s doing other work as well.

  32. EricLaw [MSFT] says:

    @KS: There’s no defect; it’s entirely intentional that the reporting mechanism inside IE is designed for use by end-users and not researchers. Remember, end-user reports only represent a portion of the data collected for use in keeping users protected by SmartScreen. We also have extensive malicious-site discovery processes used internally, and contracts with security organizations whose sole job is to provide high-quality intelligence about malicious sites gathered from every imaginable data source.  

    The data clearly shows that SmartScreen has significantly higher quality data and blocks more attacks than any competitive browser.

  33. gimme security says:

    Does it protect against this crap?  This is why the next generation avoids IE and will never use it.  IE is dead, it just doesn’t know it yet.  You guys dropped the ball too many times.

    Attacks Appear Imminent as IE Exploit Is Improved

    Robert McMillan, IDG News Service

    Nov 25, 2009 4:50 pm

    Recommends

    Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft’s Internet Explorer, making it more reliable — and more likely to be used by criminals.

  34. Bill says:

    gimme– Smartscreen is about blocking social-engineering attacks, not memory safety bugs.

    But, maybe you should actually read the article? The attack in question doesn’t work at all in ie8, and if you turn on DEP in IE7, it won’t work there either.

    http://www.microsoft.com/technet/security/advisory/977981.mspx

  35. Stifu says:

    @ieblog

    "I have no idea why it’s slow"

    You said it yourself… It’s Java. :)

    [/troll]

  36. Mitch 74 says:

    Joining the Out Of Topic trend, I’ll mention that IE 7 and 8 get extremely slow the more you load toolbars; Live toolbar, Yahoo! toolbar, your AV of choice’s toolbar (I tried Norton 2010 and Avira), Alexa toolbar and Google toolbar (latest versions) will create EXTREME slowdown at:

    – first page load: from the moment it appears to the moment you can input stuff in the URL bar, there can be as much as 40 seconds delay

    – new tab load: same as above

    – loading several pages: IE crashes (IE 8 can recover crashed tabs, but recovery will cause another delay)

    – as soon as you have three of them loaded, no matter which one.

    On the other hand, Firefox with equivalent toolbars (+ Adblock and NoScript) doesn’t exhibit such delays – eventhough it relies upon "slow" interpreted XUL.

    How comes?

    And now, plugging into the subject: will Direct2D help solve that (doubtful)? Or, is there something planned in IE 9 that will help with this?

  37. Loque says:

    Must have been using Outlook, I dont even see these messages in gmail :`)

  38. dtrim says:

    @carlos,

    do you really want IE9 to support the video tag with WMV codec that much?

  39. Mitch 74 says:

    @dtrim: WMV is a container format; as far as I know, many media servers are able to change the streaming format on-the-fly (be it WMV, Matroska, .ogg or whatever).

    The encoded flux’ format is another matter:

    – VC1? Well, all right, it’s under patent.

    – MPEG-4? That is patented too.

    – Vorbis/Theora? These ones are patent-free, with a very liberal license (Microsoft refused to implement it, because the patent-free clause isn’t 100% certain; but it’s more a case of Not Invented Here syndrome), high quality (ranking up there with x264, on latest tests) and evolutive (they are made so that quality and compression improvements can be made on the encoder’s side, without need to change the decoder).

    But, guess what: encoded flux depend on the OS’s media infrastructure – specifically, what codecs are installed.

    If IE 9 implements html5 ‘audio’ and ‘video’ tags, and can parse the .ogg container (it needs to be able to do that, otherwise controls will have a hard time working), then anybody could install a Vorbis and Theora codec, and enjoy these flux the same way Firefox users do.

    But I doubt the IE team will implement such a parser, eventhough the Ogg container is not patented (and is simple enough that any patent on it could be rejected): as said, it’s a NIH syndrome.

    I’d be delighted if I were to be proven wrong here.

  40. Paul says:

    @Mitch, it’s truly tiresome to listen to you spout off about things you clearly haven’t taken any time to try to understand.

    Unlike soapbox pundits, Microsoft is an actual business, with legal obligations, and faces serious ramifications if they ignore those obligations.

    <<"because the patent-free clause isn’t 100% certain; but it’s more a case of Not Invented Here syndrome)">>

    I don’t think that even counts as "speculation" because no reasonable person would come to that conclusion with the simplest understanding of the facts.

    Have you noticed that Microsoft, a company with tens of billions of dollars in the bank, tends to get sued for patent infringement quite often, despite the fact that none of the other "infringers" ever get sued? Whether it’s plugins (Eolas), compression formats, UI features, or lower-level stuff, most patent trolls won’t bother to file suit until they can target Microsoft.

    (Apple is going to find themselves in the same boat here eventually, as will Google in due time.)

    <<and is simple enough that any patent on it could be rejected>>

    You’re clearly not a lawyer, and surprisingly unaware of even recent history. IBM has a patent on waiting in line for the bathroom. Amazon has a patent on buying things with one-click. The latter has been upheld repeatedly. What is "complex" about either?  There are tens of thousands of similar examples.

    The idea that an open source group can create a format within a patent minefield and simply declare "Uh, yeah, this doesn’t infringe on anything, everyone should standardize on it" is utterly absurd.

    Beyond the legal problems, if Firefox 3.5 is any indication, the Vorbis/Theora formats are of miserable quality.  Most telling, in my opinion, is that the Firefox guys had a patch submitted that made every codec in Windows available to the VIDEO tag and they rejected the patch. If anything, *that* is a case of NIH.

  41. FB says:

    About Firefox and Direct2D, some interesting quotes from a Mozilla guy:

    Obviously we will aspire to deliver the highest quality and performance rendering on all platforms. There is no Linux alternative to Direct2D though. Partially because building a system like Direct2D is extremely complex, even when using Cairo’s tesselation it is still very difficult to correctly use the Shaders for everything, deal with all the edges and provide subpixel text anti-aliasing. The trick here is that any implementation, needs to be -totally- complete, since software fallback is extraordinarily expensive because it requires the GPU and the CPU to synchronize. Causing stalls.

    We are working on providing hardware acceleration for some operations on other platforms. It is a more difficult struggle though, and it would be foolish for us not to use more advanced systems when those are provided to us by the OS. Note we have always tried to support the best frameworks for all platforms. OpenGL is also poorly and inconsistently supported on Windows & Linux.

    http://www.basschouten.com/blog1.php/2009/11/22/direct2d-hardware-rendering-a-browser#c60

    Well, linux fanboys, what are you saying now?

    The last thread was full of people who claimed that firefox is already on par with IE9 graphical wise (on Linux thanks to cairo).

  42. Michael K says:

    @Mitch 74, @ieblog, @EricLaw;

    re: "IE7 & IE8 are slow with addons loaded."

    Agreed 100%!

    I wish the IE Team would stand up and face these facts here on the IE Blog.

    Yes, some addons are really slow, yes running IE without addons is faster.

    Reality check – No one runs a browser without addons.  Using the web without being able to run Flash, PDF or use a small collection of addons sucks.

    In addition certain toolbars are notoriously bad: I’m talking to you MS Research. Worse yet many provide little or no benefit to IE the browser.  I’m talking to you MS Research. Therefore IE should make efforts to disable the slow toolbars by default (or at least notify the users)

    We understand that the "Tab Implementation" introduced in IE7 and worked on in IE8 is flawed and doesn’t provide a clean lightweight way to manage loading of common content but we DO EXPECT to hear that now that IE9 is on the way that these issues are being addressed.

    Opening a browser window (cold start) should be able to load about:blank and focus the location bar within 1 second of the main UI Chrome loading (on XP) regardless how many addons are installed.

    Likewise loading a new tab "about:blank" and focusing the location bar should take less than 250ms on XP regardless how many addons are installed.

    At the moment IE7 and IE8 fail both of the above tests EVERY time.

  43. Matt says:

    Speak for yourself, Michael. My browser opens in less than half a second, and new tabs open even faster. I have a few well-written addons installed.

    As for the "standing up", maybe you are new here. The IE team has repeatedly said that slow add-ons make for a slow IE, and they’ve published a number of posts on finding the slow ones and disabling them.

    As for picking on the "Microsoft Research" add-on– perhaps you don’t know that it’s an "Explorer bar" add-on, and thus **doesn’t even load** unless you make it visible?

    There are bad addons for Firefox too– slowness and crashes are common problems for Firefox addons and the answer there is the same: Don’t install junk code.

  44. dtrim says:

    @Mitch 74,

    "WMV is a container format"

    WRONG, WMV is a family of Microsoft prorietary video codecs (and WMV9 is standardized to be known as VC-1).

    The container format is ASF.

    "VC1? Well, all right, it’s under patent."

    Yeah, and Microsoft is actually one of the patent holders.

    "Vorbis/Theora … Microsoft refused to implement it, because the patent-free clause isn’t 100% certain"

    I think you mean Apple and Nokia, they use H.264/MPEG-4 AVC (and x264 is not a codec, it’s a H.264 library). Microsoft hasn’t implemented the video tag in IE at all, so it’s moot and ridiculous to say which video codec it "refused" to implement.

    "encoded flux depend on the OS’s media infrastructure"

    right and wrong. I think we are talking about native video support, not plugin support that requires third party software, else you could say IE already support video through WMP.

    "and enjoy these flux the same way Firefox users do."

    You can already enjoy ogg videos in IE via WMP plugin and the right codecs installed.

    And Firefox doesn’t support DirectShow (the Windows OS’s media infrastructure) neither, so it only supports ogg video, not any other video formats that you have installed on your Windows OS.

    Basically, if you want IE to implement video tag, you’ll most likely end up with a video tag that only natively support the WMV family of codecs (maybe VC-1, and previous WMV codecs), which means another codec into the video tag fiasco. It’s already bad enough for this Theora vs. H.264 video tag codec war thing, do you think Theora vs. H.264 vs. WMV will make things better?

    And one of the important points of a standardized HTML5 video tag is a unified experience for the end-user. That’s why people are trying to make one video codec the standard for all browsers, instead of relying on third party codecs. It’d be just bad if after all browsers implemented the video tag, when you come to one site, it pops up a notice that says you have to install the H.264 codec first, and another site says you have to install the Theora codec first, and then yet another site says you have to install the WMV/VC-1 codec first, etc. etc.

    "I’d be delighted if I were to be proven wrong here."

    I think you should be delighted by now.

    The important thing for now is not trying to convince Microsoft to implement the video tag, but to convince Apple and Nokia to allow Theora to become the standard video codec for the video tag.

    Else you are just gonna end up with Gecko supporting Theora, WebKit supporting H.264, and IE supporing WMV, which would make the HTML5 video tag next to useless in the end.

  45. Iventa says:

    @Matt are you using windows XP version? Vista version or 7 version might be very fast but my IE is very slow just like my friends and workers.

    My Firefox is very fast and no problems loading program and new tabs.

    I would like very much for new IE is very fast and no longer so slow I get angry

  46. Matt says:

    @Iventa, I have XP, Vista and Windows 7 and Internet Explorer is fast across all of them.

    Disable your slow add-ons, update your AV software, and you will find that IE is as fast as everyone else on real sites.

  47. jim says:

    @Matt – you can be an MS fanboy all you want however the rest of us have seen that IE has gotten consistently slower in each release since IE6.

    I don’t care what addons you have loaded: IE8 is slow.  Slower than Safari, slower than Firefox, slower than Opera, etc.

    If there was only 1 or 2 people complaining about the speed of IE then you could shrug it off but it isn’t.  Every corporate user of IE I’ve talked to (100’s) at every company I’ve been to (dozens) has complained that IE is slower now in IE7 or IE8 than it was in IE6.

    There is test after test, and result after result that shows IE has become slower at loading with each new release.

    Just like the other person above stated, don’t blame it on addons.  My Firefox runs lightning quick with 21 addons installed.

    Blaming vendors for slow addons is a weak excuse for a slow browser.

    If it is the addons that really are the culprit for being slow then hurry up and "out" the addons so we know which ones are slow (the timers in the addon dialog are wrong or blank) If it isn’t the addons, then quit blaming them and fix IE to load faster.

  48. Matt says:

    jimmy, I must admit that I’m impressed that you bothered to type all that up without a shred of supporting evidence. Of course, I’m inventing such evidence would take a lot of work, because you’re simply wrong. IE8 is faster than both IE7 and IE6 in real world use. The script engine is 5x faster than IE7’s, and 10-100x faster than IE6s. The increase in connection limit means that it utilizes more of your bandwidth (faster page loads). Improved CSS selectors and ability to use them from JavaScript makes pages like Amazon’s dozens to hundreds of times faster.

    If you uninstall your junk addons, you will find IE8 plenty fast. If, on the other hand, you don’t bother and waste your effort whining here, your browser will not get faster. Your choice, really.

  49. Mitch 74 says:

    ASF is the older name for the container; it actually supported WMV v1, v2 and the beta of v3, which were renamed WMV v7 and v8; v9 was heavily modified over v3 beta, so it’s no longer the same. They are, in fact, early versions of Microsoft’s MPEG-4 proposal implementations.

    ASF was initially the container format; it was, however, modified (yes, there WERE revisions) in time to become WMV, but!

    Talking about WMV format is ambiguous: are we talking about the container, or the codec? Since WMV represents both the ‘older’ ASF container format and the ‘newer’ WMV format, AND at least 3 codec revisions, AND that WMV can also contain VC-1 (or MPEG-4), well, personally, and this is where we differ, I consider WMV the container format first. This container format is under several patents, and MS enforces them (see: VirtualDub 1.4 dropping ASF format due to patent warnings).

    Why are we discussing container formats first? Because IE would at least need to be able to parse them, in order for play, pause and timestamp HTML controls to work (remember that said controls must be provided and styled by the browser; however, they could be mere wrappers around existing WMV controls, but somehow I guess there’s going to be an incompatibility here – or at least, security concerns.)

    That IE would make use of Windows Media Player and DirectX to display video is a given: simple code reuse. Firefox, due to its being platform-agnostic and traditionally using its own subsystems, implemented a complete audio and video playback stack; but, due to its open-source nature, can’t implement patented codecs nor parsers. Safari will probably use Quicktime, as for Chrome, it will use whatever’s available on the platform it’s ported to.

    Right now, the proposed formats are:

    – H.264, which is under license, and thus can’t be redistributed freely (note that patent concerns thus lie upon the license owner’s shoulders, not the licensee – thus the interest for closed source browsers in this format). Currently used in Safari and Chrome (but not Chromium). Usually coming with AAC sound (patented too).

    – Theora, which is not under license, whose patents (coming from On2’s original codec) are free for use in Theora, but whose quality still lags behind H.264’s (although recent code modifications on the encoder reduced the gap greatly). Usually paired with Vorbis.

    Now, why are we discussing codecs and not containers? Essentially because a media server can usually repackage an encoded stream on the fly, so it should be no concern. However!

    Given a choice between WMV and Ogg, you’ll use the one supported by the browser. So, some browsers will support WMV/ASF, others will support Ogg. Since both containers can contain the same streams, you merely store those streams in your format of choice, and repackage them on the fly.

    Oh, shoot, WMV is under patents, and you’re not using a Microsoft OS for your media server! Well then, you’ll use Ogg. Oh shoot, Windows Media Player doesn’t support Ogg, so you’ll be forced to provide your clients with an add-on for IE! Clients don’t want that.

    So, you’ll buy a license for a Microsoft media server, re-encode all your videos in H.264 – oh, you can’t do that, it’s not provided with Media Player – scratch that, with VC-1.

    But VC-1 is supported by no other browser on no other platform.

    Ah man, now you’ll need at least two media servers, and browser sniffing in your pages.

    Yay.

  50. Anon says:

    @Matt

    quoting marketing will get you nowhere. As microsoft likes to point out the entire experience is what makes the speed, and IE is dead last in most regards. Also it can get more pronounced in older systems.

  51. Matt says:

    @Anon: No, whining aimlessly will get you nowhere, which is precisely my point. If your browser is slow, turn off the junk and make it fast. It’ll take less than a minute.

    And yes, you’re right that if you’re running an older computer, it’s even more important to do this sort of tune up, especially if you’re in the habit of installing random stuff.

  52. hAl says:

    @Mitch 74

    Theora is not even close to performance/size/quality compared to the Blu ray codecs WMV9/VC-1 and AVC/H.264 .

    I did see some tests which tried to prove such equality for Theora but it was always done with different settings (for instance testing with the theora stream having much less key frames to improve filesize)

  53. dlh2009 says:

    Okay guys, this is old news.  Please give us some information on how you are going to compete with Firefox, Opera, Chrome, and Safari.  IE could gain some market shares if it was faster, supported web standards (future and present), and had a more streamlined interface.

    IE will hopefully be the fastest browser some day!

  54. plugin woot says:

    Finally! a YSlow plugin tool for IE!

    http://digg.com/d31Bezy

    Determine exactly where IE is rendering your pages slow!

  55. x.iso says:

    Sorry for offtopic, but I have an idea, just don’t know where to post it.

    What if you blend favorites panel with tab panel? So it will work just like "superbar" in Windows 7 – pin favorite sites to fixed places and group tabs with same domain (and view/switch sub-tabs by hovering mouse over tab and using aero peek). This way two problems will be solved – far less clutter when too much tabs opened and more space saved in height.

  56. pariuri sportive says:

    Again, Microsoft achieves greatness! I upgraded to IE8 on all my computers the day it came out and I couldn’t be happier. I thought the accelerators and web slices were great, but knowing that IE8 tops the malware protection charts makes it that much better.

  57. any chance says:

    Is there any chance that IE9 will fix the major regressions with the address bar to show something useful like say…. a usable dropdown list?

    In IE8 all decent functionality was lost.  I hate to suggest that IE copy other browsers, but check out Firefox’s latest location bar – they got it so right it isn’t funny.

    Bring favicons back! (they should ***NEVER*** have been removed)

    Add some color to the urls vs. titles – it is hard to distinguish.

    Lose the tooltip – its redundant and gets in the way.

    Highlight with the Windows highlight color on mouseover or keyboard up/down navigation.

    Get rid of the "favorites" and "history" dividers… user wants to find something – they couldn’t care less where it is found.

    Don’t gray out the urls – they are just as important (if not more important) as the title.

    "This page has not set a title" – is annoying – don’t clutter up my UI with stuff that isn’t needed.

    The titles don’t always work either…. only on history and favorites.  If I go to GMail, then gosh darn it, the next time I go there, I expect to see:

    Gmail: Email from Google

    http://www.gmail.com/

    Where’s the title? Are you telling me I have to add it as a favorite first?

    Please fix the address bar!

  58. new updated methods needed says:

    Who cares about IE8 when you still have people using IE6? Where’s the forced, automated update for IE6 and IE7?

  59. EricLaw [MSFT] says:

    @newupdated: Lots of people care about IE8, which is on pace to become the most popular browser version in the world shortly.

    As to the idea of forcing customers to install a new version, you should read Dean’s post here:

    http://blogs.msdn.com/ie/archive/2009/08/10/engineering-pov-ie6.aspx

  60. Greg says:

    in private filtering

    – Allow user to select ‘block all images from site X’ or ‘block site X’ instead of ‘block 1 specific thing served from site ‘X’ since that site can just use a random name for its 1 pixel web bug.

     – Profide meaningful information on the web items when prompting the user whether or not to block them such as a.gif is 1×1 pixel, 56 bytes, abc.js is javascript, 500 bytes.

     – Provide user the ability to download content to hard disk if it requires a well known add-on that IS NOT installed in IE.  I encountered this with a lame web site that had url to a text file (*.txt).  IE asked me to install an add on just to view a text file.

     – Provide a list of sites/things referenced in the current page and the time to connect and retrieve them.  I want to block specific web site components that are slow to connect to and slow to download.  Off-site stat counters are one, slow to load scripts that do nothing are another.  

    Internals to IE

     – Remove redundant scanning of the registry.  IE should cache registry entries in a read only memory space.  This is especially slow if you run anti-virus.  Ask the user to restart IE if they need to rescan a particular registry entry.

      – Remove redundant scanning of ie config files.  Cache them or ask the user to restart IE if they are modified.  This is extremely slow when using anti-virus

      – Remove or cache things that need a context switch to get at via an API call.  Windows, because of its VAX VMS roots and like the VAX, is very slow at doing context switches.  This has been in Windows since NT version one came out over ten years ago.

      – Don’t dynamically load/unload DLL files. Ship IE with as much of it statically linked as possible for DLLS that only are used by IE.

      – Avoid com where possible.  Move COM code into a DLL and call it directly from IE (not using com).  Move that DLL eventually into the IE.exe binary via static linking.  This will help MS remove use of COM in its applications for the eventual retirement of COM entirely.

  61. Haha says:

    Greg– I enjoyed your post… thanks for a great laugh!

  62. thecrochunter says:

    @Dean, @EricLaw: I understand more info on IE9 can be given because something which has been worked on for about a month now, keeping it a secret makes IE9 more interesting when it becomes final. I don’t really care when people say that ‘IE is still the worst browser’. The fact that at PDC ’09 Dean, you said IE9 was a project that was three weeks old and what we saw was amazing, no doubt about it. I watched the IE9 videos on FavBrowser.com and I was genuinely impressed with the progress IE9 made.

    Acid3: 20/100 in IE8 to 32/100 in IE9 after three weeks? That’s seriously good progress.

  63. christi says:

    feature suggestions for IE 9

    Ability for the browser to automatically Group similar Website in favorite so that user no longer have to organize similar website later on.

    http://www.msn.com/

    http://movies.msn.com/

    http://www.msnbc.msn.com/

    http://cityguides.msn.com/

  64. Mitch 74 says:

    @hAL: reducing the amount of key frame is possible in all formats – more keyframes merely allow for faster visual navigation inside the stream.

    Now, however, the reputation for Theora’s bad quality comes from its original quantizer matrix (it is also a Discrete Cosine Transform based codec) with dated back to On2’s experimental code, compounded with a rendering bug in Theora’s once most well-known implementation: ffmpeg’s.

    These two compounded caused high bitrates and details losses on video encodes – which is, of course, no help.

    Then, there are NO objective benchmarks for video compression quality! NONE! At best, there are comparison on deviation from source, but as with all perception-based encoding processes, truth is in the eye of the beholder.

    What was most used to compare what is now known as ffmpeg-theora019 (the buggy one) and x264 (a high quality, free, but patent-covered-so-you-can’t-distribute-nor-use-it implementation of h.264), is Peak Signal to Noise Ratio – it doesn’t actually determine perceptual quality, but how much a compressed image differs from the original (without weighing for how human senses actually perceive it).

    Well, here’s the thing: with a barely-tuned but proper quantizer matrix, on a debugged build, Theora reduced its distance from x264 five-folds – at all bitrates.

    And this is before doing any subjective measurement.

    So, Theora, which doesn’t require a decoder rewrite when much better encoders come out, which is not covered by patents, which comes with a known good sound codec (Vorbis) and a good packaging (Ogg), and is of reasonably good quality even now, shouldn’t be used in Web browsers because h.264, which is patent-covered, can be put in WMV, which is patent-covered, along with AAC, which is patent-covered, more often than not requires a decoder update on encoder update, is arguably a bit better on PSNR matters, which doesn’t indicate perceptual quality…?

    One example how PSNR may ‘fail’ an encoder: said encoder packs chrominance data on lower definition than luminance (black/grey/white), while another doesn’t – but the second ‘smoothes’ out a film’s grain.

    Perceptually, the human eye catches contrast (black/white) much better than color: a lack of grain will be flagrant, while slightly washed out colors won’t even be noticed. Well, in that situation, PSNR will fail the former codec and hail the latter, while watchers will consider the first clip very good, and the second flat and too smoothed out.

    Especially on a moving scene.

    So, to sum it up:

    – Ogg/Vorbis/Theora can’t be dismissed for quality reasons, and are based on algorithms in development for years now.

    – h.264, AAC and WMV are all a patent nightmare. Theora is under patent too, but under a public, unlimited and irrevocable license.

    What should be used in web browsers, right now? What will happen if someone got a patent on h.264 and decides to charge every software user able to decode the format on a per-decoded-frame basis? Well, there will be migration to another format (say, Theora).

    How long will it take this time for Microsoft to implement that alternative format? Last time, it took ten years and five IE versions (IE4: first PNG support, 5.0,5.5,6.0, to 7.0: implementing alpha channel).

    I don’t doubt the IE team’s commitment to their product. But history (GIF -> PNG) teaches us stuff, and for now IE’s track records on ‘new’ format support is rather poor.

    One would say, ‘but someone could pull out a patent on Theora/Ogg/Vorbis too!’! Well, true; but then:

    – the patent would have to be valid. And with the kind of guys that take care of these products, I don’t think for a second that they wouldn’t be able to find anterior cases (and not silently settle for a price)

    – the patent would have to be complex. And in all complex processes, there are more than one way to skin a cat (it wouldn’t take long for a new Theora encoder to come out, still compatible with the decoder, that didn’t rely upon the patented process)

    – to really hurt browsers, the patent would have to strike the decoder: Theora’s decoder is voluntarily simple, and is already under patent (see above).

  65. Matt says:

    Ah, Mitch… you really need to decide what story you’re going to make up and then stick to that one. In today’s post, you say both that Theora isn’t covered by patents, and then you say that it is?

    Your handwaving around patent law betrays your complete lack of understanding of the topic. I’m particularly amused at your conclusion: "Gee, if there is a patent, then browser makers just have to pay whatever exorbitant settlement the patent owner demands." Avoiding *that* is the entire point.

  66. dvestv says:

    It’s better to be safe than to be a victim of these viruses and spywares that websites transfered to your computer. thanks to IE8 for this great shield.

  67. jury by mass says:

    @Matt – why bother complaining about what Mitch74 wrote when you’ve already proven yourself as a troll on this blog many times.

    You are in this special ms fanboy camp that thinks IE is perfect and can not benefit from both criticism and improvement.

    The rest of us (which also includes 85% of the readers of this blog) are concerned that if the squeaky wheel isn’t heard that it won’t get fixed.  History has taught us that the IE team will ignore fixing issues that do not get continuously raised in this blog.  An issue needs to become painful enough that Dean hears about it and can’t let it slip the next release due to bad PR.

    On the roadmap for most important issues to be addressed in IE9 include:

    1.) Fixing Tab opening speed – absolutely no more blaming 3rd party vendors.  The tab implementation needs to be fixed/re-done and true loading time details addons needs to be disclosed.  No other browser has the issues IE has with loading performance.

    2.) Native Canvas or SVG support – IE9 will not be taken seriously on the world stage if they don’t commit to web standards (beyond massively late CSS3 implementations)

    3.) Full W3C event model – no exceptions.

    4.) Major bugs fixed. – HTMLElement.innerHTML fixed for all elements, NodeType constants defined, the IE Developer tools need major TLC, and the various settings dialogs across IE are in need of major revision.

    5.) Roadmap

  68. Mitch 74 says:

    @Paul: Theora (the format) has been finalized in 2004. It is based off older technology from On2, which granted a limitless license (On2 retains the patents) on every use of the base code. As such, Theora’s technology is already close to ten years old and under patent, and would be the first one under attack is Theora were challenged: which patent would be oldest, and valid. Valid submarine patents are thus unlikely, and would certainly not focus a single implementation. Theora code is under a very liberal license, and as such would not cause ‘GPL cancer’. But this is not why I would call bull on Microsoft not using Xiph technology in IE 9.

    For the ‘not invented here’ syndrome, look at history: how long did it take Microsoft to support any technology they didn’t invent? I mean, TCP/IP, which they wanted to replace with IPX/SPX? MPEG-4, eventhough they were on the standard’s drawing board, that they replaced with conceptually identical, same-quality but incompatible VC-1? OpenDocument, eventhough they were listeners on OASIS’ drafting groups, that they wanted to replace with OOXML (which almost drove ISO into irrelevance through vote stuffing)? HTML5, eventhough they chair the WG? SVG, eventhough their only alternative (VML) has been deemed deprecated in 1999?

    I may be no lawyer, but I also know one can’t patent tepid  water (the fact that the US patent office would accept such a patent doesn’t make it less ridiculous). I am no historian, but I can see when a company has trouble handling formats that they didn’t invent.

    This is where I say that Microsoft have no reason not to add Ogg and Vorbis support at the very least: they already used both in a high profile product. They haven’t been sued for it: libvorbis.dll can be found on the Halo PC version (it is directly visible, not statically linked). It is used for all in-game sound and music. As far as I know, Xbox and Mac versions also use Ogg/Vorbis.

  69. hAl says:

    @mass

    Especially the script/DOM related issues should have priority as they are about current in use standards.

    Increasing HTML 5 or CSS 3 support should have less priority as they are mostly unsupported new standards that can still change towards the future.

    SVG is old 2D stuff we did without for ten years and that would really need a 3D successor before IE should bother to implement it unless they have other things finished.

  70. Matt says:

    @fakejury: Troll much? I know that there are many ways IE can be improved. Some of them only the IE team can undertake. Many of them the user can undertake, including removing the junk that they inadvertently install when they install Adobe, Google, AVG and other products.

    You don’t speak for "85% of the readers of this blog." I’m sure 99% don’t ever bother to read the comments as they tend to be silly rants written by children.

    As to the idea that such garbage ever reaches Dean’s ears… ha! You have a funny idea about how Microsoft spends their time. Ever notice how few of Dean’s *underlings* even bother to reply to comments? Wonder why that is? Hint: Blog comments aren’t a very valuable source of information. Hint: As someone who is a part of other communities, I can tell you that the IE team participates in those communities with a non-zero signal to noise ratio.

    1> It’s the fault of 3rd party code, which is why blame should lie there. Everyone who turns off the junk has a fast browser. And not only IE is affected; have you ever looked at what extensions do to Firefox boot perf? We’ll see what happens to Chrome once their marketshare is more than a joke and they get an extension model.

    2> IE has 2x the share of all of its competitors combined. If you think IE is not "taken seriously" then you’re not a serious developer.

    3> Citing specific standards is more useful than generic statements. DOM L2 Events? Good idea.

    4> Kitchen sink: got it.

    5> On the roadmap, a roadmap. See also: recursion.

    @Mitch: You keep making legal claims that anyone who has watched the industry knows are pretty absurd. IE had ActiveX support for what, a decade?, before they were sued by Eolas. Furthermore, only Microsoft was sued. Why? They have money.

    Your rewrite of Microsoft history is hilariously silly.

    Microsoft doesn’t "chair" the HTML5 WG, btw– they *recently* became one of three co-chairs, and IE8 has some HTML5 support that isn’t even present in Chrome (DOMStorage, for one).

  71. gwen says:

    Hi Microsoft;

    I’ve recently encountered new rendering glitches between IE7 vs. IE7 via IE8 compatibility mode in Windows XP. (which I’ve handled)

    However since I run XP (and have Virtual PC 2007) I can test against Vista but I don’t see any images for Windows 7 on this page:

    http://www.microsoft.com/downloads/details.aspx?FamilyId=21EABB90-958F-4B64-B5F1-73D0A413C8EF&displaylang=en

    I am not going to buy a new Windows 7 PC just to test my app in Windows 7 (it *should* just work) but I would like to run some tests just to verify for my own sanity that it works fine.

    Pete LePage – will there be Windows 7 images available soon?  If not does anyone know if VMWare or VirtualBox has any images available for this?

    Thanks

  72. @gwen,

    we probably won’t build Win7 VPCs as you can download a trial version and run with that.

    As for solutions with the VirtualBox problem, please keep an eye on my blog, once we get it figured out, I’ll post there.

    PEte