Re: A more rational approach to Browsers - Microsoft please read this

From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 09/09/04 

Date: Thu, 9 Sep 2004 15:02:19 -0400

We do need a secure browser, but that can be done with one browser, and is
better done with one browser. In fact, it can largely be done with the
current version of IE. The main problem with IE is insecure default
settings. Most of the recent IE security vulnerabilities such as drag and
drop can / could have been solved by disabling the underlying technologies.
Go to www.microsoft.com/security, click on the Download.Ject link, and click
on the link on how to harden the hidden Local Computer zone. This will do a
lot. [Or, if you prefer, download an alternative or open source browser,
although those have serious vulnerabilities as well, including a Mozilla
vulnerability that hasn't been patched in five years. If a brand new open
source browser that doesn't integrate with the OS has major vulnerabilities,
then IE that is three+ years old and was programmed during less secure times
actually looks pretty good by comparison.]

One big problem is that Microsoft already has too many browsers to support.
One IE security patch is actually several patches that has to be tested on
hundreds of language and service pack configurations. That's why IE is
behind the times.

"news.microsoft.com" <nobody@nowhere.abc> wrote in message
news:OHA5ZwllEHA.3356@TK2MSFTNGP14.phx.gbl...
> I disagree, Svyatoslav,
>
> The needs of high-security internet access are not cutting edge. We need
> STABLE, RELIABLE BROWSERS that DO NOT OFFER ANY FEATURES BEYOND THE
> SPECIFICATION. These armored browsers must be 100% predictable and
provide
> STANDARDIZED FUNCTIONALITY. Adding cool new features, and retaining
existing
> unnecessary features is destabilizing and creates the potential for more
> security problems. Ship and patch will not work. Get it right first and
then
> ship.
>
> The needs of gamers and innovators are cutting edge. They need POWERFUL,
> FLEXIBLE BROWSERS that EASILY INCORPORATE NEW FEATURES. These souped-up
> browsers must allow enterprising developers and users the maximum headroom
> to grow their ideas on the Internet. This would be akin to an OPEN SOURCE
> ENVIRONMENT for new products and technologies to emerge with the least
> possible resistance. This would be global laboratory.
>
> These are extremes of Internet Browsing. THESE REQUIREMENTS ARE MUTUALLY
> EXCLUSIVE.
>
> Interestingly enough, the Armored Browsers can borrow and incorporate
ideas
> from the Souped-Up Browsers---AFTER THOSE IDEAS HAVE MATURED and been
> CODIFIED IN STANDARDS.
>
> Microsoft has the resources and the opportunity to break away from the
Gecko
> Pack and forge a new direction in Internet Browsing.
>
> -G
> www.gerardvignes.com
>
>
> "S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
> news:eQA8BNllEHA.2968@TK2MSFTNGP14.phx.gbl...
> > I strongly disagree with proposed approach and urge Microsoft to keep
one
> > quality product.
> >
> > G, your approach isn't very practical. Remember, Microsoft is a software
> > development company, and they must eliminate security vulnerabilities
and
> > other software bugs. To allow compromises means not only maintaining
three
> > code bases (in your proposal), but also is encouraging developers not to
> pay
> > attention to bugs. Too bad, especially when the practice will apply to
> > Windows.
> >
> > Two more things. Firstly, there are at least two more versions of
internet
> > Explorer that are different from IE6: Pocket internet Explorer for
Pocket
> PC
> > and the smartphone IE. Both don't have widely known vulnerabilities -
make
> > an armored race car. Secondly, your plan doesn't provide seamless
> migration
> > path from awesome dude to the suit. Too bad.
> >
> > --
> > Svyatoslav Pidgorny, MVP, MCSE
> > -= F1 is the key =-
> >
> > "news.microsoft.com" <nobody@nowhere.abc> wrote in message
> > news:uar2CmklEHA.3612@TK2MSFTNGP12.phx.gbl...
> > > I would like to propose a more rational approach to browsers.
> > >
> > > There are three basic classes of browsing, with three very different
> > needs.
> > >
> > > 1. Secure (critical work and online purchases)
> > > security and reliability are a premium---can you say LAW SUIT
> > > this browser should follow ecommerce/secure standards to the
letter
> > > under pain of death
> > > this is the "Armored Car" of browsers
> > >
> > > 2. Cutting-Edge (gamers and other innovators)
> > > performance and new features are a premium---can you say AWESOME
> DUDE
> > > this browser should allow anything and everything
> > > this is the "Race Car" of browsers
> > >
> > > 3. Newbies (learners and less demanding users)
> > > ease of use and simplicity are a premium---can you say DUHHHHHHH
> > > this browser should support commonly needed functions
> > > this is the Minivan of browsers
> > >
> > > Now Microsoft already has a broswer that morphs back and forth between
> > > Internet Explorer and Windows Explorer seamlessly (sometimes when you
> > don't
> > > even really want it to).
> > >
> > > Why can't Microsoft make THREE DIFFERENT INTERNET BROWSERS that morph
> > > between themselves depending on the specific application.
> > >
> > > I know that the ppl at Microsoft are smart enough to figure out how to
> > share
> > > cookies, caches and sessions between all three versions of browsers. I
> > know
> > > they can make this idea work. I know they can probably come with an
even
> > > better idea than this one.
> > >
> > > I can't figure out why Internet Explorer is three years behind the
times
> > and
> > > unsafe at any speed.
> > >
> > > I can be reached at www.gerardvignes.com (certified genuis)
> > >
> > > -G
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: A more rational approach to Browsers - Microsoft please read this
    ... I am claiming that Internet Explorer has fallen behind the Gecko Browser ... RELIABLE BROWSERS that DO NOT OFFER ANY FEATURES BEYOND THE ...
    (microsoft.public.security)
  • Re: IE6 wont connect to Internet while other browsers will
    ... > IE6 won't connect to Internet while other browsers will. ... **Post your HijackThis log to ... Alternative download pages for Ad-Aware, Spybot, HijackThis and CWShredder ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: A more rational approach to Browsers - Microsoft please read this
    ... The needs of high-security internet access are not cutting edge. ... RELIABLE BROWSERS that DO NOT OFFER ANY FEATURES BEYOND THE ... Microsoft has the resources and the opportunity to break away from the Gecko ...
    (microsoft.public.security)
  • Re: My Suggestion : A New C# compiler for native code
    ... Internet is global, not Danish:) ... OK - an application that tries to find out whether my dynamic web site ... This is impossible since IE browsers < IE 7 interpret borders, ... and margins differently than the standard. ...
    (borland.public.delphi.non-technical)
  • Re: Browsers that cant browse, but other programs can.
    ... > The problem involves not being able to connect to the internet most of the ... > The other browsers end up simply "waiting" for the site per the status bar ... > I have played with each browsers settings and still no improvement. ... when MS IE does display the "page cannot be displayed" ...
    (microsoft.public.windows.inetexplorer.ie6.browser)