IE7 Details Emerge 946
Varg Vikernes writes "Microsoft Watch has a story about new features we can expect in IE7 (code named 'Rincon') which they gathered through Microsoft's key partners. Apparently we can expect 32 bit PNG support, native IDN support, new functionality that will simplify printing from inside IE and, of course, tabbed browsing. The new browser also will likely include a built-in news aggregator. Apparently an important factor is security."
security (Score:5, Funny)
Re:security (Score:5, Informative)
the original idn exploit:
http://www.shmoo.com/idn/
unicode draft technical report on security and UTF8:
http://www.unicode.org/reports/tr36/tr36-2
Re:security (Score:5, Interesting)
For instance, if the extended characters were displayed in purple, but the normal characters remained black, then you could continue using it, and KNOW that its a mixed domain.
Infact, just typing that gives another solution, have mixed domains (std and extended) come up in a totally different size/style.
That way, all normal domains look normal, and all extended domains also look normal, but those using a combination are glagged as such.
just a thought.
Re:security (Score:4, Interesting)
it's kind of funny, though, how it is essentially our (as in the mostly-north-american-and-western-european readership of slashdot)'s lack of familiarity with the writing systems of the rest of the world that are getting us into this particular pickle.
add that to bad eyes from gazing into a CRT for too many hours, and designers with predelictions for ever-smaller fonts, and you have quite the character set predicament.
Re:security (Score:3, Insightful)
Its not just unicode wildly extended characters that need catering for, it is all characters which can be alternatives to standard characters.
We used to use full ascii, and unicode to allow us to have "normal" looking nicknames in the chatroom where I used to hang out, but still kept unique short names - for instance "liqui
Re:security (Score:3, Insightful)
Maybe banks and other sites need to implement real goddam security instead of the rest of the net having to do it for them. Passmark, securid fobs, validators compiled into the client, something other than a bloody username and password.
Right now, these sites want us to authenticate to them, well how about them authenticatin
Re:security (Score:4, Interesting)
Re:security (Score:4, Insightful)
Hover over the colored letters. Works in Opera and Firefox. You could add some kind of "Do not warn about this domain ever again" to the UI.
Re:security -- Not just anglaphones (Score:5, Interesting)
Actually no. The problem is really just that UTF-8 is too powerful. There are half a dozen ways to encode something that looks like an 'a'. It can actually get worse for people who are multilingual -- A Frenchman who expects a site encoded with an accented A (ä) might then be sent a URL where a similar looking character (ä) is encoded out of some other page. In this case, both ä's will be marked as extended UTF characters, so there may be no easy way for a user to distinguish between the 'legitimate' site and the phish monger. You tell me which one is legitimate! (and, yes, they are different encodings in this posting).
Re:security -- Not just anglaphones (Score:5, Informative)
But you have a valid point.
Re:security (Score:3, Informative)
IDN solution (Score:5, Interesting)
Who cares if the site says it is www.bank.com if you can easily see it is registered to Boris at his mom's basement in Russia?
Re:security (Score:5, Insightful)
FWIW, I'm of the opinion that this "IDN exploit" that shmoo.com publisized has been overblown. While I agree that the "exploit" is certainly serious, I do not concur that it is isolated to IDN. Instead, the "exploit" is common to all DNSname processing.
With the right (or wrong) font, http://slashdot.org/ and http://s1ashdot.org/ look like the same URL. But they are not. And neither of these two URLs are expressed in IDN.
The key is that the two URLs look alike, and this is an exposure with all URLs.
So, is IDN at fault for the shmoo.com "exposure"? No, since the "exposure" exists without the use of internationalized URLs.
Re:security (Score:4, Funny)
Don't knock "Urysses". He returned after after twenty years and almost single handedly killed all his wife's suitors [uoregon.edu]. So if IE went to the wilderness a couple of years ago, say, the competing browsers will have a lot to worry about in ummm... 2023.
Re:security (Score:5, Insightful)
Re:security (Score:5, Insightful)
No, they can't; they've never shown this before.
What you're seeing now isn't innovation, unless you're using some alternate definition of the word. They're simply implementing features that already exist in other browsers. That's "copying".
They may be "performing well", but don't confuse that with "innovating". You can do a marvelous job at implementing someone else's ideas, but that doesn't make you an innovator.
Re:security (Score:5, Insightful)
How many Alan Kays or Tim Berners-Lees could be hired with the immense pile of wealth they've reaped off the Windows/Office juggernaut? A lot. Lots of money means the potential to be hella innovative by hiring the right people.
In fact, Microsoft already has some top-notch researchers working for them (the inventor of Haskell, I believe, is among them) and they *could* turn that stuff into product; they choose not to for profitability and empire-maintenance reasons. Should their empire crumble they would by necessity go into shark mode: move forward (innovate) or die.
Re:security (Score:5, Insightful)
As a side note, I wouldnt use the word "empire" when not referring to government. The MS situation isn't pretty, but its hardly geopolitics regardless of how strongly geeks identify with the issue.
On a more related note, yes, MS isn't so much a software company as a monopoly maintaning machine. Certain changes and innovations that could potentially hurt its monopoly status get tossed out the window and fast. This is also why so many talented people dont work as MS. MS's R&D department isn't comparable to other companies that court talent like this and the talent knows their work will be for nothing unless it actively helps lock customers into the MS-only path. At least in general.
As far as the "empire crumbling," well, I personally doubt they'll become more innovative. I would think they would become more restrictive. Less interoperability, more proprietary stuff, etc to keep their customers to keep from hemorraging more.
Case in point: IE7
First off, it wasnt supposed to happen. Now its happening.
Secondly, its still IE. We're not seeing MS, say, announce that activeX wont be supported in x amount of years. Even though it would be in everyone's interest if the activeX system was dropped in a planned fashion because of abuse and because its pretty much not needed when you consider what Java and web services can do. But its not going away. In fact its tied into the uber-critical windows update page. This is typical MS monopolistic control.
MS can and will only go further down the proprietary spectrum. More activation stuff, more big discounts if your organization goes all MS, more big discounts if you dont sell competing OS's, more embrace/extend/extinguish, etc.
Re:security (Score:5, Funny)
So, basically... (Score:3, Insightful)
Re:So, basically... (Score:5, Insightful)
This, is why a monopoly shouldn't be allowed to bundle software.
Re:So, basically... (Score:5, Insightful)
Re:So, basically... (Score:4, Insightful)
Saying that the whole Mozilla effort hasn't been given a chance to compete is simply bogus. They have succeeded in creating a growing market of converts and forced a convicted monopolist to get up and respond. That sounds like competition to me.
It doesn't have to be 50-50 to be competitive.
Re:So, basically... (Score:4, Insightful)
Their "competition" from Moz is a charity case from AOL, the Moz people, and maybe a few general-population contributors, with most outsiders contributing no more than bug reports. Opera is minor in the desktop market, being forced into embedded/portable stuff, and STILL has to give away an ad-supported version for free.
The long and the short of it is that nobody can make money on browsers, and MS can ensure that ninety-whatever percent of desktops have IE installed.
Re:So, basically... (Score:3, Insightful)
Re:So, basically... (Score:3, Insightful)
Tiny fact (Score:4, Insightful)
Except for the fact that Microsoft is a convicted Monopolist. All the spin in the world won't erase the fact that they broke the law and were convicted.
Of course, thanks to the current big-business-iz-good administration, their punishment was abysmally lenient.
That's spin, too. (Score:4, Informative)
Fact: Microsoft could never be convicted of anything. No criminal charges were filed, after all.
Microsoft has been found by a court of law to be an abusive monopolist, that's true. They are not convicted monopolists.
Using the word "convicted" is, itself, a kind of spin. It makes Microsoft out to sound even more slimy and unpleasant than they are. If you want to be spin-free, then avoid using the word "convicted" in connection with the Microsoft antitrust lawsuit.
Re:So, basically... (Score:3, Interesting)
Firefox becomes a research and development team for Microsoft. And since the open source community won't patent their stuff, MS is free to steal the ideas that worked.
When it arrives, IE7 will be praised by the press as a step into the future.
Firefox R&D for Microsoft? (Score:5, Insightful)
Re:Firefox R&D for Microsoft? (Score:5, Informative)
Re:Aren't you rather missing the point? (Score:5, Insightful)
There was a time when Nutscrape was busy inventing proprietary extentions, and Microsoft was the one implementing W3C standards like CSS and DOM1. (Not to mention the XML stuff.) In most cases, MS shipped their version years before the Open Source world got around to it.
Yea, Microsoft dropped the ball later on, but without their support for W3C specs, the idea of non-proprietary web standards might have just faded away. So, I think Mozilla/FireFox actually owes a lot to IE.
Re:So, basically... (Score:4, Insightful)
*cough*OpenOffice*cough
You mean Firefox is going to have these features removed??
Re:So, basically... (Score:4, Insightful)
Oh, like tabs? Predates firefox.
Oh perhaps pop-up blocking. Predates firefox.
Maybe that little info bar in FF 1.0. Whoops, that was shamelessly copied ffrom IE SP2.
First off, Firefox isnt all that original, its just a good implementation. Secondly, its the LACK of patents that keep Mozilla going. Imagine if Netcaptor (or whoever it was) got a patent on tabbed browsing. Whoops. You think they'd politely share? Yeah right. Not to mention, if the OSS did patent stuff, then it would kinda defeat the purpose of going open source. No OSS developer has the ideological spirit to turn down a million dollar check from MS, not to mention most OSS developers arent going to drop 5 grand down for a patent and defend it (more legal fees!) because they felt like making and sharing some software. Goes against the whole DIY and share approach.
not even (Score:5, Informative)
And when you take into account the vast amount of tab control you have in FF when you have 'Tabbrowser Extensions' installed, no way is IE going to approach that level of functionality.
Looks like there may still be a place for the 'real' IE7 [edwards.name] . *sigh*
Re:not even (Score:3, Insightful)
Re:So, basically... (Score:5, Insightful)
I actually used NN 5 years ago. It was a buggy, slow, crash-prone piece of shit that couldn't handle even moderately complex nested tables without slowing to an absolute crawl and needed to reload the entire page to resize it(!), and I speak as a former ardent Netscape user (I have *never* used IE as my primary browser).
I'd rather user IE6 than NN 3/4 if I had to choose; it's simply not worth that much pain.
Re:FF killer. (Score:5, Insightful)
Re:FF killer. (Score:5, Insightful)
Linux is slowly, but certainly gaining ground, so will alternative browsers.
Um...WTFN? (Score:5, Insightful)
From article:
Partner sources say Microsoft is wavering on the extent to which it plans to support CSS2 with IE 7.0. Developers have been clamoring for Microsoft to update its CSS support to support the latest W3C standards for years. But Microsoft is leaning toward adding some additional CSS2 support to IE 7.0, but not embracing the standard in its entirety, partners say.
My only question is...um, why the fuck not? Even Apple's Safari is already plunging ahead with preliminary CSS3 support.
I predict IE7's "additional support for CSS2" will really just mean fixing the major box model and table width bugs and not changing anything else.
Re:Um...WTFN? (Score:5, Insightful)
Not only that, but even today, some companies still force Nutscrape 4 support - a six year old browser IIRC.
I've been absolutely pining for improved css2 support so we can use css selectors. It'd make a lot of tasks much simpler if we were able to use all the css selectors available in the spec.
no way they'd do that (Score:5, Insightful)
In the Microsoft view, IE must remain compatible with IE. Even "better", stubborn Open Source developers will continue to be incompatible instead of changing or ignoring the standard. This means that many web sites will remain IE-only.
Adding support for extra features is fine though. You can count on Microsoft to do so.
Re:Um...WTFN? (Score:3, Interesting)
Like it'll make a difference...
Why not fill out the Microsoft Suggestion Box Form at http://register.microsoft.com/mswish/suggestion.as p?from=cu&fu=/isapi/gomscom.asp?target=/mswish/tha nks.htm [microsoft.com]
What do ya have to lose? Ask for everything.
Re:Um...WTFN? (Score:3, Insightful)
Re:Um...WTFN? (Score:5, Insightful)
Because standard conformance is a loss for MS. The more lazy and incompetent web page creators they can keep making non-standard conforming, IE-only web sites, the better for MS.
Re:Um...WTFN? (Score:3, Interesting)
Re:Um...WTFN? (Score:5, Interesting)
For example, in a .Net web app, you can add validators. So if you have a text input, you can validate that it is not empty when a form is submitted. This is _very_ simple JavaScript. However, with .Net, if you are using an IE browser, you will get an error message without going to the server. If it is a non-IE browser, it requires a round-trip to the server. How crappy is that? Like the people at MS could not write some simple standards compliant JavaScript to check if a freaking field is empty or not before a form post.
That is just one example. There are tons of others with the "built-in" web controls with the .Net framework that have all been made to work well in IE and have limited functionality in non-IE browser.
Because of crap like MS does with .Net, it has made me use Java/JSP for web apps. At least then I can control how well my applications can work with different clients and not be subjected to MS trying to make the world MS-only.
I really don't know what is wrong with MS. I mean, not all of their products are bad, and I really like some of MS's products. If they would just _compete_ and stop listening to their marketing/business @ssholes MS probably would not be too bad. All MS needs to do is compete and allow others to try to compete. MS needs to stop _all_ of their lock-in crap.
Seriously, look at the amount of dedication that OSS programmers show. MS could have that same loyalty if they just gave a _little_ back to the community. I am not talking about their crap "shared" source license or the wimpy XML setup wizard they released. I am talking a few major contributions of their code that they let a _community_ improve could make a world of difference to MS and their reputation.
Re:Um...WTFN? (Score:4, Insightful)
If you took all the "business/marketing assholes" out of Microsoft, there'd be nobody left.
Re:So, basically... (Score:3, Insightful)
Now, I don't know about you but I think this is commendable, especially as Opera has to make a profit from its browser whereas the majority of its com
Interesting Codename... (Score:5, Interesting)
It will be interesting to see what else (other than tabbed browsing & RSS aggregation) will be "inspired" by Firefox and other browers, say perhaps, easy plugins and themes?
Re:Interesting Codename... (Score:5, Interesting)
Re:Interesting Codename... (Score:5, Funny)
Hmm..
St. Helens, Vesuvius, Etna, Krakatoa...
'hey, this security really blows!'
Re:Interesting Codename... (Score:4, Funny)
Re:Interesting Codename... (Score:3, Informative)
Rincon? (Score:3, Interesting)
What one should be scared of is the "IE 7.0 will feature international domain name (IDN) support" part -- can an IE user disable it like Firefox has [linuxinsider.com] (should he desire to use IE of course) before someone *ahem*rincóns them with a bad IDN?
hmmm (Score:5, Funny)
well, that's never stopped them before...
Re:hmmm (Score:5, Funny)
Secure (Score:5, Funny)
Yes, it will feature the reintroduction of Clippy, who will be wearing a policeman's hat, of appropriate costume for your region (e.g. uk get a bobbies hat) Clippy will also take certain cues from the current political climate...
It looks like you wanted to visit some heathen site unassociated with Microsoft, you would like to do the following:
Return to MSN
Remove all related items from cache
Submit your bookmarks for review
Block all futher access to [www.google.com]
"and don't let me catch you installing any other browser or it's the clink for you!"Re:Secure (Score:4, Funny)
Can I go to the Hoosegow? I hear they have better facilities.
Microsoft has finally been forced to innovate (Score:5, Insightful)
Re:Microsoft has finally been forced to innovate (Score:5, Insightful)
Re:Microsoft has finally been forced to innovate (Score:4, Funny)
Yeah, and I also remember when Windows ME shipped without a decent operating system.
Innovate??? (Score:5, Interesting)
Re:Microsoft has finally been forced to innovate (Score:5, Interesting)
Have you RTFA? Tabbed browsing, IDN support, RSS news aggregator all available in Firefox in some form. So, where exactly is the innovation? Possibly anti-spyware integration??? That's like a mouse setting a mouse trap for itself.
Additionally, Microsoft's "improvement" is really their way of saying that they are now in "catch up" mode.
I don't mean to flame you, but customers should not look forward to the next version of IE in six months or so, when they can get virtually the same features today with Firefox.
All I need to say is "Why Even Bother".
Apparently an important factor is security? (Score:3, Insightful)
Are they basing it on the IE6 code? If so, why? If they're completely rebuilding the Windows code for Longhorn, wouldn't it be smart to do the same with IE?
printing (Score:5, Insightful)
in other words, theyve fixed it so printing from IE isnt as retarded?
how hard can it be to print a page without chopping parts off
Lets not forget.. (Score:4, Funny)
many useful features... (Score:5, Insightful)
I bet I IE5 and IE6 will still annoy us for many many years...
He means PNG (Score:5, Informative)
Think about it this way... You know those icons with drop shadows at the top of Slashdot? If they were PNG's, you could swap them across any background and the icon would look great, the shadow would fall correctly. You could anti-alias edges without worrying about what the background image is. You can layer multiple images on top of eachother so that the front page of websites don't have to be chopped up into millions of individual images. And it all just works.
And Microsoft promised full PNG support [joeyday.com] in I.E. 4. Let me repeat that, I.E. 4. They bragged that they were going to be the first to implement full PNG support. They're actually the last. By about 7 frick'in years.
As a rough guess I'd say their lack of PNG support has cost over a million hours of web designer headaches. But they couldn't afford to put one lousy intern on the task of adding alpha channel support to PNG support. Which they promised in I.E. 4. Let me repeat that, which they promised in I.E. 4.
They even have a perfectly suitable though terribly hacky series of workaround, using javascript. If they just fed their PNG's into their own functions which you can call through javascript, you're golden. But no, they've had to have broken PNG support for the last 7 years. Since I.E. 4. Let me repeat that, frick'in I.E. 4.
If there is any reason why webdevelopers hate Microsoft, this is it. PNG support. I would guess on a big project it would shave an hour off everybody's day, for everybody who works with images. Hell, people were shouting that they would pay Microsoft to do this. People volunteered to do this for them. But no, they "couldn't figure out how to do it," for 7 frick'in years.
Push it out to everyone. I don't care if they're on XP, ME, or OS9, proper Alpha Channel PNG support would save a ton of time. It's about bloody time.
Opera supports it. Mozilla supports it. Firefox, Konq, Netscape, Safari, iCab, and Omniweb support it. The Dreamcast and Web TV browsers support it. Everyone but Lynx supports it. Oh, that is everyone but Lynx and frick'in I.E.
[/Rant]
Name change for IE7 (Score:3, Interesting)
And about MS's product: I just hope they fix all their CSS issues and add support for CSS 3.
Security (Score:5, Insightful)
Good for them, it's about time. SP2 was a step in the right direction: blocked ActiveX & Java by default was a good move. I'll be interested in seeing how they deal with
They better not! (Score:4, Funny)
How many security violations have there been already by the simple "A script is accessing some software (an ActiveX control) on this page which has been marked safe for scripting. Do you want to allow this?"
[YES]
SPYWARE INSTALLED YOU HAVE B33N 0WNED LUZ0R!!!
Re:Security (Score:3, Interesting)
For the sake of accuracy, its ActiveX and Javascript, not Java, that were blocked by default. Any removal [microsoft.com] of Java from IE is going to come years in the future and is due to a court decision and a very relaxed attitude to the timescale by Sun. Getting back on topic, i don't think a simple browser should even have to worry about a thing like permissions. This should be done at a higher level closer to the OS. If security is an issue with IE they need t
Not too keen on Standards (Score:5, Insightful)
Partner sources say Microsoft is wavering on the extent to which it plans to support CSS2 with IE 7.0.
Microsoft still wants to be the one to set the standards
Built-in news aggregator (Score:5, Insightful)
This sounds great but... (Score:5, Insightful)
Re:This sounds great but... (Score:5, Insightful)
This was mentioned in the article, and it is not exactly great news:
Which features are they not going to support? Given my experience with them, it will probably be the very ones that I would actually like to use. :-) Why is it that they are so loathe to adopt standards? Is their code that flaky, or is it truly their monopolistic tendencies?
Re:This sounds great but... (Score:3, Insightful)
Anyway realistically they only need to improve IE enough to supress firefox growth. I'm sure they don't really care that much about CSS support. For advanced web-applications they'd much rather people use the proprietary Avalon stuff soon to be released in 2009*.
(* Give or take a few years)
Re:This sounds great but... (Score:3, Informative)
Re:Not Totally (Score:5, Insightful)
Ya know... such a decision may not be entirely based in ignorance although I don't doubt that your boss is in fact ignorant (most are). There will always be people using old systems and software and those of us that want our stuff to be available to a wide audience will always be stuck supporting it. Hell, even Microsoft has a huge problem with this. A lot of the broken stuff in their products remains broken not because they don't know about it or don't want to fix it. It remains broken because people come to depend on this behavior because they've already encountered it and have had to work around it. This is just the nature of software development I'm afraid.
Factor this... (Score:3, Interesting)
xp/2003 only? (Score:3, Interesting)
Users that cant upgrade unless they get newer hardware. Users that know what they have now does the job and have resisted the 'upgrade scam'.
Re:xp/2003 only? (Score:3, Interesting)
To be fair to MS, 98 and NT are already past their mainstream support phases if you look at their support site Linky [microsoft.com]. However, in the case of 2000, you're dead-on; it's really taken the shaft compared to XP, even though it's still in its mainstream support phase until the end of June. No back-port of any of the XP security changes made for SP2, and of course no back-port for this either. Puts t
I'll be the first to Admit (Score:5, Funny)
We had 5 years of Microsoft laziness to inovate and take over and we blew it. We suck.
I will still use Opera, and I guess we can wait for security holes again... but they stole our tabbed browsing. It's all over people.
Re:I'll be the first to Admit (Score:3, Insightful)
For me, tabbed browsing is not a major goodie for firefox, but it's adblock, spurl.net extension, foxytunes, dictionary search and alot more. And three of them does not have any equivalent for IE and not even opera.
What makes firefox strong is the extensibility and the open source, which made it browser of all time.
Re:I'll be the first to Admit (Score:3, Insightful)
This is all they need to do to maintain dominance (Score:4, Insightful)
Getting rid of the surprize factor (Score:4, Insightful)
Wonder if Microsoft will pull an Apple and sue Microsoft Watch [slashdot.org]. Seriously think about it, information on MS products are leaked on to the web everyday.
what about the real important stuff.... (Score:5, Insightful)
Examples: digest authentication is not implemented correctly in IE hence most webservers use a work-around to make it work, which also happens to make it not be truly digest authentication...or the fact that if u gzip-encode all files and you have zip files, IE will convienently forget that the zip file was gzipped, leaving a file that most zip programs like Windows own built-in Zip Folders can't handle (WinRAR will correctly ungzip it before processing the zip file).
Of course, alpha-blending support for PNG would be nice...as well as CSS2 support (for those dynamic pulldown menus that can be done purely in CSS).
CSS2 or Fight! (Score:5, Funny)
Re:CSS2 or Fight! (Score:4, Informative)
Make'em support CSS 1 [meyerweb.com] first.
All I want is standards compliance. (Score:3, Funny)
Like death and taxes (Score:3, Funny)
CSS Support (Score:5, Insightful)
RINCON Anagram? (Score:3, Funny)
SHHHHHHHH Don't tell my Grandma (Score:5, Funny)
Can Windows ever be secure? (Score:3, Interesting)
For example, look at the standard Windows update procedure for Windows XP. First, you have to go to a website to download software that you then allow to run on your system looking for updates. Then, you have to let the software download a sometimes long list of self-installing 'updates' from some location that the Microsoft software selects for you. The download procedure gives the user very little supervisory control over the process and doesn't even do very simple things such as display checksum data to let the user verify the integrity of the downloads. There is also little, if any, indication of what the downloads will do or replace. Yet Microsoft considers this inherently insecure process to be their standard procedure for updating their flagship operating system.
Microsoft needs to change their entire philosophy wherein they think that they should be able to anything they want with your computer at any time while the bad guys are not supposed to use the same mechanisms to steal your data and your cycles.
Re:I thought... (Score:3, Interesting)
From the Article:
"English reiterated that features such as tabbed browsing are not important to IE users."
Re:from the article... (Score:3, Funny)
Re:Help me understand (Score:3, Funny)
MS has been including features people didn't want for a long time now.