IE8 May Be End of the Line For Internet Explorer 380
snydeq writes "InfoWorld's Randall Kennedy reports on rumors that IE8 may be Internet Explorer's swan song: 'IE8 is the last version of the Internet Explorer Web browser,' Kennedy writes. 'It seems that Microsoft is preparing to throw in the towel on its Internet Explorer engine once and for all.' And what will replace it? Some are still claiming that Microsoft will go with WebKit, which is used by Safari and Chrome. The WebKit story, Kennedy contends, could be a feint and that Microsoft will instead adopt Gazelle, Microsoft Research's brand-new engine that thinks like an OS. 'This new engine will supposedly be more secure than Firefox or even Chrome, making copious use of sandboxing to keep its myriad plug-ins isolated and the overall browser process model protected.'" The sticking point will be what Microsoft does about compatibility for ActiveX apps.
Misleading headline, and ActiveX (Score:5, Insightful)
1. Headline should read, IE8 May Be End of the Line for Internet Explorer Engine .
2. I don't see any reason why ActiveX apps couldn't be sandboxed like anything else. Granted, it has deep hooks into the OS-- but if nothing else, given how beefy computers are going to be by the time IE9 comes out, you could give each ActiveX app its own perfectly compatible virtual copy of XP+IE8 to run on, and just parse the result into IE9 format. Destroy the virtualized OS+browser when the app closes.
Moore's Law makes some problems easy, yay. :)
Please kill ActiveX (Score:5, Insightful)
The sticking point will be what Microsoft does about compatibility for ActiveX apps.
KILL IT!!!
Seriously. Since IE8 does it, people will just keep using that for the next decade...
If they don't kill ActiveX after IE8, we'll be stuck with it even longer than that. Since it's going to take 10 years to actually die, please start the process now, Microsoft.
ActiveX won't matter (Score:5, Insightful)
Given the compatibility issues that ActiveX has in IE8, then it probably won't matter what Microsoft will do in the future. In all reality no site should be depending on ActiveX. If it breaks without it, then fix the site.
WebKit?! (Score:5, Insightful)
"Some are still claiming that Microsoft will go with WebKit"
Microsoft will never allow the browser that ships with Windows to become a commodity. They will go with Gazelle or whatever they develop that's as incompatible to official standards as possible while still being called a web browser engine.
Their goal is lock-in. A standards-based engine would negate that.
Re:Misleading headline, and ActiveX (Score:5, Insightful)
Moore's Law be damned. People have been using this excuse for years to write bloated, crappy software. How about for once we don't try to predict the future. Instead, lets write the code for todays hardware. People seem to forget that we have sold way more computers than people in the world... no reason to replace them all to run IE9.
Re:Misleading headline, and ActiveX (Score:5, Insightful)
Really? Because it's not clear that you do. Seriously, would it kill people to bring the issue to the surface in an intelligent manner that might benefit those of us who are outside the loop on this? I'm not asking for a thesis but rather a simple dialog that can be researched by people who are interested in learning more about the issue at hand.
Re:Misleading headline, and ActiveX (Score:1, Insightful)
ActiveX can't be sandboxed because a ton of controls rely on having access to your machine; in fact, that was kind of the point of ActiveX in the first place.
IE8 may be end of the line for Trident (Score:5, Insightful)
Re:WebKit?! (Score:3, Insightful)
If, for instance, MS decided to use webkit; but push Silverlight, you could easily end up with an equivalent situation.
Re:ActiveX won't matter (Score:5, Insightful)
Given the compatibility issues that ActiveX has in IE8, then it probably won't matter what Microsoft will do in the future. In all reality no site should be depending on ActiveX.
No external public facing site should rely on activeX. There is really nothing wrong with internal enterprise apps using it.
If it breaks without it, then fix the site.
You mean build the enterprise intranet application from scratch? When its working perfectly fine exactly the way it is? That will be a pretty tough sell.
Re:Coming full circle? (Score:5, Insightful)
``Funny how the vendor of one of the world's most insecure operating systems now considers that they're going to one-up the competition with the most secure browser / operating system?''
I wonder if Windows is still one of the world's most insecure operating systems. Microsoft have certainly been working hard to improve things, which is more than I can say for many other operating system vendors. Meanwhile, Linux user seem to be content pointing and laughing at Microsoft's efforts and pointing out that Linux is so much more secure.
I won't make any claims about which operating system is more secure than another operating system (because I think it is fundamentally impossible to measure, let alone to know), but if I see that Microsoft is introducing things like address space layout randomization and non-executable stacks, I have to wonder why those features aren't in other mainstream operating systems yet. OpenBSD has done a lot of pioneering work already, but when will we see the day that all of Debian is compiled with -fstack-protector and ships with PaX enabled?
Re:Misleading headline, and ActiveX (Score:4, Insightful)
Exactly..and Moore's law isn't exatly as reliable as it was 15 years ago when talking about a direct improvement to the desktop computers speed.
Re:Misleading headline, and ActiveX (Score:5, Insightful)
Needing information and having full control over the system are two different things. If all activex needs is the information, then let it have read only access. Now since most activex programs want a lot more then read only access, this will not work. The question is was it lazy programming that required full root/admin access in order to work or something else?
Some programmers feel that unless they have complete control they cannot get anything done. In development this is fine. Once in testing and production stages why do people insist that they still need to run as root/admin? Run as the least privileged level as you can.
Re:Misleading headline, and ActiveX (Score:5, Insightful)
You can do the same thing with a signed Java Applet. OMG! Java is tightly integrated to the OS!
Re:ActiveX won't matter (Score:5, Insightful)
> No external public facing site should rely on activeX. There is really nothing wrong with internal enterprise apps using it.
Um, yes there most certainly is a MAJOR problem with internal enterprise apps using it. It means that everyone is chained to running MS-Windows and IE *only* on the desktops and every possible device that connects to that internal enterprise application. Just because you might not have a choice with what is running on the server doesn't necessarily mean you want to have no choice for the client.
Perhaps a company might want some additional choice.
ActiveX Must Die (Score:4, Insightful)
The sticking point will be what Microsoft does about compatibility for ActiveX apps.
No sticking point... ActiveX needs to die.
Re:WebKit?! (Score:3, Insightful)
>But they have failed to do lock in, and if they try they will get shut down.
Wrong. They have failed to lock in PUBLIC facing web sites. But they have done a MARVELLOUS job of lock-in for corporate web applications and inside apps with IE. Trust me, I have fought that monster over and over again.
Re:Misleading headline, and ActiveX (Score:3, Insightful)
Using quasi-mystical language like "deep connections" in a technical discussion is a good sign the person doesn't know what he's talking about.
ActiveX applications have no more "connections" than any other Win32 app.
Re:Misleading headline, and ActiveX (Score:4, Insightful)
And then you'll realize that you just reinvented
Plays for Sure (Score:4, Insightful)
The sticking point will be what Microsoft does about compatibility for ActiveX apps.
How sticky are we talking? Sticky like trying to make PlaysForSure compatible with the Zune? [slashdot.org] Sticky like ongoing support for MSN Music? [slashdot.org]
If Microsoft has taught us anything, it's that today's lockin is tomorrow's lockout. The day MS decides that ActiveX no longer serves their purposes is the day that every site requiring ActiveX is out of luck.
Re:ActiveX won't matter (Score:2, Insightful)
No external public facing site should rely on activeX. There is really nothing wrong with internal enterprise apps using it.
So vendor lock-in is OK as long as you do it to yourself? Why should corporate end users or IT departments be forced to use Internet Explorer? ActiveX needs to go away. There's no reason for any of it anymore.
"myriad plug-ins" Heh, yeah right (Score:3, Insightful)
"This new engine will supposedly be more secure than Firefox or even Chrome, making copious use of sandboxing to keep its myriad plug-ins isolated and the overall browser process model protected.'
IE doesn't have any plugins, does it? At least, if it does, they're nagware garbage compared to the truly myriad plugins for Firefox. Really, if it wasn't for FF add-ons, I doubt it would have even a half percent share.
Re:Misleading headline, and ActiveX (Score:3, Insightful)
Writing software to force people to buy new PC's has been an integral part of Microsoft's strategy for years, it's only recently begun to bite them on the ass with Vista and the credit crunch happening at the same time. People keep forgetting that around 80% of Windows sales come from new PCs pre-installed with the current version of Windows that Microsoft are giving customers the choice of.
Re:Misleading headline, and ActiveX (Score:4, Insightful)
There is absolutely no functional difference between ActiveX in Internet Explorer on Windows or an XPCOM plug-in for Firefox on Linux.
Except for one crucial thing: IE provides content authors with the ability to advertise ActiveX plugins required to view the content, which pops up the window on the client asking the user whether he wants to install the plugin. And it's damn easy to trick a user into clicking "yes". In a technical sense, it's secure. In practice, because of social and psychological factors, it is a very convenient attack vector.
Re:Misleading headline, and ActiveX (Score:3, Insightful)
A company named Apple tried to save itself from the amazingly huge work and tried to modernise and secure MacOS. It took years and a top of the line IT director to admit it won't happen.
Their plan was exactly the same, sandboxed MacOS virtual machines.
They accepted that sad fact, (probably) mailed to their software vendors saying ''We are going with NeXT''
As MS is known for not admitting such facts and keep shipping that biggest PR disaster of all times named IE (I mean it), they may go with your method. There comes the issue of users NOT wanting to run Virtual Machines. Trust me, there are many of them out there.
For the IE engine? Even MS can't remove it from OS. It is like a monster in a horror movie, they created it and they can't kill it. What about third party apps and legendary compatibility which causes users live with 1990s 8.3 filename shit in 2009, even on Windows 7?
Enterprise pipe dreams (Score:3, Insightful)
By the time IE8 is EOL'ed, I hope ActiveX will be long gone.
Just like COBOL is.
Re:Misleading headline, and ActiveX (Score:2, Insightful)
> XP has not relied on the browser-based Windows Update for several years.
Yes, it does.
The native automatic updates client doesn't support half the stuff the online one does. You can't install driver updates, or non-critical OS updates, for example.
Vista, on the other hand, doesn't have a browser-based Windows Update at all, and the native client can do everything XP's web-based client could.
Comment removed (Score:5, Insightful)